From 730b1645b7a575ecf47cf3c67aaaf8989e39f72f Mon Sep 17 00:00:00 2001 From: Peter Avalos Date: Sun, 11 Jan 2009 14:56:29 -0500 Subject: [PATCH] Import OpenSSL 0.9.8j. Note that we're adding a stripped-down doc/ and utils/ since we need these to build our manual pages. --- crypto/openssl/CHANGES | 54 +- crypto/openssl/FAQ | 2 +- crypto/openssl/NEWS | 5 + crypto/openssl/README | 2 +- crypto/openssl/apps/apps.c | 234 + crypto/openssl/apps/apps.h | 7 + crypto/openssl/apps/asn1pars.c | 2 +- crypto/openssl/apps/crl.c | 21 +- crypto/openssl/apps/dgst.c | 52 +- crypto/openssl/apps/dsa.c | 2 - crypto/openssl/apps/enc.c | 13 +- crypto/openssl/apps/engine.c | 2 +- crypto/openssl/apps/genrsa.c | 15 +- crypto/openssl/apps/nseq.c | 2 +- crypto/openssl/apps/ocsp.c | 2 +- crypto/openssl/apps/openssl.c | 32 +- crypto/openssl/apps/pkcs12.c | 11 +- crypto/openssl/apps/pkcs8.c | 2 +- crypto/openssl/apps/rsautl.c | 2 +- crypto/openssl/apps/s_client.c | 52 +- crypto/openssl/apps/s_server.c | 20 +- crypto/openssl/apps/smime.c | 2 +- crypto/openssl/apps/speed.c | 4 +- crypto/openssl/apps/spkac.c | 4 +- crypto/openssl/apps/verify.c | 3 +- crypto/openssl/apps/version.c | 2 +- crypto/openssl/apps/x509.c | 2 +- crypto/openssl/bugs/SSLv3 | 49 - crypto/openssl/crypto/aes/aes.h | 4 + crypto/openssl/crypto/aes/aes_cbc.c | 2 + crypto/openssl/crypto/aes/aes_core.c | 8 + crypto/openssl/crypto/aes/asm/aes-586.pl | 1532 ---- crypto/openssl/crypto/aes/asm/aes-ia64.S | 1652 ---- crypto/openssl/crypto/asn1/a_mbstr.c | 2 +- crypto/openssl/crypto/asn1/a_sign.c | 7 +- crypto/openssl/crypto/asn1/a_strex.c | 2 +- crypto/openssl/crypto/asn1/a_strnid.c | 2 +- crypto/openssl/crypto/asn1/a_verify.c | 7 +- crypto/openssl/crypto/asn1/asn1_gen.c | 2 +- crypto/openssl/crypto/asn1/asn1t.h | 2 +- crypto/openssl/crypto/asn1/asn_moid.c | 2 +- crypto/openssl/crypto/asn1/asn_pack.c | 2 +- crypto/openssl/crypto/asn1/charmap.pl | 80 - crypto/openssl/crypto/asn1/nsseq.c | 2 +- crypto/openssl/crypto/asn1/p5_pbe.c | 2 +- crypto/openssl/crypto/asn1/p5_pbev2.c | 2 +- crypto/openssl/crypto/asn1/p8_pkey.c | 2 +- crypto/openssl/crypto/asn1/t_bitst.c | 2 +- crypto/openssl/crypto/asn1/t_crl.c | 2 +- crypto/openssl/crypto/asn1/t_spki.c | 2 +- crypto/openssl/crypto/asn1/t_x509.c | 4 +- crypto/openssl/crypto/asn1/t_x509a.c | 2 +- crypto/openssl/crypto/asn1/tasn_dec.c | 2 +- crypto/openssl/crypto/asn1/tasn_enc.c | 2 +- crypto/openssl/crypto/asn1/tasn_fre.c | 2 +- crypto/openssl/crypto/asn1/tasn_new.c | 2 +- crypto/openssl/crypto/asn1/tasn_typ.c | 2 +- crypto/openssl/crypto/asn1/tasn_utl.c | 2 +- crypto/openssl/crypto/asn1/x_algor.c | 2 +- crypto/openssl/crypto/asn1/x_bignum.c | 2 +- crypto/openssl/crypto/asn1/x_exten.c | 2 +- crypto/openssl/crypto/asn1/x_long.c | 2 +- crypto/openssl/crypto/asn1/x_x509a.c | 2 +- crypto/openssl/crypto/bf/asm/bf-586.pl | 136 - crypto/openssl/crypto/bf/asm/bf-686.pl | 127 - crypto/openssl/crypto/bf/asm/readme | 10 - crypto/openssl/crypto/bf/bf_skey.c | 7 +- crypto/openssl/crypto/bf/blowfish.h | 4 +- crypto/openssl/crypto/bio/bss_bio.c | 2 +- crypto/openssl/crypto/bio/bss_file.c | 2 +- crypto/openssl/crypto/bn/asm/README | 27 - crypto/openssl/crypto/bn/asm/bn-586.pl | 675 -- crypto/openssl/crypto/bn/asm/co-586.pl | 286 - crypto/openssl/crypto/bn/asm/x86.pl | 28 - crypto/openssl/crypto/bn/asm/x86/add.pl | 76 - crypto/openssl/crypto/bn/asm/x86/comba.pl | 277 - crypto/openssl/crypto/bn/asm/x86/div.pl | 15 - crypto/openssl/crypto/bn/asm/x86/f | 3 - crypto/openssl/crypto/bn/asm/x86/mul.pl | 77 - crypto/openssl/crypto/bn/asm/x86/mul_add.pl | 87 - crypto/openssl/crypto/bn/asm/x86/sqr.pl | 60 - crypto/openssl/crypto/bn/asm/x86/sub.pl | 76 - crypto/openssl/crypto/bn/asm/x86_64-gcc.c | 597 -- crypto/openssl/crypto/bn/bn.h | 15 +- crypto/openssl/crypto/bn/bn_lib.c | 19 - crypto/openssl/crypto/bn/bn_nist.c | 706 +- .../crypto/{sha/sha1_one.c => bn/bn_opt.c} | 41 +- crypto/openssl/crypto/bn/bn_rand.c | 6 +- crypto/openssl/crypto/bn/bn_shift.c | 2 +- crypto/openssl/crypto/bn/bn_x931p.c | 272 + .../{conf/conf_mall.c => buffer/buf_str.c} | 76 +- crypto/openssl/crypto/buffer/buffer.c | 58 - crypto/openssl/crypto/camellia/camellia.h | 5 + crypto/openssl/crypto/camellia/cmll_misc.c | 13 + crypto/openssl/crypto/cast/asm/cast-586.pl | 176 - crypto/openssl/crypto/cast/asm/readme | 7 - crypto/openssl/crypto/cast/c_skey.c | 7 +- crypto/openssl/crypto/cast/cast.h | 4 +- crypto/openssl/crypto/cms/Makefile | 183 - crypto/openssl/crypto/cms/cms_sd.c | 2 +- crypto/openssl/crypto/cms/cms_smime.c | 3 + crypto/openssl/crypto/comp/c_zlib.c | 4 +- crypto/openssl/crypto/conf/conf_mall.c | 4 +- crypto/openssl/crypto/conf/conf_mod.c | 2 +- crypto/openssl/crypto/conf/conf_sap.c | 2 +- crypto/openssl/crypto/cryptlib.c | 351 +- crypto/openssl/crypto/crypto.h | 84 +- crypto/openssl/crypto/des/asm/crypt586.pl | 208 - crypto/openssl/crypto/des/asm/des-586.pl | 251 - crypto/openssl/crypto/des/asm/des686.pl | 230 - crypto/openssl/crypto/des/asm/desboth.pl | 79 - crypto/openssl/crypto/des/asm/readme | 131 - crypto/openssl/crypto/des/des_enc.c | 4 + .../crypto/des/{ecb_enc.c => des_lib.c} | 17 - crypto/openssl/crypto/des/ecb_enc.c | 47 - crypto/openssl/crypto/des/enc_read.c | 4 + crypto/openssl/crypto/des/enc_writ.c | 4 + crypto/openssl/crypto/des/set_key.c | 9 + crypto/openssl/crypto/dh/dh.h | 11 + crypto/openssl/crypto/dh/dh_asn1.c | 2 +- crypto/openssl/crypto/dh/dh_check.c | 4 + crypto/openssl/crypto/dh/dh_err.c | 6 +- crypto/openssl/crypto/dh/dh_gen.c | 4 + crypto/openssl/crypto/dh/dh_key.c | 4 + crypto/openssl/crypto/dsa/dsa.h | 39 + crypto/openssl/crypto/dsa/dsa_asn1.c | 82 +- crypto/openssl/crypto/dsa/dsa_err.c | 10 +- crypto/openssl/crypto/dsa/dsa_gen.c | 3 + crypto/openssl/crypto/dsa/dsa_key.c | 4 + crypto/openssl/crypto/dsa/dsa_lib.c | 49 +- crypto/openssl/crypto/dsa/dsa_ossl.c | 3 + crypto/openssl/crypto/dsa/dsa_sign.c | 31 +- .../crypto/dsa/{dsa_sign.c => dsa_utl.c} | 41 +- crypto/openssl/crypto/dsa/dsa_vrf.c | 32 +- .../openssl/crypto/{cryptlib.c => dyn_lck.c} | 398 +- crypto/openssl/crypto/ec/ec_key.c | 16 +- crypto/openssl/crypto/engine/eng_cnf.c | 18 +- crypto/openssl/crypto/engine/eng_padlock.c | 4 +- crypto/openssl/crypto/err/err.c | 782 +- crypto/openssl/crypto/err/err.h | 8 + crypto/openssl/crypto/err/err_all.c | 13 + .../crypto/{sha/sha1dgst.c => err/err_bio.c} | 31 +- .../openssl/crypto/err/{err.c => err_def.c} | 539 +- crypto/openssl/crypto/err/err_prn.c | 70 +- .../crypto/{evp/digest.c => err/err_str.c} | 343 +- crypto/openssl/crypto/evp/bio_md.c | 9 +- .../crypto/{rand/rand_lcl.h => evp/dig_eng.c} | 108 +- crypto/openssl/crypto/evp/digest.c | 154 +- crypto/openssl/crypto/evp/e_aes.c | 35 +- crypto/openssl/crypto/evp/e_camellia.c | 2 +- crypto/openssl/crypto/evp/e_des.c | 9 +- crypto/openssl/crypto/evp/e_des3.c | 29 +- crypto/openssl/crypto/evp/e_null.c | 2 +- crypto/openssl/crypto/evp/e_rc4.c | 1 + .../crypto/evp/{evp_enc.c => enc_min.c} | 492 +- crypto/openssl/crypto/evp/evp.h | 78 + crypto/openssl/crypto/evp/evp_acnf.c | 2 +- .../crypto/{asn1/asn_moid.c => evp/evp_cnf.c} | 115 +- crypto/openssl/crypto/evp/evp_enc.c | 254 +- crypto/openssl/crypto/evp/evp_err.c | 16 +- crypto/openssl/crypto/evp/evp_lib.c | 39 +- crypto/openssl/crypto/evp/evp_locl.h | 30 +- crypto/openssl/crypto/evp/evp_pbe.c | 2 +- crypto/openssl/crypto/evp/evp_pkey.c | 2 +- crypto/openssl/crypto/evp/m_dss.c | 2 +- crypto/openssl/crypto/evp/m_dss1.c | 3 + crypto/openssl/crypto/evp/m_md2.c | 1 + crypto/openssl/crypto/evp/m_md4.c | 1 + crypto/openssl/crypto/evp/m_md5.c | 1 + crypto/openssl/crypto/evp/m_mdc2.c | 1 + crypto/openssl/crypto/evp/m_sha.c | 1 + crypto/openssl/crypto/evp/m_sha1.c | 7 +- crypto/openssl/crypto/evp/names.c | 7 + crypto/openssl/crypto/evp/p5_crpt.c | 2 +- crypto/openssl/crypto/evp/p5_crpt2.c | 2 +- crypto/openssl/crypto/evp/p_sign.c | 24 +- crypto/openssl/crypto/evp/p_verify.c | 26 +- crypto/openssl/crypto/fips_err.c | 7 + crypto/openssl/crypto/fips_err.h | 137 + crypto/openssl/crypto/hmac/hmac.c | 3 + crypto/openssl/crypto/ia64cpuid.S | 121 - crypto/openssl/crypto/idea/i_skey.c | 17 + crypto/openssl/crypto/idea/idea.h | 3 + crypto/openssl/crypto/md2/md2.h | 3 + crypto/openssl/crypto/md2/md2_dgst.c | 7 +- crypto/openssl/crypto/md4/md4.h | 3 + crypto/openssl/crypto/md4/md4_dgst.c | 7 +- crypto/openssl/crypto/md5/asm/md5-586.pl | 306 - crypto/openssl/crypto/md5/asm/md5-x86_64.pl | 245 - crypto/openssl/crypto/md5/md5.h | 3 + crypto/openssl/crypto/md5/md5_dgst.c | 7 +- crypto/openssl/crypto/mdc2/mdc2.h | 4 +- crypto/openssl/crypto/mdc2/mdc2dgst.c | 7 +- crypto/openssl/crypto/mem.c | 47 +- crypto/openssl/crypto/mem_dbg.c | 28 +- .../crypto/{conf/conf_mall.c => o_init.c} | 52 +- crypto/openssl/crypto/objects/obj_dat.h | 22 +- crypto/openssl/crypto/objects/obj_mac.h | 10 + crypto/openssl/crypto/ocsp/ocsp_asn.c | 2 +- crypto/openssl/crypto/ocsp/ocsp_ht.c | 5 +- crypto/openssl/crypto/ocsp/ocsp_srv.c | 2 +- crypto/openssl/crypto/ocsp/ocsp_vfy.c | 2 +- crypto/openssl/crypto/opensslconf.h.in | 159 - crypto/openssl/crypto/opensslv.h | 6 +- crypto/openssl/crypto/ossl_typ.h | 2 + crypto/openssl/crypto/pem/pem.h | 1 + crypto/openssl/crypto/pem/pem_all.c | 174 + crypto/openssl/crypto/pem/pem_lib.c | 3 + crypto/openssl/crypto/pem/pem_x509.c | 2 +- crypto/openssl/crypto/pem/pem_xaux.c | 2 +- crypto/openssl/crypto/perlasm/cbc.pl | 351 - crypto/openssl/crypto/perlasm/readme | 124 - crypto/openssl/crypto/perlasm/x86_64-xlate.pl | 506 -- crypto/openssl/crypto/perlasm/x86asm.pl | 130 - crypto/openssl/crypto/perlasm/x86unix.pl | 761 -- crypto/openssl/crypto/pkcs12/p12_add.c | 2 +- crypto/openssl/crypto/pkcs12/p12_asn.c | 2 +- crypto/openssl/crypto/pkcs12/p12_attr.c | 2 +- crypto/openssl/crypto/pkcs12/p12_crpt.c | 2 +- crypto/openssl/crypto/pkcs12/p12_crt.c | 13 +- crypto/openssl/crypto/pkcs12/p12_decr.c | 2 +- crypto/openssl/crypto/pkcs12/p12_init.c | 2 +- crypto/openssl/crypto/pkcs12/p12_key.c | 2 +- crypto/openssl/crypto/pkcs12/p12_kiss.c | 2 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 2 +- crypto/openssl/crypto/pkcs12/p12_npas.c | 2 +- crypto/openssl/crypto/pkcs12/p12_p8d.c | 2 +- crypto/openssl/crypto/pkcs12/p12_p8e.c | 2 +- crypto/openssl/crypto/pkcs12/p12_utl.c | 2 +- crypto/openssl/crypto/pkcs12/pkcs12.h | 2 +- crypto/openssl/crypto/pkcs7/pk7_asn1.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_attr.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_mime.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 3 +- crypto/openssl/crypto/pqueue/pq_compat.h | 5 + crypto/openssl/crypto/rand/md_rand.c | 12 + crypto/openssl/crypto/rand/rand.h | 29 +- .../crypto/rand/{rand_lib.c => rand_eng.c} | 94 +- crypto/openssl/crypto/rand/rand_err.c | 20 +- crypto/openssl/crypto/rand/rand_lcl.h | 11 + crypto/openssl/crypto/rand/rand_lib.c | 71 +- crypto/openssl/crypto/rand/randfile.c | 66 +- crypto/openssl/crypto/rc2/rc2.h | 4 +- crypto/openssl/crypto/rc2/rc2_skey.c | 17 + crypto/openssl/crypto/rc4/asm/rc4-586.pl | 230 - crypto/openssl/crypto/rc4/asm/rc4-ia64.S | 160 - crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl | 240 - crypto/openssl/crypto/rc4/rc4.h | 3 + .../crypto/{evp/evp_acnf.c => rc4/rc4_fblk.c} | 38 +- crypto/openssl/crypto/rc4/rc4_skey.c | 16 +- crypto/openssl/crypto/rc5/rc5.h | 5 +- crypto/openssl/crypto/rc5/rc5_skey.c | 17 + crypto/openssl/crypto/ripemd/asm/rips.cpp | 82 - crypto/openssl/crypto/ripemd/asm/rmd-586.pl | 590 -- crypto/openssl/crypto/ripemd/ripemd.h | 4 +- crypto/openssl/crypto/ripemd/rmd_dgst.c | 7 +- crypto/openssl/crypto/ripemd/rmd_locl.h | 2 +- crypto/openssl/crypto/rsa/rsa.h | 39 + crypto/openssl/crypto/rsa/rsa_asn1.c | 2 +- crypto/openssl/crypto/rsa/rsa_eay.c | 2 +- .../crypto/rsa/{rsa_lib.c => rsa_eng.c} | 178 +- crypto/openssl/crypto/rsa/rsa_err.c | 10 +- crypto/openssl/crypto/rsa/rsa_gen.c | 3 + crypto/openssl/crypto/rsa/rsa_lib.c | 272 +- crypto/openssl/crypto/rsa/rsa_null.c | 2 +- crypto/openssl/crypto/rsa/rsa_oaep.c | 2 +- crypto/openssl/crypto/rsa/rsa_pss.c | 6 +- crypto/openssl/crypto/rsa/rsa_sign.c | 24 +- crypto/openssl/crypto/rsa/rsa_x931.c | 2 +- .../{asn1/a_verify.c => rsa/rsa_x931g.c} | 260 +- crypto/openssl/crypto/sha/asm/README | 1 - crypto/openssl/crypto/sha/asm/sha1-586.pl | 430 - crypto/openssl/crypto/sha/asm/sha1-ia64.pl | 549 -- crypto/openssl/crypto/sha/asm/sha512-ia64.pl | 432 - crypto/openssl/crypto/sha/asm/sha512-sse2.pl | 404 - crypto/openssl/crypto/sha/sha.h | 3 + crypto/openssl/crypto/sha/sha1_one.c | 2 +- crypto/openssl/crypto/sha/sha1dgst.c | 4 + crypto/openssl/crypto/sha/sha256.c | 10 + crypto/openssl/crypto/sha/sha512.c | 12 +- crypto/openssl/crypto/sha/sha_dgst.c | 6 + crypto/openssl/crypto/sha/sha_locl.h | 7 + crypto/openssl/crypto/symhacks.h | 5 + crypto/openssl/crypto/ui/ui_openssl.c | 2 + crypto/openssl/crypto/x509/by_dir.c | 4 + crypto/openssl/crypto/x509/x509_cmp.c | 8 +- crypto/openssl/crypto/x509/x509_trs.c | 2 +- crypto/openssl/crypto/x509/x509_vpm.c | 2 +- crypto/openssl/crypto/x509/x509cset.c | 2 +- crypto/openssl/crypto/x509/x509spki.c | 2 +- crypto/openssl/crypto/x509v3/ext_dat.h | 2 +- crypto/openssl/crypto/x509v3/pcy_cache.c | 2 +- crypto/openssl/crypto/x509v3/pcy_data.c | 2 +- crypto/openssl/crypto/x509v3/pcy_int.h | 2 +- crypto/openssl/crypto/x509v3/pcy_lib.c | 2 +- crypto/openssl/crypto/x509v3/pcy_map.c | 2 +- crypto/openssl/crypto/x509v3/pcy_node.c | 2 +- crypto/openssl/crypto/x509v3/pcy_tree.c | 2 +- crypto/openssl/crypto/x509v3/v3_addr.c | 1 + crypto/openssl/crypto/x509v3/v3_akey.c | 2 +- crypto/openssl/crypto/x509v3/v3_akeya.c | 2 +- crypto/openssl/crypto/x509v3/v3_alt.c | 5 +- crypto/openssl/crypto/x509v3/v3_bcons.c | 2 +- crypto/openssl/crypto/x509v3/v3_bitst.c | 2 +- crypto/openssl/crypto/x509v3/v3_conf.c | 2 +- crypto/openssl/crypto/x509v3/v3_cpols.c | 2 +- crypto/openssl/crypto/x509v3/v3_crld.c | 2 +- crypto/openssl/crypto/x509v3/v3_enum.c | 2 +- crypto/openssl/crypto/x509v3/v3_extku.c | 2 +- crypto/openssl/crypto/x509v3/v3_genn.c | 2 +- crypto/openssl/crypto/x509v3/v3_ia5.c | 2 +- crypto/openssl/crypto/x509v3/v3_info.c | 2 +- crypto/openssl/crypto/x509v3/v3_int.c | 2 +- crypto/openssl/crypto/x509v3/v3_lib.c | 2 +- crypto/openssl/crypto/x509v3/v3_ncons.c | 2 +- crypto/openssl/crypto/x509v3/v3_ocsp.c | 2 +- crypto/openssl/crypto/x509v3/v3_pcons.c | 2 +- crypto/openssl/crypto/x509v3/v3_pku.c | 2 +- crypto/openssl/crypto/x509v3/v3_pmaps.c | 2 +- crypto/openssl/crypto/x509v3/v3_prn.c | 2 +- crypto/openssl/crypto/x509v3/v3_purp.c | 2 +- crypto/openssl/crypto/x509v3/v3_skey.c | 2 +- crypto/openssl/crypto/x509v3/v3_sxnet.c | 2 +- crypto/openssl/crypto/x509v3/v3_utl.c | 23 +- crypto/openssl/crypto/x509v3/x509v3.h | 2 +- crypto/openssl/crypto/x86_64cpuid.pl | 138 - crypto/openssl/crypto/x86cpuid.pl | 197 - crypto/openssl/doc/HOWTO/certificates.txt | 105 - crypto/openssl/doc/HOWTO/keys.txt | 73 - .../openssl/doc/HOWTO/proxy_certificates.txt | 322 - crypto/openssl/doc/README | 12 - crypto/openssl/doc/apps/CA.pl.pod | 179 + crypto/openssl/doc/apps/asn1parse.pod | 171 + crypto/openssl/doc/apps/ca.pod | 671 ++ crypto/openssl/doc/apps/ciphers.pod | 434 + crypto/openssl/doc/apps/config.pod | 279 + crypto/openssl/doc/apps/crl.pod | 117 + crypto/openssl/doc/apps/crl2pkcs7.pod | 91 + crypto/openssl/doc/apps/dgst.pod | 115 + crypto/openssl/doc/apps/dhparam.pod | 141 + crypto/openssl/doc/apps/dsa.pod | 158 + crypto/openssl/doc/apps/dsaparam.pod | 110 + crypto/openssl/doc/apps/ec.pod | 190 + crypto/openssl/doc/apps/ecparam.pod | 179 + crypto/openssl/doc/apps/enc.pod | 279 + crypto/openssl/doc/apps/errstr.pod | 39 + crypto/openssl/doc/apps/gendsa.pod | 66 + crypto/openssl/doc/apps/genrsa.pod | 96 + crypto/openssl/doc/apps/nseq.pod | 70 + crypto/openssl/doc/apps/ocsp.pod | 365 + crypto/openssl/doc/apps/openssl.pod | 361 + crypto/openssl/doc/apps/passwd.pod | 82 + crypto/openssl/doc/apps/pkcs12.pod | 330 + crypto/openssl/doc/apps/pkcs7.pod | 105 + crypto/openssl/doc/apps/pkcs8.pod | 243 + crypto/openssl/doc/apps/rand.pod | 50 + crypto/openssl/doc/apps/req.pod | 611 ++ crypto/openssl/doc/apps/rsa.pod | 189 + crypto/openssl/doc/apps/rsautl.pod | 183 + crypto/openssl/doc/apps/s_client.pod | 297 + crypto/openssl/doc/apps/s_server.pod | 348 + crypto/openssl/doc/apps/s_time.pod | 173 + crypto/openssl/doc/apps/sess_id.pod | 151 + crypto/openssl/doc/apps/smime.pod | 385 + crypto/openssl/doc/apps/speed.pod | 59 + crypto/openssl/doc/apps/spkac.pod | 133 + crypto/openssl/doc/apps/verify.pod | 328 + crypto/openssl/doc/apps/version.pod | 64 + crypto/openssl/doc/apps/x509.pod | 832 ++ crypto/openssl/doc/apps/x509v3_config.pod | 456 ++ crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod | 43 + .../openssl/doc/crypto/ASN1_STRING_length.pod | 81 + crypto/openssl/doc/crypto/ASN1_STRING_new.pod | 44 + .../doc/crypto/ASN1_STRING_print_ex.pod | 96 + .../doc/crypto/ASN1_generate_nconf.pod | 262 + crypto/openssl/doc/crypto/BIO_ctrl.pod | 128 + crypto/openssl/doc/crypto/BIO_f_base64.pod | 81 + crypto/openssl/doc/crypto/BIO_f_buffer.pod | 69 + crypto/openssl/doc/crypto/BIO_f_cipher.pod | 76 + crypto/openssl/doc/crypto/BIO_f_md.pod | 138 + crypto/openssl/doc/crypto/BIO_f_null.pod | 32 + crypto/openssl/doc/crypto/BIO_f_ssl.pod | 313 + crypto/openssl/doc/crypto/BIO_find_type.pod | 98 + crypto/openssl/doc/crypto/BIO_new.pod | 65 + crypto/openssl/doc/crypto/BIO_push.pod | 69 + crypto/openssl/doc/crypto/BIO_read.pod | 66 + crypto/openssl/doc/crypto/BIO_s_accept.pod | 195 + crypto/openssl/doc/crypto/BIO_s_bio.pod | 182 + crypto/openssl/doc/crypto/BIO_s_connect.pod | 192 + crypto/openssl/doc/crypto/BIO_s_fd.pod | 89 + crypto/openssl/doc/crypto/BIO_s_file.pod | 144 + crypto/openssl/doc/crypto/BIO_s_mem.pod | 115 + crypto/openssl/doc/crypto/BIO_s_null.pod | 37 + crypto/openssl/doc/crypto/BIO_s_socket.pod | 63 + .../openssl/doc/crypto/BIO_set_callback.pod | 108 + .../openssl/doc/crypto/BIO_should_retry.pod | 114 + crypto/openssl/doc/crypto/BN_BLINDING_new.pod | 109 + crypto/openssl/doc/crypto/BN_CTX_new.pod | 53 + crypto/openssl/doc/crypto/BN_CTX_start.pod | 52 + crypto/openssl/doc/crypto/BN_add.pod | 126 + crypto/openssl/doc/crypto/BN_add_word.pod | 61 + crypto/openssl/doc/crypto/BN_bn2bin.pod | 95 + crypto/openssl/doc/crypto/BN_cmp.pod | 48 + crypto/openssl/doc/crypto/BN_copy.pod | 34 + .../openssl/doc/crypto/BN_generate_prime.pod | 102 + crypto/openssl/doc/crypto/BN_mod_inverse.pod | 36 + .../doc/crypto/BN_mod_mul_montgomery.pod | 101 + .../doc/crypto/BN_mod_mul_reciprocal.pod | 81 + crypto/openssl/doc/crypto/BN_new.pod | 53 + crypto/openssl/doc/crypto/BN_num_bytes.pod | 57 + crypto/openssl/doc/crypto/BN_rand.pod | 58 + crypto/openssl/doc/crypto/BN_set_bit.pod | 66 + crypto/openssl/doc/crypto/BN_swap.pod | 23 + crypto/openssl/doc/crypto/BN_zero.pod | 59 + .../openssl/doc/crypto/CONF_modules_free.pod | 47 + .../doc/crypto/CONF_modules_load_file.pod | 60 + .../openssl/doc/crypto/CRYPTO_set_ex_data.pod | 51 + crypto/openssl/doc/crypto/DH_generate_key.pod | 50 + .../doc/crypto/DH_generate_parameters.pod | 73 + .../doc/crypto/DH_get_ex_new_index.pod | 36 + crypto/openssl/doc/crypto/DH_new.pod | 40 + crypto/openssl/doc/crypto/DH_set_method.pod | 129 + crypto/openssl/doc/crypto/DH_size.pod | 33 + crypto/openssl/doc/crypto/DSA_SIG_new.pod | 40 + crypto/openssl/doc/crypto/DSA_do_sign.pod | 47 + crypto/openssl/doc/crypto/DSA_dup_DH.pod | 36 + .../openssl/doc/crypto/DSA_generate_key.pod | 34 + .../doc/crypto/DSA_generate_parameters.pod | 105 + .../doc/crypto/DSA_get_ex_new_index.pod | 36 + crypto/openssl/doc/crypto/DSA_new.pod | 42 + crypto/openssl/doc/crypto/DSA_set_method.pod | 143 + crypto/openssl/doc/crypto/DSA_sign.pod | 66 + crypto/openssl/doc/crypto/DSA_size.pod | 33 + crypto/openssl/doc/crypto/ERR_GET_LIB.pod | 51 + crypto/openssl/doc/crypto/ERR_clear_error.pod | 29 + .../openssl/doc/crypto/ERR_error_string.pod | 73 + crypto/openssl/doc/crypto/ERR_get_error.pod | 76 + .../doc/crypto/ERR_load_crypto_strings.pod | 46 + .../openssl/doc/crypto/ERR_load_strings.pod | 54 + .../openssl/doc/crypto/ERR_print_errors.pod | 51 + crypto/openssl/doc/crypto/ERR_put_error.pod | 44 + .../openssl/doc/crypto/ERR_remove_state.pod | 34 + crypto/openssl/doc/crypto/ERR_set_mark.pod | 38 + crypto/openssl/doc/crypto/EVP_BytesToKey.pod | 67 + crypto/openssl/doc/crypto/EVP_DigestInit.pod | 256 + crypto/openssl/doc/crypto/EVP_EncryptInit.pod | 511 ++ crypto/openssl/doc/crypto/EVP_OpenInit.pod | 63 + crypto/openssl/doc/crypto/EVP_PKEY_new.pod | 47 + .../openssl/doc/crypto/EVP_PKEY_set1_RSA.pod | 80 + crypto/openssl/doc/crypto/EVP_SealInit.pod | 85 + crypto/openssl/doc/crypto/EVP_SignInit.pod | 95 + crypto/openssl/doc/crypto/EVP_VerifyInit.pod | 86 + crypto/openssl/doc/crypto/OBJ_nid2obj.pod | 149 + crypto/openssl/doc/crypto/OPENSSL_Applink.pod | 21 + .../doc/crypto/OPENSSL_VERSION_NUMBER.pod | 101 + crypto/openssl/doc/crypto/OPENSSL_config.pod | 82 + crypto/openssl/doc/crypto/OPENSSL_ia32cap.pod | 43 + .../crypto/OPENSSL_load_builtin_modules.pod | 51 + .../doc/crypto/OpenSSL_add_all_algorithms.pod | 66 + crypto/openssl/doc/crypto/PKCS12_create.pod | 75 + crypto/openssl/doc/crypto/PKCS12_parse.pod | 50 + crypto/openssl/doc/crypto/PKCS7_decrypt.pod | 53 + crypto/openssl/doc/crypto/PKCS7_encrypt.pod | 65 + crypto/openssl/doc/crypto/PKCS7_sign.pod | 101 + crypto/openssl/doc/crypto/PKCS7_verify.pod | 116 + crypto/openssl/doc/crypto/RAND_add.pod | 77 + crypto/openssl/doc/crypto/RAND_bytes.pod | 50 + crypto/openssl/doc/crypto/RAND_cleanup.pod | 29 + crypto/openssl/doc/crypto/RAND_egd.pod | 88 + crypto/openssl/doc/crypto/RAND_load_file.pod | 53 + .../doc/crypto/RAND_set_rand_method.pod | 83 + crypto/openssl/doc/crypto/RSA_blinding_on.pod | 43 + crypto/openssl/doc/crypto/RSA_check_key.pod | 67 + .../openssl/doc/crypto/RSA_generate_key.pod | 69 + .../doc/crypto/RSA_get_ex_new_index.pod | 120 + crypto/openssl/doc/crypto/RSA_new.pod | 41 + .../crypto/RSA_padding_add_PKCS1_type_1.pod | 124 + crypto/openssl/doc/crypto/RSA_print.pod | 49 + .../doc/crypto/RSA_private_encrypt.pod | 70 + .../openssl/doc/crypto/RSA_public_encrypt.pod | 84 + crypto/openssl/doc/crypto/RSA_set_method.pod | 202 + crypto/openssl/doc/crypto/RSA_sign.pod | 62 + .../doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod | 59 + crypto/openssl/doc/crypto/RSA_size.pod | 33 + .../openssl/doc/crypto/SMIME_read_PKCS7.pod | 71 + .../openssl/doc/crypto/SMIME_write_PKCS7.pod | 61 + .../doc/crypto/X509_NAME_ENTRY_get_object.pod | 72 + .../doc/crypto/X509_NAME_add_entry_by_txt.pod | 114 + .../doc/crypto/X509_NAME_get_index_by_NID.pod | 106 + .../openssl/doc/crypto/X509_NAME_print_ex.pod | 105 + crypto/openssl/doc/crypto/X509_new.pod | 37 + crypto/openssl/doc/crypto/bio.pod | 54 + crypto/openssl/doc/crypto/blowfish.pod | 112 + crypto/openssl/doc/crypto/bn.pod | 181 + crypto/openssl/doc/crypto/bn_internal.pod | 226 + crypto/openssl/doc/crypto/buffer.pod | 73 + crypto/openssl/doc/crypto/crypto.pod | 85 + crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod | 29 + crypto/openssl/doc/crypto/d2i_DHparams.pod | 30 + .../openssl/doc/crypto/d2i_DSAPublicKey.pod | 83 + .../doc/crypto/d2i_PKCS8PrivateKey.pod | 56 + .../openssl/doc/crypto/d2i_RSAPublicKey.pod | 67 + crypto/openssl/doc/crypto/d2i_X509.pod | 231 + crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod | 30 + crypto/openssl/doc/crypto/d2i_X509_CRL.pod | 37 + crypto/openssl/doc/crypto/d2i_X509_NAME.pod | 31 + crypto/openssl/doc/crypto/d2i_X509_REQ.pod | 36 + crypto/openssl/doc/crypto/d2i_X509_SIG.pod | 30 + crypto/openssl/doc/crypto/des.pod | 358 + crypto/openssl/doc/crypto/des_modes.pod | 255 + crypto/openssl/doc/crypto/dh.pod | 78 + crypto/openssl/doc/crypto/dsa.pod | 114 + crypto/openssl/doc/crypto/ecdsa.pod | 210 + crypto/openssl/doc/crypto/engine.pod | 599 ++ crypto/openssl/doc/crypto/err.pod | 187 + crypto/openssl/doc/crypto/evp.pod | 45 + crypto/openssl/doc/crypto/hmac.pod | 102 + crypto/openssl/doc/crypto/lh_stats.pod | 60 + crypto/openssl/doc/crypto/lhash.pod | 294 + crypto/openssl/doc/crypto/md5.pod | 101 + crypto/openssl/doc/crypto/mdc2.pod | 64 + crypto/openssl/doc/crypto/pem.pod | 476 ++ crypto/openssl/doc/crypto/rand.pod | 175 + crypto/openssl/doc/crypto/rc4.pod | 62 + crypto/openssl/doc/crypto/ripemd.pod | 66 + crypto/openssl/doc/crypto/rsa.pod | 123 + crypto/openssl/doc/crypto/sha.pod | 70 + crypto/openssl/doc/crypto/threads.pod | 175 + crypto/openssl/doc/crypto/ui.pod | 194 + crypto/openssl/doc/crypto/ui_compat.pod | 55 + crypto/openssl/doc/crypto/x509.pod | 64 + crypto/openssl/doc/openssl.txt | 1254 --- .../openssl/doc/ssl/SSL_CIPHER_get_name.pod | 112 + .../ssl/SSL_COMP_add_compression_method.pod | 70 + .../doc/ssl/SSL_CTX_add_extra_chain_cert.pod | 39 + .../openssl/doc/ssl/SSL_CTX_add_session.pod | 73 + crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod | 34 + .../doc/ssl/SSL_CTX_flush_sessions.pod | 49 + crypto/openssl/doc/ssl/SSL_CTX_free.pod | 41 + .../doc/ssl/SSL_CTX_get_ex_new_index.pod | 53 + .../doc/ssl/SSL_CTX_get_verify_mode.pod | 50 + .../doc/ssl/SSL_CTX_load_verify_locations.pod | 124 + crypto/openssl/doc/ssl/SSL_CTX_new.pod | 94 + .../openssl/doc/ssl/SSL_CTX_sess_number.pod | 76 + .../doc/ssl/SSL_CTX_sess_set_cache_size.pod | 51 + .../doc/ssl/SSL_CTX_sess_set_get_cb.pod | 87 + crypto/openssl/doc/ssl/SSL_CTX_sessions.pod | 34 + .../doc/ssl/SSL_CTX_set_cert_store.pod | 57 + .../ssl/SSL_CTX_set_cert_verify_callback.pod | 75 + .../doc/ssl/SSL_CTX_set_cipher_list.pod | 70 + .../doc/ssl/SSL_CTX_set_client_CA_list.pod | 94 + .../doc/ssl/SSL_CTX_set_client_cert_cb.pod | 94 + .../doc/ssl/SSL_CTX_set_default_passwd_cb.pod | 76 + .../ssl/SSL_CTX_set_generate_session_id.pod | 150 + .../doc/ssl/SSL_CTX_set_info_callback.pod | 153 + .../doc/ssl/SSL_CTX_set_max_cert_list.pod | 77 + crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod | 81 + .../doc/ssl/SSL_CTX_set_msg_callback.pod | 99 + .../openssl/doc/ssl/SSL_CTX_set_options.pod | 244 + .../doc/ssl/SSL_CTX_set_quiet_shutdown.pod | 63 + .../ssl/SSL_CTX_set_session_cache_mode.pod | 137 + .../ssl/SSL_CTX_set_session_id_context.pod | 83 + .../doc/ssl/SSL_CTX_set_ssl_version.pod | 61 + .../openssl/doc/ssl/SSL_CTX_set_timeout.pod | 59 + .../doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 170 + .../doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod | 166 + crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod | 294 + .../doc/ssl/SSL_CTX_use_certificate.pod | 169 + crypto/openssl/doc/ssl/SSL_SESSION_free.pod | 55 + .../doc/ssl/SSL_SESSION_get_ex_new_index.pod | 61 + .../openssl/doc/ssl/SSL_SESSION_get_time.pod | 64 + crypto/openssl/doc/ssl/SSL_accept.pod | 76 + .../openssl/doc/ssl/SSL_alert_type_string.pod | 228 + crypto/openssl/doc/ssl/SSL_clear.pod | 69 + crypto/openssl/doc/ssl/SSL_connect.pod | 73 + crypto/openssl/doc/ssl/SSL_do_handshake.pod | 75 + crypto/openssl/doc/ssl/SSL_free.pod | 44 + crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod | 26 + crypto/openssl/doc/ssl/SSL_get_ciphers.pod | 42 + .../doc/ssl/SSL_get_client_CA_list.pod | 53 + .../doc/ssl/SSL_get_current_cipher.pod | 43 + .../doc/ssl/SSL_get_default_timeout.pod | 41 + crypto/openssl/doc/ssl/SSL_get_error.pod | 114 + .../SSL_get_ex_data_X509_STORE_CTX_idx.pod | 61 + .../openssl/doc/ssl/SSL_get_ex_new_index.pod | 59 + crypto/openssl/doc/ssl/SSL_get_fd.pod | 44 + .../doc/ssl/SSL_get_peer_cert_chain.pod | 52 + .../doc/ssl/SSL_get_peer_certificate.pod | 55 + crypto/openssl/doc/ssl/SSL_get_rbio.pod | 40 + crypto/openssl/doc/ssl/SSL_get_session.pod | 73 + .../openssl/doc/ssl/SSL_get_verify_result.pod | 57 + crypto/openssl/doc/ssl/SSL_get_version.pod | 46 + crypto/openssl/doc/ssl/SSL_library_init.pod | 52 + .../doc/ssl/SSL_load_client_CA_file.pod | 62 + crypto/openssl/doc/ssl/SSL_new.pod | 44 + crypto/openssl/doc/ssl/SSL_pending.pod | 43 + crypto/openssl/doc/ssl/SSL_read.pod | 124 + crypto/openssl/doc/ssl/SSL_rstate_string.pod | 59 + crypto/openssl/doc/ssl/SSL_session_reused.pod | 45 + crypto/openssl/doc/ssl/SSL_set_bio.pod | 34 + .../openssl/doc/ssl/SSL_set_connect_state.pod | 55 + crypto/openssl/doc/ssl/SSL_set_fd.pod | 54 + crypto/openssl/doc/ssl/SSL_set_session.pod | 57 + crypto/openssl/doc/ssl/SSL_set_shutdown.pod | 72 + .../openssl/doc/ssl/SSL_set_verify_result.pod | 38 + crypto/openssl/doc/ssl/SSL_shutdown.pod | 125 + crypto/openssl/doc/ssl/SSL_state_string.pod | 45 + crypto/openssl/doc/ssl/SSL_want.pod | 77 + crypto/openssl/doc/ssl/SSL_write.pod | 109 + crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod | 66 + crypto/openssl/doc/ssl/ssl.pod | 736 ++ crypto/openssl/doc/ssleay.txt | 7030 ----------------- crypto/openssl/doc/standards.txt | 272 - crypto/openssl/e_os.h | 28 +- crypto/openssl/engines/e_aep.c | 8 +- crypto/openssl/engines/e_chil.c | 12 +- crypto/openssl/engines/e_chil_err.c | 1 - crypto/openssl/engines/e_chil_err.h | 1 - crypto/openssl/ssl/d1_enc.c | 19 +- crypto/openssl/ssl/d1_lib.c | 1 + crypto/openssl/ssl/d1_pkt.c | 1 + crypto/openssl/ssl/s2_clnt.c | 2 +- crypto/openssl/ssl/s2_srvr.c | 4 +- crypto/openssl/ssl/s3_clnt.c | 10 +- crypto/openssl/ssl/s3_pkt.c | 9 +- crypto/openssl/ssl/s3_srvr.c | 34 +- crypto/openssl/ssl/ssl_ciph.c | 3 + crypto/openssl/ssl/ssl_locl.h | 4 + crypto/openssl/ssl/t1_enc.c | 38 +- crypto/openssl/tools/c_hash | 9 - crypto/openssl/tools/c_info | 12 - crypto/openssl/tools/c_issuer | 10 - crypto/openssl/tools/c_name | 10 - crypto/openssl/tools/c_rehash | 160 - 634 files changed, 35505 insertions(+), 26948 deletions(-) delete mode 100644 crypto/openssl/bugs/SSLv3 delete mode 100755 crypto/openssl/crypto/aes/asm/aes-586.pl delete mode 100644 crypto/openssl/crypto/aes/asm/aes-ia64.S delete mode 100644 crypto/openssl/crypto/asn1/charmap.pl delete mode 100644 crypto/openssl/crypto/bf/asm/bf-586.pl delete mode 100644 crypto/openssl/crypto/bf/asm/bf-686.pl delete mode 100644 crypto/openssl/crypto/bf/asm/readme delete mode 100644 crypto/openssl/crypto/bn/asm/README delete mode 100644 crypto/openssl/crypto/bn/asm/bn-586.pl delete mode 100644 crypto/openssl/crypto/bn/asm/co-586.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/add.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/comba.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/div.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/f delete mode 100644 crypto/openssl/crypto/bn/asm/x86/mul.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/mul_add.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/sqr.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86/sub.pl delete mode 100644 crypto/openssl/crypto/bn/asm/x86_64-gcc.c copy crypto/openssl/crypto/{sha/sha1_one.c => bn/bn_opt.c} (85%) create mode 100644 crypto/openssl/crypto/bn/bn_x931p.c copy crypto/openssl/crypto/{conf/conf_mall.c => buffer/buf_str.c} (70%) delete mode 100644 crypto/openssl/crypto/cast/asm/cast-586.pl delete mode 100644 crypto/openssl/crypto/cast/asm/readme delete mode 100644 crypto/openssl/crypto/cms/Makefile delete mode 100644 crypto/openssl/crypto/des/asm/crypt586.pl delete mode 100644 crypto/openssl/crypto/des/asm/des-586.pl delete mode 100644 crypto/openssl/crypto/des/asm/des686.pl delete mode 100644 crypto/openssl/crypto/des/asm/desboth.pl delete mode 100644 crypto/openssl/crypto/des/asm/readme copy crypto/openssl/crypto/des/{ecb_enc.c => des_lib.c} (91%) copy crypto/openssl/crypto/dsa/{dsa_sign.c => dsa_utl.c} (85%) copy crypto/openssl/crypto/{cryptlib.c => dyn_lck.c} (58%) copy crypto/openssl/crypto/{sha/sha1dgst.c => err/err_bio.c} (89%) copy crypto/openssl/crypto/err/{err.c => err_def.c} (59%) copy crypto/openssl/crypto/{evp/digest.c => err/err_str.c} (51%) copy crypto/openssl/crypto/{rand/rand_lcl.h => evp/dig_eng.c} (77%) copy crypto/openssl/crypto/evp/{evp_enc.c => enc_min.c} (50%) copy crypto/openssl/crypto/{asn1/asn_moid.c => evp/evp_cnf.c} (66%) create mode 100644 crypto/openssl/crypto/fips_err.c create mode 100644 crypto/openssl/crypto/fips_err.h delete mode 100644 crypto/openssl/crypto/ia64cpuid.S delete mode 100644 crypto/openssl/crypto/md5/asm/md5-586.pl delete mode 100755 crypto/openssl/crypto/md5/asm/md5-x86_64.pl copy crypto/openssl/crypto/{conf/conf_mall.c => o_init.c} (75%) delete mode 100644 crypto/openssl/crypto/opensslconf.h.in delete mode 100644 crypto/openssl/crypto/perlasm/cbc.pl delete mode 100644 crypto/openssl/crypto/perlasm/readme delete mode 100755 crypto/openssl/crypto/perlasm/x86_64-xlate.pl delete mode 100644 crypto/openssl/crypto/perlasm/x86asm.pl delete mode 100644 crypto/openssl/crypto/perlasm/x86unix.pl copy crypto/openssl/crypto/rand/{rand_lib.c => rand_eng.c} (74%) delete mode 100644 crypto/openssl/crypto/rc4/asm/rc4-586.pl delete mode 100644 crypto/openssl/crypto/rc4/asm/rc4-ia64.S delete mode 100755 crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl copy crypto/openssl/crypto/{evp/evp_acnf.c => rc4/rc4_fblk.c} (78%) delete mode 100644 crypto/openssl/crypto/ripemd/asm/rips.cpp delete mode 100644 crypto/openssl/crypto/ripemd/asm/rmd-586.pl copy crypto/openssl/crypto/rsa/{rsa_lib.c => rsa_eng.c} (73%) copy crypto/openssl/crypto/{asn1/a_verify.c => rsa/rsa_x931g.c} (50%) delete mode 100644 crypto/openssl/crypto/sha/asm/README delete mode 100644 crypto/openssl/crypto/sha/asm/sha1-586.pl delete mode 100644 crypto/openssl/crypto/sha/asm/sha1-ia64.pl delete mode 100755 crypto/openssl/crypto/sha/asm/sha512-ia64.pl delete mode 100644 crypto/openssl/crypto/sha/asm/sha512-sse2.pl delete mode 100644 crypto/openssl/crypto/x86_64cpuid.pl delete mode 100644 crypto/openssl/crypto/x86cpuid.pl delete mode 100644 crypto/openssl/doc/HOWTO/certificates.txt delete mode 100644 crypto/openssl/doc/HOWTO/keys.txt delete mode 100644 crypto/openssl/doc/HOWTO/proxy_certificates.txt delete mode 100644 crypto/openssl/doc/README create mode 100644 crypto/openssl/doc/apps/CA.pl.pod create mode 100644 crypto/openssl/doc/apps/asn1parse.pod create mode 100644 crypto/openssl/doc/apps/ca.pod create mode 100644 crypto/openssl/doc/apps/ciphers.pod create mode 100644 crypto/openssl/doc/apps/config.pod create mode 100644 crypto/openssl/doc/apps/crl.pod create mode 100644 crypto/openssl/doc/apps/crl2pkcs7.pod create mode 100644 crypto/openssl/doc/apps/dgst.pod create mode 100644 crypto/openssl/doc/apps/dhparam.pod create mode 100644 crypto/openssl/doc/apps/dsa.pod create mode 100644 crypto/openssl/doc/apps/dsaparam.pod create mode 100644 crypto/openssl/doc/apps/ec.pod create mode 100644 crypto/openssl/doc/apps/ecparam.pod create mode 100644 crypto/openssl/doc/apps/enc.pod create mode 100644 crypto/openssl/doc/apps/errstr.pod create mode 100644 crypto/openssl/doc/apps/gendsa.pod create mode 100644 crypto/openssl/doc/apps/genrsa.pod create mode 100644 crypto/openssl/doc/apps/nseq.pod create mode 100644 crypto/openssl/doc/apps/ocsp.pod create mode 100644 crypto/openssl/doc/apps/openssl.pod create mode 100644 crypto/openssl/doc/apps/passwd.pod create mode 100644 crypto/openssl/doc/apps/pkcs12.pod create mode 100644 crypto/openssl/doc/apps/pkcs7.pod create mode 100644 crypto/openssl/doc/apps/pkcs8.pod create mode 100644 crypto/openssl/doc/apps/rand.pod create mode 100644 crypto/openssl/doc/apps/req.pod create mode 100644 crypto/openssl/doc/apps/rsa.pod create mode 100644 crypto/openssl/doc/apps/rsautl.pod create mode 100644 crypto/openssl/doc/apps/s_client.pod create mode 100644 crypto/openssl/doc/apps/s_server.pod create mode 100644 crypto/openssl/doc/apps/s_time.pod create mode 100644 crypto/openssl/doc/apps/sess_id.pod create mode 100644 crypto/openssl/doc/apps/smime.pod create mode 100644 crypto/openssl/doc/apps/speed.pod create mode 100644 crypto/openssl/doc/apps/spkac.pod create mode 100644 crypto/openssl/doc/apps/verify.pod create mode 100644 crypto/openssl/doc/apps/version.pod create mode 100644 crypto/openssl/doc/apps/x509.pod create mode 100644 crypto/openssl/doc/apps/x509v3_config.pod create mode 100644 crypto/openssl/doc/crypto/ASN1_OBJECT_new.pod create mode 100644 crypto/openssl/doc/crypto/ASN1_STRING_length.pod create mode 100644 crypto/openssl/doc/crypto/ASN1_STRING_new.pod create mode 100644 crypto/openssl/doc/crypto/ASN1_STRING_print_ex.pod create mode 100644 crypto/openssl/doc/crypto/ASN1_generate_nconf.pod create mode 100644 crypto/openssl/doc/crypto/BIO_ctrl.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_base64.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_buffer.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_cipher.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_md.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_null.pod create mode 100644 crypto/openssl/doc/crypto/BIO_f_ssl.pod create mode 100644 crypto/openssl/doc/crypto/BIO_find_type.pod create mode 100644 crypto/openssl/doc/crypto/BIO_new.pod create mode 100644 crypto/openssl/doc/crypto/BIO_push.pod create mode 100644 crypto/openssl/doc/crypto/BIO_read.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_accept.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_bio.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_connect.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_fd.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_file.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_mem.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_null.pod create mode 100644 crypto/openssl/doc/crypto/BIO_s_socket.pod create mode 100644 crypto/openssl/doc/crypto/BIO_set_callback.pod create mode 100644 crypto/openssl/doc/crypto/BIO_should_retry.pod create mode 100644 crypto/openssl/doc/crypto/BN_BLINDING_new.pod create mode 100644 crypto/openssl/doc/crypto/BN_CTX_new.pod create mode 100644 crypto/openssl/doc/crypto/BN_CTX_start.pod create mode 100644 crypto/openssl/doc/crypto/BN_add.pod create mode 100644 crypto/openssl/doc/crypto/BN_add_word.pod create mode 100644 crypto/openssl/doc/crypto/BN_bn2bin.pod create mode 100644 crypto/openssl/doc/crypto/BN_cmp.pod create mode 100644 crypto/openssl/doc/crypto/BN_copy.pod create mode 100644 crypto/openssl/doc/crypto/BN_generate_prime.pod create mode 100644 crypto/openssl/doc/crypto/BN_mod_inverse.pod create mode 100644 crypto/openssl/doc/crypto/BN_mod_mul_montgomery.pod create mode 100644 crypto/openssl/doc/crypto/BN_mod_mul_reciprocal.pod create mode 100644 crypto/openssl/doc/crypto/BN_new.pod create mode 100644 crypto/openssl/doc/crypto/BN_num_bytes.pod create mode 100644 crypto/openssl/doc/crypto/BN_rand.pod create mode 100644 crypto/openssl/doc/crypto/BN_set_bit.pod create mode 100644 crypto/openssl/doc/crypto/BN_swap.pod create mode 100644 crypto/openssl/doc/crypto/BN_zero.pod create mode 100644 crypto/openssl/doc/crypto/CONF_modules_free.pod create mode 100644 crypto/openssl/doc/crypto/CONF_modules_load_file.pod create mode 100644 crypto/openssl/doc/crypto/CRYPTO_set_ex_data.pod create mode 100644 crypto/openssl/doc/crypto/DH_generate_key.pod create mode 100644 crypto/openssl/doc/crypto/DH_generate_parameters.pod create mode 100644 crypto/openssl/doc/crypto/DH_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/crypto/DH_new.pod create mode 100644 crypto/openssl/doc/crypto/DH_set_method.pod create mode 100644 crypto/openssl/doc/crypto/DH_size.pod create mode 100644 crypto/openssl/doc/crypto/DSA_SIG_new.pod create mode 100644 crypto/openssl/doc/crypto/DSA_do_sign.pod create mode 100644 crypto/openssl/doc/crypto/DSA_dup_DH.pod create mode 100644 crypto/openssl/doc/crypto/DSA_generate_key.pod create mode 100644 crypto/openssl/doc/crypto/DSA_generate_parameters.pod create mode 100644 crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/crypto/DSA_new.pod create mode 100644 crypto/openssl/doc/crypto/DSA_set_method.pod create mode 100644 crypto/openssl/doc/crypto/DSA_sign.pod create mode 100644 crypto/openssl/doc/crypto/DSA_size.pod create mode 100644 crypto/openssl/doc/crypto/ERR_GET_LIB.pod create mode 100644 crypto/openssl/doc/crypto/ERR_clear_error.pod create mode 100644 crypto/openssl/doc/crypto/ERR_error_string.pod create mode 100644 crypto/openssl/doc/crypto/ERR_get_error.pod create mode 100644 crypto/openssl/doc/crypto/ERR_load_crypto_strings.pod create mode 100644 crypto/openssl/doc/crypto/ERR_load_strings.pod create mode 100644 crypto/openssl/doc/crypto/ERR_print_errors.pod create mode 100644 crypto/openssl/doc/crypto/ERR_put_error.pod create mode 100644 crypto/openssl/doc/crypto/ERR_remove_state.pod create mode 100644 crypto/openssl/doc/crypto/ERR_set_mark.pod create mode 100644 crypto/openssl/doc/crypto/EVP_BytesToKey.pod create mode 100644 crypto/openssl/doc/crypto/EVP_DigestInit.pod create mode 100644 crypto/openssl/doc/crypto/EVP_EncryptInit.pod create mode 100644 crypto/openssl/doc/crypto/EVP_OpenInit.pod create mode 100644 crypto/openssl/doc/crypto/EVP_PKEY_new.pod create mode 100644 crypto/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod create mode 100644 crypto/openssl/doc/crypto/EVP_SealInit.pod create mode 100644 crypto/openssl/doc/crypto/EVP_SignInit.pod create mode 100644 crypto/openssl/doc/crypto/EVP_VerifyInit.pod create mode 100644 crypto/openssl/doc/crypto/OBJ_nid2obj.pod create mode 100644 crypto/openssl/doc/crypto/OPENSSL_Applink.pod create mode 100644 crypto/openssl/doc/crypto/OPENSSL_VERSION_NUMBER.pod create mode 100644 crypto/openssl/doc/crypto/OPENSSL_config.pod create mode 100644 crypto/openssl/doc/crypto/OPENSSL_ia32cap.pod create mode 100644 crypto/openssl/doc/crypto/OPENSSL_load_builtin_modules.pod create mode 100644 crypto/openssl/doc/crypto/OpenSSL_add_all_algorithms.pod create mode 100644 crypto/openssl/doc/crypto/PKCS12_create.pod create mode 100644 crypto/openssl/doc/crypto/PKCS12_parse.pod create mode 100644 crypto/openssl/doc/crypto/PKCS7_decrypt.pod create mode 100644 crypto/openssl/doc/crypto/PKCS7_encrypt.pod create mode 100644 crypto/openssl/doc/crypto/PKCS7_sign.pod create mode 100644 crypto/openssl/doc/crypto/PKCS7_verify.pod create mode 100644 crypto/openssl/doc/crypto/RAND_add.pod create mode 100644 crypto/openssl/doc/crypto/RAND_bytes.pod create mode 100644 crypto/openssl/doc/crypto/RAND_cleanup.pod create mode 100644 crypto/openssl/doc/crypto/RAND_egd.pod create mode 100644 crypto/openssl/doc/crypto/RAND_load_file.pod create mode 100644 crypto/openssl/doc/crypto/RAND_set_rand_method.pod create mode 100644 crypto/openssl/doc/crypto/RSA_blinding_on.pod create mode 100644 crypto/openssl/doc/crypto/RSA_check_key.pod create mode 100644 crypto/openssl/doc/crypto/RSA_generate_key.pod create mode 100644 crypto/openssl/doc/crypto/RSA_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/crypto/RSA_new.pod create mode 100644 crypto/openssl/doc/crypto/RSA_padding_add_PKCS1_type_1.pod create mode 100644 crypto/openssl/doc/crypto/RSA_print.pod create mode 100644 crypto/openssl/doc/crypto/RSA_private_encrypt.pod create mode 100644 crypto/openssl/doc/crypto/RSA_public_encrypt.pod create mode 100644 crypto/openssl/doc/crypto/RSA_set_method.pod create mode 100644 crypto/openssl/doc/crypto/RSA_sign.pod create mode 100644 crypto/openssl/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod create mode 100644 crypto/openssl/doc/crypto/RSA_size.pod create mode 100644 crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod create mode 100644 crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod create mode 100644 crypto/openssl/doc/crypto/X509_NAME_ENTRY_get_object.pod create mode 100644 crypto/openssl/doc/crypto/X509_NAME_add_entry_by_txt.pod create mode 100644 crypto/openssl/doc/crypto/X509_NAME_get_index_by_NID.pod create mode 100644 crypto/openssl/doc/crypto/X509_NAME_print_ex.pod create mode 100644 crypto/openssl/doc/crypto/X509_new.pod create mode 100644 crypto/openssl/doc/crypto/bio.pod create mode 100644 crypto/openssl/doc/crypto/blowfish.pod create mode 100644 crypto/openssl/doc/crypto/bn.pod create mode 100644 crypto/openssl/doc/crypto/bn_internal.pod create mode 100644 crypto/openssl/doc/crypto/buffer.pod create mode 100644 crypto/openssl/doc/crypto/crypto.pod create mode 100644 crypto/openssl/doc/crypto/d2i_ASN1_OBJECT.pod create mode 100644 crypto/openssl/doc/crypto/d2i_DHparams.pod create mode 100644 crypto/openssl/doc/crypto/d2i_DSAPublicKey.pod create mode 100644 crypto/openssl/doc/crypto/d2i_PKCS8PrivateKey.pod create mode 100644 crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509_ALGOR.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509_CRL.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509_NAME.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509_REQ.pod create mode 100644 crypto/openssl/doc/crypto/d2i_X509_SIG.pod create mode 100644 crypto/openssl/doc/crypto/des.pod create mode 100644 crypto/openssl/doc/crypto/des_modes.pod create mode 100644 crypto/openssl/doc/crypto/dh.pod create mode 100644 crypto/openssl/doc/crypto/dsa.pod create mode 100644 crypto/openssl/doc/crypto/ecdsa.pod create mode 100644 crypto/openssl/doc/crypto/engine.pod create mode 100644 crypto/openssl/doc/crypto/err.pod create mode 100644 crypto/openssl/doc/crypto/evp.pod create mode 100644 crypto/openssl/doc/crypto/hmac.pod create mode 100644 crypto/openssl/doc/crypto/lh_stats.pod create mode 100644 crypto/openssl/doc/crypto/lhash.pod create mode 100644 crypto/openssl/doc/crypto/md5.pod create mode 100644 crypto/openssl/doc/crypto/mdc2.pod create mode 100644 crypto/openssl/doc/crypto/pem.pod create mode 100644 crypto/openssl/doc/crypto/rand.pod create mode 100644 crypto/openssl/doc/crypto/rc4.pod create mode 100644 crypto/openssl/doc/crypto/ripemd.pod create mode 100644 crypto/openssl/doc/crypto/rsa.pod create mode 100644 crypto/openssl/doc/crypto/sha.pod create mode 100644 crypto/openssl/doc/crypto/threads.pod create mode 100644 crypto/openssl/doc/crypto/ui.pod create mode 100644 crypto/openssl/doc/crypto/ui_compat.pod create mode 100644 crypto/openssl/doc/crypto/x509.pod delete mode 100644 crypto/openssl/doc/openssl.txt create mode 100644 crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod create mode 100644 crypto/openssl/doc/ssl/SSL_COMP_add_compression_method.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_add_session.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_ctrl.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_flush_sessions.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_free.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_get_verify_mode.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_load_verify_locations.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_new.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_sess_number.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_sess_set_cache_size.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_sess_set_get_cb.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_sessions.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_cert_store.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_cert_verify_callback.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_default_passwd_cb.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_generate_session_id.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_info_callback.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_max_cert_list.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_msg_callback.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_options.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_quiet_shutdown.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_session_cache_mode.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_timeout.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod create mode 100644 crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod create mode 100644 crypto/openssl/doc/ssl/SSL_SESSION_free.pod create mode 100644 crypto/openssl/doc/ssl/SSL_SESSION_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/ssl/SSL_SESSION_get_time.pod create mode 100644 crypto/openssl/doc/ssl/SSL_accept.pod create mode 100644 crypto/openssl/doc/ssl/SSL_alert_type_string.pod create mode 100644 crypto/openssl/doc/ssl/SSL_clear.pod create mode 100644 crypto/openssl/doc/ssl/SSL_connect.pod create mode 100644 crypto/openssl/doc/ssl/SSL_do_handshake.pod create mode 100644 crypto/openssl/doc/ssl/SSL_free.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_SSL_CTX.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_ciphers.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_client_CA_list.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_current_cipher.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_default_timeout.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_error.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_ex_new_index.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_fd.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_peer_certificate.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_rbio.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_session.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_verify_result.pod create mode 100644 crypto/openssl/doc/ssl/SSL_get_version.pod create mode 100644 crypto/openssl/doc/ssl/SSL_library_init.pod create mode 100644 crypto/openssl/doc/ssl/SSL_load_client_CA_file.pod create mode 100644 crypto/openssl/doc/ssl/SSL_new.pod create mode 100644 crypto/openssl/doc/ssl/SSL_pending.pod create mode 100644 crypto/openssl/doc/ssl/SSL_read.pod create mode 100644 crypto/openssl/doc/ssl/SSL_rstate_string.pod create mode 100644 crypto/openssl/doc/ssl/SSL_session_reused.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_bio.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_connect_state.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_fd.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_session.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_shutdown.pod create mode 100644 crypto/openssl/doc/ssl/SSL_set_verify_result.pod create mode 100644 crypto/openssl/doc/ssl/SSL_shutdown.pod create mode 100644 crypto/openssl/doc/ssl/SSL_state_string.pod create mode 100644 crypto/openssl/doc/ssl/SSL_want.pod create mode 100644 crypto/openssl/doc/ssl/SSL_write.pod create mode 100644 crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod create mode 100644 crypto/openssl/doc/ssl/ssl.pod delete mode 100644 crypto/openssl/doc/ssleay.txt delete mode 100644 crypto/openssl/doc/standards.txt delete mode 100644 crypto/openssl/tools/c_hash delete mode 100644 crypto/openssl/tools/c_info delete mode 100644 crypto/openssl/tools/c_issuer delete mode 100644 crypto/openssl/tools/c_name delete mode 100644 crypto/openssl/tools/c_rehash diff --git a/crypto/openssl/CHANGES b/crypto/openssl/CHANGES index 72cc168f6a..c888c56c26 100644 --- a/crypto/openssl/CHANGES +++ b/crypto/openssl/CHANGES @@ -2,6 +2,48 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8i and 0.9.8j [07 Jan 2009] + + *) Properly check EVP_VerifyFinal() and similar return values + (CVE-2008-5077). + [Ben Laurie, Bodo Moeller, Google Security Team] + + *) Properly check EVP_VerifyFinal() and similar return values + (CVE-2008-5077). + [Ben Laurie, Bodo Moeller, Google Security Team] + + *) Enable TLS extensions by default. + [Ben Laurie] + + *) Allow the CHIL engine to be loaded, whether the application is + multithreaded or not. (This does not release the developer from the + obligation to set up the dynamic locking callbacks.) + [Sander Temme ] + + *) Use correct exit code if there is an error in dgst command. + [Steve Henson; problem pointed out by Roland Dirlewanger] + + *) Tweak Configure so that you need to say "experimental-jpake" to enable + JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications. + [Bodo Moeller] + + *) Add experimental JPAKE support, including demo authentication in + s_client and s_server. + [Ben Laurie] + + *) Set the comparison function in v3_addr_canonize(). + [Rob Austein ] + + *) Add support for XMPP STARTTLS in s_client. + [Philip Paeps ] + + *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior + to ensure that even with this option, only ciphersuites in the + server's preference list will be accepted. (Note that the option + applies only when resuming a session, so the earlier behavior was + just about the algorithm choice for symmetric cryptography.) + [Bodo Moeller] + Changes between 0.9.8h and 0.9.8i [15 Sep 2008] *) Fix a state transitition in s3_srvr.c and d1_srvr.c @@ -34,6 +76,10 @@ [Neel Mehta, Bodo Moeller] + *) Allow engines to be "soft loaded" - i.e. optionally don't die if + the load fails. Useful for distros. + [Ben Laurie and the FreeBSD team] + *) Add support for Local Machine Keyset attribute in PKCS#12 files. [Steve Henson] @@ -52,9 +98,11 @@ This work was sponsored by Logica. [Steve Henson] - *) Allow engines to be "soft loaded" - i.e. optionally don't die if - the load fails. Useful for distros. - [Ben Laurie and the FreeBSD team] + *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using + ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain + attribute creation routines such as certifcate requests and PKCS#12 + files. + [Steve Henson] Changes between 0.9.8g and 0.9.8h [28 May 2008] diff --git a/crypto/openssl/FAQ b/crypto/openssl/FAQ index 1b14ffe9a4..ce71246fb8 100644 --- a/crypto/openssl/FAQ +++ b/crypto/openssl/FAQ @@ -78,7 +78,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.8i was released on Sep 15th, 2008. +OpenSSL 0.9.8j was released on Jan 7th, 2009. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at #include #include +#include #include #include #include @@ -129,6 +130,9 @@ #include #endif #include +#ifndef OPENSSL_NO_JPAKE +#include +#endif #define NON_MAIN #include "apps.h" @@ -2333,3 +2337,233 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) if (free_out) BIO_free(out); } + +#ifndef OPENSSL_NO_JPAKE + +static JPAKE_CTX *jpake_init(const char *us, const char *them, + const char *secret) + { + BIGNUM *p = NULL; + BIGNUM *g = NULL; + BIGNUM *q = NULL; + BIGNUM *bnsecret = BN_new(); + JPAKE_CTX *ctx; + + /* Use a safe prime for p (that we found earlier) */ + BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F"); + g = BN_new(); + BN_set_word(g, 2); + q = BN_new(); + BN_rshift1(q, p); + + BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret); + + ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret); + BN_free(bnsecret); + BN_free(q); + BN_free(g); + BN_free(p); + + return ctx; + } + +static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p) + { + BN_print(conn, p->gx); + BIO_puts(conn, "\n"); + BN_print(conn, p->zkpx.gr); + BIO_puts(conn, "\n"); + BN_print(conn, p->zkpx.b); + BIO_puts(conn, "\n"); + } + +static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx) + { + JPAKE_STEP1 s1; + + JPAKE_STEP1_init(&s1); + JPAKE_STEP1_generate(&s1, ctx); + jpake_send_part(bconn, &s1.p1); + jpake_send_part(bconn, &s1.p2); + (void)BIO_flush(bconn); + JPAKE_STEP1_release(&s1); + } + +static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx) + { + JPAKE_STEP2 s2; + + JPAKE_STEP2_init(&s2); + JPAKE_STEP2_generate(&s2, ctx); + jpake_send_part(bconn, &s2); + (void)BIO_flush(bconn); + JPAKE_STEP2_release(&s2); + } + +static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx) + { + JPAKE_STEP3A s3a; + + JPAKE_STEP3A_init(&s3a); + JPAKE_STEP3A_generate(&s3a, ctx); + BIO_write(bconn, s3a.hhk, sizeof s3a.hhk); + (void)BIO_flush(bconn); + JPAKE_STEP3A_release(&s3a); + } + +static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx) + { + JPAKE_STEP3B s3b; + + JPAKE_STEP3B_init(&s3b); + JPAKE_STEP3B_generate(&s3b, ctx); + BIO_write(bconn, s3b.hk, sizeof s3b.hk); + (void)BIO_flush(bconn); + JPAKE_STEP3B_release(&s3b); + } + +static void readbn(BIGNUM **bn, BIO *bconn) + { + char buf[10240]; + int l; + + l = BIO_gets(bconn, buf, sizeof buf); + assert(l >= 0); + assert(buf[l-1] == '\n'); + buf[l-1] = '\0'; + BN_hex2bn(bn, buf); + } + +static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn) + { + readbn(&p->gx, bconn); + readbn(&p->zkpx.gr, bconn); + readbn(&p->zkpx.b, bconn); + } + +static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn) + { + JPAKE_STEP1 s1; + + JPAKE_STEP1_init(&s1); + jpake_receive_part(&s1.p1, bconn); + jpake_receive_part(&s1.p2, bconn); + if(!JPAKE_STEP1_process(ctx, &s1)) + { + ERR_print_errors(bio_err); + exit(1); + } + JPAKE_STEP1_release(&s1); + } + +static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn) + { + JPAKE_STEP2 s2; + + JPAKE_STEP2_init(&s2); + jpake_receive_part(&s2, bconn); + if(!JPAKE_STEP2_process(ctx, &s2)) + { + ERR_print_errors(bio_err); + exit(1); + } + JPAKE_STEP2_release(&s2); + } + +static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn) + { + JPAKE_STEP3A s3a; + int l; + + JPAKE_STEP3A_init(&s3a); + l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk); + assert(l == sizeof s3a.hhk); + if(!JPAKE_STEP3A_process(ctx, &s3a)) + { + ERR_print_errors(bio_err); + exit(1); + } + JPAKE_STEP3A_release(&s3a); + } + +static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn) + { + JPAKE_STEP3B s3b; + int l; + + JPAKE_STEP3B_init(&s3b); + l = BIO_read(bconn, s3b.hk, sizeof s3b.hk); + assert(l == sizeof s3b.hk); + if(!JPAKE_STEP3B_process(ctx, &s3b)) + { + ERR_print_errors(bio_err); + exit(1); + } + JPAKE_STEP3B_release(&s3b); + } + +void jpake_client_auth(BIO *out, BIO *conn, const char *secret) + { + JPAKE_CTX *ctx; + BIO *bconn; + + BIO_puts(out, "Authenticating with JPAKE\n"); + + ctx = jpake_init("client", "server", secret); + + bconn = BIO_new(BIO_f_buffer()); + BIO_push(bconn, conn); + + jpake_send_step1(bconn, ctx); + jpake_receive_step1(ctx, bconn); + jpake_send_step2(bconn, ctx); + jpake_receive_step2(ctx, bconn); + jpake_send_step3a(bconn, ctx); + jpake_receive_step3b(ctx, bconn); + + /* + * The problem is that you must use the derived key in the + * session key or you are subject to man-in-the-middle + * attacks. + */ + BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" + " be MitMed. See the version in HEAD for how to do it" + " properly)\n"); + + BIO_pop(bconn); + BIO_free(bconn); + } + +void jpake_server_auth(BIO *out, BIO *conn, const char *secret) + { + JPAKE_CTX *ctx; + BIO *bconn; + + BIO_puts(out, "Authenticating with JPAKE\n"); + + ctx = jpake_init("server", "client", secret); + + bconn = BIO_new(BIO_f_buffer()); + BIO_push(bconn, conn); + + jpake_receive_step1(ctx, bconn); + jpake_send_step1(bconn, ctx); + jpake_receive_step2(ctx, bconn); + jpake_send_step2(bconn, ctx); + jpake_receive_step3a(ctx, bconn); + jpake_send_step3b(bconn, ctx); + + /* + * The problem is that you must use the derived key in the + * session key or you are subject to man-in-the-middle + * attacks. + */ + BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" + " be MitMed. See the version in HEAD for how to do it" + " properly)\n"); + + BIO_pop(bconn); + BIO_free(bconn); + } + +#endif diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h index 0df170813a..88579094b1 100644 --- a/crypto/openssl/apps/apps.h +++ b/crypto/openssl/apps/apps.h @@ -149,9 +149,11 @@ int WIN32_rename(const char *oldname,const char *newname); #ifndef NON_MAIN CONF *config=NULL; BIO *bio_err=NULL; +int in_FIPS_mode=0; #else extern CONF *config; extern BIO *bio_err; +extern int in_FIPS_mode; #endif #else @@ -160,6 +162,7 @@ extern BIO *bio_err; extern CONF *config; extern char *default_config_file; extern BIO *bio_err; +extern int in_FIPS_mode; #endif @@ -335,6 +338,10 @@ X509_NAME *parse_name(char *str, long chtype, int multirdn); int args_verify(char ***pargs, int *pargc, int *badarg, BIO *err, X509_VERIFY_PARAM **pm); void policies_print(BIO *out, X509_STORE_CTX *ctx); +#ifndef OPENSSL_NO_JPAKE +void jpake_client_auth(BIO *out, BIO *conn, const char *secret); +void jpake_server_auth(BIO *out, BIO *conn, const char *secret); +#endif #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 diff --git a/crypto/openssl/apps/asn1pars.c b/crypto/openssl/apps/asn1pars.c index b1a7c8e5db..bde61d02d1 100644 --- a/crypto/openssl/apps/asn1pars.c +++ b/crypto/openssl/apps/asn1pars.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -/* A nice addition from Dr Stephen Henson to +/* A nice addition from Dr Stephen Henson to * add the -strparse option which parses nested binary structures */ diff --git a/crypto/openssl/apps/crl.c b/crypto/openssl/apps/crl.c index a0040fba11..c395b2afd5 100644 --- a/crypto/openssl/apps/crl.c +++ b/crypto/openssl/apps/crl.c @@ -85,6 +85,7 @@ static const char *crl_usage[]={ " -issuer - print issuer DN\n", " -lastupdate - lastUpdate field\n", " -nextupdate - nextUpdate field\n", +" -crlnumber - print CRL number\n", " -noout - no CRL output\n", " -CAfile name - verify CRL using certificates in file \"name\"\n", " -CApath dir - verify CRL using certificates in \"dir\"\n", @@ -107,7 +108,7 @@ int MAIN(int argc, char **argv) int informat,outformat; char *infile=NULL,*outfile=NULL; int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; - int fingerprint = 0; + int fingerprint = 0, crlnumber = 0; const char **pp; X509_STORE *store = NULL; X509_STORE_CTX ctx; @@ -206,6 +207,8 @@ int MAIN(int argc, char **argv) noout= ++num; else if (strcmp(*argv,"-fingerprint") == 0) fingerprint= ++num; + else if (strcmp(*argv,"-crlnumber") == 0) + crlnumber= ++num; else if ((md_alg=EVP_get_digestbyname(*argv + 1))) { /* ok */ @@ -281,7 +284,21 @@ bad: { print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag); } - + if (crlnumber == i) + { + ASN1_INTEGER *crlnum; + crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, + NULL, NULL); + BIO_printf(bio_out,"crlNumber="); + if (crlnum) + { + i2a_ASN1_INTEGER(bio_out, crlnum); + ASN1_INTEGER_free(crlnum); + } + else + BIO_puts(bio_out, ""); + BIO_printf(bio_out,"\n"); + } if (hash == i) { BIO_printf(bio_out,"%08lx\n", diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c index c5ecf93d1b..9ebfc22e79 100644 --- a/crypto/openssl/apps/dgst.c +++ b/crypto/openssl/apps/dgst.c @@ -76,7 +76,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, - const char *file,BIO *bmd,const char *hmac_key); + const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow); int MAIN(int, char **); @@ -84,7 +84,7 @@ int MAIN(int argc, char **argv) { ENGINE *e = NULL; unsigned char *buf=NULL; - int i,err=0; + int i,err=1; const EVP_MD *md=NULL,*m; BIO *in=NULL,*inp; BIO *bmd=NULL; @@ -101,14 +101,16 @@ int MAIN(int argc, char **argv) EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; + unsigned int sig_flags = 0; char *passargin = NULL, *passin = NULL; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif char *hmac_key=NULL; + int non_fips_allow = 0; apps_startup(); - +ERR_load_crypto_strings(); if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); @@ -167,6 +169,27 @@ int MAIN(int argc, char **argv) keyfile=*(++argv); do_verify = 1; } + else if (strcmp(*argv,"-x931") == 0) + sig_flags = EVP_MD_CTX_FLAG_PAD_X931; + else if (strcmp(*argv,"-pss_saltlen") == 0) + { + int saltlen; + if (--argc < 1) break; + saltlen=atoi(*(++argv)); + if (saltlen == -1) + sig_flags = EVP_MD_CTX_FLAG_PSS_MREC; + else if (saltlen == -2) + sig_flags = EVP_MD_CTX_FLAG_PSS_MDLEN; + else if (saltlen < -2 || saltlen >= 0xFFFE) + { + BIO_printf(bio_err, "Invalid PSS salt length %d\n", saltlen); + goto end; + } + else + sig_flags = saltlen; + sig_flags <<= 16; + sig_flags |= EVP_MD_CTX_FLAG_PAD_PSS; + } else if (strcmp(*argv,"-signature") == 0) { if (--argc < 1) break; @@ -190,6 +213,8 @@ int MAIN(int argc, char **argv) out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; + else if (strcmp(*argv,"-non-fips-allow") == 0) + non_fips_allow=1; else if (!strcmp(*argv,"-fips-fingerprint")) hmac_key = "etaonrishdlcupfm"; else if (!strcmp(*argv,"-hmac")) @@ -356,8 +381,20 @@ int MAIN(int argc, char **argv) goto end; } } - + if (non_fips_allow) + { + EVP_MD_CTX *md_ctx; + BIO_get_md_ctx(bmd,&md_ctx); + EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + } + + if (sig_flags) + { + EVP_MD_CTX *md_ctx; + BIO_get_md_ctx(bmd,&md_ctx); + EVP_MD_CTX_set_flags(md_ctx, sig_flags); + } /* we use md as a filter, reading from 'in' */ if (!BIO_set_md(bmd,md)) @@ -373,11 +410,12 @@ int MAIN(int argc, char **argv) { BIO_set_fp(in,stdin,BIO_NOCLOSE); err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, - siglen,"","(stdin)",bmd,hmac_key); + siglen,"","(stdin)",bmd,hmac_key,non_fips_allow); } else { name=OBJ_nid2sn(md->type); + err = 0; for (i=0; i #include @@ -66,6 +65,7 @@ #endif #include "apps.h" #include +#ifndef OPENSSL_NO_ENGINE #include #include diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index 1599bb7a69..fdc0d4a07d 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -95,6 +95,7 @@ int MAIN(int argc, char **argv) int ret=1; int i,num=DEFBITS; long l; + int use_x931 = 0; const EVP_CIPHER *enc=NULL; unsigned long f4=RSA_F4; char *outfile=NULL; @@ -138,6 +139,8 @@ int MAIN(int argc, char **argv) f4=3; else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; + else if (strcmp(*argv,"-x931") == 0) + use_x931 = 1; #ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { @@ -266,7 +269,17 @@ bad: BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", num); - if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb)) + if (use_x931) + { + BIGNUM *pubexp; + pubexp = BN_new(); + if (!BN_set_word(pubexp, f4)) + goto err; + if (!RSA_X931_generate_key_ex(rsa, num, pubexp, &cb)) + goto err; + BN_free(pubexp); + } + else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb)) goto err; app_RAND_write_file(NULL, bio_err); diff --git a/crypto/openssl/apps/nseq.c b/crypto/openssl/apps/nseq.c index dc71d45012..e3c4dba547 100644 --- a/crypto/openssl/apps/nseq.c +++ b/crypto/openssl/apps/nseq.c @@ -1,5 +1,5 @@ /* nseq.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/apps/ocsp.c b/crypto/openssl/apps/ocsp.c index 1001f3b25d..251044d77f 100644 --- a/crypto/openssl/apps/ocsp.c +++ b/crypto/openssl/apps/ocsp.c @@ -1,5 +1,5 @@ /* ocsp.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/apps/openssl.c b/crypto/openssl/apps/openssl.c index ec25f990fe..7d2b476cf0 100644 --- a/crypto/openssl/apps/openssl.c +++ b/crypto/openssl/apps/openssl.c @@ -147,6 +147,7 @@ char *default_config_file=NULL; #ifdef MONOLITH CONF *config=NULL; BIO *bio_err=NULL; +int in_FIPS_mode=0; #endif @@ -232,6 +233,19 @@ int main(int Argc, char *Argv[]) arg.data=NULL; arg.count=0; + in_FIPS_mode = 0; + +#ifdef OPENSSL_FIPS + if(getenv("OPENSSL_FIPS")) { + if (!FIPS_mode_set(1)) { + ERR_load_crypto_strings(); + ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); + EXIT(1); + } + in_FIPS_mode = 1; + } +#endif + if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); @@ -273,21 +287,9 @@ int main(int Argc, char *Argv[]) i=NCONF_load(config,p,&errline); if (i == 0) { - if (ERR_GET_REASON(ERR_peek_last_error()) - == CONF_R_NO_SUCH_FILE) - { - BIO_printf(bio_err, - "WARNING: can't open config file: %s\n",p); - ERR_clear_error(); - NCONF_free(config); - config = NULL; - } - else - { - ERR_print_errors(bio_err); - NCONF_free(config); - exit(1); - } + NCONF_free(config); + config = NULL; + ERR_clear_error(); } prog=prog_init(); diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c index 268390ebe8..248bc1154d 100644 --- a/crypto/openssl/apps/pkcs12.c +++ b/crypto/openssl/apps/pkcs12.c @@ -1,5 +1,5 @@ /* pkcs12.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== @@ -111,7 +111,7 @@ int MAIN(int argc, char **argv) int maciter = PKCS12_DEFAULT_ITER; int twopass = 0; int keytype = 0; - int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; + int cert_pbe; int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; int ret = 1; int macver = 1; @@ -128,6 +128,13 @@ int MAIN(int argc, char **argv) apps_startup(); +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + else +#endif + cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; + enc = EVP_des_ede3_cbc(); if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c index d5085444e2..9633a149bc 100644 --- a/crypto/openssl/apps/pkcs8.c +++ b/crypto/openssl/apps/pkcs8.c @@ -1,5 +1,5 @@ /* pkcs8.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ /* ==================================================================== diff --git a/crypto/openssl/apps/rsautl.c b/crypto/openssl/apps/rsautl.c index f3c458ed27..923e2b682f 100644 --- a/crypto/openssl/apps/rsautl.c +++ b/crypto/openssl/apps/rsautl.c @@ -1,5 +1,5 @@ /* rsautl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index 60a8d13df1..4974f5fc93 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -221,6 +221,7 @@ static void sc_usage(void) BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); BIO_printf(bio_err," -quiet - no s_client output\n"); BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); + BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); @@ -234,7 +235,8 @@ static void sc_usage(void) BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); - BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n"); + BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); + BIO_printf(bio_err," are supported.\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); #endif @@ -276,7 +278,8 @@ enum PROTO_SMTP, PROTO_POP3, PROTO_IMAP, - PROTO_FTP + PROTO_FTP, + PROTO_XMPP }; int MAIN(int, char **); @@ -318,8 +321,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE char *engine_id=NULL; char *ssl_client_engine_id=NULL; - ENGINE *e=NULL, *ssl_client_engine=NULL; + ENGINE *ssl_client_engine=NULL; #endif + ENGINE *e=NULL; #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) struct timeval tv; #endif @@ -335,6 +339,9 @@ int MAIN(int argc, char **argv) int peerlen = sizeof(peer); int enable_timeouts = 0 ; long mtu = 0; +#ifndef OPENSSL_NO_JPAKE + char *jpake_secret = NULL; +#endif #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_client_method(); @@ -435,6 +442,8 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-ign_eof") == 0) c_ign_eof=1; + else if (strcmp(*argv,"-no_ign_eof") == 0) + c_ign_eof=0; else if (strcmp(*argv,"-pause") == 0) c_Pause=1; else if (strcmp(*argv,"-debug") == 0) @@ -547,6 +556,8 @@ int MAIN(int argc, char **argv) starttls_proto = PROTO_IMAP; else if (strcmp(*argv,"ftp") == 0) starttls_proto = PROTO_FTP; + else if (strcmp(*argv, "xmpp") == 0) + starttls_proto = PROTO_XMPP; else goto bad; } @@ -574,6 +585,13 @@ int MAIN(int argc, char **argv) servername= *(++argv); /* meth=TLSv1_client_method(); */ } +#endif +#ifndef OPENSSL_NO_JPAKE + else if (strcmp(*argv,"-jpake") == 0) + { + if (--argc < 1) goto bad; + jpake_secret = *++argv; + } #endif else { @@ -837,8 +855,6 @@ re_start: else sbio=BIO_new_socket(s,BIO_NOCLOSE); - - if (nbio_test) { BIO *test; @@ -882,6 +898,10 @@ SSL_set_tlsext_status_ids(con, ids); #endif } #endif +#ifndef OPENSSL_NO_JPAKE + if (jpake_secret) + jpake_client_auth(bio_c_out, sbio, jpake_secret); +#endif SSL_set_bio(con,sbio,sbio); SSL_set_connect_state(con); @@ -988,6 +1008,28 @@ SSL_set_tlsext_status_ids(con, ids); BIO_printf(sbio,"AUTH TLS\r\n"); BIO_read(sbio,sbuf,BUFSIZZ); } + if (starttls_proto == PROTO_XMPP) + { + int seen = 0; + BIO_printf(sbio,"", host); + seen = BIO_read(sbio,mbuf,BUFSIZZ); + mbuf[seen] = 0; + while (!strstr(mbuf, "")) + goto shut; + seen = BIO_read(sbio,mbuf,BUFSIZZ); + mbuf[seen] = 0; + } + BIO_printf(sbio, ""); + seen = BIO_read(sbio,sbuf,BUFSIZZ); + sbuf[seen] = 0; + if (!strstr(sbuf, " 0) BIO_printf(bio_err, "Signature OK\n"); else { BIO_printf(bio_err, "Signature Failure\n"); ERR_print_errors(bio_err); diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c index 9ff32cb068..20cc9e354c 100644 --- a/crypto/openssl/apps/verify.c +++ b/crypto/openssl/apps/verify.c @@ -266,7 +266,7 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X ret=0; end: - if (i) + if (i > 0) { fprintf(stdout,"OK\n"); ret=1; @@ -367,4 +367,3 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) ERR_clear_error(); return(ok); } - diff --git a/crypto/openssl/apps/version.c b/crypto/openssl/apps/version.c index 69ef3e1bad..e9555cbde2 100644 --- a/crypto/openssl/apps/version.c +++ b/crypto/openssl/apps/version.c @@ -167,7 +167,7 @@ int MAIN(int argc, char **argv) date=version=cflags=options=platform=dir=1; else { - BIO_printf(bio_err,"usage:version -[avbofp]\n"); + BIO_printf(bio_err,"usage:version -[avbofpd]\n"); ret=1; goto end; } diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index f6938356f8..d904d34021 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -1151,7 +1151,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ X509_STORE_CTX_set_cert(&xsc,x); - if (!reqfile && !X509_verify_cert(&xsc)) + if (!reqfile && X509_verify_cert(&xsc) <= 0) goto end; if (!X509_check_private_key(xca,pkey)) diff --git a/crypto/openssl/bugs/SSLv3 b/crypto/openssl/bugs/SSLv3 deleted file mode 100644 index a75a1652d9..0000000000 --- a/crypto/openssl/bugs/SSLv3 +++ /dev/null @@ -1,49 +0,0 @@ -So far... - -ssl3.netscape.com:443 does not support client side dynamic -session-renegotiation. - -ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN -in an invalid format (the outer sequence is removed). - -Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte -challenge but then appears to only use 16 bytes when generating the -encryption keys. Using 16 bytes is ok but it should be ok to use 32. -According to the SSLv3 spec, one should use 32 bytes for the challenge -when opperating in SSLv2/v3 compatablity mode, but as mentioned above, -this breaks this server so 16 bytes is the way to go. - -www.microsoft.com - when talking SSLv2, if session-id reuse is -performed, the session-id passed back in the server-finished message -is different from the one decided upon. - -ssl3.netscape.com:443, first a connection is established with RC4-MD5. -If it is then resumed, we end up using DES-CBC3-SHA. It should be -RC4-MD5 according to 7.6.1.3, 'cipher_suite'. -Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug. -It only really shows up when connecting via SSLv2/v3 then reconnecting -via SSLv3. The cipher list changes.... -NEW INFORMATION. Try connecting with a cipher list of just -DES-CBC-SHA:RC4-MD5. For some weird reason, each new connection uses -RC4-MD5, but a re-connect tries to use DES-CBC-SHA. So netscape, when -doing a re-connect, always takes the first cipher in the cipher list. - -If we accept a netscape connection, demand a client cert, have a -non-self-signed CA which does not have it's CA in netscape, and the -browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta - -Netscape browsers do not really notice the server sending a -close notify message. I was sending one, and then some invalid data. -netscape complained of an invalid mac. (a fork()ed child doing a -SSL_shutdown() and still sharing the socket with its parent). - -Netscape, when using export ciphers, will accept a 1024 bit temporary -RSA key. It is supposed to only accept 512. - -If Netscape connects to a server which requests a client certificate -it will frequently hang after the user has selected one and never -complete the connection. Hitting "Stop" and reload fixes this and -all subsequent connections work fine. This appears to be because -Netscape wont read any new records in when it is awaiting a server -done message at this point. The fix is to send the certificate request -and server done messages in one record. diff --git a/crypto/openssl/crypto/aes/aes.h b/crypto/openssl/crypto/aes/aes.h index baf0222d49..450f2b4051 100644 --- a/crypto/openssl/crypto/aes/aes.h +++ b/crypto/openssl/crypto/aes/aes.h @@ -66,6 +66,10 @@ #define AES_MAXNR 14 #define AES_BLOCK_SIZE 16 +#ifdef OPENSSL_FIPS +#define FIPS_AES_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif diff --git a/crypto/openssl/crypto/aes/aes_cbc.c b/crypto/openssl/crypto/aes/aes_cbc.c index d2ba6bcdb4..373864cd4b 100644 --- a/crypto/openssl/crypto/aes/aes_cbc.c +++ b/crypto/openssl/crypto/aes/aes_cbc.c @@ -59,6 +59,7 @@ #include #include "aes_locl.h" +#if !defined(OPENSSL_FIPS_AES_ASM) void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, const unsigned long length, const AES_KEY *key, unsigned char *ivec, const int enc) { @@ -129,3 +130,4 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, } } } +#endif diff --git a/crypto/openssl/crypto/aes/aes_core.c b/crypto/openssl/crypto/aes/aes_core.c index 3a80e18b0a..cffdd4daec 100644 --- a/crypto/openssl/crypto/aes/aes_core.c +++ b/crypto/openssl/crypto/aes/aes_core.c @@ -37,6 +37,10 @@ #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include "aes_locl.h" /* @@ -631,6 +635,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, int i = 0; u32 temp; +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif + if (!userKey || !key) return -1; if (bits != 128 && bits != 192 && bits != 256) diff --git a/crypto/openssl/crypto/aes/asm/aes-586.pl b/crypto/openssl/crypto/aes/asm/aes-586.pl deleted file mode 100755 index 2774d1cb49..0000000000 --- a/crypto/openssl/crypto/aes/asm/aes-586.pl +++ /dev/null @@ -1,1532 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# Version 3.6. -# -# You might fail to appreciate this module performance from the first -# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered -# to be *the* best Intel C compiler without -KPIC, performance appears -# to be virtually identical... But try to re-configure with shared -# library support... Aha! Intel compiler "suddenly" lags behind by 30% -# [on P4, more on others]:-) And if compared to position-independent -# code generated by GNU C, this code performs *more* than *twice* as -# fast! Yes, all this buzz about PIC means that unlike other hand- -# coded implementations, this one was explicitly designed to be safe -# to use even in shared library context... This also means that this -# code isn't necessarily absolutely fastest "ever," because in order -# to achieve position independence an extra register has to be -# off-loaded to stack, which affects the benchmark result. -# -# Special note about instruction choice. Do you recall RC4_INT code -# performing poorly on P4? It might be the time to figure out why. -# RC4_INT code implies effective address calculations in base+offset*4 -# form. Trouble is that it seems that offset scaling turned to be -# critical path... At least eliminating scaling resulted in 2.8x RC4 -# performance improvement [as you might recall]. As AES code is hungry -# for scaling too, I [try to] avoid the latter by favoring off-by-2 -# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF. -# -# As was shown by Dean Gaudet , the above note turned -# void. Performance improvement with off-by-2 shifts was observed on -# intermediate implementation, which was spilling yet another register -# to stack... Final offset*4 code below runs just a tad faster on P4, -# but exhibits up to 10% improvement on other cores. -# -# Second version is "monolithic" replacement for aes_core.c, which in -# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key. -# This made it possible to implement little-endian variant of the -# algorithm without modifying the base C code. Motivating factor for -# the undertaken effort was that it appeared that in tight IA-32 -# register window little-endian flavor could achieve slightly higher -# Instruction Level Parallelism, and it indeed resulted in up to 15% -# better performance on most recent µ-archs... -# -# Third version adds AES_cbc_encrypt implementation, which resulted in -# up to 40% performance imrovement of CBC benchmark results. 40% was -# observed on P4 core, where "overall" imrovement coefficient, i.e. if -# compared to PIC generated by GCC and in CBC mode, was observed to be -# as large as 4x:-) CBC performance is virtually identical to ECB now -# and on some platforms even better, e.g. 17.6 "small" cycles/byte on -# Opteron, because certain function prologues and epilogues are -# effectively taken out of the loop... -# -# Version 3.2 implements compressed tables and prefetch of these tables -# in CBC[!] mode. Former means that 3/4 of table references are now -# misaligned, which unfortunately has negative impact on elder IA-32 -# implementations, Pentium suffered 30% penalty, PIII - 10%. -# -# Version 3.3 avoids L1 cache aliasing between stack frame and -# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The -# latter is achieved by copying the key schedule to controlled place in -# stack. This unfortunately has rather strong impact on small block CBC -# performance, ~2x deterioration on 16-byte block if compared to 3.3. -# -# Version 3.5 checks if there is L1 cache aliasing between user-supplied -# key schedule and S-boxes and abstains from copying the former if -# there is no. This allows end-user to consciously retain small block -# performance by aligning key schedule in specific manner. -# -# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB. -# -# Current ECB performance numbers for 128-bit key in CPU cycles per -# processed byte [measure commonly used by AES benchmarkers] are: -# -# small footprint fully unrolled -# P4 24 22 -# AMD K8 20 19 -# PIII 25 23 -# Pentium 81 78 - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386"); - -$s0="eax"; -$s1="ebx"; -$s2="ecx"; -$s3="edx"; -$key="edi"; -$acc="esi"; - -$compromise=0; # $compromise=128 abstains from copying key - # schedule to stack when encrypting inputs - # shorter than 128 bytes at the cost of - # risksing aliasing with S-boxes. In return - # you get way better, up to +70%, small block - # performance. -$small_footprint=1; # $small_footprint=1 code is ~5% slower [on - # recent µ-archs], but ~5 times smaller! - # I favor compact code to minimize cache - # contention and in hope to "collect" 5% back - # in real-life applications... -$vertical_spin=0; # shift "verticaly" defaults to 0, because of - # its proof-of-concept status... - -# Note that there is no decvert(), as well as last encryption round is -# performed with "horizontal" shifts. This is because this "vertical" -# implementation [one which groups shifts on a given $s[i] to form a -# "column," unlike "horizontal" one, which groups shifts on different -# $s[i] to form a "row"] is work in progress. It was observed to run -# few percents faster on Intel cores, but not AMD. On AMD K8 core it's -# whole 12% slower:-( So we face a trade-off... Shall it be resolved -# some day? Till then the code is considered experimental and by -# default remains dormant... - -sub encvert() -{ my ($te,@s) = @_; - my $v0 = $acc, $v1 = $key; - - &mov ($v0,$s[3]); # copy s3 - &mov (&DWP(4,"esp"),$s[2]); # save s2 - &mov ($v1,$s[0]); # copy s0 - &mov (&DWP(8,"esp"),$s[1]); # save s1 - - &movz ($s[2],&HB($s[0])); - &and ($s[0],0xFF); - &mov ($s[0],&DWP(0,$te,$s[0],8)); # s0>>0 - &shr ($v1,16); - &mov ($s[3],&DWP(3,$te,$s[2],8)); # s0>>8 - &movz ($s[1],&HB($v1)); - &and ($v1,0xFF); - &mov ($s[2],&DWP(2,$te,$v1,8)); # s0>>16 - &mov ($v1,$v0); - &mov ($s[1],&DWP(1,$te,$s[1],8)); # s0>>24 - - &and ($v0,0xFF); - &xor ($s[3],&DWP(0,$te,$v0,8)); # s3>>0 - &movz ($v0,&HB($v1)); - &shr ($v1,16); - &xor ($s[2],&DWP(3,$te,$v0,8)); # s3>>8 - &movz ($v0,&HB($v1)); - &and ($v1,0xFF); - &xor ($s[1],&DWP(2,$te,$v1,8)); # s3>>16 - &mov ($v1,&DWP(4,"esp")); # restore s2 - &xor ($s[0],&DWP(1,$te,$v0,8)); # s3>>24 - - &mov ($v0,$v1); - &and ($v1,0xFF); - &xor ($s[2],&DWP(0,$te,$v1,8)); # s2>>0 - &movz ($v1,&HB($v0)); - &shr ($v0,16); - &xor ($s[1],&DWP(3,$te,$v1,8)); # s2>>8 - &movz ($v1,&HB($v0)); - &and ($v0,0xFF); - &xor ($s[0],&DWP(2,$te,$v0,8)); # s2>>16 - &mov ($v0,&DWP(8,"esp")); # restore s1 - &xor ($s[3],&DWP(1,$te,$v1,8)); # s2>>24 - - &mov ($v1,$v0); - &and ($v0,0xFF); - &xor ($s[1],&DWP(0,$te,$v0,8)); # s1>>0 - &movz ($v0,&HB($v1)); - &shr ($v1,16); - &xor ($s[0],&DWP(3,$te,$v0,8)); # s1>>8 - &movz ($v0,&HB($v1)); - &and ($v1,0xFF); - &xor ($s[3],&DWP(2,$te,$v1,8)); # s1>>16 - &mov ($key,&DWP(12,"esp")); # reincarnate v1 as key - &xor ($s[2],&DWP(1,$te,$v0,8)); # s1>>24 -} - -sub encstep() -{ my ($i,$te,@s) = @_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # lines marked with #%e?x[i] denote "reordered" instructions... - if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx - else { &mov ($out,$s[0]); - &and ($out,0xFF); } - if ($i==1) { &shr ($s[0],16); }#%ebx[1] - if ($i==2) { &shr ($s[0],24); }#%ecx[2] - &mov ($out,&DWP(0,$te,$out,8)); - - if ($i==3) { $tmp=$s[1]; }##%eax - &movz ($tmp,&HB($s[1])); - &xor ($out,&DWP(3,$te,$tmp,8)); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx - else { &mov ($tmp,$s[2]); - &shr ($tmp,16); } - if ($i==2) { &and ($s[1],0xFF); }#%edx[2] - &and ($tmp,0xFF); - &xor ($out,&DWP(2,$te,$tmp,8)); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx - elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] - else { &mov ($tmp,$s[3]); - &shr ($tmp,24) } - &xor ($out,&DWP(1,$te,$tmp,8)); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$acc); } - &comment(); -} - -sub enclast() -{ my ($i,$te,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - if ($i==3) { &mov ($key,&DWP(12,"esp")); }##%edx - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - if ($i==1) { &shr ($s[0],16); }#%ebx[1] - if ($i==2) { &shr ($s[0],24); }#%ecx[2] - &mov ($out,&DWP(2,$te,$out,8)); - &and ($out,0x000000ff); - - if ($i==3) { $tmp=$s[1]; }##%eax - &movz ($tmp,&HB($s[1])); - &mov ($tmp,&DWP(0,$te,$tmp,8)); - &and ($tmp,0x0000ff00); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],&DWP(4,"esp")); }##%ebx - else { mov ($tmp,$s[2]); - &shr ($tmp,16); } - if ($i==2) { &and ($s[1],0xFF); }#%edx[2] - &and ($tmp,0xFF); - &mov ($tmp,&DWP(0,$te,$tmp,8)); - &and ($tmp,0x00ff0000); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); }##%ecx - elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] - else { &mov ($tmp,$s[3]); - &shr ($tmp,24); } - &mov ($tmp,&DWP(2,$te,$tmp,8)); - &and ($tmp,0xff000000); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$acc); } -} - -sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } - -&public_label("AES_Te"); -&function_begin_B("_x86_AES_encrypt"); - if ($vertical_spin) { - # I need high parts of volatile registers to be accessible... - &exch ($s1="edi",$key="ebx"); - &mov ($s2="esi",$acc="ecx"); - } - - # note that caller is expected to allocate stack frame for me! - &mov (&DWP(12,"esp"),$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - - if ($small_footprint) { - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov (&DWP(16,"esp"),$acc); # end of key schedule - &align (4); - &set_label("loop"); - if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); - } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); - } - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - &cmp ($key,&DWP(16,"esp")); - &mov (&DWP(12,"esp"),$key); - &jb (&label("loop")); - } - else { - &cmp ($acc,10); - &jle (&label("10rounds")); - &cmp ($acc,12); - &jle (&label("12rounds")); - - &set_label("14rounds"); - for ($i=1;$i<3;$i++) { - if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); - } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("12rounds"); - for ($i=1;$i<3;$i++) { - if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); - } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("10rounds"); - for ($i=1;$i<10;$i++) { - if ($vertical_spin) { - &encvert("ebp",$s0,$s1,$s2,$s3); - } else { - &encstep(0,"ebp",$s0,$s1,$s2,$s3); - &encstep(1,"ebp",$s1,$s2,$s3,$s0); - &encstep(2,"ebp",$s2,$s3,$s0,$s1); - &encstep(3,"ebp",$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - } - - if ($vertical_spin) { - # "reincarnate" some registers for "horizontal" spin... - &mov ($s1="ebx",$key="edi"); - &mov ($s2="ecx",$acc="esi"); - } - &enclast(0,"ebp",$s0,$s1,$s2,$s3); - &enclast(1,"ebp",$s1,$s2,$s3,$s0); - &enclast(2,"ebp",$s2,$s3,$s0,$s1); - &enclast(3,"ebp",$s3,$s0,$s1,$s2); - - &add ($key,$small_footprint?16:160); - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &ret (); - -&set_label("AES_Te",64); # Yes! I keep it in the code segment! - &_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6); - &_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591); - &_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56); - &_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec); - &_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa); - &_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb); - &_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45); - &_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b); - &_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c); - &_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83); - &_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9); - &_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a); - &_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d); - &_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f); - &_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df); - &_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea); - &_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34); - &_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b); - &_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d); - &_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413); - &_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1); - &_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6); - &_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972); - &_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85); - &_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed); - &_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511); - &_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe); - &_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b); - &_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05); - &_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1); - &_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142); - &_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf); - &_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3); - &_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e); - &_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a); - &_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6); - &_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3); - &_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b); - &_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428); - &_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad); - &_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14); - &_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8); - &_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4); - &_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2); - &_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda); - &_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949); - &_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf); - &_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810); - &_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c); - &_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697); - &_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e); - &_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f); - &_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc); - &_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c); - &_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969); - &_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27); - &_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122); - &_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433); - &_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9); - &_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5); - &_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a); - &_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); - &_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); - &_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); -#rcon: - &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008); - &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080); - &data_word(0x0000001b, 0x00000036, 0, 0, 0, 0, 0, 0); -&function_end_B("_x86_AES_encrypt"); - -# void AES_encrypt (const void *inp,void *out,const AES_KEY *key); -&public_label("AES_Te"); -&function_begin("AES_encrypt"); - &mov ($acc,&wparam(0)); # load inp - &mov ($key,&wparam(2)); # load key - - &mov ($s0,"esp"); - &sub ("esp",24); - &and ("esp",-64); - &add ("esp",4); - &mov (&DWP(16,"esp"),$s0); - - &call (&label("pic_point")); # make it PIC! - &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - &mov ($s0,&DWP(0,$acc)); # load input data - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &call ("_x86_AES_encrypt"); - - &mov ("esp",&DWP(16,"esp")); - - &mov ($acc,&wparam(1)); # load out - &mov (&DWP(0,$acc),$s0); # write output data - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); -&function_end("AES_encrypt"); - -#------------------------------------------------------------------# - -sub decstep() -{ my ($i,$td,@s) = @_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # no instructions are reordered, as performance appears - # optimal... or rather that all attempts to reorder didn't - # result in better performance [which by the way is not a - # bit lower than ecryption]. - if($i==3) { &mov ($key,&DWP(12,"esp")); } - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - &mov ($out,&DWP(0,$td,$out,8)); - - if ($i==3) { $tmp=$s[1]; } - &movz ($tmp,&HB($s[1])); - &xor ($out,&DWP(3,$td,$tmp,8)); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } - else { &mov ($tmp,$s[2]); } - &shr ($tmp,16); - &and ($tmp,0xFF); - &xor ($out,&DWP(2,$td,$tmp,8)); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } - else { &mov ($tmp,$s[3]); } - &shr ($tmp,24); - &xor ($out,&DWP(1,$td,$tmp,8)); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } - &comment(); -} - -sub declast() -{ my ($i,$td,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - if($i==3) { &mov ($key,&DWP(12,"esp")); } - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - &movz ($out,&DWP(2048,$td,$out,1)); - - if ($i==3) { $tmp=$s[1]; } - &movz ($tmp,&HB($s[1])); - &movz ($tmp,&DWP(2048,$td,$tmp,1)); - &shl ($tmp,8); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } - else { mov ($tmp,$s[2]); } - &shr ($tmp,16); - &and ($tmp,0xFF); - &movz ($tmp,&DWP(2048,$td,$tmp,1)); - &shl ($tmp,16); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],&DWP(8,"esp")); } - else { &mov ($tmp,$s[3]); } - &shr ($tmp,24); - &movz ($tmp,&DWP(2048,$td,$tmp,1)); - &shl ($tmp,24); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],&DWP(4,"esp")); } -} - -&public_label("AES_Td"); -&function_begin_B("_x86_AES_decrypt"); - # note that caller is expected to allocate stack frame for me! - &mov (&DWP(12,"esp"),$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - - if ($small_footprint) { - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov (&DWP(16,"esp"),$acc); # end of key schedule - &align (4); - &set_label("loop"); - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - &cmp ($key,&DWP(16,"esp")); - &mov (&DWP(12,"esp"),$key); - &jb (&label("loop")); - } - else { - &cmp ($acc,10); - &jle (&label("10rounds")); - &cmp ($acc,12); - &jle (&label("12rounds")); - - &set_label("14rounds"); - for ($i=1;$i<3;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("12rounds"); - for ($i=1;$i<3;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov (&DWP(12,"esp"),$key); # advance rd_key - &set_label("10rounds"); - for ($i=1;$i<10;$i++) { - &decstep(0,"ebp",$s0,$s3,$s2,$s1); - &decstep(1,"ebp",$s1,$s0,$s3,$s2); - &decstep(2,"ebp",$s2,$s1,$s0,$s3); - &decstep(3,"ebp",$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - } - - &declast(0,"ebp",$s0,$s3,$s2,$s1); - &declast(1,"ebp",$s1,$s0,$s3,$s2); - &declast(2,"ebp",$s2,$s1,$s0,$s3); - &declast(3,"ebp",$s3,$s2,$s1,$s0); - - &add ($key,$small_footprint?16:160); - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &ret (); - -&set_label("AES_Td",64); # Yes! I keep it in the code segment! - &_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a); - &_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b); - &_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5); - &_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5); - &_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d); - &_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b); - &_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295); - &_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e); - &_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927); - &_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d); - &_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362); - &_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9); - &_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52); - &_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566); - &_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3); - &_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed); - &_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e); - &_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4); - &_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4); - &_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd); - &_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d); - &_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060); - &_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967); - &_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879); - &_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000); - &_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c); - &_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36); - &_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624); - &_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b); - &_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c); - &_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12); - &_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14); - &_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3); - &_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b); - &_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8); - &_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684); - &_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7); - &_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177); - &_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947); - &_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322); - &_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498); - &_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f); - &_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54); - &_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382); - &_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf); - &_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb); - &_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83); - &_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef); - &_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029); - &_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235); - &_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733); - &_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117); - &_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4); - &_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546); - &_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb); - &_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d); - &_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb); - &_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a); - &_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773); - &_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478); - &_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2); - &_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); - &_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); - &_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); -#Td4: - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -&function_end_B("_x86_AES_decrypt"); - -# void AES_decrypt (const void *inp,void *out,const AES_KEY *key); -&public_label("AES_Td"); -&function_begin("AES_decrypt"); - &mov ($acc,&wparam(0)); # load inp - &mov ($key,&wparam(2)); # load key - - &mov ($s0,"esp"); - &sub ("esp",24); - &and ("esp",-64); - &add ("esp",4); - &mov (&DWP(16,"esp"),$s0); - - &call (&label("pic_point")); # make it PIC! - &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - - # prefetch Td4 - &lea ("ebp",&DWP(2048+128,"ebp")); - &mov ($s0,&DWP(0-128,"ebp")); - &mov ($s1,&DWP(32-128,"ebp")); - &mov ($s2,&DWP(64-128,"ebp")); - &mov ($s3,&DWP(96-128,"ebp")); - &mov ($s0,&DWP(128-128,"ebp")); - &mov ($s1,&DWP(160-128,"ebp")); - &mov ($s2,&DWP(192-128,"ebp")); - &mov ($s3,&DWP(224-128,"ebp")); - &lea ("ebp",&DWP(-2048-128,"ebp")); - - &mov ($s0,&DWP(0,$acc)); # load input data - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &call ("_x86_AES_decrypt"); - - &mov ("esp",&DWP(16,"esp")); - - &mov ($acc,&wparam(1)); # load out - &mov (&DWP(0,$acc),$s0); # write output data - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); -&function_end("AES_decrypt"); - -# void AES_cbc_encrypt (const void char *inp, unsigned char *out, -# size_t length, const AES_KEY *key, -# unsigned char *ivp,const int enc); -{ -# stack frame layout -# -4(%esp) 0(%esp) return address -# 0(%esp) 4(%esp) tmp1 -# 4(%esp) 8(%esp) tmp2 -# 8(%esp) 12(%esp) key -# 12(%esp) 16(%esp) end of key schedule -my $_esp=&DWP(16,"esp"); #saved %esp -my $_inp=&DWP(20,"esp"); #copy of wparam(0) -my $_out=&DWP(24,"esp"); #copy of wparam(1) -my $_len=&DWP(28,"esp"); #copy of wparam(2) -my $_key=&DWP(32,"esp"); #copy of wparam(3) -my $_ivp=&DWP(36,"esp"); #copy of wparam(4) -my $_tmp=&DWP(40,"esp"); #volatile variable -my $ivec=&DWP(44,"esp"); #ivec[16] -my $aes_key=&DWP(60,"esp"); #copy of aes_key -my $mark=&DWP(60+240,"esp"); #copy of aes_key->rounds - -&public_label("AES_Te"); -&public_label("AES_Td"); -&function_begin("AES_cbc_encrypt"); - &mov ($s2 eq "ecx"? $s2 : "",&wparam(2)); # load len - &cmp ($s2,0); - &je (&label("enc_out")); - - &call (&label("pic_point")); # make it PIC! - &set_label("pic_point"); - &blindpop("ebp"); - - &pushf (); - &cld (); - - &cmp (&wparam(5),0); - &je (&label("DECRYPT")); - - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - # allocate aligned stack frame... - &lea ($key,&DWP(-64-244,"esp")); - &and ($key,-64); - - # ... and make sure it doesn't alias with AES_Te modulo 4096 - &mov ($s0,"ebp"); - &lea ($s1,&DWP(2048,"ebp")); - &mov ($s3,$key); - &and ($s0,0xfff); # s = %ebp&0xfff - &and ($s1,0xfff); # e = (%ebp+2048)&0xfff - &and ($s3,0xfff); # p = %esp&0xfff - - &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); - &jb (&label("te_break_out")); - &sub ($s3,$s1); - &sub ($key,$s3); - &jmp (&label("te_ok")); - &set_label("te_break_out"); # else %esp -= (p-s)&0xfff + framesz; - &sub ($s3,$s0); - &and ($s3,0xfff); - &add ($s3,64+256); - &sub ($key,$s3); - &align (4); - &set_label("te_ok"); - - &mov ($s0,&wparam(0)); # load inp - &mov ($s1,&wparam(1)); # load out - &mov ($s3,&wparam(3)); # load key - &mov ($acc,&wparam(4)); # load ivp - - &exch ("esp",$key); - &add ("esp",4); # reserve for return address! - &mov ($_esp,$key); # save %esp - - &mov ($_inp,$s0); # save copy of inp - &mov ($_out,$s1); # save copy of out - &mov ($_len,$s2); # save copy of len - &mov ($_key,$s3); # save copy of key - &mov ($_ivp,$acc); # save copy of ivp - - &mov ($mark,0); # copy of aes_key->rounds = 0; - if ($compromise) { - &cmp ($s2,$compromise); - &jb (&label("skip_ecopy")); - } - # do we copy key schedule to stack? - &mov ($s1 eq "ebx" ? $s1 : "",$s3); - &mov ($s2 eq "ecx" ? $s2 : "",244/4); - &sub ($s1,"ebp"); - &mov ("esi",$s3); - &and ($s1,0xfff); - &lea ("edi",$aes_key); - &cmp ($s1,2048); - &jb (&label("do_ecopy")); - &cmp ($s1,4096-244); - &jb (&label("skip_ecopy")); - &align (4); - &set_label("do_ecopy"); - &mov ($_key,"edi"); - &data_word(0xA5F3F689); # rep movsd - &set_label("skip_ecopy"); - - &mov ($acc,$s0); - &mov ($key,16); - &align (4); - &set_label("prefetch_te"); - &mov ($s0,&DWP(0,"ebp")); - &mov ($s1,&DWP(32,"ebp")); - &mov ($s2,&DWP(64,"ebp")); - &mov ($s3,&DWP(96,"ebp")); - &lea ("ebp",&DWP(128,"ebp")); - &dec ($key); - &jnz (&label("prefetch_te")); - &sub ("ebp",2048); - - &mov ($s2,$_len); - &mov ($key,$_ivp); - &test ($s2,0xFFFFFFF0); - &jz (&label("enc_tail")); # short input... - - &mov ($s0,&DWP(0,$key)); # load iv - &mov ($s1,&DWP(4,$key)); - - &align (4); - &set_label("enc_loop"); - &mov ($s2,&DWP(8,$key)); - &mov ($s3,&DWP(12,$key)); - - &xor ($s0,&DWP(0,$acc)); # xor input data - &xor ($s1,&DWP(4,$acc)); - &xor ($s2,&DWP(8,$acc)); - &xor ($s3,&DWP(12,$acc)); - - &mov ($key,$_key); # load key - &call ("_x86_AES_encrypt"); - - &mov ($acc,$_inp); # load inp - &mov ($key,$_out); # load out - - &mov (&DWP(0,$key),$s0); # save output data - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($s2,$_len); # load len - - &lea ($acc,&DWP(16,$acc)); - &mov ($_inp,$acc); # save inp - - &lea ($s3,&DWP(16,$key)); - &mov ($_out,$s3); # save out - - &sub ($s2,16); - &test ($s2,0xFFFFFFF0); - &mov ($_len,$s2); # save len - &jnz (&label("enc_loop")); - &test ($s2,15); - &jnz (&label("enc_tail")); - &mov ($acc,$_ivp); # load ivp - &mov ($s2,&DWP(8,$key)); # restore last dwords - &mov ($s3,&DWP(12,$key)); - &mov (&DWP(0,$acc),$s0); # save ivec - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &cmp ($mark,0); # was the key schedule copied? - &mov ("edi",$_key); - &mov ("esp",$_esp); - &je (&label("skip_ezero")); - # zero copy of key schedule - &mov ("ecx",240/4); - &xor ("eax","eax"); - &align (4); - &data_word(0xABF3F689); # rep stosd - &set_label("skip_ezero") - &popf (); - &set_label("enc_out"); - &function_end_A(); - &pushf (); # kludge, never executed - - &align (4); - &set_label("enc_tail"); - &push ($key eq "edi" ? $key : ""); # push ivp - &mov ($key,$_out); # load out - &mov ($s1,16); - &sub ($s1,$s2); - &cmp ($key,$acc); # compare with inp - &je (&label("enc_in_place")); - &align (4); - &data_word(0xA4F3F689); # rep movsb # copy input - &jmp (&label("enc_skip_in_place")); - &set_label("enc_in_place"); - &lea ($key,&DWP(0,$key,$s2)); - &set_label("enc_skip_in_place"); - &mov ($s2,$s1); - &xor ($s0,$s0); - &align (4); - &data_word(0xAAF3F689); # rep stosb # zero tail - &pop ($key); # pop ivp - - &mov ($acc,$_out); # output as input - &mov ($s0,&DWP(0,$key)); - &mov ($s1,&DWP(4,$key)); - &mov ($_len,16); # len=16 - &jmp (&label("enc_loop")); # one more spin... - -#----------------------------- DECRYPT -----------------------------# -&align (4); -&set_label("DECRYPT"); - &lea ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - - # allocate aligned stack frame... - &lea ($key,&DWP(-64-244,"esp")); - &and ($key,-64); - - # ... and make sure it doesn't alias with AES_Td modulo 4096 - &mov ($s0,"ebp"); - &lea ($s1,&DWP(2048+256,"ebp")); - &mov ($s3,$key); - &and ($s0,0xfff); # s = %ebp&0xfff - &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff - &and ($s3,0xfff); # p = %esp&0xfff - - &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); - &jb (&label("td_break_out")); - &sub ($s3,$s1); - &sub ($key,$s3); - &jmp (&label("td_ok")); - &set_label("td_break_out"); # else %esp -= (p-s)&0xfff + framesz; - &sub ($s3,$s0); - &and ($s3,0xfff); - &add ($s3,64+256); - &sub ($key,$s3); - &align (4); - &set_label("td_ok"); - - &mov ($s0,&wparam(0)); # load inp - &mov ($s1,&wparam(1)); # load out - &mov ($s3,&wparam(3)); # load key - &mov ($acc,&wparam(4)); # load ivp - - &exch ("esp",$key); - &add ("esp",4); # reserve for return address! - &mov ($_esp,$key); # save %esp - - &mov ($_inp,$s0); # save copy of inp - &mov ($_out,$s1); # save copy of out - &mov ($_len,$s2); # save copy of len - &mov ($_key,$s3); # save copy of key - &mov ($_ivp,$acc); # save copy of ivp - - &mov ($mark,0); # copy of aes_key->rounds = 0; - if ($compromise) { - &cmp ($s2,$compromise); - &jb (&label("skip_dcopy")); - } - # do we copy key schedule to stack? - &mov ($s1 eq "ebx" ? $s1 : "",$s3); - &mov ($s2 eq "ecx" ? $s2 : "",244/4); - &sub ($s1,"ebp"); - &mov ("esi",$s3); - &and ($s1,0xfff); - &lea ("edi",$aes_key); - &cmp ($s1,2048+256); - &jb (&label("do_dcopy")); - &cmp ($s1,4096-244); - &jb (&label("skip_dcopy")); - &align (4); - &set_label("do_dcopy"); - &mov ($_key,"edi"); - &data_word(0xA5F3F689); # rep movsd - &set_label("skip_dcopy"); - - &mov ($acc,$s0); - &mov ($key,18); - &align (4); - &set_label("prefetch_td"); - &mov ($s0,&DWP(0,"ebp")); - &mov ($s1,&DWP(32,"ebp")); - &mov ($s2,&DWP(64,"ebp")); - &mov ($s3,&DWP(96,"ebp")); - &lea ("ebp",&DWP(128,"ebp")); - &dec ($key); - &jnz (&label("prefetch_td")); - &sub ("ebp",2048+256); - - &cmp ($acc,$_out); - &je (&label("dec_in_place")); # in-place processing... - - &mov ($key,$_ivp); # load ivp - &mov ($_tmp,$key); - - &align (4); - &set_label("dec_loop"); - &mov ($s0,&DWP(0,$acc)); # read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov ($key,$_key); # load key - &call ("_x86_AES_decrypt"); - - &mov ($key,$_tmp); # load ivp - &mov ($acc,$_len); # load len - &xor ($s0,&DWP(0,$key)); # xor iv - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &sub ($acc,16); - &jc (&label("dec_partial")); - &mov ($_len,$acc); # save len - &mov ($acc,$_inp); # load inp - &mov ($key,$_out); # load out - - &mov (&DWP(0,$key),$s0); # write output - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($_tmp,$acc); # save ivp - &lea ($acc,&DWP(16,$acc)); - &mov ($_inp,$acc); # save inp - - &lea ($key,&DWP(16,$key)); - &mov ($_out,$key); # save out - - &jnz (&label("dec_loop")); - &mov ($key,$_tmp); # load temp ivp - &set_label("dec_end"); - &mov ($acc,$_ivp); # load user ivp - &mov ($s0,&DWP(0,$key)); # load iv - &mov ($s1,&DWP(4,$key)); - &mov ($s2,&DWP(8,$key)); - &mov ($s3,&DWP(12,$key)); - &mov (&DWP(0,$acc),$s0); # copy back to user - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - &jmp (&label("dec_out")); - - &align (4); - &set_label("dec_partial"); - &lea ($key,$ivec); - &mov (&DWP(0,$key),$s0); # dump output to stack - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - &lea ($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc)); - &mov ($acc eq "esi" ? $acc : "",$key); - &mov ($key eq "edi" ? $key : "",$_out); # load out - &data_word(0xA4F3F689); # rep movsb # copy output - &mov ($key,$_inp); # use inp as temp ivp - &jmp (&label("dec_end")); - - &align (4); - &set_label("dec_in_place"); - &set_label("dec_in_place_loop"); - &lea ($key,$ivec); - &mov ($s0,&DWP(0,$acc)); # read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov (&DWP(0,$key),$s0); # copy to temp - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($key,$_key); # load key - &call ("_x86_AES_decrypt"); - - &mov ($key,$_ivp); # load ivp - &mov ($acc,$_out); # load out - &xor ($s0,&DWP(0,$key)); # xor iv - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov (&DWP(0,$acc),$s0); # write output - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &lea ($acc,&DWP(16,$acc)); - &mov ($_out,$acc); # save out - - &lea ($acc,$ivec); - &mov ($s0,&DWP(0,$acc)); # read temp - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov (&DWP(0,$key),$s0); # copy iv - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($acc,$_inp); # load inp - - &lea ($acc,&DWP(16,$acc)); - &mov ($_inp,$acc); # save inp - - &mov ($s2,$_len); # load len - &sub ($s2,16); - &jc (&label("dec_in_place_partial")); - &mov ($_len,$s2); # save len - &jnz (&label("dec_in_place_loop")); - &jmp (&label("dec_out")); - - &align (4); - &set_label("dec_in_place_partial"); - # one can argue if this is actually required... - &mov ($key eq "edi" ? $key : "",$_out); - &lea ($acc eq "esi" ? $acc : "",$ivec); - &lea ($key,&DWP(0,$key,$s2)); - &lea ($acc,&DWP(16,$acc,$s2)); - &neg ($s2 eq "ecx" ? $s2 : ""); - &data_word(0xA4F3F689); # rep movsb # restore tail - - &align (4); - &set_label("dec_out"); - &cmp ($mark,0); # was the key schedule copied? - &mov ("edi",$_key); - &mov ("esp",$_esp); - &je (&label("skip_dzero")); - # zero copy of key schedule - &mov ("ecx",240/4); - &xor ("eax","eax"); - &align (4); - &data_word(0xABF3F689); # rep stosd - &set_label("skip_dzero") - &popf (); -&function_end("AES_cbc_encrypt"); -} - -#------------------------------------------------------------------# - -sub enckey() -{ - &movz ("esi",&LB("edx")); # rk[i]>>0 - &mov ("ebx",&DWP(2,"ebp","esi",8)); - &movz ("esi",&HB("edx")); # rk[i]>>8 - &and ("ebx",0xFF000000); - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(2,"ebp","esi",8)); - &shr ("edx",16); - &and ("ebx",0x000000FF); - &movz ("esi",&LB("edx")); # rk[i]>>16 - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(0,"ebp","esi",8)); - &movz ("esi",&HB("edx")); # rk[i]>>24 - &and ("ebx",0x0000FF00); - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(0,"ebp","esi",8)); - &and ("ebx",0x00FF0000); - &xor ("eax","ebx"); - - &xor ("eax",&DWP(2048,"ebp","ecx",4)); # rcon -} - -# int AES_set_encrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&public_label("AES_Te"); -&function_begin("AES_set_encrypt_key"); - &mov ("esi",&wparam(0)); # user supplied key - &mov ("edi",&wparam(2)); # private key schedule - - &test ("esi",-1); - &jz (&label("badpointer")); - &test ("edi",-1); - &jz (&label("badpointer")); - - &call (&label("pic_point")); - &set_label("pic_point"); - &blindpop("ebp"); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - &mov ("ecx",&wparam(1)); # number of bits in key - &cmp ("ecx",128); - &je (&label("10rounds")); - &cmp ("ecx",192); - &je (&label("12rounds")); - &cmp ("ecx",256); - &je (&label("14rounds")); - &mov ("eax",-2); # invalid number of bits - &jmp (&label("exit")); - - &set_label("10rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 4 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("10shortcut")); - - &align (4); - &set_label("10loop"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - &mov ("edx",&DWP(12,"edi")); # rk[3] - &set_label("10shortcut"); - &enckey (); - - &mov (&DWP(16,"edi"),"eax"); # rk[4] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(20,"edi"),"eax"); # rk[5] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(24,"edi"),"eax"); # rk[6] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(28,"edi"),"eax"); # rk[7] - &inc ("ecx"); - &add ("edi",16); - &cmp ("ecx",10); - &jl (&label("10loop")); - - &mov (&DWP(80,"edi"),10); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("12rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 6 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - &mov ("ecx",&DWP(16,"esi")); - &mov ("edx",&DWP(20,"esi")); - &mov (&DWP(16,"edi"),"ecx"); - &mov (&DWP(20,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("12shortcut")); - - &align (4); - &set_label("12loop"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - &mov ("edx",&DWP(20,"edi")); # rk[5] - &set_label("12shortcut"); - &enckey (); - - &mov (&DWP(24,"edi"),"eax"); # rk[6] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(28,"edi"),"eax"); # rk[7] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(32,"edi"),"eax"); # rk[8] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(36,"edi"),"eax"); # rk[9] - - &cmp ("ecx",7); - &je (&label("12break")); - &inc ("ecx"); - - &xor ("eax",&DWP(16,"edi")); - &mov (&DWP(40,"edi"),"eax"); # rk[10] - &xor ("eax",&DWP(20,"edi")); - &mov (&DWP(44,"edi"),"eax"); # rk[11] - - &add ("edi",24); - &jmp (&label("12loop")); - - &set_label("12break"); - &mov (&DWP(72,"edi"),12); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("14rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 8 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - &mov ("eax",&DWP(16,"esi")); - &mov ("ebx",&DWP(20,"esi")); - &mov ("ecx",&DWP(24,"esi")); - &mov ("edx",&DWP(28,"esi")); - &mov (&DWP(16,"edi"),"eax"); - &mov (&DWP(20,"edi"),"ebx"); - &mov (&DWP(24,"edi"),"ecx"); - &mov (&DWP(28,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("14shortcut")); - - &align (4); - &set_label("14loop"); - &mov ("edx",&DWP(28,"edi")); # rk[7] - &set_label("14shortcut"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - - &enckey (); - - &mov (&DWP(32,"edi"),"eax"); # rk[8] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(36,"edi"),"eax"); # rk[9] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(40,"edi"),"eax"); # rk[10] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(44,"edi"),"eax"); # rk[11] - - &cmp ("ecx",6); - &je (&label("14break")); - &inc ("ecx"); - - &mov ("edx","eax"); - &mov ("eax",&DWP(16,"edi")); # rk[4] - &movz ("esi",&LB("edx")); # rk[11]>>0 - &mov ("ebx",&DWP(2,"ebp","esi",8)); - &movz ("esi",&HB("edx")); # rk[11]>>8 - &and ("ebx",0x000000FF); - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(0,"ebp","esi",8)); - &shr ("edx",16); - &and ("ebx",0x0000FF00); - &movz ("esi",&LB("edx")); # rk[11]>>16 - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(0,"ebp","esi",8)); - &movz ("esi",&HB("edx")); # rk[11]>>24 - &and ("ebx",0x00FF0000); - &xor ("eax","ebx"); - - &mov ("ebx",&DWP(2,"ebp","esi",8)); - &and ("ebx",0xFF000000); - &xor ("eax","ebx"); - - &mov (&DWP(48,"edi"),"eax"); # rk[12] - &xor ("eax",&DWP(20,"edi")); - &mov (&DWP(52,"edi"),"eax"); # rk[13] - &xor ("eax",&DWP(24,"edi")); - &mov (&DWP(56,"edi"),"eax"); # rk[14] - &xor ("eax",&DWP(28,"edi")); - &mov (&DWP(60,"edi"),"eax"); # rk[15] - - &add ("edi",32); - &jmp (&label("14loop")); - - &set_label("14break"); - &mov (&DWP(48,"edi"),14); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("badpointer"); - &mov ("eax",-1); - &set_label("exit"); -&function_end("AES_set_encrypt_key"); - -sub deckey() -{ my ($i,$ptr,$te,$td) = @_; - - &mov ("eax",&DWP($i,$ptr)); - &mov ("edx","eax"); - &movz ("ebx",&HB("eax")); - &shr ("edx",16); - &and ("eax",0xFF); - &movz ("eax",&BP(2,$te,"eax",8)); - &movz ("ebx",&BP(2,$te,"ebx",8)); - &mov ("eax",&DWP(0,$td,"eax",8)); - &xor ("eax",&DWP(3,$td,"ebx",8)); - &movz ("ebx",&HB("edx")); - &and ("edx",0xFF); - &movz ("edx",&BP(2,$te,"edx",8)); - &movz ("ebx",&BP(2,$te,"ebx",8)); - &xor ("eax",&DWP(2,$td,"edx",8)); - &xor ("eax",&DWP(1,$td,"ebx",8)); - &mov (&DWP($i,$ptr),"eax"); -} - -# int AES_set_decrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&public_label("AES_Td"); -&public_label("AES_Te"); -&function_begin_B("AES_set_decrypt_key"); - &mov ("eax",&wparam(0)); - &mov ("ecx",&wparam(1)); - &mov ("edx",&wparam(2)); - &sub ("esp",12); - &mov (&DWP(0,"esp"),"eax"); - &mov (&DWP(4,"esp"),"ecx"); - &mov (&DWP(8,"esp"),"edx"); - &call ("AES_set_encrypt_key"); - &add ("esp",12); - &cmp ("eax",0); - &je (&label("proceed")); - &ret (); - - &set_label("proceed"); - &push ("ebp"); - &push ("ebx"); - &push ("esi"); - &push ("edi"); - - &mov ("esi",&wparam(2)); - &mov ("ecx",&DWP(240,"esi")); # pull number of rounds - &lea ("ecx",&DWP(0,"","ecx",4)); - &lea ("edi",&DWP(0,"esi","ecx",4)); # pointer to last chunk - - &align (4); - &set_label("invert"); # invert order of chunks - &mov ("eax",&DWP(0,"esi")); - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(0,"edi")); - &mov ("edx",&DWP(4,"edi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(0,"esi"),"ecx"); - &mov (&DWP(4,"esi"),"edx"); - &mov ("eax",&DWP(8,"esi")); - &mov ("ebx",&DWP(12,"esi")); - &mov ("ecx",&DWP(8,"edi")); - &mov ("edx",&DWP(12,"edi")); - &mov (&DWP(8,"edi"),"eax"); - &mov (&DWP(12,"edi"),"ebx"); - &mov (&DWP(8,"esi"),"ecx"); - &mov (&DWP(12,"esi"),"edx"); - &add ("esi",16); - &sub ("edi",16); - &cmp ("esi","edi"); - &jne (&label("invert")); - - &call (&label("pic_point")); - &set_label("pic_point"); - blindpop("ebp"); - &lea ("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp")); - &lea ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp")); - - &mov ("esi",&wparam(2)); - &mov ("ecx",&DWP(240,"esi")); # pull number of rounds - &dec ("ecx"); - &align (4); - &set_label("permute"); # permute the key schedule - &add ("esi",16); - &deckey (0,"esi","ebp","edi"); - &deckey (4,"esi","ebp","edi"); - &deckey (8,"esi","ebp","edi"); - &deckey (12,"esi","ebp","edi"); - &dec ("ecx"); - &jnz (&label("permute")); - - &xor ("eax","eax"); # return success -&function_end("AES_set_decrypt_key"); - -&asm_finish(); diff --git a/crypto/openssl/crypto/aes/asm/aes-ia64.S b/crypto/openssl/crypto/aes/asm/aes-ia64.S deleted file mode 100644 index 542cf335e9..0000000000 --- a/crypto/openssl/crypto/aes/asm/aes-ia64.S +++ /dev/null @@ -1,1652 +0,0 @@ -// ==================================================================== -// Written by Andy Polyakov for the OpenSSL -// project. Rights for redistribution and usage in source and binary -// forms are granted according to the OpenSSL license. -// ==================================================================== -// -// What's wrong with compiler generated code? Compiler never uses -// variable 'shr' which is pairable with 'extr'/'dep' instructions. -// Then it uses 'zxt' which is an I-type, but can be replaced with -// 'and' which in turn can be assigned to M-port [there're double as -// much M-ports as there're I-ports on Itanium 2]. By sacrificing few -// registers for small constants (255, 24 and 16) to be used with -// 'shr' and 'and' instructions I can achieve better ILP, Intruction -// Level Parallelism, and performance. This code outperforms GCC 3.3 -// generated code by over factor of 2 (two), GCC 3.4 - by 70% and -// HP C - by 40%. Measured best-case scenario, i.e. aligned -// big-endian input, ECB timing on Itanium 2 is (18 + 13*rounds) -// ticks per block, or 9.25 CPU cycles per byte for 128 bit key. - -.ident "aes-ia64.S, version 1.1" -.ident "IA-64 ISA artwork by Andy Polyakov " -.explicit -.text - -rk0=r8; rk1=r9; - -prsave=r10; -maskff=r11; -twenty4=r14; -sixteen=r15; - -te00=r16; te11=r17; te22=r18; te33=r19; -te01=r20; te12=r21; te23=r22; te30=r23; -te02=r24; te13=r25; te20=r26; te31=r27; -te03=r28; te10=r29; te21=r30; te32=r31; - -// these are rotating... -t0=r32; s0=r33; -t1=r34; s1=r35; -t2=r36; s2=r37; -t3=r38; s3=r39; - -te0=r40; te1=r41; te2=r42; te3=r43; - -#if defined(_HPUX_SOURCE) && !defined(_LP64) -# define ADDP addp4 -# define KSZ 4 -# define LDKEY ld4 -#else -# define ADDP add -#endif - -// This implies that AES_KEY comprises 32-bit key schedule elements -// even on LP64 platforms. -#ifndef KSZ -# define KSZ 4 -# define LDKEY ld4 -#endif - -.proc _ia64_AES_encrypt# -// Input: rk0-rk1 -// te0 -// te3 as AES_KEY->rounds!!! -// s0-s3 -// maskff,twenty4,sixteen -// Output: r16,r20,r24,r28 as s0-s3 -// Clobber: r16-r31,rk0-rk1,r32-r43 -.align 32 -_ia64_AES_encrypt: -{ .mmi; alloc r16=ar.pfs,12,0,0,8 - LDKEY t0=[rk0],2*KSZ - mov pr.rot=1<<16 } -{ .mmi; LDKEY t1=[rk1],2*KSZ - add te1=1024,te0 - add te3=-3,te3 };; -{ .mib; LDKEY t2=[rk0],2*KSZ - mov ar.ec=3 } -{ .mib; LDKEY t3=[rk1],2*KSZ - add te2=2048,te0 - brp.loop.imp .Le_top,.Le_end-16 };; - -{ .mmi; xor s0=s0,t0 - xor s1=s1,t1 - mov ar.lc=te3 } -{ .mmi; xor s2=s2,t2 - xor s3=s3,t3 - add te3=3072,te0 };; - -.align 32 -.Le_top: -{ .mmi; (p0) LDKEY t0=[rk0],2*KSZ // 0/0:rk[0] - (p0) and te33=s3,maskff // 0/0:s3&0xff - (p0) extr.u te22=s2,8,8 } // 0/0:s2>>8&0xff -{ .mmi; (p0) LDKEY t1=[rk1],2*KSZ // 0/1:rk[1] - (p0) and te30=s0,maskff // 0/1:s0&0xff - (p0) shr.u te00=s0,twenty4 };; // 0/0:s0>>24 -{ .mmi; (p0) LDKEY t2=[rk0],2*KSZ // 1/2:rk[2] - (p0) shladd te33=te33,2,te3 // 1/0:te0+s0>>24 - (p0) extr.u te23=s3,8,8 } // 1/1:s3>>8&0xff -{ .mmi; (p0) LDKEY t3=[rk1],2*KSZ // 1/3:rk[3] - (p0) shladd te30=te30,2,te3 // 1/1:te3+s0 - (p0) shr.u te01=s1,twenty4 };; // 1/1:s1>>24 -{ .mmi; (p0) ld4 te33=[te33] // 2/0:te3[s3&0xff] - (p0) shladd te22=te22,2,te2 // 2/0:te2+s2>>8&0xff - (p0) extr.u te20=s0,8,8 } // 2/2:s0>>8&0xff -{ .mmi; (p0) ld4 te30=[te30] // 2/1:te3[s0] - (p0) shladd te23=te23,2,te2 // 2/1:te2+s3>>8 - (p0) shr.u te02=s2,twenty4 };; // 2/2:s2>>24 -{ .mmi; (p0) ld4 te22=[te22] // 3/0:te2[s2>>8] - (p0) shladd te20=te20,2,te2 // 3/2:te2+s0>>8 - (p0) extr.u te21=s1,8,8 } // 3/3:s1>>8&0xff -{ .mmi; (p0) ld4 te23=[te23] // 3/1:te2[s3>>8] - (p0) shladd te00=te00,2,te0 // 3/0:te0+s0>>24 - (p0) shr.u te03=s3,twenty4 };; // 3/3:s3>>24 -{ .mmi; (p0) ld4 te20=[te20] // 4/2:te2[s0>>8] - (p0) shladd te21=te21,2,te2 // 4/3:te3+s2 - (p0) extr.u te11=s1,16,8 } // 4/0:s1>>16&0xff -{ .mmi; (p0) ld4 te00=[te00] // 4/0:te0[s0>>24] - (p0) shladd te01=te01,2,te0 // 4/1:te0+s1>>24 - (p0) shr.u te13=s3,sixteen };; // 4/2:s3>>16 -{ .mmi; (p0) ld4 te21=[te21] // 5/3:te2[s1>>8] - (p0) shladd te11=te11,2,te1 // 5/0:te1+s1>>16 - (p0) extr.u te12=s2,16,8 } // 5/1:s2>>16&0xff -{ .mmi; (p0) ld4 te01=[te01] // 5/1:te0[s1>>24] - (p0) shladd te02=te02,2,te0 // 5/2:te0+s2>>24 - (p0) and te31=s1,maskff };; // 5/2:s1&0xff - -{ .mmi; (p0) ld4 te11=[te11] // 6/0:te1[s1>>16] - (p0) shladd te12=te12,2,te1 // 6/1:te1+s2>>16 - (p0) extr.u te10=s0,16,8 } // 6/3:s0>>16&0xff -{ .mmi; (p0) ld4 te02=[te02] // 6/2:te0[s2>>24] - (p0) shladd te03=te03,2,te0 // 6/3:te1+s0>>16 - (p0) and te32=s2,maskff };; // 6/3:s2&0xff -{ .mmi; (p0) ld4 te12=[te12] // 7/1:te1[s2>>16] - (p0) shladd te31=te31,2,te3 // 7/2:te3+s1&0xff - (p0) and te13=te13,maskff} // 7/2:s3>>16&0xff -{ .mmi; (p0) ld4 te03=[te03] // 7/3:te0[s3>>24] - (p0) shladd te32=te32,2,te3 // 7/3:te3+s2 - (p0) xor t0=t0,te33 };; // 7/0: -{ .mmi; (p0) ld4 te31=[te31] // 8/2:te3[s1] - (p0) shladd te13=te13,2,te1 // 8/2:te1+s3>>16 - (p0) xor t0=t0,te22 } // 8/0: -{ .mmi; (p0) ld4 te32=[te32] // 8/3:te3[s2] - (p0) shladd te10=te10,2,te1 // 8/3:te1+s0>>16 - (p0) xor t1=t1,te30 };; // 8/1: -{ .mmi; (p0) ld4 te13=[te13] // 9/2:te1[s3>>16] - (p0) xor t0=t0,te00 // 9/0: - (p0) xor t1=t1,te23 } // 9/1: -{ .mmi; (p0) ld4 te10=[te10] // 9/3:te1[s0>>16] - (p0) xor t2=t2,te20 // 9/2: - (p0) xor t3=t3,te21 };; // 9/3: -{ .mmi; (p0) xor t0=t0,te11 // 10/0:done! - (p0) xor t1=t1,te01 // 10/1: - (p0) xor t2=t2,te02 } // 10/2: -{ .mmi; (p0) xor t3=t3,te03 // 10/3: - (p16) cmp.eq p0,p17=r0,r0 };; // 10/clear (p17) -{ .mmi; (p0) xor t1=t1,te12 // 11/1:done! - (p0) xor t2=t2,te31 // 11/2: - (p0) xor t3=t3,te32 } // 11/3: -{ .mmi; (p17) add te0=4096,te0 // 11/ - (p17) add te1=4096,te1 };; // 11/ -{ .mib; (p0) xor t2=t2,te13 // 12/2:done! - (p0) xor t3=t3,te10 } // 12/3:done! -{ .mib; (p17) add te2=4096,te2 // 12/ - (p17) add te3=4096,te3 // 12/ - br.ctop.sptk .Le_top };; -.Le_end: -{ .mib; mov r16=s0 - mov r20=s1 } -{ .mib; mov r24=s2 - mov r28=s3 - br.ret.sptk b6 };; -.endp _ia64_AES_encrypt# - -// void AES_encrypt (const void *in,void *out,const AES_KEY *key); -.global AES_encrypt# -.proc AES_encrypt# -.align 32 -.skip 16 -AES_encrypt: - .prologue - .fframe 0 - .save ar.pfs,r2 - .save ar.lc,r3 -{ .mmi; alloc r2=ar.pfs,3,0,12,0 - addl out8=@ltoff(AES_Te#),gp - mov r3=ar.lc } -{ .mmi; and out0=3,in0 - ADDP in0=0,in0 - ADDP out11=KSZ*60,in2 };; // &AES_KEY->rounds - - .body -{ .mmi; ld8 out8=[out8] // Te0 - ld4 out11=[out11] // AES_KEY->rounds - mov prsave=pr } - -#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15+15 cycles... -{ .mib; cmp.ne p6,p0=out0,r0 - add out0=4,in0 -(p6) br.dpnt.many .Le_i_unaligned };; - -{ .mmi; ld4 out1=[in0],8 // s0 - and out9=3,in1 - mov twenty4=24 } -{ .mmi; ld4 out3=[out0],8 // s1 - ADDP rk0=0,in2 - mov sixteen=16 };; -{ .mmi; ld4 out5=[in0] // s2 - cmp.ne p6,p0=out9,r0 - mov maskff=0xff } -{ .mmb; ld4 out7=[out0] // s3 - ADDP rk1=KSZ,in2 - br.call.sptk.many b6=_ia64_AES_encrypt };; - -{ .mib; ADDP in0=4,in1 - ADDP in1=0,in1 -(p6) br.spnt .Le_o_unaligned };; - -{ .mii; mov ar.pfs=r2 - mov ar.lc=r3 } -{ .mmi; st4 [in1]=r16,8 // s0 - st4 [in0]=r20,8 // s1 - mov pr=prsave,0x1ffff };; -{ .mmb; st4 [in1]=r24 // s2 - st4 [in0]=r28 // s3 - br.ret.sptk.many b0 };; -#endif - -.align 32 -.Le_i_unaligned: -{ .mmi; add out0=1,in0 - add out2=2,in0 - add out4=3,in0 };; -{ .mmi; ld1 r16=[in0],4 - ld1 r17=[out0],4 }//;; -{ .mmi; ld1 r18=[out2],4 - ld1 out1=[out4],4 };; // s0 -{ .mmi; ld1 r20=[in0],4 - ld1 r21=[out0],4 }//;; -{ .mmi; ld1 r22=[out2],4 - ld1 out3=[out4],4 };; // s1 -{ .mmi; ld1 r24=[in0],4 - ld1 r25=[out0],4 }//;; -{ .mmi; ld1 r26=[out2],4 - ld1 out5=[out4],4 };; // s2 -{ .mmi; ld1 r28=[in0] - ld1 r29=[out0] }//;; -{ .mmi; ld1 r30=[out2] - ld1 out7=[out4] };; // s3 - -{ .mii; - dep out1=r16,out1,24,8 //;; - dep out3=r20,out3,24,8 }//;; -{ .mii; ADDP rk0=0,in2 - dep out5=r24,out5,24,8 //;; - dep out7=r28,out7,24,8 };; -{ .mii; ADDP rk1=KSZ,in2 - dep out1=r17,out1,16,8 //;; - dep out3=r21,out3,16,8 }//;; -{ .mii; mov twenty4=24 - dep out5=r25,out5,16,8 //;; - dep out7=r29,out7,16,8 };; -{ .mii; mov sixteen=16 - dep out1=r18,out1,8,8 //;; - dep out3=r22,out3,8,8 }//;; -{ .mii; mov maskff=0xff - dep out5=r26,out5,8,8 //;; - dep out7=r30,out7,8,8 };; - -{ .mib; br.call.sptk.many b6=_ia64_AES_encrypt };; - -.Le_o_unaligned: -{ .mii; ADDP out0=0,in1 - extr.u r17=r16,8,8 // s0 - shr.u r19=r16,twenty4 }//;; -{ .mii; ADDP out1=1,in1 - extr.u r18=r16,16,8 - shr.u r23=r20,twenty4 }//;; // s1 -{ .mii; ADDP out2=2,in1 - extr.u r21=r20,8,8 - shr.u r22=r20,sixteen }//;; -{ .mii; ADDP out3=3,in1 - extr.u r25=r24,8,8 // s2 - shr.u r27=r24,twenty4 };; -{ .mii; st1 [out3]=r16,4 - extr.u r26=r24,16,8 - shr.u r31=r28,twenty4 }//;; // s3 -{ .mii; st1 [out2]=r17,4 - extr.u r29=r28,8,8 - shr.u r30=r28,sixteen }//;; - -{ .mmi; st1 [out1]=r18,4 - st1 [out0]=r19,4 };; -{ .mmi; st1 [out3]=r20,4 - st1 [out2]=r21,4 }//;; -{ .mmi; st1 [out1]=r22,4 - st1 [out0]=r23,4 };; -{ .mmi; st1 [out3]=r24,4 - st1 [out2]=r25,4 - mov pr=prsave,0x1ffff }//;; -{ .mmi; st1 [out1]=r26,4 - st1 [out0]=r27,4 - mov ar.pfs=r2 };; -{ .mmi; st1 [out3]=r28 - st1 [out2]=r29 - mov ar.lc=r3 }//;; -{ .mmb; st1 [out1]=r30 - st1 [out0]=r31 - br.ret.sptk.many b0 };; -.endp AES_encrypt# - -// *AES_decrypt are autogenerated by the following script: -#if 0 -#!/usr/bin/env perl -print "// *AES_decrypt are autogenerated by the following script:\n#if 0\n"; -open(PROG,'<'.$0); while() { print; } close(PROG); -print "#endif\n"; -while(<>) { - $process=1 if (/\.proc\s+_ia64_AES_encrypt/); - next if (!$process); - - #s/te00=s0/td00=s0/; s/te00/td00/g; - s/te11=s1/td13=s3/; s/te11/td13/g; - #s/te22=s2/td22=s2/; s/te22/td22/g; - s/te33=s3/td31=s1/; s/te33/td31/g; - - #s/te01=s1/td01=s1/; s/te01/td01/g; - s/te12=s2/td10=s0/; s/te12/td10/g; - #s/te23=s3/td23=s3/; s/te23/td23/g; - s/te30=s0/td32=s2/; s/te30/td32/g; - - #s/te02=s2/td02=s2/; s/te02/td02/g; - s/te13=s3/td11=s1/; s/te13/td11/g; - #s/te20=s0/td20=s0/; s/te20/td20/g; - s/te31=s1/td33=s3/; s/te31/td33/g; - - #s/te03=s3/td03=s3/; s/te03/td03/g; - s/te10=s0/td12=s2/; s/te10/td12/g; - #s/te21=s1/td21=s1/; s/te21/td21/g; - s/te32=s2/td30=s0/; s/te32/td30/g; - - s/td/te/g; - - s/AES_encrypt/AES_decrypt/g; - s/\.Le_/.Ld_/g; - s/AES_Te#/AES_Td#/g; - - print; - - exit if (/\.endp\s+AES_decrypt/); -} -#endif -.proc _ia64_AES_decrypt# -// Input: rk0-rk1 -// te0 -// te3 as AES_KEY->rounds!!! -// s0-s3 -// maskff,twenty4,sixteen -// Output: r16,r20,r24,r28 as s0-s3 -// Clobber: r16-r31,rk0-rk1,r32-r43 -.align 32 -_ia64_AES_decrypt: -{ .mmi; alloc r16=ar.pfs,12,0,0,8 - LDKEY t0=[rk0],2*KSZ - mov pr.rot=1<<16 } -{ .mmi; LDKEY t1=[rk1],2*KSZ - add te1=1024,te0 - add te3=-3,te3 };; -{ .mib; LDKEY t2=[rk0],2*KSZ - mov ar.ec=3 } -{ .mib; LDKEY t3=[rk1],2*KSZ - add te2=2048,te0 - brp.loop.imp .Ld_top,.Ld_end-16 };; - -{ .mmi; xor s0=s0,t0 - xor s1=s1,t1 - mov ar.lc=te3 } -{ .mmi; xor s2=s2,t2 - xor s3=s3,t3 - add te3=3072,te0 };; - -.align 32 -.Ld_top: -{ .mmi; (p0) LDKEY t0=[rk0],2*KSZ // 0/0:rk[0] - (p0) and te31=s1,maskff // 0/0:s3&0xff - (p0) extr.u te22=s2,8,8 } // 0/0:s2>>8&0xff -{ .mmi; (p0) LDKEY t1=[rk1],2*KSZ // 0/1:rk[1] - (p0) and te32=s2,maskff // 0/1:s0&0xff - (p0) shr.u te00=s0,twenty4 };; // 0/0:s0>>24 -{ .mmi; (p0) LDKEY t2=[rk0],2*KSZ // 1/2:rk[2] - (p0) shladd te31=te31,2,te3 // 1/0:te0+s0>>24 - (p0) extr.u te23=s3,8,8 } // 1/1:s3>>8&0xff -{ .mmi; (p0) LDKEY t3=[rk1],2*KSZ // 1/3:rk[3] - (p0) shladd te32=te32,2,te3 // 1/1:te3+s0 - (p0) shr.u te01=s1,twenty4 };; // 1/1:s1>>24 -{ .mmi; (p0) ld4 te31=[te31] // 2/0:te3[s3&0xff] - (p0) shladd te22=te22,2,te2 // 2/0:te2+s2>>8&0xff - (p0) extr.u te20=s0,8,8 } // 2/2:s0>>8&0xff -{ .mmi; (p0) ld4 te32=[te32] // 2/1:te3[s0] - (p0) shladd te23=te23,2,te2 // 2/1:te2+s3>>8 - (p0) shr.u te02=s2,twenty4 };; // 2/2:s2>>24 -{ .mmi; (p0) ld4 te22=[te22] // 3/0:te2[s2>>8] - (p0) shladd te20=te20,2,te2 // 3/2:te2+s0>>8 - (p0) extr.u te21=s1,8,8 } // 3/3:s1>>8&0xff -{ .mmi; (p0) ld4 te23=[te23] // 3/1:te2[s3>>8] - (p0) shladd te00=te00,2,te0 // 3/0:te0+s0>>24 - (p0) shr.u te03=s3,twenty4 };; // 3/3:s3>>24 -{ .mmi; (p0) ld4 te20=[te20] // 4/2:te2[s0>>8] - (p0) shladd te21=te21,2,te2 // 4/3:te3+s2 - (p0) extr.u te13=s3,16,8 } // 4/0:s1>>16&0xff -{ .mmi; (p0) ld4 te00=[te00] // 4/0:te0[s0>>24] - (p0) shladd te01=te01,2,te0 // 4/1:te0+s1>>24 - (p0) shr.u te11=s1,sixteen };; // 4/2:s3>>16 -{ .mmi; (p0) ld4 te21=[te21] // 5/3:te2[s1>>8] - (p0) shladd te13=te13,2,te1 // 5/0:te1+s1>>16 - (p0) extr.u te10=s0,16,8 } // 5/1:s2>>16&0xff -{ .mmi; (p0) ld4 te01=[te01] // 5/1:te0[s1>>24] - (p0) shladd te02=te02,2,te0 // 5/2:te0+s2>>24 - (p0) and te33=s3,maskff };; // 5/2:s1&0xff - -{ .mmi; (p0) ld4 te13=[te13] // 6/0:te1[s1>>16] - (p0) shladd te10=te10,2,te1 // 6/1:te1+s2>>16 - (p0) extr.u te12=s2,16,8 } // 6/3:s0>>16&0xff -{ .mmi; (p0) ld4 te02=[te02] // 6/2:te0[s2>>24] - (p0) shladd te03=te03,2,te0 // 6/3:te1+s0>>16 - (p0) and te30=s0,maskff };; // 6/3:s2&0xff -{ .mmi; (p0) ld4 te10=[te10] // 7/1:te1[s2>>16] - (p0) shladd te33=te33,2,te3 // 7/2:te3+s1&0xff - (p0) and te11=te11,maskff} // 7/2:s3>>16&0xff -{ .mmi; (p0) ld4 te03=[te03] // 7/3:te0[s3>>24] - (p0) shladd te30=te30,2,te3 // 7/3:te3+s2 - (p0) xor t0=t0,te31 };; // 7/0: -{ .mmi; (p0) ld4 te33=[te33] // 8/2:te3[s1] - (p0) shladd te11=te11,2,te1 // 8/2:te1+s3>>16 - (p0) xor t0=t0,te22 } // 8/0: -{ .mmi; (p0) ld4 te30=[te30] // 8/3:te3[s2] - (p0) shladd te12=te12,2,te1 // 8/3:te1+s0>>16 - (p0) xor t1=t1,te32 };; // 8/1: -{ .mmi; (p0) ld4 te11=[te11] // 9/2:te1[s3>>16] - (p0) xor t0=t0,te00 // 9/0: - (p0) xor t1=t1,te23 } // 9/1: -{ .mmi; (p0) ld4 te12=[te12] // 9/3:te1[s0>>16] - (p0) xor t2=t2,te20 // 9/2: - (p0) xor t3=t3,te21 };; // 9/3: -{ .mmi; (p0) xor t0=t0,te13 // 10/0:done! - (p0) xor t1=t1,te01 // 10/1: - (p0) xor t2=t2,te02 } // 10/2: -{ .mmi; (p0) xor t3=t3,te03 // 10/3: - (p16) cmp.eq p0,p17=r0,r0 };; // 10/clear (p17) -{ .mmi; (p0) xor t1=t1,te10 // 11/1:done! - (p0) xor t2=t2,te33 // 11/2: - (p0) xor t3=t3,te30 } // 11/3: -{ .mmi; (p17) add te0=4096,te0 // 11/ - (p17) add te1=4096,te1 };; // 11/ -{ .mib; (p0) xor t2=t2,te11 // 12/2:done! - (p0) xor t3=t3,te12 } // 12/3:done! -{ .mib; (p17) add te2=4096,te2 // 12/ - (p17) add te3=4096,te3 // 12/ - br.ctop.sptk .Ld_top };; -.Ld_end: -{ .mib; mov r16=s0 - mov r20=s1 } -{ .mib; mov r24=s2 - mov r28=s3 - br.ret.sptk b6 };; -.endp _ia64_AES_decrypt# - -// void AES_decrypt (const void *in,void *out,const AES_KEY *key); -.global AES_decrypt# -.proc AES_decrypt# -.align 32 -.skip 16 -AES_decrypt: - .prologue - .fframe 0 - .save ar.pfs,r2 - .save ar.lc,r3 -{ .mmi; alloc r2=ar.pfs,3,0,12,0 - addl out8=@ltoff(AES_Td#),gp - mov r3=ar.lc } -{ .mmi; and out0=3,in0 - ADDP in0=0,in0 - ADDP out11=KSZ*60,in2 };; // &AES_KEY->rounds - - .body -{ .mmi; ld8 out8=[out8] // Te0 - ld4 out11=[out11] // AES_KEY->rounds - mov prsave=pr } - -#if defined(_HPUX_SOURCE) // HPUX is big-endian, cut 15+15 cycles... -{ .mib; cmp.ne p6,p0=out0,r0 - add out0=4,in0 -(p6) br.dpnt.many .Ld_i_unaligned };; - -{ .mmi; ld4 out1=[in0],8 // s0 - and out9=3,in1 - mov twenty4=24 } -{ .mmi; ld4 out3=[out0],8 // s1 - ADDP rk0=0,in2 - mov sixteen=16 };; -{ .mmi; ld4 out5=[in0] // s2 - cmp.ne p6,p0=out9,r0 - mov maskff=0xff } -{ .mmb; ld4 out7=[out0] // s3 - ADDP rk1=KSZ,in2 - br.call.sptk.many b6=_ia64_AES_decrypt };; - -{ .mib; ADDP in0=4,in1 - ADDP in1=0,in1 -(p6) br.spnt .Ld_o_unaligned };; - -{ .mii; mov ar.pfs=r2 - mov ar.lc=r3 } -{ .mmi; st4 [in1]=r16,8 // s0 - st4 [in0]=r20,8 // s1 - mov pr=prsave,0x1ffff };; -{ .mmb; st4 [in1]=r24 // s2 - st4 [in0]=r28 // s3 - br.ret.sptk.many b0 };; -#endif - -.align 32 -.Ld_i_unaligned: -{ .mmi; add out0=1,in0 - add out2=2,in0 - add out4=3,in0 };; -{ .mmi; ld1 r16=[in0],4 - ld1 r17=[out0],4 }//;; -{ .mmi; ld1 r18=[out2],4 - ld1 out1=[out4],4 };; // s0 -{ .mmi; ld1 r20=[in0],4 - ld1 r21=[out0],4 }//;; -{ .mmi; ld1 r22=[out2],4 - ld1 out3=[out4],4 };; // s1 -{ .mmi; ld1 r24=[in0],4 - ld1 r25=[out0],4 }//;; -{ .mmi; ld1 r26=[out2],4 - ld1 out5=[out4],4 };; // s2 -{ .mmi; ld1 r28=[in0] - ld1 r29=[out0] }//;; -{ .mmi; ld1 r30=[out2] - ld1 out7=[out4] };; // s3 - -{ .mii; - dep out1=r16,out1,24,8 //;; - dep out3=r20,out3,24,8 }//;; -{ .mii; ADDP rk0=0,in2 - dep out5=r24,out5,24,8 //;; - dep out7=r28,out7,24,8 };; -{ .mii; ADDP rk1=KSZ,in2 - dep out1=r17,out1,16,8 //;; - dep out3=r21,out3,16,8 }//;; -{ .mii; mov twenty4=24 - dep out5=r25,out5,16,8 //;; - dep out7=r29,out7,16,8 };; -{ .mii; mov sixteen=16 - dep out1=r18,out1,8,8 //;; - dep out3=r22,out3,8,8 }//;; -{ .mii; mov maskff=0xff - dep out5=r26,out5,8,8 //;; - dep out7=r30,out7,8,8 };; - -{ .mib; br.call.sptk.many b6=_ia64_AES_decrypt };; - -.Ld_o_unaligned: -{ .mii; ADDP out0=0,in1 - extr.u r17=r16,8,8 // s0 - shr.u r19=r16,twenty4 }//;; -{ .mii; ADDP out1=1,in1 - extr.u r18=r16,16,8 - shr.u r23=r20,twenty4 }//;; // s1 -{ .mii; ADDP out2=2,in1 - extr.u r21=r20,8,8 - shr.u r22=r20,sixteen }//;; -{ .mii; ADDP out3=3,in1 - extr.u r25=r24,8,8 // s2 - shr.u r27=r24,twenty4 };; -{ .mii; st1 [out3]=r16,4 - extr.u r26=r24,16,8 - shr.u r31=r28,twenty4 }//;; // s3 -{ .mii; st1 [out2]=r17,4 - extr.u r29=r28,8,8 - shr.u r30=r28,sixteen }//;; - -{ .mmi; st1 [out1]=r18,4 - st1 [out0]=r19,4 };; -{ .mmi; st1 [out3]=r20,4 - st1 [out2]=r21,4 }//;; -{ .mmi; st1 [out1]=r22,4 - st1 [out0]=r23,4 };; -{ .mmi; st1 [out3]=r24,4 - st1 [out2]=r25,4 - mov pr=prsave,0x1ffff }//;; -{ .mmi; st1 [out1]=r26,4 - st1 [out0]=r27,4 - mov ar.pfs=r2 };; -{ .mmi; st1 [out3]=r28 - st1 [out2]=r29 - mov ar.lc=r3 }//;; -{ .mmb; st1 [out1]=r30 - st1 [out0]=r31 - br.ret.sptk.many b0 };; -.endp AES_decrypt# - -// leave it in .text segment... -.align 64 -.global AES_Te# -.type AES_Te#,@object -AES_Te: data4 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d - data4 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 - data4 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d - data4 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a - data4 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 - data4 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b - data4 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea - data4 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b - data4 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a - data4 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f - data4 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 - data4 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f - data4 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e - data4 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 - data4 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d - data4 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f - data4 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e - data4 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb - data4 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce - data4 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 - data4 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c - data4 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed - data4 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b - data4 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a - data4 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 - data4 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 - data4 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 - data4 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 - data4 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a - data4 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 - data4 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 - data4 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d - data4 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f - data4 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 - data4 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 - data4 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 - data4 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f - data4 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 - data4 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c - data4 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 - data4 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e - data4 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 - data4 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 - data4 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b - data4 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 - data4 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 - data4 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 - data4 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 - data4 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 - data4 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 - data4 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 - data4 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 - data4 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa - data4 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 - data4 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 - data4 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 - data4 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 - data4 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 - data4 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 - data4 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a - data4 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 - data4 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 - data4 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 - data4 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a -// Te1: - data4 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b - data4 0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5 - data4 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b - data4 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676 - data4 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d - data4 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0 - data4 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf - data4 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0 - data4 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626 - data4 0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc - data4 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1 - data4 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515 - data4 0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3 - data4 0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a - data4 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2 - data4 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575 - data4 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a - data4 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0 - data4 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3 - data4 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484 - data4 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded - data4 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b - data4 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939 - data4 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf - data4 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb - data4 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585 - data4 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f - data4 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8 - data4 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f - data4 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5 - data4 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121 - data4 0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2 - data4 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec - data4 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717 - data4 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d - data4 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373 - data4 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc - data4 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888 - data4 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414 - data4 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb - data4 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a - data4 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c - data4 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262 - data4 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979 - data4 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d - data4 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9 - data4 0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea - data4 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808 - data4 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e - data4 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6 - data4 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f - data4 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a - data4 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666 - data4 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e - data4 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9 - data4 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e - data4 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111 - data4 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494 - data4 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9 - data4 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf - data4 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d - data4 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868 - data4 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f - data4 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616 -// Te2: - data4 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b - data4 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5 - data4 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b - data4 0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76 - data4 0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d - data4 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0 - data4 0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af - data4 0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0 - data4 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26 - data4 0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc - data4 0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1 - data4 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15 - data4 0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3 - data4 0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a - data4 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2 - data4 0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75 - data4 0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a - data4 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0 - data4 0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3 - data4 0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384 - data4 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed - data4 0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b - data4 0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239 - data4 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf - data4 0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb - data4 0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185 - data4 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f - data4 0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8 - data4 0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f - data4 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5 - data4 0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221 - data4 0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2 - data4 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec - data4 0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17 - data4 0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d - data4 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673 - data4 0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc - data4 0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88 - data4 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814 - data4 0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb - data4 0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a - data4 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c - data4 0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462 - data4 0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279 - data4 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d - data4 0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9 - data4 0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea - data4 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008 - data4 0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e - data4 0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6 - data4 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f - data4 0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a - data4 0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66 - data4 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e - data4 0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9 - data4 0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e - data4 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211 - data4 0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394 - data4 0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9 - data4 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df - data4 0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d - data4 0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068 - data4 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f - data4 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16 -// Te3: - data4 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6 - data4 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491 - data4 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56 - data4 0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec - data4 0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa - data4 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb - data4 0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45 - data4 0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b - data4 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c - data4 0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83 - data4 0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9 - data4 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a - data4 0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d - data4 0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f - data4 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf - data4 0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea - data4 0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34 - data4 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b - data4 0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d - data4 0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713 - data4 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1 - data4 0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6 - data4 0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72 - data4 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85 - data4 0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed - data4 0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411 - data4 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe - data4 0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b - data4 0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05 - data4 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1 - data4 0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342 - data4 0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf - data4 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3 - data4 0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e - data4 0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a - data4 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6 - data4 0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3 - data4 0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b - data4 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28 - data4 0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad - data4 0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14 - data4 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8 - data4 0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4 - data4 0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2 - data4 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da - data4 0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049 - data4 0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf - data4 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810 - data4 0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c - data4 0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197 - data4 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e - data4 0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f - data4 0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc - data4 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c - data4 0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069 - data4 0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927 - data4 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322 - data4 0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733 - data4 0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9 - data4 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5 - data4 0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a - data4 0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0 - data4 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e - data4 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c -// Te4: - data4 0x63000000, 0x7c000000, 0x77000000, 0x7b000000 - data4 0xf2000000, 0x6b000000, 0x6f000000, 0xc5000000 - data4 0x30000000, 0x01000000, 0x67000000, 0x2b000000 - data4 0xfe000000, 0xd7000000, 0xab000000, 0x76000000 - data4 0xca000000, 0x82000000, 0xc9000000, 0x7d000000 - data4 0xfa000000, 0x59000000, 0x47000000, 0xf0000000 - data4 0xad000000, 0xd4000000, 0xa2000000, 0xaf000000 - data4 0x9c000000, 0xa4000000, 0x72000000, 0xc0000000 - data4 0xb7000000, 0xfd000000, 0x93000000, 0x26000000 - data4 0x36000000, 0x3f000000, 0xf7000000, 0xcc000000 - data4 0x34000000, 0xa5000000, 0xe5000000, 0xf1000000 - data4 0x71000000, 0xd8000000, 0x31000000, 0x15000000 - data4 0x04000000, 0xc7000000, 0x23000000, 0xc3000000 - data4 0x18000000, 0x96000000, 0x05000000, 0x9a000000 - data4 0x07000000, 0x12000000, 0x80000000, 0xe2000000 - data4 0xeb000000, 0x27000000, 0xb2000000, 0x75000000 - data4 0x09000000, 0x83000000, 0x2c000000, 0x1a000000 - data4 0x1b000000, 0x6e000000, 0x5a000000, 0xa0000000 - data4 0x52000000, 0x3b000000, 0xd6000000, 0xb3000000 - data4 0x29000000, 0xe3000000, 0x2f000000, 0x84000000 - data4 0x53000000, 0xd1000000, 0x00000000, 0xed000000 - data4 0x20000000, 0xfc000000, 0xb1000000, 0x5b000000 - data4 0x6a000000, 0xcb000000, 0xbe000000, 0x39000000 - data4 0x4a000000, 0x4c000000, 0x58000000, 0xcf000000 - data4 0xd0000000, 0xef000000, 0xaa000000, 0xfb000000 - data4 0x43000000, 0x4d000000, 0x33000000, 0x85000000 - data4 0x45000000, 0xf9000000, 0x02000000, 0x7f000000 - data4 0x50000000, 0x3c000000, 0x9f000000, 0xa8000000 - data4 0x51000000, 0xa3000000, 0x40000000, 0x8f000000 - data4 0x92000000, 0x9d000000, 0x38000000, 0xf5000000 - data4 0xbc000000, 0xb6000000, 0xda000000, 0x21000000 - data4 0x10000000, 0xff000000, 0xf3000000, 0xd2000000 - data4 0xcd000000, 0x0c000000, 0x13000000, 0xec000000 - data4 0x5f000000, 0x97000000, 0x44000000, 0x17000000 - data4 0xc4000000, 0xa7000000, 0x7e000000, 0x3d000000 - data4 0x64000000, 0x5d000000, 0x19000000, 0x73000000 - data4 0x60000000, 0x81000000, 0x4f000000, 0xdc000000 - data4 0x22000000, 0x2a000000, 0x90000000, 0x88000000 - data4 0x46000000, 0xee000000, 0xb8000000, 0x14000000 - data4 0xde000000, 0x5e000000, 0x0b000000, 0xdb000000 - data4 0xe0000000, 0x32000000, 0x3a000000, 0x0a000000 - data4 0x49000000, 0x06000000, 0x24000000, 0x5c000000 - data4 0xc2000000, 0xd3000000, 0xac000000, 0x62000000 - data4 0x91000000, 0x95000000, 0xe4000000, 0x79000000 - data4 0xe7000000, 0xc8000000, 0x37000000, 0x6d000000 - data4 0x8d000000, 0xd5000000, 0x4e000000, 0xa9000000 - data4 0x6c000000, 0x56000000, 0xf4000000, 0xea000000 - data4 0x65000000, 0x7a000000, 0xae000000, 0x08000000 - data4 0xba000000, 0x78000000, 0x25000000, 0x2e000000 - data4 0x1c000000, 0xa6000000, 0xb4000000, 0xc6000000 - data4 0xe8000000, 0xdd000000, 0x74000000, 0x1f000000 - data4 0x4b000000, 0xbd000000, 0x8b000000, 0x8a000000 - data4 0x70000000, 0x3e000000, 0xb5000000, 0x66000000 - data4 0x48000000, 0x03000000, 0xf6000000, 0x0e000000 - data4 0x61000000, 0x35000000, 0x57000000, 0xb9000000 - data4 0x86000000, 0xc1000000, 0x1d000000, 0x9e000000 - data4 0xe1000000, 0xf8000000, 0x98000000, 0x11000000 - data4 0x69000000, 0xd9000000, 0x8e000000, 0x94000000 - data4 0x9b000000, 0x1e000000, 0x87000000, 0xe9000000 - data4 0xce000000, 0x55000000, 0x28000000, 0xdf000000 - data4 0x8c000000, 0xa1000000, 0x89000000, 0x0d000000 - data4 0xbf000000, 0xe6000000, 0x42000000, 0x68000000 - data4 0x41000000, 0x99000000, 0x2d000000, 0x0f000000 - data4 0xb0000000, 0x54000000, 0xbb000000, 0x16000000 -// Te5: - data4 0x00630000, 0x007c0000, 0x00770000, 0x007b0000 - data4 0x00f20000, 0x006b0000, 0x006f0000, 0x00c50000 - data4 0x00300000, 0x00010000, 0x00670000, 0x002b0000 - data4 0x00fe0000, 0x00d70000, 0x00ab0000, 0x00760000 - data4 0x00ca0000, 0x00820000, 0x00c90000, 0x007d0000 - data4 0x00fa0000, 0x00590000, 0x00470000, 0x00f00000 - data4 0x00ad0000, 0x00d40000, 0x00a20000, 0x00af0000 - data4 0x009c0000, 0x00a40000, 0x00720000, 0x00c00000 - data4 0x00b70000, 0x00fd0000, 0x00930000, 0x00260000 - data4 0x00360000, 0x003f0000, 0x00f70000, 0x00cc0000 - data4 0x00340000, 0x00a50000, 0x00e50000, 0x00f10000 - data4 0x00710000, 0x00d80000, 0x00310000, 0x00150000 - data4 0x00040000, 0x00c70000, 0x00230000, 0x00c30000 - data4 0x00180000, 0x00960000, 0x00050000, 0x009a0000 - data4 0x00070000, 0x00120000, 0x00800000, 0x00e20000 - data4 0x00eb0000, 0x00270000, 0x00b20000, 0x00750000 - data4 0x00090000, 0x00830000, 0x002c0000, 0x001a0000 - data4 0x001b0000, 0x006e0000, 0x005a0000, 0x00a00000 - data4 0x00520000, 0x003b0000, 0x00d60000, 0x00b30000 - data4 0x00290000, 0x00e30000, 0x002f0000, 0x00840000 - data4 0x00530000, 0x00d10000, 0x00000000, 0x00ed0000 - data4 0x00200000, 0x00fc0000, 0x00b10000, 0x005b0000 - data4 0x006a0000, 0x00cb0000, 0x00be0000, 0x00390000 - data4 0x004a0000, 0x004c0000, 0x00580000, 0x00cf0000 - data4 0x00d00000, 0x00ef0000, 0x00aa0000, 0x00fb0000 - data4 0x00430000, 0x004d0000, 0x00330000, 0x00850000 - data4 0x00450000, 0x00f90000, 0x00020000, 0x007f0000 - data4 0x00500000, 0x003c0000, 0x009f0000, 0x00a80000 - data4 0x00510000, 0x00a30000, 0x00400000, 0x008f0000 - data4 0x00920000, 0x009d0000, 0x00380000, 0x00f50000 - data4 0x00bc0000, 0x00b60000, 0x00da0000, 0x00210000 - data4 0x00100000, 0x00ff0000, 0x00f30000, 0x00d20000 - data4 0x00cd0000, 0x000c0000, 0x00130000, 0x00ec0000 - data4 0x005f0000, 0x00970000, 0x00440000, 0x00170000 - data4 0x00c40000, 0x00a70000, 0x007e0000, 0x003d0000 - data4 0x00640000, 0x005d0000, 0x00190000, 0x00730000 - data4 0x00600000, 0x00810000, 0x004f0000, 0x00dc0000 - data4 0x00220000, 0x002a0000, 0x00900000, 0x00880000 - data4 0x00460000, 0x00ee0000, 0x00b80000, 0x00140000 - data4 0x00de0000, 0x005e0000, 0x000b0000, 0x00db0000 - data4 0x00e00000, 0x00320000, 0x003a0000, 0x000a0000 - data4 0x00490000, 0x00060000, 0x00240000, 0x005c0000 - data4 0x00c20000, 0x00d30000, 0x00ac0000, 0x00620000 - data4 0x00910000, 0x00950000, 0x00e40000, 0x00790000 - data4 0x00e70000, 0x00c80000, 0x00370000, 0x006d0000 - data4 0x008d0000, 0x00d50000, 0x004e0000, 0x00a90000 - data4 0x006c0000, 0x00560000, 0x00f40000, 0x00ea0000 - data4 0x00650000, 0x007a0000, 0x00ae0000, 0x00080000 - data4 0x00ba0000, 0x00780000, 0x00250000, 0x002e0000 - data4 0x001c0000, 0x00a60000, 0x00b40000, 0x00c60000 - data4 0x00e80000, 0x00dd0000, 0x00740000, 0x001f0000 - data4 0x004b0000, 0x00bd0000, 0x008b0000, 0x008a0000 - data4 0x00700000, 0x003e0000, 0x00b50000, 0x00660000 - data4 0x00480000, 0x00030000, 0x00f60000, 0x000e0000 - data4 0x00610000, 0x00350000, 0x00570000, 0x00b90000 - data4 0x00860000, 0x00c10000, 0x001d0000, 0x009e0000 - data4 0x00e10000, 0x00f80000, 0x00980000, 0x00110000 - data4 0x00690000, 0x00d90000, 0x008e0000, 0x00940000 - data4 0x009b0000, 0x001e0000, 0x00870000, 0x00e90000 - data4 0x00ce0000, 0x00550000, 0x00280000, 0x00df0000 - data4 0x008c0000, 0x00a10000, 0x00890000, 0x000d0000 - data4 0x00bf0000, 0x00e60000, 0x00420000, 0x00680000 - data4 0x00410000, 0x00990000, 0x002d0000, 0x000f0000 - data4 0x00b00000, 0x00540000, 0x00bb0000, 0x00160000 -// Te6: - data4 0x00006300, 0x00007c00, 0x00007700, 0x00007b00 - data4 0x0000f200, 0x00006b00, 0x00006f00, 0x0000c500 - data4 0x00003000, 0x00000100, 0x00006700, 0x00002b00 - data4 0x0000fe00, 0x0000d700, 0x0000ab00, 0x00007600 - data4 0x0000ca00, 0x00008200, 0x0000c900, 0x00007d00 - data4 0x0000fa00, 0x00005900, 0x00004700, 0x0000f000 - data4 0x0000ad00, 0x0000d400, 0x0000a200, 0x0000af00 - data4 0x00009c00, 0x0000a400, 0x00007200, 0x0000c000 - data4 0x0000b700, 0x0000fd00, 0x00009300, 0x00002600 - data4 0x00003600, 0x00003f00, 0x0000f700, 0x0000cc00 - data4 0x00003400, 0x0000a500, 0x0000e500, 0x0000f100 - data4 0x00007100, 0x0000d800, 0x00003100, 0x00001500 - data4 0x00000400, 0x0000c700, 0x00002300, 0x0000c300 - data4 0x00001800, 0x00009600, 0x00000500, 0x00009a00 - data4 0x00000700, 0x00001200, 0x00008000, 0x0000e200 - data4 0x0000eb00, 0x00002700, 0x0000b200, 0x00007500 - data4 0x00000900, 0x00008300, 0x00002c00, 0x00001a00 - data4 0x00001b00, 0x00006e00, 0x00005a00, 0x0000a000 - data4 0x00005200, 0x00003b00, 0x0000d600, 0x0000b300 - data4 0x00002900, 0x0000e300, 0x00002f00, 0x00008400 - data4 0x00005300, 0x0000d100, 0x00000000, 0x0000ed00 - data4 0x00002000, 0x0000fc00, 0x0000b100, 0x00005b00 - data4 0x00006a00, 0x0000cb00, 0x0000be00, 0x00003900 - data4 0x00004a00, 0x00004c00, 0x00005800, 0x0000cf00 - data4 0x0000d000, 0x0000ef00, 0x0000aa00, 0x0000fb00 - data4 0x00004300, 0x00004d00, 0x00003300, 0x00008500 - data4 0x00004500, 0x0000f900, 0x00000200, 0x00007f00 - data4 0x00005000, 0x00003c00, 0x00009f00, 0x0000a800 - data4 0x00005100, 0x0000a300, 0x00004000, 0x00008f00 - data4 0x00009200, 0x00009d00, 0x00003800, 0x0000f500 - data4 0x0000bc00, 0x0000b600, 0x0000da00, 0x00002100 - data4 0x00001000, 0x0000ff00, 0x0000f300, 0x0000d200 - data4 0x0000cd00, 0x00000c00, 0x00001300, 0x0000ec00 - data4 0x00005f00, 0x00009700, 0x00004400, 0x00001700 - data4 0x0000c400, 0x0000a700, 0x00007e00, 0x00003d00 - data4 0x00006400, 0x00005d00, 0x00001900, 0x00007300 - data4 0x00006000, 0x00008100, 0x00004f00, 0x0000dc00 - data4 0x00002200, 0x00002a00, 0x00009000, 0x00008800 - data4 0x00004600, 0x0000ee00, 0x0000b800, 0x00001400 - data4 0x0000de00, 0x00005e00, 0x00000b00, 0x0000db00 - data4 0x0000e000, 0x00003200, 0x00003a00, 0x00000a00 - data4 0x00004900, 0x00000600, 0x00002400, 0x00005c00 - data4 0x0000c200, 0x0000d300, 0x0000ac00, 0x00006200 - data4 0x00009100, 0x00009500, 0x0000e400, 0x00007900 - data4 0x0000e700, 0x0000c800, 0x00003700, 0x00006d00 - data4 0x00008d00, 0x0000d500, 0x00004e00, 0x0000a900 - data4 0x00006c00, 0x00005600, 0x0000f400, 0x0000ea00 - data4 0x00006500, 0x00007a00, 0x0000ae00, 0x00000800 - data4 0x0000ba00, 0x00007800, 0x00002500, 0x00002e00 - data4 0x00001c00, 0x0000a600, 0x0000b400, 0x0000c600 - data4 0x0000e800, 0x0000dd00, 0x00007400, 0x00001f00 - data4 0x00004b00, 0x0000bd00, 0x00008b00, 0x00008a00 - data4 0x00007000, 0x00003e00, 0x0000b500, 0x00006600 - data4 0x00004800, 0x00000300, 0x0000f600, 0x00000e00 - data4 0x00006100, 0x00003500, 0x00005700, 0x0000b900 - data4 0x00008600, 0x0000c100, 0x00001d00, 0x00009e00 - data4 0x0000e100, 0x0000f800, 0x00009800, 0x00001100 - data4 0x00006900, 0x0000d900, 0x00008e00, 0x00009400 - data4 0x00009b00, 0x00001e00, 0x00008700, 0x0000e900 - data4 0x0000ce00, 0x00005500, 0x00002800, 0x0000df00 - data4 0x00008c00, 0x0000a100, 0x00008900, 0x00000d00 - data4 0x0000bf00, 0x0000e600, 0x00004200, 0x00006800 - data4 0x00004100, 0x00009900, 0x00002d00, 0x00000f00 - data4 0x0000b000, 0x00005400, 0x0000bb00, 0x00001600 -// Te7: - data4 0x00000063, 0x0000007c, 0x00000077, 0x0000007b - data4 0x000000f2, 0x0000006b, 0x0000006f, 0x000000c5 - data4 0x00000030, 0x00000001, 0x00000067, 0x0000002b - data4 0x000000fe, 0x000000d7, 0x000000ab, 0x00000076 - data4 0x000000ca, 0x00000082, 0x000000c9, 0x0000007d - data4 0x000000fa, 0x00000059, 0x00000047, 0x000000f0 - data4 0x000000ad, 0x000000d4, 0x000000a2, 0x000000af - data4 0x0000009c, 0x000000a4, 0x00000072, 0x000000c0 - data4 0x000000b7, 0x000000fd, 0x00000093, 0x00000026 - data4 0x00000036, 0x0000003f, 0x000000f7, 0x000000cc - data4 0x00000034, 0x000000a5, 0x000000e5, 0x000000f1 - data4 0x00000071, 0x000000d8, 0x00000031, 0x00000015 - data4 0x00000004, 0x000000c7, 0x00000023, 0x000000c3 - data4 0x00000018, 0x00000096, 0x00000005, 0x0000009a - data4 0x00000007, 0x00000012, 0x00000080, 0x000000e2 - data4 0x000000eb, 0x00000027, 0x000000b2, 0x00000075 - data4 0x00000009, 0x00000083, 0x0000002c, 0x0000001a - data4 0x0000001b, 0x0000006e, 0x0000005a, 0x000000a0 - data4 0x00000052, 0x0000003b, 0x000000d6, 0x000000b3 - data4 0x00000029, 0x000000e3, 0x0000002f, 0x00000084 - data4 0x00000053, 0x000000d1, 0x00000000, 0x000000ed - data4 0x00000020, 0x000000fc, 0x000000b1, 0x0000005b - data4 0x0000006a, 0x000000cb, 0x000000be, 0x00000039 - data4 0x0000004a, 0x0000004c, 0x00000058, 0x000000cf - data4 0x000000d0, 0x000000ef, 0x000000aa, 0x000000fb - data4 0x00000043, 0x0000004d, 0x00000033, 0x00000085 - data4 0x00000045, 0x000000f9, 0x00000002, 0x0000007f - data4 0x00000050, 0x0000003c, 0x0000009f, 0x000000a8 - data4 0x00000051, 0x000000a3, 0x00000040, 0x0000008f - data4 0x00000092, 0x0000009d, 0x00000038, 0x000000f5 - data4 0x000000bc, 0x000000b6, 0x000000da, 0x00000021 - data4 0x00000010, 0x000000ff, 0x000000f3, 0x000000d2 - data4 0x000000cd, 0x0000000c, 0x00000013, 0x000000ec - data4 0x0000005f, 0x00000097, 0x00000044, 0x00000017 - data4 0x000000c4, 0x000000a7, 0x0000007e, 0x0000003d - data4 0x00000064, 0x0000005d, 0x00000019, 0x00000073 - data4 0x00000060, 0x00000081, 0x0000004f, 0x000000dc - data4 0x00000022, 0x0000002a, 0x00000090, 0x00000088 - data4 0x00000046, 0x000000ee, 0x000000b8, 0x00000014 - data4 0x000000de, 0x0000005e, 0x0000000b, 0x000000db - data4 0x000000e0, 0x00000032, 0x0000003a, 0x0000000a - data4 0x00000049, 0x00000006, 0x00000024, 0x0000005c - data4 0x000000c2, 0x000000d3, 0x000000ac, 0x00000062 - data4 0x00000091, 0x00000095, 0x000000e4, 0x00000079 - data4 0x000000e7, 0x000000c8, 0x00000037, 0x0000006d - data4 0x0000008d, 0x000000d5, 0x0000004e, 0x000000a9 - data4 0x0000006c, 0x00000056, 0x000000f4, 0x000000ea - data4 0x00000065, 0x0000007a, 0x000000ae, 0x00000008 - data4 0x000000ba, 0x00000078, 0x00000025, 0x0000002e - data4 0x0000001c, 0x000000a6, 0x000000b4, 0x000000c6 - data4 0x000000e8, 0x000000dd, 0x00000074, 0x0000001f - data4 0x0000004b, 0x000000bd, 0x0000008b, 0x0000008a - data4 0x00000070, 0x0000003e, 0x000000b5, 0x00000066 - data4 0x00000048, 0x00000003, 0x000000f6, 0x0000000e - data4 0x00000061, 0x00000035, 0x00000057, 0x000000b9 - data4 0x00000086, 0x000000c1, 0x0000001d, 0x0000009e - data4 0x000000e1, 0x000000f8, 0x00000098, 0x00000011 - data4 0x00000069, 0x000000d9, 0x0000008e, 0x00000094 - data4 0x0000009b, 0x0000001e, 0x00000087, 0x000000e9 - data4 0x000000ce, 0x00000055, 0x00000028, 0x000000df - data4 0x0000008c, 0x000000a1, 0x00000089, 0x0000000d - data4 0x000000bf, 0x000000e6, 0x00000042, 0x00000068 - data4 0x00000041, 0x00000099, 0x0000002d, 0x0000000f - data4 0x000000b0, 0x00000054, 0x000000bb, 0x00000016 -.size AES_Te#,8*256*4 // HP-UX assembler fails to ".-AES_Te#" - -.align 64 -.global AES_Td# -.type AES_Td#,@object -AES_Td: data4 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 - data4 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 - data4 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 - data4 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f - data4 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 - data4 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 - data4 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da - data4 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 - data4 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd - data4 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 - data4 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 - data4 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 - data4 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 - data4 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a - data4 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 - data4 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c - data4 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 - data4 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a - data4 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 - data4 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 - data4 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 - data4 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff - data4 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 - data4 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb - data4 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 - data4 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e - data4 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 - data4 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a - data4 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e - data4 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 - data4 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d - data4 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 - data4 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd - data4 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 - data4 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 - data4 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 - data4 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d - data4 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 - data4 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 - data4 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef - data4 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 - data4 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 - data4 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 - data4 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 - data4 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 - data4 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b - data4 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 - data4 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 - data4 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 - data4 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 - data4 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 - data4 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f - data4 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df - data4 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f - data4 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e - data4 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 - data4 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 - data4 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c - data4 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf - data4 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 - data4 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f - data4 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 - data4 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 - data4 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 -// Td1: - data4 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e - data4 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303 - data4 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c - data4 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3 - data4 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0 - data4 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9 - data4 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259 - data4 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8 - data4 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971 - data4 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a - data4 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f - data4 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b - data4 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8 - data4 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab - data4 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708 - data4 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682 - data4 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2 - data4 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe - data4 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb - data4 0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10 - data4 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd - data4 0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015 - data4 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e - data4 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee - data4 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000 - data4 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72 - data4 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39 - data4 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e - data4 0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91 - data4 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a - data4 0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17 - data4 0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9 - data4 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60 - data4 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e - data4 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1 - data4 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611 - data4 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1 - data4 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3 - data4 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964 - data4 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390 - data4 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b - data4 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf - data4 0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46 - data4 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af - data4 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512 - data4 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb - data4 0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a - data4 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8 - data4 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c - data4 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266 - data4 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8 - data4 0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6 - data4 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604 - data4 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551 - data4 0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41 - data4 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647 - data4 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c - data4 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1 - data4 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737 - data4 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db - data4 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340 - data4 0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95 - data4 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1 - data4 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857 -// Td2: - data4 0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27 - data4 0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x03934be3 - data4 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502 - data4 0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562 - data4 0x5a49deb1, 0x1b6725ba, 0x0e9845ea, 0xc0e15dfe - data4 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3 - data4 0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552 - data4 0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9 - data4 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9 - data4 0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce - data4 0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253 - data4 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908 - data4 0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b - data4 0xd323ab73, 0x02e2724b, 0x8f57e31f, 0xab2a6655 - data4 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337 - data4 0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16 - data4 0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69 - data4 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6 - data4 0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6 - data4 0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e - data4 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6 - data4 0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050 - data4 0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9 - data4 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8 - data4 0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000 - data4 0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a - data4 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d - data4 0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436 - data4 0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b - data4 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12 - data4 0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b - data4 0x0d0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e - data4 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f - data4 0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb - data4 0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4 - data4 0xdccad731, 0x85104263, 0x22401397, 0x112084c6 - data4 0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729 - data4 0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1 - data4 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9 - data4 0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233 - data4 0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0x0b3698d4 - data4 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad - data4 0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e - data4 0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3 - data4 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25 - data4 0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b - data4 0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f - data4 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15 - data4 0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0 - data4 0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2 - data4 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7 - data4 0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791 - data4 0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x04dfe496 - data4 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665 - data4 0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b - data4 0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6 - data4 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13 - data4 0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47 - data4 0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7 - data4 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844 - data4 0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3 - data4 0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d - data4 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456 - data4 0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8 -// Td3: - data4 0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a - data4 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b - data4 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5 - data4 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5 - data4 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d - data4 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b - data4 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95 - data4 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e - data4 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27 - data4 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d - data4 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562 - data4 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9 - data4 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752 - data4 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66 - data4 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3 - data4 0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced - data4 0xcf1c2b8a, 0x79b492a7, 0x07f2f0f3, 0x69e2a14e - data4 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4 - data4 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4 - data4 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd - data4 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d - data4 0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60 - data4 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767 - data4 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79 - data4 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000 - data4 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c - data4 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736 - data4 0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24 - data4 0x0a67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b - data4 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c - data4 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12 - data4 0x090d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814 - data4 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3 - data4 0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b - data4 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8 - data4 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084 - data4 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7 - data4 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077 - data4 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247 - data4 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22 - data4 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698 - data4 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f - data4 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254 - data4 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582 - data4 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf - data4 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb - data4 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883 - data4 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef - data4 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629 - data4 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035 - data4 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533 - data4 0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17 - data4 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4 - data4 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46 - data4 0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb - data4 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d - data4 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb - data4 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a - data4 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73 - data4 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678 - data4 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2 - data4 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0x0d9541ff - data4 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064 - data4 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0 -// Td4: - data4 0x52000000, 0x09000000, 0x6a000000, 0xd5000000 - data4 0x30000000, 0x36000000, 0xa5000000, 0x38000000 - data4 0xbf000000, 0x40000000, 0xa3000000, 0x9e000000 - data4 0x81000000, 0xf3000000, 0xd7000000, 0xfb000000 - data4 0x7c000000, 0xe3000000, 0x39000000, 0x82000000 - data4 0x9b000000, 0x2f000000, 0xff000000, 0x87000000 - data4 0x34000000, 0x8e000000, 0x43000000, 0x44000000 - data4 0xc4000000, 0xde000000, 0xe9000000, 0xcb000000 - data4 0x54000000, 0x7b000000, 0x94000000, 0x32000000 - data4 0xa6000000, 0xc2000000, 0x23000000, 0x3d000000 - data4 0xee000000, 0x4c000000, 0x95000000, 0x0b000000 - data4 0x42000000, 0xfa000000, 0xc3000000, 0x4e000000 - data4 0x08000000, 0x2e000000, 0xa1000000, 0x66000000 - data4 0x28000000, 0xd9000000, 0x24000000, 0xb2000000 - data4 0x76000000, 0x5b000000, 0xa2000000, 0x49000000 - data4 0x6d000000, 0x8b000000, 0xd1000000, 0x25000000 - data4 0x72000000, 0xf8000000, 0xf6000000, 0x64000000 - data4 0x86000000, 0x68000000, 0x98000000, 0x16000000 - data4 0xd4000000, 0xa4000000, 0x5c000000, 0xcc000000 - data4 0x5d000000, 0x65000000, 0xb6000000, 0x92000000 - data4 0x6c000000, 0x70000000, 0x48000000, 0x50000000 - data4 0xfd000000, 0xed000000, 0xb9000000, 0xda000000 - data4 0x5e000000, 0x15000000, 0x46000000, 0x57000000 - data4 0xa7000000, 0x8d000000, 0x9d000000, 0x84000000 - data4 0x90000000, 0xd8000000, 0xab000000, 0x00000000 - data4 0x8c000000, 0xbc000000, 0xd3000000, 0x0a000000 - data4 0xf7000000, 0xe4000000, 0x58000000, 0x05000000 - data4 0xb8000000, 0xb3000000, 0x45000000, 0x06000000 - data4 0xd0000000, 0x2c000000, 0x1e000000, 0x8f000000 - data4 0xca000000, 0x3f000000, 0x0f000000, 0x02000000 - data4 0xc1000000, 0xaf000000, 0xbd000000, 0x03000000 - data4 0x01000000, 0x13000000, 0x8a000000, 0x6b000000 - data4 0x3a000000, 0x91000000, 0x11000000, 0x41000000 - data4 0x4f000000, 0x67000000, 0xdc000000, 0xea000000 - data4 0x97000000, 0xf2000000, 0xcf000000, 0xce000000 - data4 0xf0000000, 0xb4000000, 0xe6000000, 0x73000000 - data4 0x96000000, 0xac000000, 0x74000000, 0x22000000 - data4 0xe7000000, 0xad000000, 0x35000000, 0x85000000 - data4 0xe2000000, 0xf9000000, 0x37000000, 0xe8000000 - data4 0x1c000000, 0x75000000, 0xdf000000, 0x6e000000 - data4 0x47000000, 0xf1000000, 0x1a000000, 0x71000000 - data4 0x1d000000, 0x29000000, 0xc5000000, 0x89000000 - data4 0x6f000000, 0xb7000000, 0x62000000, 0x0e000000 - data4 0xaa000000, 0x18000000, 0xbe000000, 0x1b000000 - data4 0xfc000000, 0x56000000, 0x3e000000, 0x4b000000 - data4 0xc6000000, 0xd2000000, 0x79000000, 0x20000000 - data4 0x9a000000, 0xdb000000, 0xc0000000, 0xfe000000 - data4 0x78000000, 0xcd000000, 0x5a000000, 0xf4000000 - data4 0x1f000000, 0xdd000000, 0xa8000000, 0x33000000 - data4 0x88000000, 0x07000000, 0xc7000000, 0x31000000 - data4 0xb1000000, 0x12000000, 0x10000000, 0x59000000 - data4 0x27000000, 0x80000000, 0xec000000, 0x5f000000 - data4 0x60000000, 0x51000000, 0x7f000000, 0xa9000000 - data4 0x19000000, 0xb5000000, 0x4a000000, 0x0d000000 - data4 0x2d000000, 0xe5000000, 0x7a000000, 0x9f000000 - data4 0x93000000, 0xc9000000, 0x9c000000, 0xef000000 - data4 0xa0000000, 0xe0000000, 0x3b000000, 0x4d000000 - data4 0xae000000, 0x2a000000, 0xf5000000, 0xb0000000 - data4 0xc8000000, 0xeb000000, 0xbb000000, 0x3c000000 - data4 0x83000000, 0x53000000, 0x99000000, 0x61000000 - data4 0x17000000, 0x2b000000, 0x04000000, 0x7e000000 - data4 0xba000000, 0x77000000, 0xd6000000, 0x26000000 - data4 0xe1000000, 0x69000000, 0x14000000, 0x63000000 - data4 0x55000000, 0x21000000, 0x0c000000, 0x7d000000 -// Td5: - data4 0x00520000, 0x00090000, 0x006a0000, 0x00d50000 - data4 0x00300000, 0x00360000, 0x00a50000, 0x00380000 - data4 0x00bf0000, 0x00400000, 0x00a30000, 0x009e0000 - data4 0x00810000, 0x00f30000, 0x00d70000, 0x00fb0000 - data4 0x007c0000, 0x00e30000, 0x00390000, 0x00820000 - data4 0x009b0000, 0x002f0000, 0x00ff0000, 0x00870000 - data4 0x00340000, 0x008e0000, 0x00430000, 0x00440000 - data4 0x00c40000, 0x00de0000, 0x00e90000, 0x00cb0000 - data4 0x00540000, 0x007b0000, 0x00940000, 0x00320000 - data4 0x00a60000, 0x00c20000, 0x00230000, 0x003d0000 - data4 0x00ee0000, 0x004c0000, 0x00950000, 0x000b0000 - data4 0x00420000, 0x00fa0000, 0x00c30000, 0x004e0000 - data4 0x00080000, 0x002e0000, 0x00a10000, 0x00660000 - data4 0x00280000, 0x00d90000, 0x00240000, 0x00b20000 - data4 0x00760000, 0x005b0000, 0x00a20000, 0x00490000 - data4 0x006d0000, 0x008b0000, 0x00d10000, 0x00250000 - data4 0x00720000, 0x00f80000, 0x00f60000, 0x00640000 - data4 0x00860000, 0x00680000, 0x00980000, 0x00160000 - data4 0x00d40000, 0x00a40000, 0x005c0000, 0x00cc0000 - data4 0x005d0000, 0x00650000, 0x00b60000, 0x00920000 - data4 0x006c0000, 0x00700000, 0x00480000, 0x00500000 - data4 0x00fd0000, 0x00ed0000, 0x00b90000, 0x00da0000 - data4 0x005e0000, 0x00150000, 0x00460000, 0x00570000 - data4 0x00a70000, 0x008d0000, 0x009d0000, 0x00840000 - data4 0x00900000, 0x00d80000, 0x00ab0000, 0x00000000 - data4 0x008c0000, 0x00bc0000, 0x00d30000, 0x000a0000 - data4 0x00f70000, 0x00e40000, 0x00580000, 0x00050000 - data4 0x00b80000, 0x00b30000, 0x00450000, 0x00060000 - data4 0x00d00000, 0x002c0000, 0x001e0000, 0x008f0000 - data4 0x00ca0000, 0x003f0000, 0x000f0000, 0x00020000 - data4 0x00c10000, 0x00af0000, 0x00bd0000, 0x00030000 - data4 0x00010000, 0x00130000, 0x008a0000, 0x006b0000 - data4 0x003a0000, 0x00910000, 0x00110000, 0x00410000 - data4 0x004f0000, 0x00670000, 0x00dc0000, 0x00ea0000 - data4 0x00970000, 0x00f20000, 0x00cf0000, 0x00ce0000 - data4 0x00f00000, 0x00b40000, 0x00e60000, 0x00730000 - data4 0x00960000, 0x00ac0000, 0x00740000, 0x00220000 - data4 0x00e70000, 0x00ad0000, 0x00350000, 0x00850000 - data4 0x00e20000, 0x00f90000, 0x00370000, 0x00e80000 - data4 0x001c0000, 0x00750000, 0x00df0000, 0x006e0000 - data4 0x00470000, 0x00f10000, 0x001a0000, 0x00710000 - data4 0x001d0000, 0x00290000, 0x00c50000, 0x00890000 - data4 0x006f0000, 0x00b70000, 0x00620000, 0x000e0000 - data4 0x00aa0000, 0x00180000, 0x00be0000, 0x001b0000 - data4 0x00fc0000, 0x00560000, 0x003e0000, 0x004b0000 - data4 0x00c60000, 0x00d20000, 0x00790000, 0x00200000 - data4 0x009a0000, 0x00db0000, 0x00c00000, 0x00fe0000 - data4 0x00780000, 0x00cd0000, 0x005a0000, 0x00f40000 - data4 0x001f0000, 0x00dd0000, 0x00a80000, 0x00330000 - data4 0x00880000, 0x00070000, 0x00c70000, 0x00310000 - data4 0x00b10000, 0x00120000, 0x00100000, 0x00590000 - data4 0x00270000, 0x00800000, 0x00ec0000, 0x005f0000 - data4 0x00600000, 0x00510000, 0x007f0000, 0x00a90000 - data4 0x00190000, 0x00b50000, 0x004a0000, 0x000d0000 - data4 0x002d0000, 0x00e50000, 0x007a0000, 0x009f0000 - data4 0x00930000, 0x00c90000, 0x009c0000, 0x00ef0000 - data4 0x00a00000, 0x00e00000, 0x003b0000, 0x004d0000 - data4 0x00ae0000, 0x002a0000, 0x00f50000, 0x00b00000 - data4 0x00c80000, 0x00eb0000, 0x00bb0000, 0x003c0000 - data4 0x00830000, 0x00530000, 0x00990000, 0x00610000 - data4 0x00170000, 0x002b0000, 0x00040000, 0x007e0000 - data4 0x00ba0000, 0x00770000, 0x00d60000, 0x00260000 - data4 0x00e10000, 0x00690000, 0x00140000, 0x00630000 - data4 0x00550000, 0x00210000, 0x000c0000, 0x007d0000 -// Td6: - data4 0x00005200, 0x00000900, 0x00006a00, 0x0000d500 - data4 0x00003000, 0x00003600, 0x0000a500, 0x00003800 - data4 0x0000bf00, 0x00004000, 0x0000a300, 0x00009e00 - data4 0x00008100, 0x0000f300, 0x0000d700, 0x0000fb00 - data4 0x00007c00, 0x0000e300, 0x00003900, 0x00008200 - data4 0x00009b00, 0x00002f00, 0x0000ff00, 0x00008700 - data4 0x00003400, 0x00008e00, 0x00004300, 0x00004400 - data4 0x0000c400, 0x0000de00, 0x0000e900, 0x0000cb00 - data4 0x00005400, 0x00007b00, 0x00009400, 0x00003200 - data4 0x0000a600, 0x0000c200, 0x00002300, 0x00003d00 - data4 0x0000ee00, 0x00004c00, 0x00009500, 0x00000b00 - data4 0x00004200, 0x0000fa00, 0x0000c300, 0x00004e00 - data4 0x00000800, 0x00002e00, 0x0000a100, 0x00006600 - data4 0x00002800, 0x0000d900, 0x00002400, 0x0000b200 - data4 0x00007600, 0x00005b00, 0x0000a200, 0x00004900 - data4 0x00006d00, 0x00008b00, 0x0000d100, 0x00002500 - data4 0x00007200, 0x0000f800, 0x0000f600, 0x00006400 - data4 0x00008600, 0x00006800, 0x00009800, 0x00001600 - data4 0x0000d400, 0x0000a400, 0x00005c00, 0x0000cc00 - data4 0x00005d00, 0x00006500, 0x0000b600, 0x00009200 - data4 0x00006c00, 0x00007000, 0x00004800, 0x00005000 - data4 0x0000fd00, 0x0000ed00, 0x0000b900, 0x0000da00 - data4 0x00005e00, 0x00001500, 0x00004600, 0x00005700 - data4 0x0000a700, 0x00008d00, 0x00009d00, 0x00008400 - data4 0x00009000, 0x0000d800, 0x0000ab00, 0x00000000 - data4 0x00008c00, 0x0000bc00, 0x0000d300, 0x00000a00 - data4 0x0000f700, 0x0000e400, 0x00005800, 0x00000500 - data4 0x0000b800, 0x0000b300, 0x00004500, 0x00000600 - data4 0x0000d000, 0x00002c00, 0x00001e00, 0x00008f00 - data4 0x0000ca00, 0x00003f00, 0x00000f00, 0x00000200 - data4 0x0000c100, 0x0000af00, 0x0000bd00, 0x00000300 - data4 0x00000100, 0x00001300, 0x00008a00, 0x00006b00 - data4 0x00003a00, 0x00009100, 0x00001100, 0x00004100 - data4 0x00004f00, 0x00006700, 0x0000dc00, 0x0000ea00 - data4 0x00009700, 0x0000f200, 0x0000cf00, 0x0000ce00 - data4 0x0000f000, 0x0000b400, 0x0000e600, 0x00007300 - data4 0x00009600, 0x0000ac00, 0x00007400, 0x00002200 - data4 0x0000e700, 0x0000ad00, 0x00003500, 0x00008500 - data4 0x0000e200, 0x0000f900, 0x00003700, 0x0000e800 - data4 0x00001c00, 0x00007500, 0x0000df00, 0x00006e00 - data4 0x00004700, 0x0000f100, 0x00001a00, 0x00007100 - data4 0x00001d00, 0x00002900, 0x0000c500, 0x00008900 - data4 0x00006f00, 0x0000b700, 0x00006200, 0x00000e00 - data4 0x0000aa00, 0x00001800, 0x0000be00, 0x00001b00 - data4 0x0000fc00, 0x00005600, 0x00003e00, 0x00004b00 - data4 0x0000c600, 0x0000d200, 0x00007900, 0x00002000 - data4 0x00009a00, 0x0000db00, 0x0000c000, 0x0000fe00 - data4 0x00007800, 0x0000cd00, 0x00005a00, 0x0000f400 - data4 0x00001f00, 0x0000dd00, 0x0000a800, 0x00003300 - data4 0x00008800, 0x00000700, 0x0000c700, 0x00003100 - data4 0x0000b100, 0x00001200, 0x00001000, 0x00005900 - data4 0x00002700, 0x00008000, 0x0000ec00, 0x00005f00 - data4 0x00006000, 0x00005100, 0x00007f00, 0x0000a900 - data4 0x00001900, 0x0000b500, 0x00004a00, 0x00000d00 - data4 0x00002d00, 0x0000e500, 0x00007a00, 0x00009f00 - data4 0x00009300, 0x0000c900, 0x00009c00, 0x0000ef00 - data4 0x0000a000, 0x0000e000, 0x00003b00, 0x00004d00 - data4 0x0000ae00, 0x00002a00, 0x0000f500, 0x0000b000 - data4 0x0000c800, 0x0000eb00, 0x0000bb00, 0x00003c00 - data4 0x00008300, 0x00005300, 0x00009900, 0x00006100 - data4 0x00001700, 0x00002b00, 0x00000400, 0x00007e00 - data4 0x0000ba00, 0x00007700, 0x0000d600, 0x00002600 - data4 0x0000e100, 0x00006900, 0x00001400, 0x00006300 - data4 0x00005500, 0x00002100, 0x00000c00, 0x00007d00 -// Td7: - data4 0x00000052, 0x00000009, 0x0000006a, 0x000000d5 - data4 0x00000030, 0x00000036, 0x000000a5, 0x00000038 - data4 0x000000bf, 0x00000040, 0x000000a3, 0x0000009e - data4 0x00000081, 0x000000f3, 0x000000d7, 0x000000fb - data4 0x0000007c, 0x000000e3, 0x00000039, 0x00000082 - data4 0x0000009b, 0x0000002f, 0x000000ff, 0x00000087 - data4 0x00000034, 0x0000008e, 0x00000043, 0x00000044 - data4 0x000000c4, 0x000000de, 0x000000e9, 0x000000cb - data4 0x00000054, 0x0000007b, 0x00000094, 0x00000032 - data4 0x000000a6, 0x000000c2, 0x00000023, 0x0000003d - data4 0x000000ee, 0x0000004c, 0x00000095, 0x0000000b - data4 0x00000042, 0x000000fa, 0x000000c3, 0x0000004e - data4 0x00000008, 0x0000002e, 0x000000a1, 0x00000066 - data4 0x00000028, 0x000000d9, 0x00000024, 0x000000b2 - data4 0x00000076, 0x0000005b, 0x000000a2, 0x00000049 - data4 0x0000006d, 0x0000008b, 0x000000d1, 0x00000025 - data4 0x00000072, 0x000000f8, 0x000000f6, 0x00000064 - data4 0x00000086, 0x00000068, 0x00000098, 0x00000016 - data4 0x000000d4, 0x000000a4, 0x0000005c, 0x000000cc - data4 0x0000005d, 0x00000065, 0x000000b6, 0x00000092 - data4 0x0000006c, 0x00000070, 0x00000048, 0x00000050 - data4 0x000000fd, 0x000000ed, 0x000000b9, 0x000000da - data4 0x0000005e, 0x00000015, 0x00000046, 0x00000057 - data4 0x000000a7, 0x0000008d, 0x0000009d, 0x00000084 - data4 0x00000090, 0x000000d8, 0x000000ab, 0x00000000 - data4 0x0000008c, 0x000000bc, 0x000000d3, 0x0000000a - data4 0x000000f7, 0x000000e4, 0x00000058, 0x00000005 - data4 0x000000b8, 0x000000b3, 0x00000045, 0x00000006 - data4 0x000000d0, 0x0000002c, 0x0000001e, 0x0000008f - data4 0x000000ca, 0x0000003f, 0x0000000f, 0x00000002 - data4 0x000000c1, 0x000000af, 0x000000bd, 0x00000003 - data4 0x00000001, 0x00000013, 0x0000008a, 0x0000006b - data4 0x0000003a, 0x00000091, 0x00000011, 0x00000041 - data4 0x0000004f, 0x00000067, 0x000000dc, 0x000000ea - data4 0x00000097, 0x000000f2, 0x000000cf, 0x000000ce - data4 0x000000f0, 0x000000b4, 0x000000e6, 0x00000073 - data4 0x00000096, 0x000000ac, 0x00000074, 0x00000022 - data4 0x000000e7, 0x000000ad, 0x00000035, 0x00000085 - data4 0x000000e2, 0x000000f9, 0x00000037, 0x000000e8 - data4 0x0000001c, 0x00000075, 0x000000df, 0x0000006e - data4 0x00000047, 0x000000f1, 0x0000001a, 0x00000071 - data4 0x0000001d, 0x00000029, 0x000000c5, 0x00000089 - data4 0x0000006f, 0x000000b7, 0x00000062, 0x0000000e - data4 0x000000aa, 0x00000018, 0x000000be, 0x0000001b - data4 0x000000fc, 0x00000056, 0x0000003e, 0x0000004b - data4 0x000000c6, 0x000000d2, 0x00000079, 0x00000020 - data4 0x0000009a, 0x000000db, 0x000000c0, 0x000000fe - data4 0x00000078, 0x000000cd, 0x0000005a, 0x000000f4 - data4 0x0000001f, 0x000000dd, 0x000000a8, 0x00000033 - data4 0x00000088, 0x00000007, 0x000000c7, 0x00000031 - data4 0x000000b1, 0x00000012, 0x00000010, 0x00000059 - data4 0x00000027, 0x00000080, 0x000000ec, 0x0000005f - data4 0x00000060, 0x00000051, 0x0000007f, 0x000000a9 - data4 0x00000019, 0x000000b5, 0x0000004a, 0x0000000d - data4 0x0000002d, 0x000000e5, 0x0000007a, 0x0000009f - data4 0x00000093, 0x000000c9, 0x0000009c, 0x000000ef - data4 0x000000a0, 0x000000e0, 0x0000003b, 0x0000004d - data4 0x000000ae, 0x0000002a, 0x000000f5, 0x000000b0 - data4 0x000000c8, 0x000000eb, 0x000000bb, 0x0000003c - data4 0x00000083, 0x00000053, 0x00000099, 0x00000061 - data4 0x00000017, 0x0000002b, 0x00000004, 0x0000007e - data4 0x000000ba, 0x00000077, 0x000000d6, 0x00000026 - data4 0x000000e1, 0x00000069, 0x00000014, 0x00000063 - data4 0x00000055, 0x00000021, 0x0000000c, 0x0000007d -.size AES_Td#,8*256*4 // HP-UX assembler fails to ".-AES_Td#" diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 2d4800a22a..1bcd046893 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -1,5 +1,5 @@ /* a_mbstr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/a_sign.c b/crypto/openssl/crypto/asn1/a_sign.c index 1081950518..4dee45fbb8 100644 --- a/crypto/openssl/crypto/asn1/a_sign.c +++ b/crypto/openssl/crypto/asn1/a_sign.c @@ -267,7 +267,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, goto err; } - EVP_SignInit_ex(&ctx,type, NULL); + if (!EVP_SignInit_ex(&ctx,type, NULL)) + { + outl=0; + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); + goto err; + } EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) diff --git a/crypto/openssl/crypto/asn1/a_strex.c b/crypto/openssl/crypto/asn1/a_strex.c index c2dbb6f9a5..7fc14d3296 100644 --- a/crypto/openssl/crypto/asn1/a_strex.c +++ b/crypto/openssl/crypto/asn1/a_strex.c @@ -1,5 +1,5 @@ /* a_strex.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/a_strnid.c b/crypto/openssl/crypto/asn1/a_strnid.c index 613bbc4a7d..fe515b52ba 100644 --- a/crypto/openssl/crypto/asn1/a_strnid.c +++ b/crypto/openssl/crypto/asn1/a_strnid.c @@ -1,5 +1,5 @@ /* a_strnid.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/a_verify.c b/crypto/openssl/crypto/asn1/a_verify.c index fdce6e4380..da3efaaf8d 100644 --- a/crypto/openssl/crypto/asn1/a_verify.c +++ b/crypto/openssl/crypto/asn1/a_verify.c @@ -100,7 +100,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, p=buf_in; i2d(data,&p); - EVP_VerifyInit_ex(&ctx,type, NULL); + if (!EVP_VerifyInit_ex(&ctx,type, NULL)) + { + ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); + ret=0; + goto err; + } EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); OPENSSL_cleanse(buf_in,(unsigned int)inl); diff --git a/crypto/openssl/crypto/asn1/asn1_gen.c b/crypto/openssl/crypto/asn1/asn1_gen.c index 26c832781e..2da38292c8 100644 --- a/crypto/openssl/crypto/asn1/asn1_gen.c +++ b/crypto/openssl/crypto/asn1/asn1_gen.c @@ -1,5 +1,5 @@ /* asn1_gen.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2002. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/asn1t.h b/crypto/openssl/crypto/asn1/asn1t.h index bf315e65ed..ac14f9415b 100644 --- a/crypto/openssl/crypto/asn1/asn1t.h +++ b/crypto/openssl/crypto/asn1/asn1t.h @@ -1,5 +1,5 @@ /* asn1t.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/asn_moid.c b/crypto/openssl/crypto/asn1/asn_moid.c index 9132350f10..1ea6a59248 100644 --- a/crypto/openssl/crypto/asn1/asn_moid.c +++ b/crypto/openssl/crypto/asn1/asn_moid.c @@ -1,5 +1,5 @@ /* asn_moid.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/asn_pack.c b/crypto/openssl/crypto/asn1/asn_pack.c index e8b671b7b5..f1a5a05632 100644 --- a/crypto/openssl/crypto/asn1/asn_pack.c +++ b/crypto/openssl/crypto/asn1/asn_pack.c @@ -1,5 +1,5 @@ /* asn_pack.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/charmap.pl b/crypto/openssl/crypto/asn1/charmap.pl deleted file mode 100644 index 2875c59867..0000000000 --- a/crypto/openssl/crypto/asn1/charmap.pl +++ /dev/null @@ -1,80 +0,0 @@ -#!/usr/local/bin/perl -w - -use strict; - -my ($i, @arr); - -# Set up an array with the type of ASCII characters -# Each set bit represents a character property. - -# RFC2253 character properties -my $RFC2253_ESC = 1; # Character escaped with \ -my $ESC_CTRL = 2; # Escaped control character -# These are used with RFC1779 quoting using " -my $NOESC_QUOTE = 8; # Not escaped if quoted -my $PSTRING_CHAR = 0x10; # Valid PrintableString character -my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character -my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character - -for($i = 0; $i < 128; $i++) { - # Set the RFC2253 escape characters (control) - $arr[$i] = 0; - if(($i < 32) || ($i > 126)) { - $arr[$i] |= $ESC_CTRL; - } - - # Some PrintableString characters - if( ( ( $i >= ord("a")) && ( $i <= ord("z")) ) - || ( ( $i >= ord("A")) && ( $i <= ord("Z")) ) - || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) { - $arr[$i] |= $PSTRING_CHAR; - } -} - -# Now setup the rest - -# Remaining RFC2253 escaped characters - -$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC; -$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC; - -$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("\"")] |= $RFC2253_ESC; -$arr[ord("\\")] |= $RFC2253_ESC; -$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC; - -# Remaining PrintableString characters - -$arr[ord(" ")] |= $PSTRING_CHAR; -$arr[ord("'")] |= $PSTRING_CHAR; -$arr[ord("(")] |= $PSTRING_CHAR; -$arr[ord(")")] |= $PSTRING_CHAR; -$arr[ord("+")] |= $PSTRING_CHAR; -$arr[ord(",")] |= $PSTRING_CHAR; -$arr[ord("-")] |= $PSTRING_CHAR; -$arr[ord(".")] |= $PSTRING_CHAR; -$arr[ord("/")] |= $PSTRING_CHAR; -$arr[ord(":")] |= $PSTRING_CHAR; -$arr[ord("=")] |= $PSTRING_CHAR; -$arr[ord("?")] |= $PSTRING_CHAR; - -# Now generate the C code - -print <= 14 && + if (tm->length >= 14 && (v[12] >= '0') && (v[12] <= '9') && (v[13] >= '0') && (v[13] <= '9')) s= (v[12]-'0')*10+(v[13]-'0'); @@ -429,7 +429,7 @@ int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm) d= (v[4]-'0')*10+(v[5]-'0'); h= (v[6]-'0')*10+(v[7]-'0'); m= (v[8]-'0')*10+(v[9]-'0'); - if (i >=12 && + if (tm->length >=12 && (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9')) s= (v[10]-'0')*10+(v[11]-'0'); diff --git a/crypto/openssl/crypto/asn1/t_x509a.c b/crypto/openssl/crypto/asn1/t_x509a.c index ffbbfb51f4..8b18801a17 100644 --- a/crypto/openssl/crypto/asn1/t_x509a.c +++ b/crypto/openssl/crypto/asn1/t_x509a.c @@ -1,5 +1,5 @@ /* t_x509a.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 0ee406231e..ced641698e 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -1,5 +1,5 @@ /* tasn_dec.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_enc.c b/crypto/openssl/crypto/asn1/tasn_enc.c index be19b36acd..2721f904a6 100644 --- a/crypto/openssl/crypto/asn1/tasn_enc.c +++ b/crypto/openssl/crypto/asn1/tasn_enc.c @@ -1,5 +1,5 @@ /* tasn_enc.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_fre.c b/crypto/openssl/crypto/asn1/tasn_fre.c index bb7c1e2af4..d7c017fa1d 100644 --- a/crypto/openssl/crypto/asn1/tasn_fre.c +++ b/crypto/openssl/crypto/asn1/tasn_fre.c @@ -1,5 +1,5 @@ /* tasn_fre.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_new.c b/crypto/openssl/crypto/asn1/tasn_new.c index 531dad365c..5c6a2ebd4d 100644 --- a/crypto/openssl/crypto/asn1/tasn_new.c +++ b/crypto/openssl/crypto/asn1/tasn_new.c @@ -1,5 +1,5 @@ /* tasn_new.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_typ.c b/crypto/openssl/crypto/asn1/tasn_typ.c index 6f17f1bec7..6252213d15 100644 --- a/crypto/openssl/crypto/asn1/tasn_typ.c +++ b/crypto/openssl/crypto/asn1/tasn_typ.c @@ -1,5 +1,5 @@ /* tasn_typ.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/tasn_utl.c b/crypto/openssl/crypto/asn1/tasn_utl.c index 34d520b180..ca9ec7a32f 100644 --- a/crypto/openssl/crypto/asn1/tasn_utl.c +++ b/crypto/openssl/crypto/asn1/tasn_utl.c @@ -1,5 +1,5 @@ /* tasn_utl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/x_algor.c b/crypto/openssl/crypto/asn1/x_algor.c index 33533aba86..99e53429b7 100644 --- a/crypto/openssl/crypto/asn1/x_algor.c +++ b/crypto/openssl/crypto/asn1/x_algor.c @@ -1,5 +1,5 @@ /* x_algor.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/x_bignum.c b/crypto/openssl/crypto/asn1/x_bignum.c index 869c05d931..9cf3204a1b 100644 --- a/crypto/openssl/crypto/asn1/x_bignum.c +++ b/crypto/openssl/crypto/asn1/x_bignum.c @@ -1,5 +1,5 @@ /* x_bignum.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/x_exten.c b/crypto/openssl/crypto/asn1/x_exten.c index 1732e66712..3a21239926 100644 --- a/crypto/openssl/crypto/asn1/x_exten.c +++ b/crypto/openssl/crypto/asn1/x_exten.c @@ -1,5 +1,5 @@ /* x_exten.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/x_long.c b/crypto/openssl/crypto/asn1/x_long.c index 0db233cb95..bf35457c1f 100644 --- a/crypto/openssl/crypto/asn1/x_long.c +++ b/crypto/openssl/crypto/asn1/x_long.c @@ -1,5 +1,5 @@ /* x_long.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/x_x509a.c b/crypto/openssl/crypto/asn1/x_x509a.c index 13db5fd03f..b603f82de7 100644 --- a/crypto/openssl/crypto/asn1/x_x509a.c +++ b/crypto/openssl/crypto/asn1/x_x509a.c @@ -1,5 +1,5 @@ /* a_x509a.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/bf/asm/bf-586.pl b/crypto/openssl/crypto/bf/asm/bf-586.pl deleted file mode 100644 index b556642c94..0000000000 --- a/crypto/openssl/crypto/bf/asm/bf-586.pl +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386"); - -$BF_ROUNDS=16; -$BF_OFF=($BF_ROUNDS+2)*4; -$L="edi"; -$R="esi"; -$P="ebp"; -$tmp1="eax"; -$tmp2="ebx"; -$tmp3="ecx"; -$tmp4="edx"; - -&BF_encrypt("BF_encrypt",1); -&BF_encrypt("BF_decrypt",0); -&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); -&asm_finish(); - -sub BF_encrypt - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov($tmp2,&wparam(0)); - &mov($P,&wparam(1)); - &push("esi"); - &push("edi"); - - &comment("Load the 2 words"); - &mov($L,&DWP(0,$tmp2,"",0)); - &mov($R,&DWP(4,$tmp2,"",0)); - - &xor( $tmp1, $tmp1); - - # encrypting part - - if ($enc) - { - &mov($tmp2,&DWP(0,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=0; $i<$BF_ROUNDS; $i+=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - } - else - { - &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=$BF_ROUNDS; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(0,$P,"",0)); - } - - &xor($R,$tmp4); - &mov(&DWP(4,$tmp1,"",0),$L); - - &mov(&DWP(0,$tmp1,"",0),$R); - &function_end($name); - } - -sub BF_ENCRYPT - { - local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_; - - &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round - - &mov( $tmp2, $R); - &xor( $L, $tmp4); - - &shr( $tmp2, 16); - &mov( $tmp4, $R); - - &movb( &LB($tmp1), &HB($tmp2)); # A - &and( $tmp2, 0xff); # B - - &movb( &LB($tmp3), &HB($tmp4)); # C - &and( $tmp4, 0xff); # D - - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); - &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); - - &add( $tmp2, $tmp1); - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4)); - - &xor( $tmp2, $tmp1); - &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4)); - - &add( $tmp2, $tmp4); - if (($enc && ($i != 16)) || ((!$enc) && ($i != 1))) - { &xor( $tmp1, $tmp1); } - else - { - &comment("Load parameter 0 ($i) enc=$enc"); - &mov($tmp1,&wparam(0)); - } # In last loop - - &xor( $L, $tmp2); - # delay - } - -sub n2a - { - sprintf("%d",$_[0]); - } - diff --git a/crypto/openssl/crypto/bf/asm/bf-686.pl b/crypto/openssl/crypto/bf/asm/bf-686.pl deleted file mode 100644 index 8e4c25f598..0000000000 --- a/crypto/openssl/crypto/bf/asm/bf-686.pl +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"bf-686.pl"); - -$BF_ROUNDS=16; -$BF_OFF=($BF_ROUNDS+2)*4; -$L="ecx"; -$R="edx"; -$P="edi"; -$tot="esi"; -$tmp1="eax"; -$tmp2="ebx"; -$tmp3="ebp"; - -&des_encrypt("BF_encrypt",1); -&des_encrypt("BF_decrypt",0); -&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); - -&asm_finish(); - -&file_end(); - -sub des_encrypt - { - local($name,$enc)=@_; - - &function_begin($name,""); - - &comment(""); - &comment("Load the 2 words"); - &mov("eax",&wparam(0)); - &mov($L,&DWP(0,"eax","",0)); - &mov($R,&DWP(4,"eax","",0)); - - &comment(""); - &comment("P pointer, s and enc flag"); - &mov($P,&wparam(1)); - - &xor( $tmp1, $tmp1); - &xor( $tmp2, $tmp2); - - # encrypting part - - if ($enc) - { - &xor($L,&DWP(0,$P,"",0)); - for ($i=0; $i<$BF_ROUNDS; $i+=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3); - } - &xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$R); - &mov(&DWP(4,"eax","",0),$L); - &function_end_A($name); - } - else - { - &xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - for ($i=$BF_ROUNDS; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3); - } - &xor($R,&DWP(0,$P,"",0)); - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$R); - &mov(&DWP(4,"eax","",0),$L); - &function_end_A($name); - } - - &function_end_B($name); - } - -sub BF_ENCRYPT - { - local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_; - - &rotr( $R, 16); - &mov( $tot, &DWP(&n2a($i*4),$P,"",0)); - - &movb( &LB($tmp1), &HB($R)); - &movb( &LB($tmp2), &LB($R)); - - &rotr( $R, 16); - &xor( $L, $tot); - - &mov( $tot, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); - &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); - - &movb( &LB($tmp1), &HB($R)); - &movb( &LB($tmp2), &LB($R)); - - &add( $tot, $tmp3); - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay - - &xor( $tot, $tmp1); - &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4)); - - &add( $tot, $tmp3); - &xor( $tmp1, $tmp1); - - &xor( $L, $tot); - # delay - } - -sub n2a - { - sprintf("%d",$_[0]); - } - diff --git a/crypto/openssl/crypto/bf/asm/readme b/crypto/openssl/crypto/bf/asm/readme deleted file mode 100644 index 2385fa3812..0000000000 --- a/crypto/openssl/crypto/bf/asm/readme +++ /dev/null @@ -1,10 +0,0 @@ -There are blowfish assembler generation scripts. -bf-586.pl version is for the pentium and -bf-686.pl is my original version, which is faster on the pentium pro. - -When using a bf-586.pl, the pentium pro/II is %8 slower than using -bf-686.pl. When using a bf-686.pl, the pentium is %16 slower -than bf-586.pl - -So the default is bf-586.pl - diff --git a/crypto/openssl/crypto/bf/bf_skey.c b/crypto/openssl/crypto/bf/bf_skey.c index 3673cdee6e..6ac2aeb279 100644 --- a/crypto/openssl/crypto/bf/bf_skey.c +++ b/crypto/openssl/crypto/bf/bf_skey.c @@ -59,10 +59,15 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "bf_locl.h" #include "bf_pi.h" -void BF_set_key(BF_KEY *key, int len, const unsigned char *data) +FIPS_NON_FIPS_VCIPHER_Init(BF) { int i; BF_LONG *p,ri,in[2]; diff --git a/crypto/openssl/crypto/bf/blowfish.h b/crypto/openssl/crypto/bf/blowfish.h index cd49e85ab2..d24ffccb65 100644 --- a/crypto/openssl/crypto/bf/blowfish.h +++ b/crypto/openssl/crypto/bf/blowfish.h @@ -104,7 +104,9 @@ typedef struct bf_key_st BF_LONG S[4*256]; } BF_KEY; - +#ifdef OPENSSL_FIPS +void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); +#endif void BF_set_key(BF_KEY *key, int len, const unsigned char *data); void BF_encrypt(BF_LONG *data,const BF_KEY *key); diff --git a/crypto/openssl/crypto/bio/bss_bio.c b/crypto/openssl/crypto/bio/bss_bio.c index 0f9f0955b4..76bd48e767 100644 --- a/crypto/openssl/crypto/bio/bss_bio.c +++ b/crypto/openssl/crypto/bio/bss_bio.c @@ -919,6 +919,6 @@ int BIO_nwrite(BIO *bio, char **buf, int num) ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf); if (ret > 0) - bio->num_read += ret; + bio->num_write += ret; return ret; } diff --git a/crypto/openssl/crypto/bio/bss_file.c b/crypto/openssl/crypto/bio/bss_file.c index 4df9927c43..9ad46fa081 100644 --- a/crypto/openssl/crypto/bio/bss_file.c +++ b/crypto/openssl/crypto/bio/bss_file.c @@ -279,7 +279,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) #endif { #if defined(OPENSSL_SYS_WINDOWS) - int fd = fileno((FILE*)ptr); + int fd = _fileno((FILE*)ptr); if (num & BIO_FP_TEXT) _setmode(fd,_O_TEXT); else diff --git a/crypto/openssl/crypto/bn/asm/README b/crypto/openssl/crypto/bn/asm/README deleted file mode 100644 index b0f3a68a06..0000000000 --- a/crypto/openssl/crypto/bn/asm/README +++ /dev/null @@ -1,27 +0,0 @@ - - -All assember in this directory are just version of the file -crypto/bn/bn_asm.c. - -Quite a few of these files are just the assember output from gcc since on -quite a few machines they are 2 times faster than the system compiler. - -For the x86, I have hand written assember because of the bad job all -compilers seem to do on it. This normally gives a 2 time speed up in the RSA -routines. - -For the DEC alpha, I also hand wrote the assember (except the division which -is just the output from the C compiler pasted on the end of the file). -On the 2 alpha C compilers I had access to, it was not possible to do -64b x 64b -> 128b calculations (both long and the long long data types -were 64 bits). So the hand assember gives access to the 128 bit result and -a 2 times speedup :-). - -There are 3 versions of assember for the HP PA-RISC. - -pa-risc.s is the origional one which works fine and generated using gcc :-) - -pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations -by Chris Ruemmler from HP (with some help from the HP C compiler). - - diff --git a/crypto/openssl/crypto/bn/asm/bn-586.pl b/crypto/openssl/crypto/bn/asm/bn-586.pl deleted file mode 100644 index 26c2685a72..0000000000 --- a/crypto/openssl/crypto/bn/asm/bn-586.pl +++ /dev/null @@ -1,675 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&external_label("OPENSSL_ia32cap_P") if ($sse2); - -&bn_mul_add_words("bn_mul_add_words"); -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_div_words("bn_div_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); -&bn_sub_part_words("bn_sub_part_words"); - -&asm_finish(); - -sub bn_mul_add_words - { - local($name)=@_; - - &function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); - - if ($sse2) { - &picmeup("eax","OPENSSL_ia32cap_P"); - &bt(&DWP(0,"eax"),26); - &jnc(&label("maw_loop")); - - &movd("mm0",$w); # mm0 = w - &pxor("mm1","mm1"); # mm1 = carry_in - - &set_label("maw_sse2_loop",0); - &movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0] - &paddq("mm1","mm3"); # mm1 = carry_in + r[0] - &movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0] - &pmuludq("mm2","mm0"); # mm2 = w*a[0] - &movd("mm4",&DWP(4,$a,"",0)); # mm4 = a[1] - &pmuludq("mm4","mm0"); # mm4 = w*a[1] - &movd("mm6",&DWP(8,$a,"",0)); # mm6 = a[2] - &pmuludq("mm6","mm0"); # mm6 = w*a[2] - &movd("mm7",&DWP(12,$a,"",0)); # mm7 = a[3] - &pmuludq("mm7","mm0"); # mm7 = w*a[3] - &paddq("mm1","mm2"); # mm1 = carry_in + r[0] + w*a[0] - &movd("mm3",&DWP(4,$r,"",0)); # mm3 = r[1] - &paddq("mm3","mm4"); # mm3 = r[1] + w*a[1] - &movd("mm5",&DWP(8,$r,"",0)); # mm5 = r[2] - &paddq("mm5","mm6"); # mm5 = r[2] + w*a[2] - &movd("mm4",&DWP(12,$r,"",0)); # mm4 = r[3] - &paddq("mm7","mm4"); # mm7 = r[3] + w*a[3] - &movd(&DWP(0,$r,"",0),"mm1"); - &movd("mm2",&DWP(16,$a,"",0)); # mm2 = a[4] - &pmuludq("mm2","mm0"); # mm2 = w*a[4] - &psrlq("mm1",32); # mm1 = carry0 - &movd("mm4",&DWP(20,$a,"",0)); # mm4 = a[5] - &pmuludq("mm4","mm0"); # mm4 = w*a[5] - &paddq("mm1","mm3"); # mm1 = carry0 + r[1] + w*a[1] - &movd("mm6",&DWP(24,$a,"",0)); # mm6 = a[6] - &pmuludq("mm6","mm0"); # mm6 = w*a[6] - &movd(&DWP(4,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry1 - &movd("mm3",&DWP(28,$a,"",0)); # mm3 = a[7] - &add($a,32); - &pmuludq("mm3","mm0"); # mm3 = w*a[7] - &paddq("mm1","mm5"); # mm1 = carry1 + r[2] + w*a[2] - &movd("mm5",&DWP(16,$r,"",0)); # mm5 = r[4] - &paddq("mm2","mm5"); # mm2 = r[4] + w*a[4] - &movd(&DWP(8,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry2 - &paddq("mm1","mm7"); # mm1 = carry2 + r[3] + w*a[3] - &movd("mm5",&DWP(20,$r,"",0)); # mm5 = r[5] - &paddq("mm4","mm5"); # mm4 = r[5] + w*a[5] - &movd(&DWP(12,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry3 - &paddq("mm1","mm2"); # mm1 = carry3 + r[4] + w*a[4] - &movd("mm5",&DWP(24,$r,"",0)); # mm5 = r[6] - &paddq("mm6","mm5"); # mm6 = r[6] + w*a[6] - &movd(&DWP(16,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry4 - &paddq("mm1","mm4"); # mm1 = carry4 + r[5] + w*a[5] - &movd("mm5",&DWP(28,$r,"",0)); # mm5 = r[7] - &paddq("mm3","mm5"); # mm3 = r[7] + w*a[7] - &movd(&DWP(20,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry5 - &paddq("mm1","mm6"); # mm1 = carry5 + r[6] + w*a[6] - &movd(&DWP(24,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry6 - &paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7] - &movd(&DWP(28,$r,"",0),"mm1"); - &add($r,32); - &psrlq("mm1",32); # mm1 = carry_out - - &sub("ecx",8); - &jnz(&label("maw_sse2_loop")); - - &movd($c,"mm1"); # c = carry_out - &emms(); - - &jmp(&label("maw_finish")); - } - - &set_label("maw_loop",0); - - &mov(&swtmp(0),"ecx"); # - - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+= *r - &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); # L(t)+=c - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &mov("ecx",&swtmp(0)); # - &add($a,32); - &add($r,32); - &sub("ecx",8); - &jnz(&label("maw_loop")); - - &set_label("maw_finish",0); - &mov("ecx",&wparam(2)); # get num - &and("ecx",7); - &jnz(&label("maw_finish2")); # helps branch prediction - &jmp(&label("maw_end")); - - &set_label("maw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); - &adc("edx",0); # H(t)+=carry - &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - &jz(&label("maw_end")) if ($i != 7-1); - } - &set_label("maw_end",0); - &mov("eax",$c); - - &pop("ecx"); # clear variable from - - &function_end($name); - } - -sub bn_mul_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ecx"; - $r="edi"; - $c="esi"; - $num="ebp"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - &mov($w,&wparam(3)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("mw_finish")); - - &set_label("mw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jz(&label("mw_finish")); - &jmp(&label("mw_loop")); - - &set_label("mw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jnz(&label("mw_finish2")); - &jmp(&label("mw_end")); - - &set_label("mw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); - &mov($c,"edx"); # c= H(t); - &dec($num) if ($i != 7-1); - &jz(&label("mw_end")) if ($i != 7-1); - } - &set_label("mw_end",0); - &mov("eax",$c); - - &function_end($name); - } - -sub bn_sqr_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $r="esi"; - $a="edi"; - $num="ebx"; - - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("sw_finish")); - - &set_label("sw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*2,$r,"",0),"eax"); # - &mov(&DWP($i*2+4,$r,"",0),"edx");# - } - - &comment(""); - &add($a,32); - &add($r,64); - &sub($num,8); - &jnz(&label("sw_loop")); - - &set_label("sw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jz(&label("sw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*8,$r,"",0),"eax"); # - &dec($num) if ($i != 7-1); - &mov(&DWP($i*8+4,$r,"",0),"edx"); - &jz(&label("sw_end")) if ($i != 7-1); - } - &set_label("sw_end",0); - - &function_end($name); - } - -sub bn_div_words - { - local($name)=@_; - - &function_begin($name,""); - &mov("edx",&wparam(0)); # - &mov("eax",&wparam(1)); # - &mov("ebx",&wparam(2)); # - &div("ebx"); - &function_end($name); - } - -sub bn_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -sub bn_sub_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -sub bn_sub_part_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP(0,$a,"",0)); # *a - &mov($tmp2,&DWP(0,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP(0,$r,"",0),$tmp1); # *r - &add($a, 4); - &add($b, 4); - &add($r, 4); - &dec($num) if ($i != 6); - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - - &cmp(&wparam(4),0); - &je(&label("pw_end")); - - &mov($num,&wparam(4)); # get dl - &cmp($num,0); - &je(&label("pw_end")); - &jge(&label("pw_pos")); - - &comment("pw_neg"); - &mov($tmp2,0); - &sub($tmp2,$num); - &mov($num,$tmp2); - &and($num,0xfffffff8); # num / 8 - &jz(&label("pw_neg_finish")); - - &set_label("pw_neg_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("dl<0 Round $i"); - - &mov($tmp1,0); - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("pw_neg_loop")); - - &set_label("pw_neg_finish",0); - &mov($tmp2,&wparam(4)); # get dl - &mov($num,0); - &sub($num,$tmp2); - &and($num,7); - &jz(&label("pw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("dl<0 Tail Round $i"); - &mov($tmp1,0); - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jz(&label("pw_end")) if ($i != 6); - } - - &jmp(&label("pw_end")); - - &set_label("pw_pos",0); - - &and($num,0xfffffff8); # num / 8 - &jz(&label("pw_pos_finish")); - - &set_label("pw_pos_loop",0); - - for ($i=0; $i<8; $i++) - { - &comment("dl>0 Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &sub($tmp1,$c); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jnc(&label("pw_nc".$i)); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jnz(&label("pw_pos_loop")); - - &set_label("pw_pos_finish",0); - &mov($num,&wparam(4)); # get dl - &and($num,7); - &jz(&label("pw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("dl>0 Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &sub($tmp1,$c); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jnc(&label("pw_tail_nc".$i)); - &dec($num) if ($i != 6); - &jz(&label("pw_end")) if ($i != 6); - } - &mov($c,1); - &jmp(&label("pw_end")); - - &set_label("pw_nc_loop",0); - for ($i=0; $i<8; $i++) - { - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &set_label("pw_nc".$i,0); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jnz(&label("pw_nc_loop")); - - &mov($num,&wparam(4)); # get dl - &and($num,7); - &jz(&label("pw_nc_end")); - - for ($i=0; $i<7; $i++) - { - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &set_label("pw_tail_nc".$i,0); - &dec($num) if ($i != 6); - &jz(&label("pw_nc_end")) if ($i != 6); - } - - &set_label("pw_nc_end",0); - &mov($c,0); - - &set_label("pw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - diff --git a/crypto/openssl/crypto/bn/asm/co-586.pl b/crypto/openssl/crypto/bn/asm/co-586.pl deleted file mode 100644 index 5d962cb957..0000000000 --- a/crypto/openssl/crypto/bn/asm/co-586.pl +++ /dev/null @@ -1,286 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -&bn_mul_comba("bn_mul_comba8",8); -&bn_mul_comba("bn_mul_comba4",4); -&bn_sqr_comba("bn_sqr_comba8",8); -&bn_sqr_comba("bn_sqr_comba4",4); - -&asm_finish(); - -sub mul_add_c - { - local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("mul a[$ai]*b[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - &mul("edx"); - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a - &mov("eax",&wparam(0)) if $pos > 0; # load r[] - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a - } - -sub sqr_add_c - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb); - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - } - -sub sqr_add_c2 - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$a,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add("eax","eax"); - ### - &adc("edx","edx"); - ### - &adc($c2,0); - &add($c0,"eax"); - &adc($c1,"edx"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - &adc($c2,0); - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb); - ### - } - -sub bn_mul_comba - { - local($name,$num)=@_; - local($a,$b,$c0,$c1,$c2); - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($tot,$end); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $b="edi"; - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - &push("esi"); - &mov($a,&wparam(1)); - &push("edi"); - &mov($b,&wparam(2)); - &push("ebp"); - &push("ebx"); - - &xor($c0,$c0); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - &xor($c1,$c1); - &mov("edx",&DWP(0,$b,"",0)); # load the first second - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("################## Calculate word $i"); - - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($j+1) == $end) - { - $v=1; - $v=2 if (($i+1) == $tot); - } - else - { $v=0; } - if (($j+1) != $end) - { - $na=($ai-1); - $nb=($bi+1); - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } -#printf STDERR "[$ai,$bi] -> [$na,$nb]\n"; - &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb); - if ($v) - { - &comment("saved r[$i]"); - # &mov("eax",&wparam(0)); - # &mov(&DWP($i*4,"eax","",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &comment("save r[$i]"); - # &mov("eax",&wparam(0)); - &mov(&DWP($i*4,"eax","",0),$c0); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -sub bn_sqr_comba - { - local($name,$num)=@_; - local($r,$a,$c0,$c1,$c2)=@_; - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($b,$tot,$end,$half); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $r="edi"; - - &push("esi"); - &push("edi"); - &push("ebp"); - &push("ebx"); - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &xor($c0,$c0); - &xor($c1,$c1); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("############### Calculate word $i"); - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($ai-1) < ($bi+1)) - { - $v=1; - $v=2 if ($i+1) == $tot; - } - else - { $v=0; } - if (!$v) - { - $na=$ai-1; - $nb=$bi+1; - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } - if ($ai == $bi) - { - &sqr_add_c($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - else - { - &sqr_add_c2($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - if ($v) - { - &comment("saved r[$i]"); - #&mov(&DWP($i*4,$r,"",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - last; - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &mov(&DWP($i*4,$r,"",0),$c0); - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } diff --git a/crypto/openssl/crypto/bn/asm/x86.pl b/crypto/openssl/crypto/bn/asm/x86.pl deleted file mode 100644 index 1bc4f1bb27..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86.pl +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -require("x86/mul_add.pl"); -require("x86/mul.pl"); -require("x86/sqr.pl"); -require("x86/div.pl"); -require("x86/add.pl"); -require("x86/sub.pl"); -require("x86/comba.pl"); - -&asm_init($ARGV[0],$0); - -&bn_mul_add_words("bn_mul_add_words"); -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_div_words("bn_div_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); -&bn_mul_comba("bn_mul_comba8",8); -&bn_mul_comba("bn_mul_comba4",4); -&bn_sqr_comba("bn_sqr_comba8",8); -&bn_sqr_comba("bn_sqr_comba4",4); - -&asm_finish(); - diff --git a/crypto/openssl/crypto/bn/asm/x86/add.pl b/crypto/openssl/crypto/bn/asm/x86/add.pl deleted file mode 100644 index 0b5cf583e3..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/add.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/comba.pl b/crypto/openssl/crypto/bn/asm/x86/comba.pl deleted file mode 100644 index 2291253629..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/comba.pl +++ /dev/null @@ -1,277 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub mul_add_c - { - local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("mul a[$ai]*b[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - &mul("edx"); - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a - &mov("eax",&wparam(0)) if $pos > 0; # load r[] - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a - } - -sub sqr_add_c - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb); - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - } - -sub sqr_add_c2 - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$a,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add("eax","eax"); - ### - &adc("edx","edx"); - ### - &adc($c2,0); - &add($c0,"eax"); - &adc($c1,"edx"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - &adc($c2,0); - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb); - ### - } - -sub bn_mul_comba - { - local($name,$num)=@_; - local($a,$b,$c0,$c1,$c2); - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($tot,$end); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $b="edi"; - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - &push("esi"); - &mov($a,&wparam(1)); - &push("edi"); - &mov($b,&wparam(2)); - &push("ebp"); - &push("ebx"); - - &xor($c0,$c0); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - &xor($c1,$c1); - &mov("edx",&DWP(0,$b,"",0)); # load the first second - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("################## Calculate word $i"); - - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($j+1) == $end) - { - $v=1; - $v=2 if (($i+1) == $tot); - } - else - { $v=0; } - if (($j+1) != $end) - { - $na=($ai-1); - $nb=($bi+1); - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } -#printf STDERR "[$ai,$bi] -> [$na,$nb]\n"; - &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb); - if ($v) - { - &comment("saved r[$i]"); - # &mov("eax",&wparam(0)); - # &mov(&DWP($i*4,"eax","",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &comment("save r[$i]"); - # &mov("eax",&wparam(0)); - &mov(&DWP($i*4,"eax","",0),$c0); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -sub bn_sqr_comba - { - local($name,$num)=@_; - local($r,$a,$c0,$c1,$c2)=@_; - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($b,$tot,$end,$half); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $r="edi"; - - &push("esi"); - &push("edi"); - &push("ebp"); - &push("ebx"); - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &xor($c0,$c0); - &xor($c1,$c1); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("############### Calculate word $i"); - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($ai-1) < ($bi+1)) - { - $v=1; - $v=2 if ($i+1) == $tot; - } - else - { $v=0; } - if (!$v) - { - $na=$ai-1; - $nb=$bi+1; - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } - if ($ai == $bi) - { - &sqr_add_c($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - else - { - &sqr_add_c2($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - if ($v) - { - &comment("saved r[$i]"); - #&mov(&DWP($i*4,$r,"",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - last; - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &mov(&DWP($i*4,$r,"",0),$c0); - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/div.pl b/crypto/openssl/crypto/bn/asm/x86/div.pl deleted file mode 100644 index 0e90152caa..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/div.pl +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_div_words - { - local($name)=@_; - - &function_begin($name,""); - &mov("edx",&wparam(0)); # - &mov("eax",&wparam(1)); # - &mov("ebx",&wparam(2)); # - &div("ebx"); - &function_end($name); - } -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/f b/crypto/openssl/crypto/bn/asm/x86/f deleted file mode 100644 index 22e4112224..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/f +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - diff --git a/crypto/openssl/crypto/bn/asm/x86/mul.pl b/crypto/openssl/crypto/bn/asm/x86/mul.pl deleted file mode 100644 index 674cb9b055..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/mul.pl +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_mul_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ecx"; - $r="edi"; - $c="esi"; - $num="ebp"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - &mov($w,&wparam(3)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("mw_finish")); - - &set_label("mw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jz(&label("mw_finish")); - &jmp(&label("mw_loop")); - - &set_label("mw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jnz(&label("mw_finish2")); - &jmp(&label("mw_end")); - - &set_label("mw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); - &mov($c,"edx"); # c= H(t); - &dec($num) if ($i != 7-1); - &jz(&label("mw_end")) if ($i != 7-1); - } - &set_label("mw_end",0); - &mov("eax",$c); - - &function_end($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/mul_add.pl b/crypto/openssl/crypto/bn/asm/x86/mul_add.pl deleted file mode 100644 index 61830d3a90..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/mul_add.pl +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_mul_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); - - &set_label("maw_loop",0); - - &mov(&swtmp(0),"ecx"); # - - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+= *r - &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); # L(t)+=c - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &mov("ecx",&swtmp(0)); # - &add($a,32); - &add($r,32); - &sub("ecx",8); - &jnz(&label("maw_loop")); - - &set_label("maw_finish",0); - &mov("ecx",&wparam(2)); # get num - &and("ecx",7); - &jnz(&label("maw_finish2")); # helps branch prediction - &jmp(&label("maw_end")); - - &set_label("maw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); - &adc("edx",0); # H(t)+=carry - &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - &jz(&label("maw_end")) if ($i != 7-1); - } - &set_label("maw_end",0); - &mov("eax",$c); - - &pop("ecx"); # clear variable from - - &function_end($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/sqr.pl b/crypto/openssl/crypto/bn/asm/x86/sqr.pl deleted file mode 100644 index 1f90993cf6..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/sqr.pl +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_sqr_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $r="esi"; - $a="edi"; - $num="ebx"; - - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("sw_finish")); - - &set_label("sw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*2,$r,"",0),"eax"); # - &mov(&DWP($i*2+4,$r,"",0),"edx");# - } - - &comment(""); - &add($a,32); - &add($r,64); - &sub($num,8); - &jnz(&label("sw_loop")); - - &set_label("sw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jz(&label("sw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*8,$r,"",0),"eax"); # - &dec($num) if ($i != 7-1); - &mov(&DWP($i*8+4,$r,"",0),"edx"); - &jz(&label("sw_end")) if ($i != 7-1); - } - &set_label("sw_end",0); - - &function_end($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86/sub.pl b/crypto/openssl/crypto/bn/asm/x86/sub.pl deleted file mode 100644 index 837b0e1b07..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86/sub.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_sub_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -1; diff --git a/crypto/openssl/crypto/bn/asm/x86_64-gcc.c b/crypto/openssl/crypto/bn/asm/x86_64-gcc.c deleted file mode 100644 index f13f52dd85..0000000000 --- a/crypto/openssl/crypto/bn/asm/x86_64-gcc.c +++ /dev/null @@ -1,597 +0,0 @@ -#ifdef __SUNPRO_C -# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */ -#else -/* - * x86_64 BIGNUM accelerator version 0.1, December 2002. - * - * Implemented by Andy Polyakov for the OpenSSL - * project. - * - * Rights for redistribution and usage in source and binary forms are - * granted according to the OpenSSL license. Warranty of any kind is - * disclaimed. - * - * Q. Version 0.1? It doesn't sound like Andy, he used to assign real - * versions, like 1.0... - * A. Well, that's because this code is basically a quick-n-dirty - * proof-of-concept hack. As you can see it's implemented with - * inline assembler, which means that you're bound to GCC and that - * there might be enough room for further improvement. - * - * Q. Why inline assembler? - * A. x86_64 features own ABI which I'm not familiar with. This is - * why I decided to let the compiler take care of subroutine - * prologue/epilogue as well as register allocation. For reference. - * Win64 implements different ABI for AMD64, different from Linux. - * - * Q. How much faster does it get? - * A. 'apps/openssl speed rsa dsa' output with no-asm: - * - * sign verify sign/s verify/s - * rsa 512 bits 0.0006s 0.0001s 1683.8 18456.2 - * rsa 1024 bits 0.0028s 0.0002s 356.0 6407.0 - * rsa 2048 bits 0.0172s 0.0005s 58.0 1957.8 - * rsa 4096 bits 0.1155s 0.0018s 8.7 555.6 - * sign verify sign/s verify/s - * dsa 512 bits 0.0005s 0.0006s 2100.8 1768.3 - * dsa 1024 bits 0.0014s 0.0018s 692.3 559.2 - * dsa 2048 bits 0.0049s 0.0061s 204.7 165.0 - * - * 'apps/openssl speed rsa dsa' output with this module: - * - * sign verify sign/s verify/s - * rsa 512 bits 0.0004s 0.0000s 2767.1 33297.9 - * rsa 1024 bits 0.0012s 0.0001s 867.4 14674.7 - * rsa 2048 bits 0.0061s 0.0002s 164.0 5270.0 - * rsa 4096 bits 0.0384s 0.0006s 26.1 1650.8 - * sign verify sign/s verify/s - * dsa 512 bits 0.0002s 0.0003s 4442.2 3786.3 - * dsa 1024 bits 0.0005s 0.0007s 1835.1 1497.4 - * dsa 2048 bits 0.0016s 0.0020s 620.4 504.6 - * - * For the reference. IA-32 assembler implementation performs - * very much like 64-bit code compiled with no-asm on the same - * machine. - */ - -#define BN_ULONG unsigned long - -/* - * "m"(a), "+m"(r) is the way to favor DirectPath µ-code; - * "g"(0) let the compiler to decide where does it - * want to keep the value of zero; - */ -#define mul_add(r,a,word,carry) do { \ - register BN_ULONG high,low; \ - asm ("mulq %3" \ - : "=a"(low),"=d"(high) \ - : "a"(word),"m"(a) \ - : "cc"); \ - asm ("addq %2,%0; adcq %3,%1" \ - : "+r"(carry),"+d"(high)\ - : "a"(low),"g"(0) \ - : "cc"); \ - asm ("addq %2,%0; adcq %3,%1" \ - : "+m"(r),"+d"(high) \ - : "r"(carry),"g"(0) \ - : "cc"); \ - carry=high; \ - } while (0) - -#define mul(r,a,word,carry) do { \ - register BN_ULONG high,low; \ - asm ("mulq %3" \ - : "=a"(low),"=d"(high) \ - : "a"(word),"g"(a) \ - : "cc"); \ - asm ("addq %2,%0; adcq %3,%1" \ - : "+r"(carry),"+d"(high)\ - : "a"(low),"g"(0) \ - : "cc"); \ - (r)=carry, carry=high; \ - } while (0) - -#define sqr(r0,r1,a) \ - asm ("mulq %2" \ - : "=a"(r0),"=d"(r1) \ - : "a"(a) \ - : "cc"); - -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG c1=0; - - if (num <= 0) return(c1); - - while (num&~3) - { - mul_add(rp[0],ap[0],w,c1); - mul_add(rp[1],ap[1],w,c1); - mul_add(rp[2],ap[2],w,c1); - mul_add(rp[3],ap[3],w,c1); - ap+=4; rp+=4; num-=4; - } - if (num) - { - mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1; - mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1; - mul_add(rp[2],ap[2],w,c1); return c1; - } - - return(c1); - } - -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG c1=0; - - if (num <= 0) return(c1); - - while (num&~3) - { - mul(rp[0],ap[0],w,c1); - mul(rp[1],ap[1],w,c1); - mul(rp[2],ap[2],w,c1); - mul(rp[3],ap[3],w,c1); - ap+=4; rp+=4; num-=4; - } - if (num) - { - mul(rp[0],ap[0],w,c1); if (--num == 0) return c1; - mul(rp[1],ap[1],w,c1); if (--num == 0) return c1; - mul(rp[2],ap[2],w,c1); - } - return(c1); - } - -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) - { - if (n <= 0) return; - - while (n&~3) - { - sqr(r[0],r[1],a[0]); - sqr(r[2],r[3],a[1]); - sqr(r[4],r[5],a[2]); - sqr(r[6],r[7],a[3]); - a+=4; r+=8; n-=4; - } - if (n) - { - sqr(r[0],r[1],a[0]); if (--n == 0) return; - sqr(r[2],r[3],a[1]); if (--n == 0) return; - sqr(r[4],r[5],a[2]); - } - } - -BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) -{ BN_ULONG ret,waste; - - asm ("divq %4" - : "=a"(ret),"=d"(waste) - : "a"(l),"d"(h),"g"(d) - : "cc"); - - return ret; -} - -BN_ULONG bn_add_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n) -{ BN_ULONG ret=0,i=0; - - if (n <= 0) return 0; - - asm ( - " subq %2,%2 \n" - ".align 16 \n" - "1: movq (%4,%2,8),%0 \n" - " adcq (%5,%2,8),%0 \n" - " movq %0,(%3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" - : "=&a"(ret),"+c"(n),"=&r"(i) - : "r"(rp),"r"(ap),"r"(bp) - : "cc" - ); - - return ret&1; -} - -#ifndef SIMICS -BN_ULONG bn_sub_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n) -{ BN_ULONG ret=0,i=0; - - if (n <= 0) return 0; - - asm ( - " subq %2,%2 \n" - ".align 16 \n" - "1: movq (%4,%2,8),%0 \n" - " sbbq (%5,%2,8),%0 \n" - " movq %0,(%3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" - : "=&a"(ret),"+c"(n),"=&r"(i) - : "r"(rp),"r"(ap),"r"(bp) - : "cc" - ); - - return ret&1; -} -#else -/* Simics 1.4<7 has buggy sbbq:-( */ -#define BN_MASK2 0xffffffffffffffffL -BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) - { - BN_ULONG t1,t2; - int c=0; - - if (n <= 0) return((BN_ULONG)0); - - for (;;) - { - t1=a[0]; t2=b[0]; - r[0]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[1]; t2=b[1]; - r[1]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[2]; t2=b[2]; - r[2]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[3]; t2=b[3]; - r[3]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; - } - return(c); - } -#endif - -/* mul_add_c(a,b,c0,c1,c2) -- c+=a*b for three word number c=(c2,c1,c0) */ -/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */ -/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */ -/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */ - -#if 0 -/* original macros are kept for reference purposes */ -#define mul_add_c(a,b,c0,c1,c2) { \ - BN_ULONG ta=(a),tb=(b); \ - t1 = ta * tb; \ - t2 = BN_UMULT_HIGH(ta,tb); \ - c0 += t1; t2 += (c0=0)?((from)[m]):0; #define bn_64_set_0(to, n) (to)[n] = (BN_ULONG)0; -/* TBD */ -#define bn_cp_32(to, n, from, m) (to)[n] = (m>=0)?((from)[m]):0; -#define bn_32_set_0(to, n) (to)[n] = (BN_ULONG)0; +/* + * two following macros are implemented under assumption that they + * are called in a sequence with *ascending* n, i.e. as they are... + */ +#define bn_cp_32_naked(to, n, from, m) (((n)&1)?(to[(n)/2]|=((m)&1)?(from[(m)/2]&BN_MASK2h):(from[(m)/2]<<32))\ + :(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l))) +#define bn_32_set_0(to, n) (((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0)); +#define bn_cp_32(to,n,from,m) ((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n) #else #define bn_cp_64(to, n, from, m) \ { \ @@ -221,9 +339,9 @@ static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top) #define nist_set_192(to, from, a1, a2, a3) \ { \ - if (a3 != 0) bn_cp_64(to, 0, from, (a3) - 3) else bn_64_set_0(to, 0)\ + bn_cp_64(to, 0, from, (a3) - 3) \ bn_cp_64(to, 1, from, (a2) - 3) \ - if (a1 != 0) bn_cp_64(to, 2, from, (a1) - 3) else bn_64_set_0(to, 2)\ + bn_cp_64(to, 2, from, (a1) - 3) \ } int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, @@ -237,11 +355,16 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, c_d[BN_NIST_192_TOP], *res; size_t mask; + static const BIGNUM _bignum_nist_p_192_sqr = { + (BN_ULONG *)_nist_p_192_sqr, + sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), + sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]), + 0,BN_FLG_STATIC_DATA }; field = &_bignum_nist_p_192; /* just to make sure */ - if (BN_is_negative(a) || a->top > 2*BN_NIST_192_TOP) - return BN_nnmod(r, field, a, ctx); + if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_192_sqr)>=0) + return BN_nnmod(r, a, field, ctx); i = BN_ucmp(field, a); if (i == 0) @@ -265,50 +388,49 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP); nist_set_192(t_d, buf, 0, 3, 3); - carry = bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192,BN_NIST_192_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP); nist_set_192(t_d, buf, 4, 4, 0); - carry = bn_add_words(r_d, res, t_d, BN_NIST_192_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192,BN_NIST_192_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP); nist_set_192(t_d, buf, 5, 5, 5) - carry = bn_add_words(r_d, res, t_d, BN_NIST_192_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192,BN_NIST_192_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP); + if (carry > 0) + carry = (int)bn_sub_words(r_d,r_d,_nist_p_192[carry-1],BN_NIST_192_TOP); + else + carry = 1; + + /* + * we need 'if (carry==0 || result>=modulus) result-=modulus;' + * as comparison implies subtraction, we can write + * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;' + * this is what happens below, but without explicit if:-) a. + */ + mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP); + mask &= 0-(size_t)carry; + res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); nist_cp_bn(r_d, res, BN_NIST_192_TOP); r->top = BN_NIST_192_TOP; bn_correct_top(r); - if (BN_ucmp(field, r) <= 0) - { - if (!BN_usub(r, r, field)) return 0; - } - return 1; } +typedef BN_ULONG (*bn_addsub_f)(BN_ULONG *,const BN_ULONG *,const BN_ULONG *,int); + #define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \ { \ - if (a7 != 0) bn_cp_32(to, 0, from, (a7) - 7) else bn_32_set_0(to, 0)\ - if (a6 != 0) bn_cp_32(to, 1, from, (a6) - 7) else bn_32_set_0(to, 1)\ - if (a5 != 0) bn_cp_32(to, 2, from, (a5) - 7) else bn_32_set_0(to, 2)\ - if (a4 != 0) bn_cp_32(to, 3, from, (a4) - 7) else bn_32_set_0(to, 3)\ - if (a3 != 0) bn_cp_32(to, 4, from, (a3) - 7) else bn_32_set_0(to, 4)\ - if (a2 != 0) bn_cp_32(to, 5, from, (a2) - 7) else bn_32_set_0(to, 5)\ - if (a1 != 0) bn_cp_32(to, 6, from, (a1) - 7) else bn_32_set_0(to, 6)\ + bn_cp_32(to, 0, from, (a7) - 7) \ + bn_cp_32(to, 1, from, (a6) - 7) \ + bn_cp_32(to, 2, from, (a5) - 7) \ + bn_cp_32(to, 3, from, (a4) - 7) \ + bn_cp_32(to, 4, from, (a3) - 7) \ + bn_cp_32(to, 5, from, (a2) - 7) \ + bn_cp_32(to, 6, from, (a1) - 7) \ } int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx) { -#if BN_BITS2 == 32 int top = a->top, i; int carry; BN_ULONG *r_d, *a_d = a->d; @@ -317,11 +439,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, c_d[BN_NIST_224_TOP], *res; size_t mask; + union { bn_addsub_f f; size_t p; } u; + static const BIGNUM _bignum_nist_p_224_sqr = { + (BN_ULONG *)_nist_p_224_sqr, + sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), + sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]), + 0,BN_FLG_STATIC_DATA }; + field = &_bignum_nist_p_224; /* just to make sure */ - if (BN_is_negative(a) || a->top > 2*BN_NIST_224_TOP) - return BN_nnmod(r, field, a, ctx); + if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_224_sqr)>=0) + return BN_nnmod(r, a, field, ctx); i = BN_ucmp(field, a); if (i == 0) @@ -342,72 +471,77 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, else r_d = a_d; +#if BN_BITS2==64 + /* copy upper 256 bits of 448 bit number ... */ + nist_cp_bn_0(t_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP); + /* ... and right shift by 32 to obtain upper 224 bits */ + nist_set_224(buf, t_d, 14, 13, 12, 11, 10, 9, 8); + /* truncate lower part to 224 bits too */ + r_d[BN_NIST_224_TOP-1] &= BN_MASK2l; +#else nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP); - +#endif nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0); - carry = bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_224,BN_NIST_224_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP); nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0); - carry = bn_add_words(r_d, res, t_d, BN_NIST_224_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_224,BN_NIST_224_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP); nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_224_TOP); - bn_add_words(c_d,r_d,_nist_p_224,BN_NIST_224_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, res, t_d, BN_NIST_224_TOP)) - bn_add_words(r_d,r_d,_nist_p_224,BN_NIST_224_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP); nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_224_TOP); - bn_add_words(c_d,r_d,_nist_p_224,BN_NIST_224_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP); - nist_cp_bn(r_d, res, BN_NIST_224_TOP); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP)) - bn_add_words(r_d,r_d,_nist_p_224,BN_NIST_224_TOP); +#if BN_BITS2==64 + carry = (int)(r_d[BN_NIST_224_TOP-1]>>32); #endif - r->top = BN_NIST_224_TOP; - bn_correct_top(r); - - if (BN_ucmp(field, r) <= 0) + u.f = bn_sub_words; + if (carry > 0) { - if (!BN_usub(r, r, field)) return 0; + carry = (int)bn_sub_words(r_d,r_d,_nist_p_224[carry-1],BN_NIST_224_TOP); +#if BN_BITS2==64 + carry=(int)(~(r_d[BN_NIST_224_TOP-1]>>32))&1; +#endif } + else if (carry < 0) + { + /* it's a bit more comlicated logic in this case. + * if bn_add_words yields no carry, then result + * has to be adjusted by unconditionally *adding* + * the modulus. but if it does, then result has + * to be compared to the modulus and conditionally + * adjusted by *subtracting* the latter. */ + carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_224_TOP); + mask = 0-(size_t)carry; + u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); + } + else + carry = 1; + + /* otherwise it's effectively same as in BN_nist_mod_192... */ + mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP); + mask &= 0-(size_t)carry; + res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); + nist_cp_bn(r_d, res, BN_NIST_224_TOP); + r->top = BN_NIST_224_TOP; + bn_correct_top(r); return 1; -#else /* BN_BITS!=32 */ - return 0; -#endif } #define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \ { \ - if (a8 != 0) bn_cp_32(to, 0, from, (a8) - 8) else bn_32_set_0(to, 0)\ - if (a7 != 0) bn_cp_32(to, 1, from, (a7) - 8) else bn_32_set_0(to, 1)\ - if (a6 != 0) bn_cp_32(to, 2, from, (a6) - 8) else bn_32_set_0(to, 2)\ - if (a5 != 0) bn_cp_32(to, 3, from, (a5) - 8) else bn_32_set_0(to, 3)\ - if (a4 != 0) bn_cp_32(to, 4, from, (a4) - 8) else bn_32_set_0(to, 4)\ - if (a3 != 0) bn_cp_32(to, 5, from, (a3) - 8) else bn_32_set_0(to, 5)\ - if (a2 != 0) bn_cp_32(to, 6, from, (a2) - 8) else bn_32_set_0(to, 6)\ - if (a1 != 0) bn_cp_32(to, 7, from, (a1) - 8) else bn_32_set_0(to, 7)\ + bn_cp_32(to, 0, from, (a8) - 8) \ + bn_cp_32(to, 1, from, (a7) - 8) \ + bn_cp_32(to, 2, from, (a6) - 8) \ + bn_cp_32(to, 3, from, (a5) - 8) \ + bn_cp_32(to, 4, from, (a4) - 8) \ + bn_cp_32(to, 5, from, (a3) - 8) \ + bn_cp_32(to, 6, from, (a2) - 8) \ + bn_cp_32(to, 7, from, (a1) - 8) \ } int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx) { -#if BN_BITS2 == 32 int i, top = a->top; int carry = 0; register BN_ULONG *a_d = a->d, *r_d; @@ -416,11 +550,17 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, c_d[BN_NIST_256_TOP], *res; size_t mask; + union { bn_addsub_f f; size_t p; } u; + static const BIGNUM _bignum_nist_p_256_sqr = { + (BN_ULONG *)_nist_p_256_sqr, + sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), + sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]), + 0,BN_FLG_STATIC_DATA }; field = &_bignum_nist_p_256; /* just to make sure */ - if (BN_is_negative(a) || a->top > 2*BN_NIST_256_TOP) - return BN_nnmod(r, field, a, ctx); + if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_256_sqr)>=0) + return BN_nnmod(r, a, field, ctx); i = BN_ucmp(field, a); if (i == 0) @@ -446,116 +586,84 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, /*S1*/ nist_set_256(t_d, buf, 15, 14, 13, 12, 11, 0, 0, 0); /*S2*/ - nist_set_256(c_d,buf, 0, 15, 14, 13, 12, 0, 0, 0); - carry = bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP); - mask = 0-(size_t)bn_sub_words(c_d,t_d,_nist_p_256,BN_NIST_256_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)t_d&~mask)); - - carry = bn_add_words(t_d, res, res, BN_NIST_256_TOP); - mask = 0-(size_t)bn_sub_words(c_d,t_d,_nist_p_256,BN_NIST_256_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)t_d&~mask)); - - carry = bn_add_words(r_d, r_d, res, BN_NIST_256_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + nist_set_256(c_d, buf, 0, 15, 14, 13, 12, 0, 0, 0); + carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP); + /* left shift */ + { + register BN_ULONG *ap,t,c; + ap = t_d; + c=0; + for (i = BN_NIST_256_TOP; i != 0; --i) + { + t= *ap; + *(ap++)=((t<<1)|c)&BN_MASK2; + c=(t & BN_TBIT)?1:0; + } + carry <<= 1; + carry |= c; + } + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*S3*/ nist_set_256(t_d, buf, 15, 14, 0, 0, 0, 10, 9, 8); - carry = bn_add_words(r_d, res, t_d, BN_NIST_256_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*S4*/ nist_set_256(t_d, buf, 8, 13, 15, 14, 13, 11, 10, 9); - carry = bn_add_words(r_d, res, t_d, BN_NIST_256_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*D1*/ nist_set_256(t_d, buf, 10, 8, 0, 0, 0, 13, 12, 11); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_256_TOP); - bn_add_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, res, t_d, BN_NIST_256_TOP)) - bn_add_words(r_d,r_d,_nist_p_256,BN_NIST_256_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*D2*/ nist_set_256(t_d, buf, 11, 9, 0, 0, 15, 14, 13, 12); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_256_TOP); - bn_add_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP)) - bn_add_words(r_d,r_d,_nist_p_256,BN_NIST_256_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*D3*/ nist_set_256(t_d, buf, 12, 0, 10, 9, 8, 15, 14, 13); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_256_TOP); - bn_add_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP)) - bn_add_words(r_d,r_d,_nist_p_256,BN_NIST_256_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); /*D4*/ nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_256_TOP); - bn_add_words(c_d,r_d,_nist_p_256,BN_NIST_256_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - - nist_cp_bn(r_d, res, BN_NIST_384_TOP); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP)) - bn_add_words(r_d,r_d,_nist_p_256,BN_NIST_256_TOP); -#endif - r->top = BN_NIST_256_TOP; - bn_correct_top(r); + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP); - if (BN_ucmp(field, r) <= 0) + /* see BN_nist_mod_224 for explanation */ + u.f = bn_sub_words; + if (carry > 0) + carry = (int)bn_sub_words(r_d,r_d,_nist_p_256[carry-1],BN_NIST_256_TOP); + else if (carry < 0) { - if (!BN_usub(r, r, field)) return 0; + carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_256_TOP); + mask = 0-(size_t)carry; + u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); } + else + carry = 1; + + mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP); + mask &= 0-(size_t)carry; + res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); + nist_cp_bn(r_d, res, BN_NIST_256_TOP); + r->top = BN_NIST_256_TOP; + bn_correct_top(r); return 1; -#else /* BN_BITS!=32 */ - return 0; -#endif } #define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \ { \ - if (a12 != 0) bn_cp_32(to, 0, from, (a12) - 12) else bn_32_set_0(to, 0)\ - if (a11 != 0) bn_cp_32(to, 1, from, (a11) - 12) else bn_32_set_0(to, 1)\ - if (a10 != 0) bn_cp_32(to, 2, from, (a10) - 12) else bn_32_set_0(to, 2)\ - if (a9 != 0) bn_cp_32(to, 3, from, (a9) - 12) else bn_32_set_0(to, 3)\ - if (a8 != 0) bn_cp_32(to, 4, from, (a8) - 12) else bn_32_set_0(to, 4)\ - if (a7 != 0) bn_cp_32(to, 5, from, (a7) - 12) else bn_32_set_0(to, 5)\ - if (a6 != 0) bn_cp_32(to, 6, from, (a6) - 12) else bn_32_set_0(to, 6)\ - if (a5 != 0) bn_cp_32(to, 7, from, (a5) - 12) else bn_32_set_0(to, 7)\ - if (a4 != 0) bn_cp_32(to, 8, from, (a4) - 12) else bn_32_set_0(to, 8)\ - if (a3 != 0) bn_cp_32(to, 9, from, (a3) - 12) else bn_32_set_0(to, 9)\ - if (a2 != 0) bn_cp_32(to, 10, from, (a2) - 12) else bn_32_set_0(to, 10)\ - if (a1 != 0) bn_cp_32(to, 11, from, (a1) - 12) else bn_32_set_0(to, 11)\ + bn_cp_32(to, 0, from, (a12) - 12) \ + bn_cp_32(to, 1, from, (a11) - 12) \ + bn_cp_32(to, 2, from, (a10) - 12) \ + bn_cp_32(to, 3, from, (a9) - 12) \ + bn_cp_32(to, 4, from, (a8) - 12) \ + bn_cp_32(to, 5, from, (a7) - 12) \ + bn_cp_32(to, 6, from, (a6) - 12) \ + bn_cp_32(to, 7, from, (a5) - 12) \ + bn_cp_32(to, 8, from, (a4) - 12) \ + bn_cp_32(to, 9, from, (a3) - 12) \ + bn_cp_32(to, 10, from, (a2) - 12) \ + bn_cp_32(to, 11, from, (a1) - 12) \ } int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx) { -#if BN_BITS2 == 32 int i, top = a->top; int carry = 0; register BN_ULONG *r_d, *a_d = a->d; @@ -564,11 +672,18 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, c_d[BN_NIST_384_TOP], *res; size_t mask; + union { bn_addsub_f f; size_t p; } u; + static const BIGNUM _bignum_nist_p_384_sqr = { + (BN_ULONG *)_nist_p_384_sqr, + sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), + sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]), + 0,BN_FLG_STATIC_DATA }; + field = &_bignum_nist_p_384; /* just to make sure */ - if (BN_is_negative(a) || a->top > 2*BN_NIST_384_TOP) - return BN_nnmod(r, field, a, ctx); + if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_384_sqr)>=0) + return BN_nnmod(r, a, field, ctx); i = BN_ucmp(field, a); if (i == 0) @@ -606,171 +721,116 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, } *ap=c; } - carry = bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2), + carry = (int)bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2), t_d, BN_NIST_256_TOP); - /* - * we need if (result>=modulus) subtract(result,modulus); - * in n-bit space this can be expressed as - * if (carry || result>=modulus) subtract(result,modulus); - * the catch is that comparison implies subtraction and - * therefore one can write tmp=subtract(result,modulus); - * and then if(carry || !borrow) result=tmp; this's what - * happens below, but without explicit if:-) a. - */ - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - /*S2 */ - carry = bn_add_words(r_d, res, buf, BN_NIST_384_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, buf, BN_NIST_384_TOP); /*S3*/ nist_set_384(t_d,buf,20,19,18,17,16,15,14,13,12,23,22,21); - carry = bn_add_words(r_d, res, t_d, BN_NIST_384_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*S4*/ nist_set_384(t_d,buf,19,18,17,16,15,14,13,12,20,0,23,0); - carry = bn_add_words(r_d, res, t_d, BN_NIST_384_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*S5*/ nist_set_384(t_d, buf,0,0,0,0,23,22,21,20,0,0,0,0); - carry = bn_add_words(r_d, res, t_d, BN_NIST_384_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*S6*/ nist_set_384(t_d,buf,0,0,0,0,0,0,23,22,21,0,0,20); - carry = bn_add_words(r_d, res, t_d, BN_NIST_384_TOP); - mask = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = ~mask | (0-(size_t)carry); - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); - + carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*D1*/ nist_set_384(t_d,buf,22,21,20,19,18,17,16,15,14,13,12,23); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_384_TOP); - bn_add_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, res, t_d, BN_NIST_384_TOP)) - bn_add_words(r_d,r_d,_nist_p_384,BN_NIST_384_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*D2*/ nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,22,21,20,0); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_384_TOP); - bn_add_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP)) - bn_add_words(r_d,r_d,_nist_p_384,BN_NIST_384_TOP); -#endif + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP); /*D3*/ nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,23,0,0,0); -#if BRANCH_FREE - carry = bn_sub_words(r_d, res, t_d, BN_NIST_384_TOP); - bn_add_words(c_d,r_d,_nist_p_384,BN_NIST_384_TOP); - mask = 0-(size_t)carry; - res = (BN_ULONG *)(((size_t)c_d&mask) | ((size_t)r_d&~mask)); + carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP); + /* see BN_nist_mod_224 for explanation */ + u.f = bn_sub_words; + if (carry > 0) + carry = (int)bn_sub_words(r_d,r_d,_nist_p_384[carry-1],BN_NIST_384_TOP); + else if (carry < 0) + { + carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_384_TOP); + mask = 0-(size_t)carry; + u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask); + } + else + carry = 1; + + mask = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP); + mask &= 0-(size_t)carry; + res = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask)); nist_cp_bn(r_d, res, BN_NIST_384_TOP); -#else - if (bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP)) - bn_add_words(r_d,r_d,_nist_p_384,BN_NIST_384_TOP); -#endif r->top = BN_NIST_384_TOP; bn_correct_top(r); - if (BN_ucmp(field, r) <= 0) - { - if (!BN_usub(r, r, field)) return 0; - } - return 1; -#else /* BN_BITS!=32 */ - return 0; -#endif } +#define BN_NIST_521_RSHIFT (521%BN_BITS2) +#define BN_NIST_521_LSHIFT (BN_BITS2-BN_NIST_521_RSHIFT) +#define BN_NIST_521_TOP_MASK ((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT) + int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx) { -#if BN_BITS2 == 64 -#define BN_NIST_521_TOP_MASK (BN_ULONG)0x1FF -#elif BN_BITS2 == 32 -#define BN_NIST_521_TOP_MASK (BN_ULONG)0x1FF -#endif - int top, ret = 0; - BIGNUM *tmp; + int top = a->top, i; + BN_ULONG *r_d, *a_d = a->d, + t_d[BN_NIST_521_TOP], + val,tmp,*res; + size_t mask; + static const BIGNUM _bignum_nist_p_521_sqr = { + (BN_ULONG *)_nist_p_521_sqr, + sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), + sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]), + 0,BN_FLG_STATIC_DATA }; field = &_bignum_nist_p_521; /* just to make sure */ - if (BN_is_negative(a)) - return BN_nnmod(r, field, a, ctx); + if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_521_sqr)>=0) + return BN_nnmod(r, a, field, ctx); - /* check whether a reduction is necessary */ - top = a->top; - if (top < BN_NIST_521_TOP || ( top == BN_NIST_521_TOP && - (!(a->d[BN_NIST_521_TOP-1] & ~(BN_NIST_521_TOP_MASK))))) + i = BN_ucmp(field, a); + if (i == 0) { - int i = BN_ucmp(field, a); - if (i == 0) - { - BN_zero(r); - return 1; - } - else - { -#ifdef BN_DEBUG - OPENSSL_assert(i > 0); /* because 'field' is 1111...1111 */ -#endif - return (r == a)? 1 : (BN_copy(r ,a) != NULL); - } + BN_zero(r); + return 1; } + else if (i > 0) + return (r == a)? 1 : (BN_copy(r ,a) != NULL); - if (BN_num_bits(a) > 2*521) - return BN_nnmod(r, field, a, ctx); - - BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - if (!tmp) - goto err; - - if (!bn_wexpand(tmp, BN_NIST_521_TOP)) - goto err; - nist_cp_bn(tmp->d, a->d, BN_NIST_521_TOP); - - tmp->top = BN_NIST_521_TOP; - tmp->d[BN_NIST_521_TOP-1] &= BN_NIST_521_TOP_MASK; - bn_correct_top(tmp); - - if (!BN_rshift(r, a, 521)) - goto err; - - if (!BN_uadd(r, tmp, r)) - goto err; - - if (BN_ucmp(field, r) <= 0) + if (r != a) { - if (!BN_usub(r, r, field)) goto err; + if (!bn_wexpand(r,BN_NIST_521_TOP)) + return 0; + r_d = r->d; + nist_cp_bn(r_d,a_d, BN_NIST_521_TOP); } + else + r_d = a_d; - ret = 1; -err: - BN_CTX_end(ctx); + /* upper 521 bits, copy ... */ + nist_cp_bn_0(t_d,a_d + (BN_NIST_521_TOP-1), top - (BN_NIST_521_TOP-1),BN_NIST_521_TOP); + /* ... and right shift */ + for (val=t_d[0],i=0; i>BN_NIST_521_RSHIFT; + val = t_d[i+1]; + t_d[i] = (tmp | val<>BN_NIST_521_RSHIFT; + /* lower 521 bits */ + r_d[i] &= BN_NIST_521_TOP_MASK; + + bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP); + mask = 0-(size_t)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP); + res = (BN_ULONG *)(((size_t)t_d&~mask) | ((size_t)r_d&mask)); + nist_cp_bn(r_d,res,BN_NIST_521_TOP); + r->top = BN_NIST_521_TOP; + bn_correct_top(r); - bn_check_top(r); - return ret; + return 1; } diff --git a/crypto/openssl/crypto/sha/sha1_one.c b/crypto/openssl/crypto/bn/bn_opt.c similarity index 85% copy from crypto/openssl/crypto/sha/sha1_one.c copy to crypto/openssl/crypto/bn/bn_opt.c index 7c65b60276..21cbb38f62 100644 --- a/crypto/openssl/crypto/sha/sha1_one.c +++ b/crypto/openssl/crypto/bn/bn_opt.c @@ -1,4 +1,4 @@ -/* crypto/sha/sha1_one.c */ +/* crypto/bn/bn_opt.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,23 +56,32 @@ * [including the GNU Public Licence.] */ +#ifndef BN_DEBUG +# undef NDEBUG /* avoid conflicting definitions */ +# define NDEBUG +#endif + +#include +#include #include -#include -#include -#include +#include "cryptlib.h" +#include "bn_lcl.h" -#ifndef OPENSSL_NO_SHA1 -unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) +char *BN_options(void) { - SHA_CTX c; - static unsigned char m[SHA_DIGEST_LENGTH]; + static int init=0; + static char data[16]; - if (md == NULL) md=m; - if (!SHA1_Init(&c)) - return NULL; - SHA1_Update(&c,d,n); - SHA1_Final(md,&c); - OPENSSL_cleanse(&c,sizeof(c)); - return(md); - } + if (!init) + { + init++; +#ifdef BN_LLONG + BIO_snprintf(data,sizeof data,"bn(%d,%d)", + (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8); +#else + BIO_snprintf(data,sizeof data,"bn(%d,%d)", + (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8); #endif + } + return(data); + } diff --git a/crypto/openssl/crypto/bn/bn_rand.c b/crypto/openssl/crypto/bn/bn_rand.c index f51830b12b..b376c28ff3 100644 --- a/crypto/openssl/crypto/bn/bn_rand.c +++ b/crypto/openssl/crypto/bn/bn_rand.c @@ -227,7 +227,7 @@ int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom) /* random number r: 0 <= r < range */ -static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) +static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range) { int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; int n; @@ -294,12 +294,12 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) } -int BN_rand_range(BIGNUM *r, BIGNUM *range) +int BN_rand_range(BIGNUM *r, const BIGNUM *range) { return bn_rand_range(0, r, range); } -int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range) +int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) { return bn_rand_range(1, r, range); } diff --git a/crypto/openssl/crypto/bn/bn_shift.c b/crypto/openssl/crypto/bn/bn_shift.c index de9312dce2..c4d301afc4 100644 --- a/crypto/openssl/crypto/bn/bn_shift.c +++ b/crypto/openssl/crypto/bn/bn_shift.c @@ -177,7 +177,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) nw=n/BN_BITS2; rb=n%BN_BITS2; lb=BN_BITS2-rb; - if (nw > a->top || a->top == 0) + if (nw >= a->top || a->top == 0) { BN_zero(r); return(1); diff --git a/crypto/openssl/crypto/bn/bn_x931p.c b/crypto/openssl/crypto/bn/bn_x931p.c new file mode 100644 index 0000000000..04c5c874ec --- /dev/null +++ b/crypto/openssl/crypto/bn/bn_x931p.c @@ -0,0 +1,272 @@ +/* bn_x931p.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include + +/* X9.31 routines for prime derivation */ + +/* X9.31 prime derivation. This is used to generate the primes pi + * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd + * integers. + */ + +static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, + BN_GENCB *cb) + { + int i = 0; + if (!BN_copy(pi, Xpi)) + return 0; + if (!BN_is_odd(pi) && !BN_add_word(pi, 1)) + return 0; + for(;;) + { + i++; + BN_GENCB_call(cb, 0, i); + /* NB 27 MR is specificed in X9.31 */ + if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb)) + break; + if (!BN_add_word(pi, 2)) + return 0; + } + BN_GENCB_call(cb, 2, i); + return 1; + } + +/* This is the main X9.31 prime derivation function. From parameters + * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are + * not NULL they will be returned too: this is needed for testing. + */ + +int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, + const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) + { + int ret = 0; + + BIGNUM *t, *p1p2, *pm1; + + /* Only even e supported */ + if (!BN_is_odd(e)) + return 0; + + BN_CTX_start(ctx); + if (!p1) + p1 = BN_CTX_get(ctx); + + if (!p2) + p2 = BN_CTX_get(ctx); + + t = BN_CTX_get(ctx); + + p1p2 = BN_CTX_get(ctx); + + pm1 = BN_CTX_get(ctx); + + if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) + goto err; + + if (!bn_x931_derive_pi(p2, Xp2, ctx, cb)) + goto err; + + if (!BN_mul(p1p2, p1, p2, ctx)) + goto err; + + /* First set p to value of Rp */ + + if (!BN_mod_inverse(p, p2, p1, ctx)) + goto err; + + if (!BN_mul(p, p, p2, ctx)) + goto err; + + if (!BN_mod_inverse(t, p1, p2, ctx)) + goto err; + + if (!BN_mul(t, t, p1, ctx)) + goto err; + + if (!BN_sub(p, p, t)) + goto err; + + if (p->neg && !BN_add(p, p, p1p2)) + goto err; + + /* p now equals Rp */ + + if (!BN_mod_sub(p, p, Xp, p1p2, ctx)) + goto err; + + if (!BN_add(p, p, Xp)) + goto err; + + /* p now equals Yp0 */ + + for (;;) + { + int i = 1; + BN_GENCB_call(cb, 0, i++); + if (!BN_copy(pm1, p)) + goto err; + if (!BN_sub_word(pm1, 1)) + goto err; + if (!BN_gcd(t, pm1, e, ctx)) + goto err; + if (BN_is_one(t) + /* X9.31 specifies 8 MR and 1 Lucas test or any prime test + * offering similar or better guarantees 50 MR is considerably + * better. + */ + && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb)) + break; + if (!BN_add(p, p, p1p2)) + goto err; + } + + BN_GENCB_call(cb, 3, 0); + + ret = 1; + + err: + + BN_CTX_end(ctx); + + return ret; + } + +/* Generate pair of paramters Xp, Xq for X9.31 prime generation. + * Note: nbits paramter is sum of number of bits in both. + */ + +int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) + { + BIGNUM *t; + int i; + /* Number of bits for each prime is of the form + * 512+128s for s = 0, 1, ... + */ + if ((nbits < 1024) || (nbits & 0xff)) + return 0; + nbits >>= 1; + /* The random value Xp must be between sqrt(2) * 2^(nbits-1) and + * 2^nbits - 1. By setting the top two bits we ensure that the lower + * bound is exceeded. + */ + if (!BN_rand(Xp, nbits, 1, 0)) + return 0; + + BN_CTX_start(ctx); + t = BN_CTX_get(ctx); + + for (i = 0; i < 1000; i++) + { + if (!BN_rand(Xq, nbits, 1, 0)) + return 0; + /* Check that |Xp - Xq| > 2^(nbits - 100) */ + BN_sub(t, Xp, Xq); + if (BN_num_bits(t) > (nbits - 100)) + break; + } + + BN_CTX_end(ctx); + + if (i < 1000) + return 1; + + return 0; + + } + +/* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 + * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL + * the relevant parameter will be stored in it. + * + * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq + * are generated using the previous function and supplied as input. + */ + +int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + BIGNUM *Xp1, BIGNUM *Xp2, + const BIGNUM *Xp, + const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb) + { + int ret = 0; + + BN_CTX_start(ctx); + if (!Xp1) + Xp1 = BN_CTX_get(ctx); + if (!Xp2) + Xp2 = BN_CTX_get(ctx); + + if (!BN_rand(Xp1, 101, 0, 0)) + goto error; + if (!BN_rand(Xp2, 101, 0, 0)) + goto error; + if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb)) + goto error; + + ret = 1; + + error: + BN_CTX_end(ctx); + + return ret; + + } + diff --git a/crypto/openssl/crypto/conf/conf_mall.c b/crypto/openssl/crypto/buffer/buf_str.c similarity index 70% copy from crypto/openssl/crypto/conf/conf_mall.c copy to crypto/openssl/crypto/buffer/buf_str.c index 4ba40cf44c..28dd1e401e 100644 --- a/crypto/openssl/crypto/conf/conf_mall.c +++ b/crypto/openssl/crypto/buffer/buf_str.c @@ -1,9 +1,6 @@ -/* conf_mall.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL - * project 2001. - */ +/* crypto/buffer/buf_str.c */ /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -57,24 +54,63 @@ */ #include -#include #include "cryptlib.h" -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif +#include + +char *BUF_strdup(const char *str) + { + if (str == NULL) return(NULL); + return BUF_strndup(str, strlen(str)); + } + +char *BUF_strndup(const char *str, size_t siz) + { + char *ret; + + if (str == NULL) return(NULL); -/* Load all OpenSSL builtin modules */ + ret=OPENSSL_malloc(siz+1); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + BUF_strlcpy(ret,str,siz+1); + return(ret); + } -void OPENSSL_load_builtin_modules(void) +void *BUF_memdup(const void *data, size_t siz) { - /* Add builtin modules here */ - ASN1_add_oid_module(); -#ifndef OPENSSL_NO_ENGINE - ENGINE_add_conf_module(); -#endif + void *ret; + + if (data == NULL) return(NULL); + + ret=OPENSSL_malloc(siz); + if (ret == NULL) + { + BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); + return(NULL); + } + return memcpy(ret, data, siz); + } + +size_t BUF_strlcpy(char *dst, const char *src, size_t size) + { + size_t l = 0; + for(; size > 1 && *src; size--) + { + *dst++ = *src++; + l++; + } + if (size) + *dst = '\0'; + return l + strlen(src); } +size_t BUF_strlcat(char *dst, const char *src, size_t size) + { + size_t l = 0; + for(; size > 0 && *dst; size--, dst++) + l++; + return l + BUF_strlcpy(dst, src, size); + } diff --git a/crypto/openssl/crypto/buffer/buffer.c b/crypto/openssl/crypto/buffer/buffer.c index 3bf03c7eff..b3e947771d 100644 --- a/crypto/openssl/crypto/buffer/buffer.c +++ b/crypto/openssl/crypto/buffer/buffer.c @@ -161,61 +161,3 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) } return(len); } - -char *BUF_strdup(const char *str) - { - if (str == NULL) return(NULL); - return BUF_strndup(str, strlen(str)); - } - -char *BUF_strndup(const char *str, size_t siz) - { - char *ret; - - if (str == NULL) return(NULL); - - ret=OPENSSL_malloc(siz+1); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); - return(NULL); - } - BUF_strlcpy(ret,str,siz+1); - return(ret); - } - -void *BUF_memdup(const void *data, size_t siz) - { - void *ret; - - if (data == NULL) return(NULL); - - ret=OPENSSL_malloc(siz); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); - return(NULL); - } - return memcpy(ret, data, siz); - } - -size_t BUF_strlcpy(char *dst, const char *src, size_t size) - { - size_t l = 0; - for(; size > 1 && *src; size--) - { - *dst++ = *src++; - l++; - } - if (size) - *dst = '\0'; - return l + strlen(src); - } - -size_t BUF_strlcat(char *dst, const char *src, size_t size) - { - size_t l = 0; - for(; size > 0 && *dst; size--, dst++) - l++; - return l + BUF_strlcpy(dst, src, size); - } diff --git a/crypto/openssl/crypto/camellia/camellia.h b/crypto/openssl/crypto/camellia/camellia.h index 3c8a359543..b8a8b6e10b 100644 --- a/crypto/openssl/crypto/camellia/camellia.h +++ b/crypto/openssl/crypto/camellia/camellia.h @@ -87,6 +87,11 @@ struct camellia_key_st typedef struct camellia_key_st CAMELLIA_KEY; +#ifdef OPENSSL_FIPS +int private_Camellia_set_key(const unsigned char *userKey, const int bits, + CAMELLIA_KEY *key); +#endif + int Camellia_set_key(const unsigned char *userKey, const int bits, CAMELLIA_KEY *key); diff --git a/crypto/openssl/crypto/camellia/cmll_misc.c b/crypto/openssl/crypto/camellia/cmll_misc.c index f1047b54e0..2cd7aba9bb 100644 --- a/crypto/openssl/crypto/camellia/cmll_misc.c +++ b/crypto/openssl/crypto/camellia/cmll_misc.c @@ -52,11 +52,24 @@ #include #include #include "cmll_locl.h" +#include +#ifdef OPENSSL_FIPS +#include +#endif const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT; int Camellia_set_key(const unsigned char *userKey, const int bits, CAMELLIA_KEY *key) +#ifdef OPENSSL_FIPS + { + if (FIPS_mode()) + FIPS_BAD_ABORT(CAMELLIA) + return private_Camellia_set_key(userKey, bits, key); + } +int private_Camellia_set_key(const unsigned char *userKey, const int bits, + CAMELLIA_KEY *key) +#endif { if (!userKey || !key) { diff --git a/crypto/openssl/crypto/cast/asm/cast-586.pl b/crypto/openssl/crypto/cast/asm/cast-586.pl deleted file mode 100644 index 6be0bfe572..0000000000 --- a/crypto/openssl/crypto/cast/asm/cast-586.pl +++ /dev/null @@ -1,176 +0,0 @@ -#!/usr/local/bin/perl - -# define for pentium pro friendly version -$ppro=1; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386"); - -$CAST_ROUNDS=16; -$L="edi"; -$R="esi"; -$K="ebp"; -$tmp1="ecx"; -$tmp2="ebx"; -$tmp3="eax"; -$tmp4="edx"; -$S1="CAST_S_table0"; -$S2="CAST_S_table1"; -$S3="CAST_S_table2"; -$S4="CAST_S_table3"; - -@F1=("add","xor","sub"); -@F2=("xor","sub","add"); -@F3=("sub","add","xor"); - -&CAST_encrypt("CAST_encrypt",1); -&CAST_encrypt("CAST_decrypt",0); -&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1); - -&asm_finish(); - -sub CAST_encrypt { - local($name,$enc)=@_; - - local($win_ex)=<<"EOF"; -EXTERN _CAST_S_table0:DWORD -EXTERN _CAST_S_table1:DWORD -EXTERN _CAST_S_table2:DWORD -EXTERN _CAST_S_table3:DWORD -EOF - &main::external_label( - "CAST_S_table0", - "CAST_S_table1", - "CAST_S_table2", - "CAST_S_table3", - ); - - &function_begin_B($name,$win_ex); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov($tmp2,&wparam(0)); - &mov($K,&wparam(1)); - &push("esi"); - &push("edi"); - - &comment("Load the 2 words"); - &mov($L,&DWP(0,$tmp2,"",0)); - &mov($R,&DWP(4,$tmp2,"",0)); - - &comment('Get short key flag'); - &mov($tmp3,&DWP(128,$K,"",0)); - if($enc) { - &push($tmp3); - } else { - &or($tmp3,$tmp3); - &jnz(&label('cast_dec_skip')); - } - - &xor($tmp3, $tmp3); - - # encrypting part - - if ($enc) { - &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &comment('test short key flag'); - &pop($tmp4); - &or($tmp4,$tmp4); - &jnz(&label('cast_enc_done')); - &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - } else { - &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &set_label('cast_dec_skip'); - &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - } - - &set_label('cast_enc_done') if $enc; -# Why the nop? - Ben 17/1/99 - &nop(); - &mov($tmp3,&wparam(0)); - &mov(&DWP(4,$tmp3,"",0),$L); - &mov(&DWP(0,$tmp3,"",0),$R); - &function_end($name); -} - -sub E_CAST { - local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_; - # Ri needs to have 16 pre added. - - &comment("round $i"); - &mov( $tmp4, &DWP($i*8,$K,"",1)); - - &mov( $tmp1, &DWP($i*8+4,$K,"",1)); - &$OP1( $tmp4, $R); - - &rotl( $tmp4, &LB($tmp1)); - - if ($ppro) { - &mov( $tmp2, $tmp4); # B - &xor( $tmp1, $tmp1); - - &movb( &LB($tmp1), &HB($tmp4)); # A - &and( $tmp2, 0xff); - - &shr( $tmp4, 16); # - &xor( $tmp3, $tmp3); - } else { - &mov( $tmp2, $tmp4); # B - &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD - - &shr( $tmp4, 16); # - &and( $tmp2, 0xff); - } - - &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD - &and( $tmp4, 0xff); # D - - &mov( $tmp1, &DWP($S1,"",$tmp1,4)); - &mov( $tmp2, &DWP($S2,"",$tmp2,4)); - - &$OP2( $tmp1, $tmp2); - &mov( $tmp2, &DWP($S3,"",$tmp3,4)); - - &$OP3( $tmp1, $tmp2); - &mov( $tmp2, &DWP($S4,"",$tmp4,4)); - - &$OP1( $tmp1, $tmp2); - # XXX - - &xor( $L, $tmp1); - # XXX -} - diff --git a/crypto/openssl/crypto/cast/asm/readme b/crypto/openssl/crypto/cast/asm/readme deleted file mode 100644 index fbcd76289e..0000000000 --- a/crypto/openssl/crypto/cast/asm/readme +++ /dev/null @@ -1,7 +0,0 @@ -There is a ppro flag in cast-586 which turns on/off -generation of pentium pro/II friendly code - -This flag makes the inner loop one cycle longer, but generates -code that runs %30 faster on the pentium pro/II, while only %7 slower -on the pentium. By default, this flag is on. - diff --git a/crypto/openssl/crypto/cast/c_skey.c b/crypto/openssl/crypto/cast/c_skey.c index 76e40005c9..68e690a60c 100644 --- a/crypto/openssl/crypto/cast/c_skey.c +++ b/crypto/openssl/crypto/cast/c_skey.c @@ -57,6 +57,11 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "cast_lcl.h" #include "cast_s.h" @@ -72,7 +77,7 @@ #define S6 CAST_S_table6 #define S7 CAST_S_table7 -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) +FIPS_NON_FIPS_VCIPHER_Init(CAST) { CAST_LONG x[16]; CAST_LONG z[16]; diff --git a/crypto/openssl/crypto/cast/cast.h b/crypto/openssl/crypto/cast/cast.h index 90b45b950a..1faf5806aa 100644 --- a/crypto/openssl/crypto/cast/cast.h +++ b/crypto/openssl/crypto/cast/cast.h @@ -83,7 +83,9 @@ typedef struct cast_key_st int short_key; /* Use reduced rounds for short key */ } CAST_KEY; - +#ifdef OPENSSL_FIPS +void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); +#endif void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, int enc); diff --git a/crypto/openssl/crypto/cms/Makefile b/crypto/openssl/crypto/cms/Makefile deleted file mode 100644 index e39c310b6c..0000000000 --- a/crypto/openssl/crypto/cms/Makefile +++ /dev/null @@ -1,183 +0,0 @@ -# -# OpenSSL/crypto/cms/Makefile -# - -DIR= cms -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \ - cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c -LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \ - cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o - -SRC= $(LIBSRC) - -EXHEADER= cms.h -HEADER= cms_lcl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -test: - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -cms_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -cms_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -cms_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -cms_asn1.o: ../../include/openssl/opensslconf.h -cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -cms_asn1.o: cms.h cms_asn1.c cms_lcl.h -cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -cms_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -cms_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h -cms_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -cms_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -cms_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -cms_att.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -cms_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -cms_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -cms_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -cms_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -cms_att.o: cms.h cms_att.c cms_lcl.h -cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h -cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -cms_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -cms_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -cms_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -cms_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -cms_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cms_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -cms_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -cms_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cms_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -cms_err.o: cms_err.c -cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -cms_io.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -cms_io.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -cms_io.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -cms_io.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -cms_io.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cms_io.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -cms_io.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -cms_io.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -cms_io.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cms_io.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h -cms_io.o: cms_io.c cms_lcl.h -cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -cms_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -cms_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -cms_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h -cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h -cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h -cms_lib.o: cms_lcl.h cms_lib.c -cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h -cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h -cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -cms_sd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -cms_sd.o: ../../include/openssl/err.h ../../include/openssl/evp.h -cms_sd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -cms_sd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -cms_sd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -cms_sd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h -cms_sd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -cms_sd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -cms_sd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -cms_sd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -cms_sd.o: ../cryptlib.h cms_lcl.h cms_sd.c -cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h -cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h -cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -cms_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -cms_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h -cms_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -cms_smime.o: ../../include/openssl/objects.h -cms_smime.o: ../../include/openssl/opensslconf.h -cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -cms_smime.o: ../cryptlib.h cms_lcl.h cms_smime.c diff --git a/crypto/openssl/crypto/cms/cms_sd.c b/crypto/openssl/crypto/cms/cms_sd.c index 591bfbec33..cdac3b870d 100644 --- a/crypto/openssl/crypto/cms/cms_sd.c +++ b/crypto/openssl/crypto/cms/cms_sd.c @@ -830,7 +830,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) cms_fixup_mctx(&mctx, si->pkey); r = EVP_VerifyFinal(&mctx, si->signature->data, si->signature->length, si->pkey); - if (!r) + if (r <= 0) CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE); err: EVP_MD_CTX_cleanup(&mctx); diff --git a/crypto/openssl/crypto/cms/cms_smime.c b/crypto/openssl/crypto/cms/cms_smime.c index b35d28d411..b9463f9abb 100644 --- a/crypto/openssl/crypto/cms/cms_smime.c +++ b/crypto/openssl/crypto/cms/cms_smime.c @@ -68,7 +68,10 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags) if (out == NULL) tmpout = BIO_new(BIO_s_null()); else if (flags & CMS_TEXT) + { tmpout = BIO_new(BIO_s_mem()); + BIO_set_mem_eof_return(tmpout, 0); + } else tmpout = out; diff --git a/crypto/openssl/crypto/comp/c_zlib.c b/crypto/openssl/crypto/comp/c_zlib.c index 0f34597e70..eccfd09137 100644 --- a/crypto/openssl/crypto/comp/c_zlib.c +++ b/crypto/openssl/crypto/comp/c_zlib.c @@ -727,6 +727,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_CTRL_RESET: ctx->ocount = 0; ctx->odone = 0; + ret = 1; break; case BIO_CTRL_FLUSH: @@ -771,7 +772,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) } ctx->obufsize = obs; } - + ret = 1; break; case BIO_C_DO_STATE_MACHINE: @@ -783,7 +784,6 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) default: ret = BIO_ctrl(b->next_bio, cmd, num, ptr); break; - } return ret; diff --git a/crypto/openssl/crypto/conf/conf_mall.c b/crypto/openssl/crypto/conf/conf_mall.c index 4ba40cf44c..1cc1fd5534 100644 --- a/crypto/openssl/crypto/conf/conf_mall.c +++ b/crypto/openssl/crypto/conf/conf_mall.c @@ -1,5 +1,5 @@ /* conf_mall.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== @@ -63,6 +63,7 @@ #include #include #include +#include #ifndef OPENSSL_NO_ENGINE #include #endif @@ -76,5 +77,6 @@ void OPENSSL_load_builtin_modules(void) #ifndef OPENSSL_NO_ENGINE ENGINE_add_conf_module(); #endif + EVP_add_alg_module(); } diff --git a/crypto/openssl/crypto/conf/conf_mod.c b/crypto/openssl/crypto/conf/conf_mod.c index 628e8333a6..ee9c677d9b 100644 --- a/crypto/openssl/crypto/conf/conf_mod.c +++ b/crypto/openssl/crypto/conf/conf_mod.c @@ -1,5 +1,5 @@ /* conf_mod.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/conf/conf_sap.c b/crypto/openssl/crypto/conf/conf_sap.c index 9c53bac1a8..760dc2632d 100644 --- a/crypto/openssl/crypto/conf/conf_sap.c +++ b/crypto/openssl/crypto/conf/conf_sap.c @@ -1,5 +1,5 @@ /* conf_sap.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/cryptlib.c b/crypto/openssl/crypto/cryptlib.c index 8c68623828..8f9e88e403 100644 --- a/crypto/openssl/crypto/cryptlib.c +++ b/crypto/openssl/crypto/cryptlib.c @@ -121,275 +121,17 @@ static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ #endif -DECLARE_STACK_OF(CRYPTO_dynlock) -IMPLEMENT_STACK_OF(CRYPTO_dynlock) - -/* real #defines in crypto.h, keep these upto date */ -static const char* const lock_names[CRYPTO_NUM_LOCKS] = - { - "<>", - "err", - "ex_data", - "x509", - "x509_info", - "x509_pkey", - "x509_crl", - "x509_req", - "dsa", - "rsa", - "evp_pkey", - "x509_store", - "ssl_ctx", - "ssl_cert", - "ssl_session", - "ssl_sess_cert", - "ssl", - "ssl_method", - "rand", - "rand2", - "debug_malloc", - "BIO", - "gethostbyname", - "getservbyname", - "readdir", - "RSA_blinding", - "dh", - "debug_malloc2", - "dso", - "dynlock", - "engine", - "ui", - "ecdsa", - "ec", - "ecdh", - "bn", - "ec_pre_comp", - "store", - "comp", -#if CRYPTO_NUM_LOCKS != 39 -# error "Inconsistency between crypto.h and cryptlib.c" -#endif - }; - -/* This is for applications to allocate new type names in the non-dynamic - array of lock names. These are numbered with positive numbers. */ -static STACK *app_locks=NULL; - -/* For applications that want a more dynamic way of handling threads, the - following stack is used. These are externally numbered with negative - numbers. */ -static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; - - static void (MS_FAR *locking_callback)(int mode,int type, const char *file,int line)=NULL; static int (MS_FAR *add_lock_callback)(int *pointer,int amount, int type,const char *file,int line)=NULL; static unsigned long (MS_FAR *id_callback)(void)=NULL; -static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) - (const char *file,int line)=NULL; -static void (MS_FAR *dynlock_lock_callback)(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; -static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, - const char *file,int line)=NULL; - -int CRYPTO_get_new_lockid(char *name) - { - char *str; - int i; - -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) - /* A hack to make Visual C++ 5.0 work correctly when linking as - * a DLL using /MT. Without this, the application cannot use - * and floating point printf's. - * It also seems to be needed for Visual C 1.5 (win16) */ - SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; -#endif - - if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - if ((str=BUF_strdup(name)) == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - i=sk_push(app_locks,str); - if (!i) - OPENSSL_free(str); - else - i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ - return(i); - } int CRYPTO_num_locks(void) { return CRYPTO_NUM_LOCKS; } -int CRYPTO_get_new_dynlockid(void) - { - int i = 0; - CRYPTO_dynlock *pointer = NULL; - - if (dynlock_create_callback == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); - return(0); - } - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - if ((dyn_locks == NULL) - && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) - { - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); - if (pointer == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - pointer->references = 1; - pointer->data = dynlock_create_callback(__FILE__,__LINE__); - if (pointer->data == NULL) - { - OPENSSL_free(pointer); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - /* First, try to find an existing empty slot */ - i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); - /* If there was none, push, thereby creating a new one */ - if (i == -1) - /* Since sk_push() returns the number of items on the - stack, not the location of the pushed item, we need - to transform the returned number into a position, - by decreasing it. */ - i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; - else - /* If we found a place with a NULL pointer, put our pointer - in it. */ - (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (i == -1) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - else - i += 1; /* to avoid 0 */ - return -i; - } - -void CRYPTO_destroy_dynlockid(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - if (dynlock_destroy_callback == NULL) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) - { - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - return; - } - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer != NULL) - { - --pointer->references; -#ifdef REF_CHECK - if (pointer->references < 0) - { - fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); - abort(); - } - else -#endif - if (pointer->references <= 0) - { - (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); - } - else - pointer = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - } - -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer) - pointer->references++; - - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - return pointer->data; - return NULL; - } - -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) - (const char *file,int line) - { - return(dynlock_create_callback); - } - -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_lock_callback); - } - -void (*CRYPTO_get_dynlock_destroy_callback(void)) - (struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_destroy_callback); - } - -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) - (const char *file, int line)) - { - dynlock_create_callback=func; - } - -void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, - struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_lock_callback=func; - } - -void CRYPTO_set_dynlock_destroy_callback(void (*func) - (struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_destroy_callback=func; - } - - void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, int line) { @@ -445,6 +187,14 @@ unsigned long CRYPTO_thread_id(void) return(ret); } +static void (*do_dynlock_cb)(int mode, int type, const char *file, int line); + +void int_CRYPTO_set_do_dynlock_callback( + void (*dyn_cb)(int mode, int type, const char *file, int line)) + { + do_dynlock_cb = dyn_cb; + } + void CRYPTO_lock(int mode, int type, const char *file, int line) { #ifdef LOCK_DEBUG @@ -472,17 +222,8 @@ void CRYPTO_lock(int mode, int type, const char *file, int line) #endif if (type < 0) { - if (dynlock_lock_callback != NULL) - { - struct CRYPTO_dynlock_value *pointer - = CRYPTO_get_dynlock_value(type); - - OPENSSL_assert(pointer != NULL); - - dynlock_lock_callback(mode, pointer, file, line); - - CRYPTO_destroy_dynlockid(type); - } + if (do_dynlock_cb) + do_dynlock_cb(mode, type, file, line); } else if (locking_callback != NULL) @@ -527,21 +268,9 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, return(ret); } -const char *CRYPTO_get_lock_name(int type) - { - if (type < 0) - return("dynamic"); - else if (type < CRYPTO_NUM_LOCKS) - return(lock_names[type]); - else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) - return("ERROR"); - else - return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); - } - #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__INTEL__) || \ - defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) + defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) unsigned long OPENSSL_ia32cap_P=0; unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } @@ -577,6 +306,62 @@ void OPENSSL_cpuid_setup(void) {} #endif #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) + +#ifdef OPENSSL_FIPS + +#include +#if defined(__GNUC__) && __GNUC__>=2 +static int DllInit(void) __attribute__((constructor)); +#elif defined(_MSC_VER) +static int DllInit(void); +# ifdef _WIN64 +# pragma section(".CRT$XCU",read) + __declspec(allocate(".CRT$XCU")) +# else +# pragma data_seg(".CRT$XCU") +# endif + static int (*p)(void) = DllInit; +# pragma data_seg() +#endif + +static int DllInit(void) +{ +#if defined(_WIN32_WINNT) + union { int(*f)(void); BYTE *p; } t = { DllInit }; + HANDLE hModuleSnap = INVALID_HANDLE_VALUE; + IMAGE_DOS_HEADER *dos_header; + IMAGE_NT_HEADERS *nt_headers; + MODULEENTRY32 me32 = {sizeof(me32)}; + + hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,0); + if (hModuleSnap != INVALID_HANDLE_VALUE && + Module32First(hModuleSnap,&me32)) do + { + if (t.p >= me32.modBaseAddr && + t.p < me32.modBaseAddr+me32.modBaseSize) + { + dos_header=(IMAGE_DOS_HEADER *)me32.modBaseAddr; + if (dos_header->e_magic==IMAGE_DOS_SIGNATURE) + { + nt_headers=(IMAGE_NT_HEADERS *) + ((BYTE *)dos_header+dos_header->e_lfanew); + if (nt_headers->Signature==IMAGE_NT_SIGNATURE && + me32.modBaseAddr!=(BYTE*)nt_headers->OptionalHeader.ImageBase) + OPENSSL_NONPIC_relocated=1; + } + break; + } + } while (Module32Next(hModuleSnap,&me32)); + + if (hModuleSnap != INVALID_HANDLE_VALUE) + CloseHandle(hModuleSnap); +#endif + OPENSSL_cpuid_setup(); + return 0; +} + +#else + #ifdef __CYGWIN__ /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ #include @@ -620,6 +405,8 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, } #endif +#endif + #if defined(_WIN32) && !defined(__CYGWIN__) #include diff --git a/crypto/openssl/crypto/crypto.h b/crypto/openssl/crypto/crypto.h index fe2c1d6403..0e4fb0723c 100644 --- a/crypto/openssl/crypto/crypto.h +++ b/crypto/openssl/crypto/crypto.h @@ -219,7 +219,13 @@ typedef struct openssl_item_st #define CRYPTO_LOCK_EC_PRE_COMP 36 #define CRYPTO_LOCK_STORE 37 #define CRYPTO_LOCK_COMP 38 +#ifndef OPENSSL_FIPS #define CRYPTO_NUM_LOCKS 39 +#else +#define CRYPTO_LOCK_FIPS 39 +#define CRYPTO_LOCK_FIPS2 40 +#define CRYPTO_NUM_LOCKS 41 +#endif #define CRYPTO_LOCK 1 #define CRYPTO_UNLOCK 2 @@ -341,14 +347,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) /* Set standard debugging functions (not done by default * unless CRYPTO_MDEBUG is defined) */ -#define CRYPTO_malloc_debug_init() do {\ - CRYPTO_set_mem_debug_functions(\ - CRYPTO_dbg_malloc,\ - CRYPTO_dbg_realloc,\ - CRYPTO_dbg_free,\ - CRYPTO_dbg_set_options,\ - CRYPTO_dbg_get_options);\ - } while(0) +void CRYPTO_malloc_debug_init(void); int CRYPTO_mem_ctrl(int mode); int CRYPTO_is_mem_check_on(void); @@ -363,6 +362,7 @@ int CRYPTO_is_mem_check_on(void); #define is_MemCheck_on() CRYPTO_is_mem_check_on() #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) #define OPENSSL_realloc(addr,num) \ CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) #define OPENSSL_realloc_clean(addr,old_num,num) \ @@ -427,6 +427,9 @@ const char *CRYPTO_get_lock_name(int type); int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, int line); +void int_CRYPTO_set_do_dynlock_callback( + void (*do_dynlock_cb)(int mode, int type, const char *file, int line)); + int CRYPTO_get_new_dynlockid(void); void CRYPTO_destroy_dynlockid(int i); struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); @@ -451,6 +454,10 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), void (*f)(void *,int), void (*so)(long), long (*go)(void)); +void CRYPTO_set_mem_info_functions( + int (*push_info_fn)(const char *info, const char *file, int line), + int (*pop_info_fn)(void), + int (*remove_all_info_fn)(void)); void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int), @@ -467,6 +474,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line); void CRYPTO_free_locked(void *); void *CRYPTO_malloc(int num, const char *file, int line); +char *CRYPTO_strdup(const char *str, const char *file, int line); void CRYPTO_free(void *); void *CRYPTO_realloc(void *addr,int num, const char *file, int line); void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, @@ -506,6 +514,9 @@ void CRYPTO_dbg_free(void *addr,int before_p); void CRYPTO_dbg_set_options(long bits); long CRYPTO_dbg_get_options(void); +int CRYPTO_dbg_push_info(const char *info, const char *file, int line); +int CRYPTO_dbg_pop_info(void); +int CRYPTO_dbg_remove_all_info(void); #ifndef OPENSSL_NO_FP_API void CRYPTO_mem_leaks_fp(FILE *); @@ -523,12 +534,69 @@ unsigned long *OPENSSL_ia32cap_loc(void); #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) int OPENSSL_isservice(void); +#ifdef OPENSSL_FIPS +#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ + alg " previous FIPS forbidden algorithm error ignored"); + +#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ + #alg " Algorithm forbidden in FIPS mode"); + +#ifdef OPENSSL_FIPS_STRICT +#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) +#else +#define FIPS_BAD_ALGORITHM(alg) \ + { \ + FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ + ERR_add_error_data(2, "Algorithm=", #alg); \ + return 0; \ + } +#endif + +/* Low level digest API blocking macro */ + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ALGORITHM(alg) \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(alg##_CTX *c) + +/* For ciphers the API often varies from cipher to cipher and each needs to + * be treated as a special case. Variable key length ciphers (Blowfish, RC4, + * CAST) however are very similar and can use a blocking macro. + */ + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ABORT(alg) \ + private_##alg##_set_key(key, len, data); \ + } \ + void private_##alg##_set_key(alg##_KEY *key, int len, \ + const unsigned char *data) + +#else + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) + +#endif /* def OPENSSL_FIPS */ + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_CRYPTO_strings(void); +#define OPENSSL_HAVE_INIT 1 +void OPENSSL_init(void); + /* Error codes for the CRYPTO functions. */ /* Function codes. */ diff --git a/crypto/openssl/crypto/des/asm/crypt586.pl b/crypto/openssl/crypto/des/asm/crypt586.pl deleted file mode 100644 index 1d04ed6def..0000000000 --- a/crypto/openssl/crypto/des/asm/crypt586.pl +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/local/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen -# I've added the stuff needed for crypt() but I've not worried about making -# things perfect. -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"crypt586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("DES_SPtrans"); -&fcrypt_body("fcrypt_body"); -&asm_finish(); - -sub fcrypt_body - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _DES_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - $trans="ebp"; - - &xor( $L, $L); - &xor( $R, $R); - - # PIC-ification:-) - &picmeup("edx","DES_SPtrans"); - #if ($cpp) { &picmeup("edx","DES_SPtrans"); } - #else { &lea("edx",&DWP("DES_SPtrans")); } - &push("edx"); # becomes &swtmp(1) - # - &mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT - - &push(&DWC(25)); # add a variable - - &set_label("start"); - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); - } - &mov("ebx", &swtmp(0)); - &mov("eax", $L); - &dec("ebx"); - &mov($L, $R); - &mov($R, "eax"); - &mov(&swtmp(0), "ebx"); - &jnz(&label("start")); - - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - - &FP_new($R,$L,"eax",3); - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$L); - - &add("esp",8); # remove variables - - &function_end($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &wparam(2)); # 2 - &mov( $t, $R); - &shr( $t, 16); # 1 - &mov( $tmp2, &wparam(3)); # 2 - &xor( $t, $R); # 1 - - &and( $u, $t); # 2 - &and( $t, $tmp2); # 2 - - &mov( $tmp1, $u); - &shl( $tmp1, 16); # 1 - &mov( $tmp2, $t); - &shl( $tmp2, 16); # 1 - &xor( $u, $tmp1); # 2 - &xor( $t, $tmp2); # 2 - &mov( $tmp1, &DWP(&n2a($S*4),$trans,"",0)); # 2 - &xor( $u, $tmp1); - &mov( $tmp2, &DWP(&n2a(($S+1)*4),$trans,"",0)); # 2 - &xor( $u, $R); - &xor( $t, $R); - &xor( $t, $tmp2); - - &and( $u, "0xfcfcfcfc" ); # 2 - &xor( $tmp1, $tmp1); # 1 - &and( $t, "0xcfcfcfcf" ); # 2 - &xor( $tmp2, $tmp2); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &mov( $trans, &swtmp(1)); - &xor( $L, &DWP(" ",$trans,$tmp1,0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, &DWP("0x200",$trans,$tmp2,0)); - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &xor( $L, &DWP("0x100",$trans,$tmp1,0)); - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &xor( $L, &DWP("0x300",$trans,$tmp2,0)); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &mov( $tmp1, &DWP("0x600",$trans,$tmp1,0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x700",$trans,$tmp2,0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x400",$trans,$u,0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x500",$trans,$t,0)); - &xor( $L, $tmp1); - &mov( $trans, &wparam(1)); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - if ($notlast eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/crypto/openssl/crypto/des/asm/des-586.pl b/crypto/openssl/crypto/des/asm/des-586.pl deleted file mode 100644 index b75d3c6b3a..0000000000 --- a/crypto/openssl/crypto/des/asm/des-586.pl +++ /dev/null @@ -1,251 +0,0 @@ -#!/usr/local/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; -require "desboth.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -&asm_init($ARGV[0],"des-586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("DES_SPtrans"); -&DES_encrypt("DES_encrypt1",1); -&DES_encrypt("DES_encrypt2",0); -&DES_encrypt3("DES_encrypt3",1); -&DES_encrypt3("DES_decrypt3",0); -&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1); -&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5); - -&asm_finish(); - -sub DES_encrypt - { - local($name,$do_ip)=@_; - - &function_begin_B($name,"EXTRN _DES_SPtrans:DWORD"); - - &push("esi"); - &push("edi"); - - &comment(""); - &comment("Load the 2 words"); - $trans="ebp"; - - if ($do_ip) - { - &mov($R,&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov("eax",&DWP(0,$R,"",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &mov($L,&DWP(4,$R,"",0)); - &comment(""); - &comment("IP"); - &IP_new("eax",$L,$R,3); - } - else - { - &mov("eax",&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov($R,&DWP(0,"eax","",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &rotl($R,3); - &mov($L,&DWP(4,"eax","",0)); - &rotl($L,3); - } - - # PIC-ification:-) - &picmeup($trans,"DES_SPtrans"); - #if ($cpp) { &picmeup($trans,"DES_SPtrans"); } - #else { &lea($trans,&DWP("DES_SPtrans")); } - - &mov( "ecx", &wparam(1) ); - &cmp("ebx","0"); - &je(&label("start_decrypt")); - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx"); - } - - &set_label("end"); - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - &FP_new($L,$R,"eax",3); - - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$R); - } - else - { - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &mov("eax",&wparam(0)); - &rotr($R,3); # l - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - } - - &pop("ebp"); - &pop("ebx"); - &pop("edi"); - &pop("esi"); - &ret(); - - &function_end_B($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &DWP(&n2a($S*4),$tmp2,"",0)); - &xor( $tmp1, $tmp1); - &mov( $t, &DWP(&n2a(($S+1)*4),$tmp2,"",0)); - &xor( $u, $R); - &xor( $tmp2, $tmp2); - &xor( $t, $R); - &and( $u, "0xfcfcfcfc" ); - &and( $t, "0xcfcfcfcf" ); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &xor( $L, &DWP(" ",$trans,$tmp1,0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, &DWP("0x200",$trans,$tmp2,0)); - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &xor( $L, &DWP("0x100",$trans,$tmp1,0)); - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &xor( $L, &DWP("0x300",$trans,$tmp2,0)); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &xor( $L, &DWP("0x600",$trans,$tmp1,0)); - &xor( $L, &DWP("0x700",$trans,$tmp2,0)); - &mov( $tmp2, &wparam(1) ); - &xor( $L, &DWP("0x400",$trans,$u,0)); - &xor( $L, &DWP("0x500",$trans,$t,0)); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - # This can never succeed, and besides it is difficult to see what the - # idea was - Ben 13 Feb 99 - if (!$last eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/crypto/openssl/crypto/des/asm/des686.pl b/crypto/openssl/crypto/des/asm/des686.pl deleted file mode 100644 index d3ad5d5edd..0000000000 --- a/crypto/openssl/crypto/des/asm/des686.pl +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/local/bin/perl - -$prog="des686.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -# WILL NOT WORK ANYMORE WITH desboth.pl -require "desboth.pl"; - -if ( ($ARGV[0] eq "elf")) - { require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "a.out")) - { $aout=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "sol")) - { $sol=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "cpp")) - { $cpp=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "win32")) - { require "x86ms.pl"; } -else - { - print STDERR <<"EOF"; -Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used - win32 - Windows 95/Windows NT -EOF - exit(1); - } - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $prog"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, Win32, or Solaris"); -&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+"); -&comment("eric "); -&comment(""); - -&file("dx86xxxx"); - -$L="edi"; -$R="esi"; - -&DES_encrypt("DES_encrypt1",1); -&DES_encrypt("DES_encrypt2",0); - -&DES_encrypt3("DES_encrypt3",1); -&DES_encrypt3("DES_decrypt3",0); - -&file_end(); - -sub DES_encrypt - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _DES_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - &mov("eax",&wparam(0)); - &mov($L,&DWP(0,"eax","",0)); - &mov($R,&DWP(4,"eax","",0)); - - $ksp=&wparam(1); - - if ($do_ip) - { - &comment(""); - &comment("IP"); - &IP_new($L,$R,"eax"); - } - - &comment(""); - &comment("fixup rotate"); - &rotl($R,3); - &rotl($L,3); - &exch($L,$R); - - &comment(""); - &comment("load counter, key_schedule and enc flag"); - &mov("eax",&wparam(2)); # get encrypt flag - &mov("ebp",&wparam(1)); # get ks - &cmp("eax","0"); - &je(&label("start_decrypt")); - - # encrypting part - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx"); - } - - &set_label("end"); - - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &rotr($R,3); # l - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &FP_new($R,$L,"eax"); - } - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - - &function_end($name); - } - - -# The logic is to load R into 2 registers and operate on both at the same time. -# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte' -# while also masking the other copy and doing a lookup. We then also accumulate the -# L value in 2 registers then combine them at the end. -sub D_ENCRYPT - { - local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_; - - &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); - &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); - &xor( $u, $R ); - &xor( $t, $R ); - &rotr( $t, 4 ); - - # the numbers at the end of the line are origional instruction order - &mov( $tmp2, $u ); # 1 2 - &mov( $tmp1, $t ); # 1 1 - &and( $tmp2, "0xfc" ); # 1 4 - &and( $tmp1, "0xfc" ); # 1 3 - &shr( $t, 8 ); # 1 5 - &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7 - &shr( $u, 8 ); # 1 6 - &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8 - - &mov( $tmp2, $u ); # 2 2 - &xor( $L, $tmp1 ); # 1 9 - &and( $tmp2, "0xfc" ); # 2 4 - &mov( $tmp1, $t ); # 2 1 - &and( $tmp1, "0xfc" ); # 2 3 - &shr( $t, 8 ); # 2 5 - &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7 - &shr( $u, 8 ); # 2 6 - &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8 - &mov( $tmp2, $u ); # 3 2 - - &xor( $L, $tmp1 ); # 2 9 - &and( $tmp2, "0xfc" ); # 3 4 - - &mov( $tmp1, $t ); # 3 1 - &shr( $u, 8 ); # 3 6 - &and( $tmp1, "0xfc" ); # 3 3 - &shr( $t, 8 ); # 3 5 - &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7 - &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8 - - &and( $t, "0xfc" ); # 4 1 - &xor( $L, $tmp1 ); # 3 9 - - &and( $u, "0xfc" ); # 4 2 - &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3 - &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4 - } - -sub PERM_OP - { - local($a,$b,$tt,$shift,$mask)=@_; - - &mov( $tt, $a ); - &shr( $tt, $shift ); - &xor( $tt, $b ); - &and( $tt, $mask ); - &xor( $b, $tt ); - &shl( $tt, $shift ); - &xor( $a, $tt ); - } - -sub IP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f"); - &PERM_OP($l,$r,$tt,16,"0x0000ffff"); - &PERM_OP($r,$l,$tt, 2,"0x33333333"); - &PERM_OP($l,$r,$tt, 8,"0x00ff00ff"); - &PERM_OP($r,$l,$tt, 1,"0x55555555"); - } - -sub FP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($l,$r,$tt, 1,"0x55555555"); - &PERM_OP($r,$l,$tt, 8,"0x00ff00ff"); - &PERM_OP($l,$r,$tt, 2,"0x33333333"); - &PERM_OP($r,$l,$tt,16,"0x0000ffff"); - &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f"); - } - -sub n2a - { - sprintf("%d",$_[0]); - } diff --git a/crypto/openssl/crypto/des/asm/desboth.pl b/crypto/openssl/crypto/des/asm/desboth.pl deleted file mode 100644 index eec00886e4..0000000000 --- a/crypto/openssl/crypto/des/asm/desboth.pl +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/local/bin/perl - -$L="edi"; -$R="esi"; - -sub DES_encrypt3 - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - &push("ebx"); - &mov("ebx",&wparam(0)); - - &push("ebp"); - &push("esi"); - - &push("edi"); - - &comment(""); - &comment("Load the data words"); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - &stack_push(3); - - &comment(""); - &comment("IP"); - &IP_new($L,$R,"edx",0); - - # put them back - - if ($enc) - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("eax",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("esi",&wparam(3)); - } - else - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("esi",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("eax",&wparam(3)); - } - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "eax"); - &mov(&swtmp(0), "ebx"); - &call("DES_encrypt2"); - &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); - &mov(&swtmp(1), "edi"); - &mov(&swtmp(0), "ebx"); - &call("DES_encrypt2"); - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "esi"); - &mov(&swtmp(0), "ebx"); - &call("DES_encrypt2"); - - &stack_pop(3); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - - &comment(""); - &comment("FP"); - &FP_new($L,$R,"eax",0); - - &mov(&DWP(0,"ebx","",0),"eax"); - &mov(&DWP(4,"ebx","",0),$R); - - &pop("edi"); - &pop("esi"); - &pop("ebp"); - &pop("ebx"); - &ret(); - &function_end_B($name); - } - - diff --git a/crypto/openssl/crypto/des/asm/readme b/crypto/openssl/crypto/des/asm/readme deleted file mode 100644 index 1beafe253b..0000000000 --- a/crypto/openssl/crypto/des/asm/readme +++ /dev/null @@ -1,131 +0,0 @@ -First up, let me say I don't like writing in assembler. It is not portable, -dependant on the particular CPU architecture release and is generally a pig -to debug and get right. Having said that, the x86 architecture is probably -the most important for speed due to number of boxes and since -it appears to be the worst architecture to to get -good C compilers for. So due to this, I have lowered myself to do -assembler for the inner DES routines in libdes :-). - -The file to implement in assembler is des_enc.c. Replace the following -4 functions -des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt); -des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt); -des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); -des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); - -They encrypt/decrypt the 64 bits held in 'data' using -the 'ks' key schedules. The only difference between the 4 functions is that -des_encrypt2() does not perform IP() or FP() on the data (this is an -optimization for when doing triple DES and des_encrypt3() and des_decrypt3() -perform triple des. The triple DES routines are in here because it does -make a big difference to have them located near the des_encrypt2 function -at link time.. - -Now as we all know, there are lots of different operating systems running on -x86 boxes, and unfortunately they normally try to make sure their assembler -formating is not the same as the other peoples. -The 4 main formats I know of are -Microsoft Windows 95/Windows NT -Elf Includes Linux and FreeBSD(?). -a.out The older Linux. -Solaris Same as Elf but different comments :-(. - -Now I was not overly keen to write 4 different copies of the same code, -so I wrote a few perl routines to output the correct assembler, given -a target assembler type. This code is ugly and is just a hack. -The libraries are x86unix.pl and x86ms.pl. -des586.pl, des686.pl and des-som[23].pl are the programs to actually -generate the assembler. - -So to generate elf assembler -perl des-som3.pl elf >dx86-elf.s -For Windows 95/NT -perl des-som2.pl win32 >win32.asm - -[ update 4 Jan 1996 ] -I have added another way to do things. -perl des-som3.pl cpp >dx86-cpp.s -generates a file that will be included by dx86unix.cpp when it is compiled. -To build for elf, a.out, solaris, bsdi etc, -cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o -cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o -cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o -cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o -This was done to cut down the number of files in the distribution. - -Now the ugly part. I acquired my copy of Intels -"Optimization's For Intel's 32-Bit Processors" and found a few interesting -things. First, the aim of the exersize is to 'extract' one byte at a time -from a word and do an array lookup. This involves getting the byte from -the 4 locations in the word and moving it to a new word and doing the lookup. -The most obvious way to do this is -xor eax, eax # clear word -movb al, cl # get low byte -xor edi DWORD PTR 0x100+des_SP[eax] # xor in word -movb al, ch # get next byte -xor edi DWORD PTR 0x300+des_SP[eax] # xor in word -shr ecx 16 -which seems ok. For the pentium, this system appears to be the best. -One has to do instruction interleaving to keep both functional units -operating, but it is basically very efficient. - -Now the crunch. When a full register is used after a partial write, eg. -mov al, cl -xor edi, DWORD PTR 0x100+des_SP[eax] -386 - 1 cycle stall -486 - 1 cycle stall -586 - 0 cycle stall -686 - at least 7 cycle stall (page 22 of the above mentioned document). - -So the technique that produces the best results on a pentium, according to -the documentation, will produce hideous results on a pentium pro. - -To get around this, des686.pl will generate code that is not as fast on -a pentium, should be very good on a pentium pro. -mov eax, ecx # copy word -shr ecx, 8 # line up next byte -and eax, 0fch # mask byte -xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup -mov eax, ecx # get word -shr ecx 8 # line up next byte -and eax, 0fch # mask byte -xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup - -Due to the execution units in the pentium, this actually works quite well. -For a pentium pro it should be very good. This is the type of output -Visual C++ generates. - -There is a third option. instead of using -mov al, ch -which is bad on the pentium pro, one may be able to use -movzx eax, ch -which may not incur the partial write penalty. On the pentium, -this instruction takes 4 cycles so is not worth using but on the -pentium pro it appears it may be worth while. I need access to one to -experiment :-). - -eric (20 Oct 1996) - -22 Nov 1996 - I have asked people to run the 2 different version on pentium -pros and it appears that the intel documentation is wrong. The -mov al,bh is still faster on a pentium pro, so just use the des586.pl -install des686.pl - -3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these -functions into des_enc.c because it does make a massive performance -difference on some boxes to have the functions code located close to -the des_encrypt2() function. - -9 Jan 1997 - des-som2.pl is now the correct perl script to use for -pentiums. It contains an inner loop from -Svend Olaf Mikkelsen which does raw ecb DES calls at -273,000 per second. He had a previous version at 250,000 and the best -I was able to get was 203,000. The content has not changed, this is all -due to instruction sequencing (and actual instructions choice) which is able -to keep both functional units of the pentium going. -We may have lost the ugly register usage restrictions when x86 went 32 bit -but for the pentium it has been replaced by evil instruction ordering tricks. - -13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf. -raw DES at 281,000 per second on a pentium 100. - diff --git a/crypto/openssl/crypto/des/des_enc.c b/crypto/openssl/crypto/des/des_enc.c index 1c37ab96d3..cf71965aca 100644 --- a/crypto/openssl/crypto/des/des_enc.c +++ b/crypto/openssl/crypto/des/des_enc.c @@ -289,6 +289,8 @@ void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, #ifndef DES_DEFAULT_OPTIONS +#if !defined(OPENSSL_FIPS_DES_ASM) + #undef CBC_ENC_C__DONT_UPDATE_IV #include "ncbc_enc.c" /* DES_ncbc_encrypt */ @@ -404,4 +406,6 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, tin[0]=tin[1]=0; } +#endif + #endif /* DES_DEFAULT_OPTIONS */ diff --git a/crypto/openssl/crypto/des/ecb_enc.c b/crypto/openssl/crypto/des/des_lib.c similarity index 91% copy from crypto/openssl/crypto/des/ecb_enc.c copy to crypto/openssl/crypto/des/des_lib.c index 00d5b91e8c..d4b3047932 100644 --- a/crypto/openssl/crypto/des/ecb_enc.c +++ b/crypto/openssl/crypto/des/des_lib.c @@ -58,7 +58,6 @@ #include "des_locl.h" #include "des_ver.h" -#include "spr.h" #include #include @@ -104,20 +103,4 @@ const char *DES_options(void) } return(buf); } - -void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks, int enc) - { - register DES_LONG l; - DES_LONG ll[2]; - const unsigned char *in = &(*input)[0]; - unsigned char *out = &(*output)[0]; - - c2l(in,l); ll[0]=l; - c2l(in,l); ll[1]=l; - DES_encrypt1(ll,ks,enc); - l=ll[0]; l2c(l,out); - l=ll[1]; l2c(l,out); - l=ll[0]=ll[1]=0; - } diff --git a/crypto/openssl/crypto/des/ecb_enc.c b/crypto/openssl/crypto/des/ecb_enc.c index 00d5b91e8c..75ae6cf8bb 100644 --- a/crypto/openssl/crypto/des/ecb_enc.c +++ b/crypto/openssl/crypto/des/ecb_enc.c @@ -57,54 +57,7 @@ */ #include "des_locl.h" -#include "des_ver.h" #include "spr.h" -#include -#include - -OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; -OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; - -const char *DES_options(void) - { - static int init=1; - static char buf[32]; - - if (init) - { - const char *ptr,*unroll,*risc,*size; - -#ifdef DES_PTR - ptr="ptr"; -#else - ptr="idx"; -#endif -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 - risc="risc1"; -#endif -#ifdef DES_RISC2 - risc="risc2"; -#endif -#else - risc="cisc"; -#endif -#ifdef DES_UNROLL - unroll="16"; -#else - unroll="4"; -#endif - if (sizeof(DES_LONG) != sizeof(long)) - size="int"; - else - size="long"; - BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, - size); - init=0; - } - return(buf); - } - void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int enc) diff --git a/crypto/openssl/crypto/des/enc_read.c b/crypto/openssl/crypto/des/enc_read.c index c70fb686b8..e7da2ec66b 100644 --- a/crypto/openssl/crypto/des/enc_read.c +++ b/crypto/openssl/crypto/des/enc_read.c @@ -147,7 +147,11 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, /* first - get the length */ while (net_num < HDRSIZE) { +#ifndef _WIN32 i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); +#else + i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); +#endif #ifdef EINTR if ((i == -1) && (errno == EINTR)) continue; #endif diff --git a/crypto/openssl/crypto/des/enc_writ.c b/crypto/openssl/crypto/des/enc_writ.c index af5b8c2349..c2f032c9a6 100644 --- a/crypto/openssl/crypto/des/enc_writ.c +++ b/crypto/openssl/crypto/des/enc_writ.c @@ -153,7 +153,11 @@ int DES_enc_write(int fd, const void *_buf, int len, { /* eay 26/08/92 I was not doing writing from where we * got up to. */ +#ifndef _WIN32 i=write(fd,(void *)&(outbuf[j]),outnum-j); +#else + i=_write(fd,(void *)&(outbuf[j]),outnum-j); +#endif if (i == -1) { #ifdef EINTR diff --git a/crypto/openssl/crypto/des/set_key.c b/crypto/openssl/crypto/des/set_key.c index a43ef3c881..c0806d593c 100644 --- a/crypto/openssl/crypto/des/set_key.c +++ b/crypto/openssl/crypto/des/set_key.c @@ -64,6 +64,10 @@ * 1.0 First working version */ #include "des_locl.h" +#ifdef OPENSSL_FIPS +#include +#endif + OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ @@ -349,6 +353,10 @@ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule) k = &schedule->ks->deslong[0]; in = &(*key)[0]; +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif + c2l(in,c); c2l(in,d); @@ -405,3 +413,4 @@ void des_fixup_key_parity(des_cblock *key) des_set_odd_parity(key); } */ + diff --git a/crypto/openssl/crypto/dh/dh.h b/crypto/openssl/crypto/dh/dh.h index ccdf35ae1c..10475ac4b3 100644 --- a/crypto/openssl/crypto/dh/dh.h +++ b/crypto/openssl/crypto/dh/dh.h @@ -77,6 +77,8 @@ # define OPENSSL_DH_MAX_MODULUS_BITS 10000 #endif +#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 + #define DH_FLAG_CACHE_MONT_P 0x01 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH * implementation now uses constant time @@ -167,6 +169,11 @@ struct dh_st const DH_METHOD *DH_OpenSSL(void); +#ifdef OPENSSL_FIPS +DH * FIPS_dh_new(void); +void FIPS_dh_free(DH *dh); +#endif + void DH_set_default_method(const DH_METHOD *meth); const DH_METHOD *DH_get_default_method(void); int DH_set_method(DH *dh, const DH_METHOD *meth); @@ -218,6 +225,9 @@ void ERR_load_DH_strings(void); #define DH_F_DHPARAMS_PRINT 100 #define DH_F_DHPARAMS_PRINT_FP 101 #define DH_F_DH_BUILTIN_GENPARAMS 106 +#define DH_F_DH_COMPUTE_KEY 107 +#define DH_F_DH_GENERATE_KEY 108 +#define DH_F_DH_GENERATE_PARAMETERS 109 #define DH_F_DH_NEW_METHOD 105 #define DH_F_GENERATE_KEY 103 #define DH_F_GENERATE_PARAMETERS 104 @@ -225,6 +235,7 @@ void ERR_load_DH_strings(void); /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 #define DH_R_INVALID_PUBKEY 102 +#define DH_R_KEY_SIZE_TOO_SMALL 104 #define DH_R_MODULUS_TOO_LARGE 103 #define DH_R_NO_PRIVATE_VALUE 100 diff --git a/crypto/openssl/crypto/dh/dh_asn1.c b/crypto/openssl/crypto/dh/dh_asn1.c index 769b5b68c5..76740af2bd 100644 --- a/crypto/openssl/crypto/dh/dh_asn1.c +++ b/crypto/openssl/crypto/dh/dh_asn1.c @@ -1,5 +1,5 @@ /* dh_asn1.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/dh/dh_check.c b/crypto/openssl/crypto/dh/dh_check.c index b846913004..316cb9221d 100644 --- a/crypto/openssl/crypto/dh/dh_check.c +++ b/crypto/openssl/crypto/dh/dh_check.c @@ -70,6 +70,8 @@ * should hold. */ +#ifndef OPENSSL_FIPS + int DH_check(const DH *dh, int *ret) { int ok=0; @@ -140,3 +142,5 @@ err: if (q != NULL) BN_free(q); return(ok); } + +#endif diff --git a/crypto/openssl/crypto/dh/dh_err.c b/crypto/openssl/crypto/dh/dh_err.c index a2d8196ecb..13263c81c1 100644 --- a/crypto/openssl/crypto/dh/dh_err.c +++ b/crypto/openssl/crypto/dh/dh_err.c @@ -1,6 +1,6 @@ /* crypto/dh/dh_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -74,6 +74,9 @@ static ERR_STRING_DATA DH_str_functs[]= {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, +{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, +{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, +{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, @@ -84,6 +87,7 @@ static ERR_STRING_DATA DH_str_reasons[]= { {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, +{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, {0,NULL} diff --git a/crypto/openssl/crypto/dh/dh_gen.c b/crypto/openssl/crypto/dh/dh_gen.c index cfd5b11868..999e1deb40 100644 --- a/crypto/openssl/crypto/dh/dh_gen.c +++ b/crypto/openssl/crypto/dh/dh_gen.c @@ -66,6 +66,8 @@ #include #include +#ifndef OPENSSL_FIPS + static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) @@ -173,3 +175,5 @@ err: } return ok; } + +#endif diff --git a/crypto/openssl/crypto/dh/dh_key.c b/crypto/openssl/crypto/dh/dh_key.c index e7db440342..79dd331863 100644 --- a/crypto/openssl/crypto/dh/dh_key.c +++ b/crypto/openssl/crypto/dh/dh_key.c @@ -62,6 +62,8 @@ #include #include +#ifndef OPENSSL_FIPS + static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -261,3 +263,5 @@ static int dh_finish(DH *dh) BN_MONT_CTX_free(dh->method_mont_p); return(1); } + +#endif diff --git a/crypto/openssl/crypto/dsa/dsa.h b/crypto/openssl/crypto/dsa/dsa.h index 3a8fe5b56b..702c50d6dc 100644 --- a/crypto/openssl/crypto/dsa/dsa.h +++ b/crypto/openssl/crypto/dsa/dsa.h @@ -88,6 +88,8 @@ # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 #endif +#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 + #define DSA_FLAG_CACHE_MONT_P 0x01 #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA * implementation now uses constant time @@ -97,6 +99,25 @@ * be used for all exponents. */ +/* If this flag is set the DSA method is FIPS compliant and can be used + * in FIPS mode. This is set in the validated module method. If an + * application sets this flag in its own methods it is its reposibility + * to ensure the result is compliant. + */ + +#define DSA_FLAG_FIPS_METHOD 0x0400 + +/* If this flag is set the operations normally disabled in FIPS mode are + * permitted it is then the applications responsibility to ensure that the + * usage is compliant. + */ + +#define DSA_FLAG_NON_FIPS_ALLOW 0x0400 + +#ifdef OPENSSL_FIPS +#define FIPS_DSA_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif @@ -189,6 +210,11 @@ void DSA_set_default_method(const DSA_METHOD *); const DSA_METHOD *DSA_get_default_method(void); int DSA_set_method(DSA *dsa, const DSA_METHOD *); +#ifdef OPENSSL_FIPS +DSA * FIPS_dsa_new(void); +void FIPS_dsa_free (DSA *r); +#endif + DSA * DSA_new(void); DSA * DSA_new_method(ENGINE *engine); void DSA_free (DSA *r); @@ -249,6 +275,11 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off); DH *DSA_dup_DH(const DSA *r); #endif +#ifdef OPENSSL_FIPS +int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig); +int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen); +#endif + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -261,11 +292,16 @@ void ERR_load_DSA_strings(void); #define DSA_F_D2I_DSA_SIG 110 #define DSA_F_DSAPARAMS_PRINT 100 #define DSA_F_DSAPARAMS_PRINT_FP 101 +#define DSA_F_DSA_BUILTIN_KEYGEN 119 +#define DSA_F_DSA_BUILTIN_PARAMGEN 118 #define DSA_F_DSA_DO_SIGN 112 #define DSA_F_DSA_DO_VERIFY 113 +#define DSA_F_DSA_GENERATE_PARAMETERS 117 #define DSA_F_DSA_NEW_METHOD 103 #define DSA_F_DSA_PRINT 104 #define DSA_F_DSA_PRINT_FP 105 +#define DSA_F_DSA_SET_DEFAULT_METHOD 115 +#define DSA_F_DSA_SET_METHOD 116 #define DSA_F_DSA_SIGN 106 #define DSA_F_DSA_SIGN_SETUP 107 #define DSA_F_DSA_SIG_NEW 109 @@ -276,8 +312,11 @@ void ERR_load_DSA_strings(void); /* Reason codes. */ #define DSA_R_BAD_Q_VALUE 102 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 +#define DSA_R_KEY_SIZE_TOO_SMALL 106 #define DSA_R_MISSING_PARAMETERS 101 #define DSA_R_MODULUS_TOO_LARGE 103 +#define DSA_R_NON_FIPS_METHOD 104 +#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105 #ifdef __cplusplus } diff --git a/crypto/openssl/crypto/dsa/dsa_asn1.c b/crypto/openssl/crypto/dsa/dsa_asn1.c index 23fce555aa..0645facb4b 100644 --- a/crypto/openssl/crypto/dsa/dsa_asn1.c +++ b/crypto/openssl/crypto/dsa/dsa_asn1.c @@ -1,5 +1,5 @@ /* dsa_asn1.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== @@ -61,6 +61,11 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + /* Override the default new methods */ static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) @@ -83,7 +88,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) -IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) /* Override the default free and new methods */ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) @@ -138,3 +143,76 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) + +int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, + unsigned int *siglen, DSA *dsa) + { + DSA_SIG *s; +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) + { + DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif + s=DSA_do_sign(dgst,dlen,dsa); + if (s == NULL) + { + *siglen=0; + return(0); + } + *siglen=i2d_DSA_SIG(s,&sig); + DSA_SIG_free(s); + return(1); + } + +int DSA_size(const DSA *r) + { + int ret,i; + ASN1_INTEGER bs; + unsigned char buf[4]; /* 4 bytes looks really small. + However, i2d_ASN1_INTEGER() will not look + beyond the first byte, as long as the second + parameter is NULL. */ + + i=BN_num_bits(r->q); + bs.length=(i+7)/8; + bs.data=buf; + bs.type=V_ASN1_INTEGER; + /* If the top bit is set the asn1 encoding is 1 larger. */ + buf[0]=0xff; + + i=i2d_ASN1_INTEGER(&bs,NULL); + i+=i; /* r and s */ + ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); + return(ret); + } + +/* data has already been hashed (probably with SHA or SHA-1). */ +/* returns + * 1: correct signature + * 0: incorrect signature + * -1: error + */ +int DSA_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sigbuf, int siglen, DSA *dsa) + { + DSA_SIG *s; + int ret=-1; +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) + { + DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif + + s = DSA_SIG_new(); + if (s == NULL) return(ret); + if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; + ret=DSA_do_verify(dgst,dgst_len,s,dsa); +err: + DSA_SIG_free(s); + return(ret); + } + diff --git a/crypto/openssl/crypto/dsa/dsa_err.c b/crypto/openssl/crypto/dsa/dsa_err.c index 768711994b..872839af94 100644 --- a/crypto/openssl/crypto/dsa/dsa_err.c +++ b/crypto/openssl/crypto/dsa/dsa_err.c @@ -1,6 +1,6 @@ /* crypto/dsa/dsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -73,11 +73,16 @@ static ERR_STRING_DATA DSA_str_functs[]= {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, +{ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"}, +{ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, +{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"}, {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, +{ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"}, +{ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"}, {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, @@ -91,8 +96,11 @@ static ERR_STRING_DATA DSA_str_reasons[]= { {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, +{ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, +{ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"}, +{ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {0,NULL} }; diff --git a/crypto/openssl/crypto/dsa/dsa_gen.c b/crypto/openssl/crypto/dsa/dsa_gen.c index ca0b86a6cf..6f1728e3cf 100644 --- a/crypto/openssl/crypto/dsa/dsa_gen.c +++ b/crypto/openssl/crypto/dsa/dsa_gen.c @@ -82,6 +82,8 @@ #include #include +#ifndef OPENSSL_FIPS + static int dsa_builtin_paramgen(DSA *ret, int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); @@ -320,3 +322,4 @@ err: return ok; } #endif +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_key.c b/crypto/openssl/crypto/dsa/dsa_key.c index c4aa86bc6d..5e39124230 100644 --- a/crypto/openssl/crypto/dsa/dsa_key.c +++ b/crypto/openssl/crypto/dsa/dsa_key.c @@ -64,6 +64,8 @@ #include #include +#ifndef OPENSSL_FIPS + static int dsa_builtin_keygen(DSA *dsa); int DSA_generate_key(DSA *dsa) @@ -126,3 +128,5 @@ err: return(ok); } #endif + +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_lib.c b/crypto/openssl/crypto/dsa/dsa_lib.c index e9b75902db..7ac9dc8c89 100644 --- a/crypto/openssl/crypto/dsa/dsa_lib.c +++ b/crypto/openssl/crypto/dsa/dsa_lib.c @@ -76,6 +76,14 @@ static const DSA_METHOD *default_DSA_method = NULL; void DSA_set_default_method(const DSA_METHOD *meth) { +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) + { + DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD); + return; + } +#endif + default_DSA_method = meth; } @@ -96,6 +104,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) /* NB: The caller is specifically setting a method, so it's not up to us * to deal with which ENGINE it comes from. */ const DSA_METHOD *mtmp; +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) + { + DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD); + return 0; + } +#endif mtmp = dsa->meth; if (mtmp->finish) mtmp->finish(dsa); #ifndef OPENSSL_NO_ENGINE @@ -147,6 +162,18 @@ DSA *DSA_new_method(ENGINE *engine) } } #endif +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) + { + DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD); +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) + ENGINE_finish(ret->engine); +#endif + OPENSSL_free(ret); + return NULL; + } +#endif ret->pad=0; ret->version=0; @@ -233,28 +260,6 @@ int DSA_up_ref(DSA *r) return ((i > 1) ? 1 : 0); } -int DSA_size(const DSA *r) - { - int ret,i; - ASN1_INTEGER bs; - unsigned char buf[4]; /* 4 bytes looks really small. - However, i2d_ASN1_INTEGER() will not look - beyond the first byte, as long as the second - parameter is NULL. */ - - i=BN_num_bits(r->q); - bs.length=(i+7)/8; - bs.data=buf; - bs.type=V_ASN1_INTEGER; - /* If the top bit is set the asn1 encoding is 1 larger. */ - buf[0]=0xff; - - i=i2d_ASN1_INTEGER(&bs,NULL); - i+=i; /* r and s */ - ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - return(ret); - } - int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { diff --git a/crypto/openssl/crypto/dsa/dsa_ossl.c b/crypto/openssl/crypto/dsa/dsa_ossl.c index 75ff7cc4af..412cf1d88b 100644 --- a/crypto/openssl/crypto/dsa/dsa_ossl.c +++ b/crypto/openssl/crypto/dsa/dsa_ossl.c @@ -65,6 +65,8 @@ #include #include +#ifndef OPENSSL_FIPS + static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, @@ -391,3 +393,4 @@ static int dsa_finish(DSA *dsa) return(1); } +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_sign.c b/crypto/openssl/crypto/dsa/dsa_sign.c index 89205026f0..4cfbbe57a8 100644 --- a/crypto/openssl/crypto/dsa/dsa_sign.c +++ b/crypto/openssl/crypto/dsa/dsa_sign.c @@ -64,29 +64,32 @@ #include #include #include +#ifdef OPENSSL_FIPS +#include +#endif -DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { - return dsa->meth->dsa_do_sign(dgst, dlen, dsa); - } -int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *siglen, DSA *dsa) +DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { - DSA_SIG *s; - s=DSA_do_sign(dgst,dlen,dsa); - if (s == NULL) +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) { - *siglen=0; - return(0); + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return NULL; } - *siglen=i2d_DSA_SIG(s,&sig); - DSA_SIG_free(s); - return(1); +#endif + return dsa->meth->dsa_do_sign(dgst, dlen, dsa); } int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) + { + DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); } diff --git a/crypto/openssl/crypto/dsa/dsa_sign.c b/crypto/openssl/crypto/dsa/dsa_utl.c similarity index 85% copy from crypto/openssl/crypto/dsa/dsa_sign.c copy to crypto/openssl/crypto/dsa/dsa_utl.c index 89205026f0..24c021d120 100644 --- a/crypto/openssl/crypto/dsa/dsa_sign.c +++ b/crypto/openssl/crypto/dsa/dsa_utl.c @@ -1,4 +1,4 @@ -/* crypto/dsa/dsa_sign.c */ +/* crypto/dsa/dsa_lib.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -62,31 +62,34 @@ #include "cryptlib.h" #include #include -#include #include +#ifndef OPENSSL_NO_ENGINE +#include +#endif +#ifndef OPENSSL_NO_DH +#include +#endif -DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +DSA_SIG *DSA_SIG_new(void) { - return dsa->meth->dsa_do_sign(dgst, dlen, dsa); + DSA_SIG *sig; + sig = OPENSSL_malloc(sizeof(DSA_SIG)); + if (!sig) + return NULL; + sig->r = NULL; + sig->s = NULL; + return sig; } -int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *siglen, DSA *dsa) +void DSA_SIG_free(DSA_SIG *sig) { - DSA_SIG *s; - s=DSA_do_sign(dgst,dlen,dsa); - if (s == NULL) + if (sig) { - *siglen=0; - return(0); + if (sig->r) + BN_free(sig->r); + if (sig->s) + BN_free(sig->s); + OPENSSL_free(sig); } - *siglen=i2d_DSA_SIG(s,&sig); - DSA_SIG_free(s); - return(1); - } - -int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) - { - return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); } diff --git a/crypto/openssl/crypto/dsa/dsa_vrf.c b/crypto/openssl/crypto/dsa/dsa_vrf.c index c4aeddd056..c75e423048 100644 --- a/crypto/openssl/crypto/dsa/dsa_vrf.c +++ b/crypto/openssl/crypto/dsa/dsa_vrf.c @@ -64,31 +64,21 @@ #include #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) + { + DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); } - -/* data has already been hashed (probably with SHA or SHA-1). */ -/* returns - * 1: correct signature - * 0: incorrect signature - * -1: error - */ -int DSA_verify(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa) - { - DSA_SIG *s; - int ret=-1; - - s = DSA_SIG_new(); - if (s == NULL) return(ret); - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; - ret=DSA_do_verify(dgst,dgst_len,s,dsa); -err: - DSA_SIG_free(s); - return(ret); - } diff --git a/crypto/openssl/crypto/cryptlib.c b/crypto/openssl/crypto/dyn_lck.c similarity index 58% copy from crypto/openssl/crypto/cryptlib.c copy to crypto/openssl/crypto/dyn_lck.c index 8c68623828..7f82c41264 100644 --- a/crypto/openssl/crypto/cryptlib.c +++ b/crypto/openssl/crypto/dyn_lck.c @@ -166,8 +166,16 @@ static const char* const lock_names[CRYPTO_NUM_LOCKS] = "ec_pre_comp", "store", "comp", -#if CRYPTO_NUM_LOCKS != 39 -# error "Inconsistency between crypto.h and cryptlib.c" +#ifndef OPENSSL_FIPS +# if CRYPTO_NUM_LOCKS != 39 +# error "Inconsistency between crypto.h and cryptlib.c" +# endif +#else + "fips", + "fips2", +# if CRYPTO_NUM_LOCKS != 41 +# error "Inconsistency between crypto.h and cryptlib.c" +# endif #endif }; @@ -181,11 +189,6 @@ static STACK *app_locks=NULL; static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; -static void (MS_FAR *locking_callback)(int mode,int type, - const char *file,int line)=NULL; -static int (MS_FAR *add_lock_callback)(int *pointer,int amount, - int type,const char *file,int line)=NULL; -static unsigned long (MS_FAR *id_callback)(void)=NULL; static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) (const char *file,int line)=NULL; static void (MS_FAR *dynlock_lock_callback)(int mode, @@ -224,11 +227,6 @@ int CRYPTO_get_new_lockid(char *name) return(i); } -int CRYPTO_num_locks(void) - { - return CRYPTO_NUM_LOCKS; - } - int CRYPTO_get_new_dynlockid(void) { int i = 0; @@ -377,154 +375,43 @@ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) dynlock_create_callback=func; } -void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, - struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_lock_callback=func; - } - -void CRYPTO_set_dynlock_destroy_callback(void (*func) - (struct CRYPTO_dynlock_value *l, const char *file, int line)) +static void do_dynlock(int mode, int type, const char *file, int line) { - dynlock_destroy_callback=func; - } - - -void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, - int line) - { - return(locking_callback); - } - -int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type, - const char *file,int line) - { - return(add_lock_callback); - } - -void CRYPTO_set_locking_callback(void (*func)(int mode,int type, - const char *file,int line)) - { - locking_callback=func; - } - -void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type, - const char *file,int line)) - { - add_lock_callback=func; - } - -unsigned long (*CRYPTO_get_id_callback(void))(void) - { - return(id_callback); - } + if (dynlock_lock_callback != NULL) + { + struct CRYPTO_dynlock_value *pointer + = CRYPTO_get_dynlock_value(type); -void CRYPTO_set_id_callback(unsigned long (*func)(void)) - { - id_callback=func; - } + OPENSSL_assert(pointer != NULL); -unsigned long CRYPTO_thread_id(void) - { - unsigned long ret=0; + dynlock_lock_callback(mode, pointer, file, line); - if (id_callback == NULL) - { -#ifdef OPENSSL_SYS_WIN16 - ret=(unsigned long)GetCurrentTask(); -#elif defined(OPENSSL_SYS_WIN32) - ret=(unsigned long)GetCurrentThreadId(); -#elif defined(GETPID_IS_MEANINGLESS) - ret=1L; -#else - ret=(unsigned long)getpid(); -#endif + CRYPTO_destroy_dynlockid(type); } - else - ret=id_callback(); - return(ret); } -void CRYPTO_lock(int mode, int type, const char *file, int line) +void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, + struct CRYPTO_dynlock_value *l, const char *file, int line)) { -#ifdef LOCK_DEBUG - { - char *rw_text,*operation_text; - - if (mode & CRYPTO_LOCK) - operation_text="lock "; - else if (mode & CRYPTO_UNLOCK) - operation_text="unlock"; - else - operation_text="ERROR "; - - if (mode & CRYPTO_READ) - rw_text="r"; - else if (mode & CRYPTO_WRITE) - rw_text="w"; - else - rw_text="ERROR"; - - fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n", - CRYPTO_thread_id(), rw_text, operation_text, - CRYPTO_get_lock_name(type), file, line); - } -#endif - if (type < 0) + /* Set callback so CRYPTO_lock() can now handle dynamic locks. + * This is OK because at this point and application shouldn't be using + * OpenSSL from multiple threads because it is setting up the locking + * callbacks. + */ + static int done = 0; + if (!done) { - if (dynlock_lock_callback != NULL) - { - struct CRYPTO_dynlock_value *pointer - = CRYPTO_get_dynlock_value(type); - - OPENSSL_assert(pointer != NULL); - - dynlock_lock_callback(mode, pointer, file, line); - - CRYPTO_destroy_dynlockid(type); - } + int_CRYPTO_set_do_dynlock_callback(do_dynlock); + done = 1; } - else - if (locking_callback != NULL) - locking_callback(mode,type,file,line); + + dynlock_lock_callback=func; } -int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, - int line) +void CRYPTO_set_dynlock_destroy_callback(void (*func) + (struct CRYPTO_dynlock_value *l, const char *file, int line)) { - int ret = 0; - - if (add_lock_callback != NULL) - { -#ifdef LOCK_DEBUG - int before= *pointer; -#endif - - ret=add_lock_callback(pointer,amount,type,file,line); -#ifdef LOCK_DEBUG - fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), - before,amount,ret, - CRYPTO_get_lock_name(type), - file,line); -#endif - } - else - { - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line); - - ret= *pointer+amount; -#ifdef LOCK_DEBUG - fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), - *pointer,amount,ret, - CRYPTO_get_lock_name(type), - file,line); -#endif - *pointer=ret; - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line); - } - return(ret); + dynlock_destroy_callback=func; } const char *CRYPTO_get_lock_name(int type) @@ -539,220 +426,3 @@ const char *CRYPTO_get_lock_name(int type) return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); } -#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ - defined(__INTEL__) || \ - defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) - -unsigned long OPENSSL_ia32cap_P=0; -unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } - -#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY) -#define OPENSSL_CPUID_SETUP -void OPENSSL_cpuid_setup(void) -{ static int trigger=0; - unsigned long OPENSSL_ia32_cpuid(void); - char *env; - - if (trigger) return; - - trigger=1; - if ((env=getenv("OPENSSL_ia32cap"))) - OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10); - else - OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10); - /* - * |(1<<10) sets a reserved bit to signal that variable - * was initialized already... This is to avoid interference - * with cpuid snippets in ELF .init segment. - */ -} -#endif - -#else -unsigned long *OPENSSL_ia32cap_loc(void) { return NULL; } -#endif -int OPENSSL_NONPIC_relocated = 0; -#if !defined(OPENSSL_CPUID_SETUP) -void OPENSSL_cpuid_setup(void) {} -#endif - -#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) -#ifdef __CYGWIN__ -/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ -#include -#endif - -/* All we really need to do is remove the 'error' state when a thread - * detaches */ - -BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, - LPVOID lpvReserved) - { - switch(fdwReason) - { - case DLL_PROCESS_ATTACH: - OPENSSL_cpuid_setup(); -#if defined(_WIN32_WINNT) - { - IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL; - IMAGE_NT_HEADERS *nt_headers; - - if (dos_header->e_magic==IMAGE_DOS_SIGNATURE) - { - nt_headers = (IMAGE_NT_HEADERS *)((char *)dos_header - + dos_header->e_lfanew); - if (nt_headers->Signature==IMAGE_NT_SIGNATURE && - hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase)) - OPENSSL_NONPIC_relocated=1; - } - } -#endif - break; - case DLL_THREAD_ATTACH: - break; - case DLL_THREAD_DETACH: - ERR_remove_state(0); - break; - case DLL_PROCESS_DETACH: - break; - } - return(TRUE); - } -#endif - -#if defined(_WIN32) && !defined(__CYGWIN__) -#include - -#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333 -int OPENSSL_isservice(void) -{ HWINSTA h; - DWORD len; - WCHAR *name; - - (void)GetDesktopWindow(); /* return value is ignored */ - - h = GetProcessWindowStation(); - if (h==NULL) return -1; - - if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) || - GetLastError() != ERROR_INSUFFICIENT_BUFFER) - return -1; - - if (len>512) return -1; /* paranoia */ - len++,len&=~1; /* paranoia */ -#ifdef _MSC_VER - name=(WCHAR *)_alloca(len+sizeof(WCHAR)); -#else - name=(WCHAR *)alloca(len+sizeof(WCHAR)); -#endif - if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len)) - return -1; - - len++,len&=~1; /* paranoia */ - name[len/sizeof(WCHAR)]=L'\0'; /* paranoia */ -#if 1 - /* This doesn't cover "interactive" services [working with real - * WinSta0's] nor programs started non-interactively by Task - * Scheduler [those are working with SAWinSta]. */ - if (wcsstr(name,L"Service-0x")) return 1; -#else - /* This covers all non-interactive programs such as services. */ - if (!wcsstr(name,L"WinSta0")) return 1; -#endif - else return 0; -} -#else -int OPENSSL_isservice(void) { return 0; } -#endif - -void OPENSSL_showfatal (const char *fmta,...) -{ va_list ap; - TCHAR buf[256]; - const TCHAR *fmt; -#ifdef STD_ERROR_HANDLE /* what a dirty trick! */ - HANDLE h; - - if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL && - GetFileType(h)!=FILE_TYPE_UNKNOWN) - { /* must be console application */ - va_start (ap,fmta); - vfprintf (stderr,fmta,ap); - va_end (ap); - return; - } -#endif - - if (sizeof(TCHAR)==sizeof(char)) - fmt=(const TCHAR *)fmta; - else do - { int keepgoing; - size_t len_0=strlen(fmta)+1,i; - WCHAR *fmtw; - -#ifdef _MSC_VER - fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR)); -#else - fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR)); -#endif - if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; } - -#ifndef OPENSSL_NO_MULTIBYTE - if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0)) -#endif - for (i=0;i=0x0333 - /* this -------------v--- guards NT-specific calls */ - if (GetVersion() < 0x80000000 && OPENSSL_isservice()) - { HANDLE h = RegisterEventSource(0,_T("OPENSSL")); - const TCHAR *pmsg=buf; - ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0); - DeregisterEventSource(h); - } - else -#endif - MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP); -} -#else -void OPENSSL_showfatal (const char *fmta,...) -{ va_list ap; - - va_start (ap,fmta); - vfprintf (stderr,fmta,ap); - va_end (ap); -} -int OPENSSL_isservice (void) { return 0; } -#endif - -void OpenSSLDie(const char *file,int line,const char *assertion) - { - OPENSSL_showfatal( - "%s(%d): OpenSSL internal error, assertion failed: %s\n", - file,line,assertion); - abort(); - } - -void *OPENSSL_stderr(void) { return stderr; } diff --git a/crypto/openssl/crypto/ec/ec_key.c b/crypto/openssl/crypto/ec/ec_key.c index 3d6c900b95..12fb0e6d6d 100644 --- a/crypto/openssl/crypto/ec/ec_key.c +++ b/crypto/openssl/crypto/ec/ec_key.c @@ -296,7 +296,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) { int ok = 0; BN_CTX *ctx = NULL; - BIGNUM *order = NULL; + const BIGNUM *order = NULL; EC_POINT *point = NULL; if (!eckey || !eckey->group || !eckey->pub_key) @@ -307,8 +307,6 @@ int EC_KEY_check_key(const EC_KEY *eckey) if ((ctx = BN_CTX_new()) == NULL) goto err; - if ((order = BN_new()) == NULL) - goto err; if ((point = EC_POINT_new(eckey->group)) == NULL) goto err; @@ -319,17 +317,13 @@ int EC_KEY_check_key(const EC_KEY *eckey) goto err; } /* testing whether pub_key * order is the point at infinity */ - if (!EC_GROUP_get_order(eckey->group, order, ctx)) + order = &eckey->group->order; + if (BN_is_zero(order)) { ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER); goto err; } - if (!EC_POINT_copy(point, eckey->pub_key)) - { - ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_mul(eckey->group, point, order, NULL, NULL, ctx)) + if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB); goto err; @@ -366,8 +360,6 @@ int EC_KEY_check_key(const EC_KEY *eckey) err: if (ctx != NULL) BN_CTX_free(ctx); - if (order != NULL) - BN_free(order); if (point != NULL) EC_POINT_free(point); return(ok); diff --git a/crypto/openssl/crypto/engine/eng_cnf.c b/crypto/openssl/crypto/engine/eng_cnf.c index 8417ddaaef..08066cea59 100644 --- a/crypto/openssl/crypto/engine/eng_cnf.c +++ b/crypto/openssl/crypto/engine/eng_cnf.c @@ -1,5 +1,5 @@ /* eng_cnf.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== @@ -98,7 +98,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) CONF_VALUE *ecmd; char *ctrlname, *ctrlvalue; ENGINE *e = NULL; - int soft = 0; + int soft = 0; name = skip_dot(name); #ifdef ENGINE_CONF_DEBUG @@ -127,8 +127,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) /* Override engine name to use */ if (!strcmp(ctrlname, "engine_id")) name = ctrlvalue; - else if (!strcmp(ctrlname, "soft_load")) - soft = 1; + else if (!strcmp(ctrlname, "soft_load")) + soft = 1; /* Load a dynamic ENGINE */ else if (!strcmp(ctrlname, "dynamic_path")) { @@ -151,11 +151,11 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) if (!e) { e = ENGINE_by_id(name); - if (!e && soft) - { - ERR_clear_error(); - return 1; - } + if (!e && soft) + { + ERR_clear_error(); + return 1; + } if (!e) return 0; } diff --git a/crypto/openssl/crypto/engine/eng_padlock.c b/crypto/openssl/crypto/engine/eng_padlock.c index 1ba9d85db4..743558ab33 100644 --- a/crypto/openssl/crypto/engine/eng_padlock.c +++ b/crypto/openssl/crypto/engine/eng_padlock.c @@ -234,8 +234,8 @@ padlock_bind_fn(ENGINE *e, const char *id) return 1; } -IMPLEMENT_DYNAMIC_CHECK_FN (); -IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn); +IMPLEMENT_DYNAMIC_CHECK_FN () +IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn) #endif /* DYNAMIC_ENGINE */ /* ===== Here comes the "real" engine ===== */ diff --git a/crypto/openssl/crypto/err/err.c b/crypto/openssl/crypto/err/err.c index 7952e70ab0..292404a2fb 100644 --- a/crypto/openssl/crypto/err/err.c +++ b/crypto/openssl/crypto/err/err.c @@ -119,480 +119,9 @@ #include #include -static void err_load_strings(int lib, ERR_STRING_DATA *str); - -static void ERR_STATE_free(ERR_STATE *s); -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA ERR_str_libraries[]= - { -{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, -{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, -{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, -{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, -{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, -{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, -{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, -{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, -{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, -{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, -{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, -{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, -{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, -{ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, -{ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, -{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, -{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, -{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, -{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, -{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, -{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, -{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, -{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, -{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, -{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, -{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, -{0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_functs[]= - { - {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, - {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, - {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, - {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, - {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, - {ERR_PACK(0,SYS_F_BIND,0), "bind"}, - {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, - {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, -#ifdef OPENSSL_SYS_WINDOWS - {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, -#endif - {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, - {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, - {0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_reasons[]= - { -{ERR_R_SYS_LIB ,"system lib"}, -{ERR_R_BN_LIB ,"BN lib"}, -{ERR_R_RSA_LIB ,"RSA lib"}, -{ERR_R_DH_LIB ,"DH lib"}, -{ERR_R_EVP_LIB ,"EVP lib"}, -{ERR_R_BUF_LIB ,"BUF lib"}, -{ERR_R_OBJ_LIB ,"OBJ lib"}, -{ERR_R_PEM_LIB ,"PEM lib"}, -{ERR_R_DSA_LIB ,"DSA lib"}, -{ERR_R_X509_LIB ,"X509 lib"}, -{ERR_R_ASN1_LIB ,"ASN1 lib"}, -{ERR_R_CONF_LIB ,"CONF lib"}, -{ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, -{ERR_R_EC_LIB ,"EC lib"}, -{ERR_R_SSL_LIB ,"SSL lib"}, -{ERR_R_BIO_LIB ,"BIO lib"}, -{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, -{ERR_R_X509V3_LIB ,"X509V3 lib"}, -{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, -{ERR_R_RAND_LIB ,"RAND lib"}, -{ERR_R_DSO_LIB ,"DSO lib"}, -{ERR_R_ENGINE_LIB ,"ENGINE lib"}, -{ERR_R_OCSP_LIB ,"OCSP lib"}, - -{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, -{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, -{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, -{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, -{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, -{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, - -{ERR_R_FATAL ,"fatal"}, -{ERR_R_MALLOC_FAILURE ,"malloc failure"}, -{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, -{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, -{ERR_R_INTERNAL_ERROR ,"internal error"}, -{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, - -{0,NULL}, - }; -#endif - - -/* Define the predeclared (but externally opaque) "ERR_FNS" type */ -struct st_ERR_FNS - { - /* Works on the "error_hash" string table */ - LHASH *(*cb_err_get)(int create); - void (*cb_err_del)(void); - ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); - ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); - /* Works on the "thread_hash" error-state table */ - LHASH *(*cb_thread_get)(int create); - void (*cb_thread_release)(LHASH **hash); - ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *); - ERR_STATE *(*cb_thread_set_item)(ERR_STATE *); - void (*cb_thread_del_item)(const ERR_STATE *); - /* Returns the next available error "library" numbers */ - int (*cb_get_next_lib)(void); - }; - -/* Predeclarations of the "err_defaults" functions */ -static LHASH *int_err_get(int create); -static void int_err_del(void); -static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); -static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); -static LHASH *int_thread_get(int create); -static void int_thread_release(LHASH **hash); -static ERR_STATE *int_thread_get_item(const ERR_STATE *); -static ERR_STATE *int_thread_set_item(ERR_STATE *); -static void int_thread_del_item(const ERR_STATE *); -static int int_err_get_next_lib(void); -/* The static ERR_FNS table using these defaults functions */ -static const ERR_FNS err_defaults = - { - int_err_get, - int_err_del, - int_err_get_item, - int_err_set_item, - int_err_del_item, - int_thread_get, - int_thread_release, - int_thread_get_item, - int_thread_set_item, - int_thread_del_item, - int_err_get_next_lib - }; - -/* The replacable table of ERR_FNS functions we use at run-time */ -static const ERR_FNS *err_fns = NULL; - -/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */ -#define ERRFN(a) err_fns->cb_##a - -/* The internal state used by "err_defaults" - as such, the setting, reading, - * creating, and deleting of this data should only be permitted via the - * "err_defaults" functions. This way, a linked module can completely defer all - * ERR state operation (together with requisite locking) to the implementations - * and state in the loading application. */ -static LHASH *int_error_hash = NULL; -static LHASH *int_thread_hash = NULL; -static int int_thread_hash_references = 0; -static int int_err_library_number= ERR_LIB_USER; - -/* Internal function that checks whether "err_fns" is set and if not, sets it to - * the defaults. */ -static void err_fns_check(void) - { - if (err_fns) return; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!err_fns) - err_fns = &err_defaults; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } - -/* API functions to get or set the underlying ERR functions. */ - -const ERR_FNS *ERR_get_implementation(void) - { - err_fns_check(); - return err_fns; - } - -int ERR_set_implementation(const ERR_FNS *fns) - { - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting - * an error is there?! */ - if (!err_fns) - { - err_fns = fns; - ret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; - } - -/* These are the callbacks provided to "lh_new()" when creating the LHASH tables - * internal to the "err_defaults" implementation. */ - -/* static unsigned long err_hash(ERR_STRING_DATA *a); */ -static unsigned long err_hash(const void *a_void); -/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */ -static int err_cmp(const void *a_void, const void *b_void); -/* static unsigned long pid_hash(ERR_STATE *pid); */ -static unsigned long pid_hash(const void *pid_void); -/* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */ -static int pid_cmp(const void *a_void,const void *pid_void); -static unsigned long get_error_values(int inc,int top,const char **file,int *line, - const char **data,int *flags); - -/* The internal functions used in the "err_defaults" implementation */ - -static LHASH *int_err_get(int create) - { - LHASH *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!int_error_hash && create) - { - CRYPTO_push_info("int_err_get (err.c)"); - int_error_hash = lh_new(err_hash, err_cmp); - CRYPTO_pop_info(); - } - if (int_error_hash) - ret = int_error_hash; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; - } - -static void int_err_del(void) - { - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (int_error_hash) - { - lh_free(int_error_hash); - int_error_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } - -static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_insert(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d) - { - ERR_STRING_DATA *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(err_get)(0); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STRING_DATA *)lh_delete(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; - } - -static LHASH *int_thread_get(int create) - { - LHASH *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!int_thread_hash && create) - { - CRYPTO_push_info("int_thread_get (err.c)"); - int_thread_hash = lh_new(pid_hash, pid_cmp); - CRYPTO_pop_info(); - } - if (int_thread_hash) - { - int_thread_hash_references++; - ret = int_thread_hash; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; - } - -static void int_thread_release(LHASH **hash) - { - int i; - - if (hash == NULL || *hash == NULL) - return; - - i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR); - -#ifdef REF_PRINT - fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR"); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"int_thread_release, bad reference count\n"); - abort(); /* ok */ - } -#endif - *hash = NULL; - } - -static ERR_STATE *int_thread_get_item(const ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - return p; - } - -static ERR_STATE *int_thread_set_item(ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_insert(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - return p; - } - -static void int_thread_del_item(const ERR_STATE *d) - { - ERR_STATE *p; - LHASH *hash; - - err_fns_check(); - hash = ERRFN(thread_get)(0); - if (!hash) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = (ERR_STATE *)lh_delete(hash, d); - /* make sure we don't leak memory */ - if (int_thread_hash_references == 1 - && int_thread_hash && (lh_num_items(int_thread_hash) == 0)) - { - lh_free(int_thread_hash); - int_thread_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - ERRFN(thread_release)(&hash); - if (p) - ERR_STATE_free(p); - } - -static int int_err_get_next_lib(void) - { - int ret; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - ret = int_err_library_number++; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; - } - - -#ifndef OPENSSL_NO_ERR -#define NUM_SYS_STR_REASONS 127 -#define LEN_SYS_STR_REASON 32 - -static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; -/* SYS_str_reasons is filled with copies of strerror() results at - * initialization. - * 'errno' values up to 127 should cover all usual errors, - * others will be displayed numerically by ERR_error_string. - * It is crucial that we have something for each reason code - * that occurs in ERR_str_reasons, or bogus reason strings - * will be returned for SYSerr(), which always gets an errno - * value and never one of those 'standard' reason codes. */ - -static void build_SYS_str_reasons(void) - { - /* OPENSSL_malloc cannot be used here, use static storage instead */ - static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; - int i; - static int init = 1; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - return; - } - - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return; - } - - for (i = 1; i <= NUM_SYS_STR_REASONS; i++) - { - ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - - str->error = (unsigned long)i; - if (str->string == NULL) - { - char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); - char *src = strerror(i); - if (src != NULL) - { - strncpy(*dest, src, sizeof *dest); - (*dest)[sizeof *dest - 1] = '\0'; - str->string = *dest; - } - } - if (str->string == NULL) - str->string = "unknown"; - } - - /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, - * as required by ERR_load_strings. */ - - init = 0; - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } -#endif +static unsigned long get_error_values(int inc,int top, + const char **file,int *line, + const char **data,int *flags); #define err_clear_data(p,i) \ do { \ @@ -614,68 +143,6 @@ static void build_SYS_str_reasons(void) (p)->err_line[i]= -1; \ } while(0) -static void ERR_STATE_free(ERR_STATE *s) - { - int i; - - if (s == NULL) - return; - - for (i=0; ierror) - { - if (lib) - str->error|=ERR_PACK(lib,0,0); - ERRFN(err_set_item)(str); - str++; - } - } - -void ERR_load_strings(int lib, ERR_STRING_DATA *str) - { - ERR_load_ERR_strings(); - err_load_strings(lib, str); - } - -void ERR_unload_strings(int lib, ERR_STRING_DATA *str) - { - while (str->error) - { - if (lib) - str->error|=ERR_PACK(lib,0,0); - ERRFN(err_del_item)(str); - str++; - } - } - -void ERR_free_strings(void) - { - err_fns_check(); - ERRFN(err_del)(); - } - -/********************************************************/ - void ERR_put_error(int lib, int func, int reason, const char *file, int line) { @@ -830,218 +297,6 @@ static unsigned long get_error_values(int inc, int top, const char **file, int * return ret; } -void ERR_error_string_n(unsigned long e, char *buf, size_t len) - { - char lsbuf[64], fsbuf[64], rsbuf[64]; - const char *ls,*fs,*rs; - unsigned long l,f,r; - - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - r=ERR_GET_REASON(e); - - ls=ERR_lib_error_string(e); - fs=ERR_func_error_string(e); - rs=ERR_reason_error_string(e); - - if (ls == NULL) - BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); - if (fs == NULL) - BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); - if (rs == NULL) - BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); - - BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, - fs?fs:fsbuf, rs?rs:rsbuf); - if (strlen(buf) == len-1) - { - /* output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) /* ... if possible */ - { - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) - { - char *colon = strchr(s, ':'); - if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) - { - /* set colon no. i at last possible position - * (buf[len-1] is the terminating 0)*/ - colon = &buf[len-1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } - } - } - -/* BAD for multi-threading: uses a local buffer if ret == NULL */ -/* ERR_error_string_n should be used instead for ret != NULL - * as ERR_error_string cannot know how large the buffer is */ -char *ERR_error_string(unsigned long e, char *ret) - { - static char buf[256]; - - if (ret == NULL) ret=buf; - ERR_error_string_n(e, ret, 256); - - return ret; - } - -LHASH *ERR_get_string_table(void) - { - err_fns_check(); - return ERRFN(err_get)(0); - } - -LHASH *ERR_get_err_state_table(void) - { - err_fns_check(); - return ERRFN(thread_get)(0); - } - -void ERR_release_err_state_table(LHASH **hash) - { - err_fns_check(); - ERRFN(thread_release)(hash); - } - -const char *ERR_lib_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p; - unsigned long l; - - err_fns_check(); - l=ERR_GET_LIB(e); - d.error=ERR_PACK(l,0,0); - p=ERRFN(err_get_item)(&d); - return((p == NULL)?NULL:p->string); - } - -const char *ERR_func_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p; - unsigned long l,f; - - err_fns_check(); - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - d.error=ERR_PACK(l,f,0); - p=ERRFN(err_get_item)(&d); - return((p == NULL)?NULL:p->string); - } - -const char *ERR_reason_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p=NULL; - unsigned long l,r; - - err_fns_check(); - l=ERR_GET_LIB(e); - r=ERR_GET_REASON(e); - d.error=ERR_PACK(l,0,r); - p=ERRFN(err_get_item)(&d); - if (!p) - { - d.error=ERR_PACK(0,0,r); - p=ERRFN(err_get_item)(&d); - } - return((p == NULL)?NULL:p->string); - } - -/* static unsigned long err_hash(ERR_STRING_DATA *a) */ -static unsigned long err_hash(const void *a_void) - { - unsigned long ret,l; - - l=((const ERR_STRING_DATA *)a_void)->error; - ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); - return(ret^ret%19*13); - } - -/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ -static int err_cmp(const void *a_void, const void *b_void) - { - return((int)(((const ERR_STRING_DATA *)a_void)->error - - ((const ERR_STRING_DATA *)b_void)->error)); - } - -/* static unsigned long pid_hash(ERR_STATE *a) */ -static unsigned long pid_hash(const void *a_void) - { - return(((const ERR_STATE *)a_void)->pid*13); - } - -/* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ -static int pid_cmp(const void *a_void, const void *b_void) - { - return((int)((long)((const ERR_STATE *)a_void)->pid - - (long)((const ERR_STATE *)b_void)->pid)); - } - -void ERR_remove_state(unsigned long pid) - { - ERR_STATE tmp; - - err_fns_check(); - if (pid == 0) - pid=(unsigned long)CRYPTO_thread_id(); - tmp.pid=pid; - /* thread_del_item automatically destroys the LHASH if the number of - * items reaches zero. */ - ERRFN(thread_del_item)(&tmp); - } - -ERR_STATE *ERR_get_state(void) - { - static ERR_STATE fallback; - ERR_STATE *ret,tmp,*tmpp=NULL; - int i; - unsigned long pid; - - err_fns_check(); - pid=(unsigned long)CRYPTO_thread_id(); - tmp.pid=pid; - ret=ERRFN(thread_get_item)(&tmp); - - /* ret == the error state, if NULL, make a new one */ - if (ret == NULL) - { - ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); - if (ret == NULL) return(&fallback); - ret->pid=pid; - ret->top=0; - ret->bottom=0; - for (i=0; ierr_data[i]=NULL; - ret->err_data_flags[i]=0; - } - tmpp = ERRFN(thread_set_item)(ret); - /* To check if insertion failed, do a get. */ - if (ERRFN(thread_get_item)(ret) != ret) - { - ERR_STATE_free(ret); /* could not insert it */ - return(&fallback); - } - /* If a race occured in this function and we came second, tmpp - * is the first one that we just replaced. */ - if (tmpp) - ERR_STATE_free(tmpp); - } - return ret; - } - -int ERR_get_next_error_library(void) - { - err_fns_check(); - return ERRFN(get_next_lib)(); - } - void ERR_set_error_data(char *data, int flags) { ERR_STATE *es; @@ -1128,3 +383,34 @@ int ERR_pop_to_mark(void) es->err_flags[es->top]&=~ERR_FLAG_MARK; return 1; } + +#ifdef OPENSSL_FIPS + +static ERR_STATE *fget_state(void) + { + static ERR_STATE fstate; + return &fstate; + } + +ERR_STATE *(*get_state_func)(void) = fget_state; +void (*remove_state_func)(unsigned long pid); + +ERR_STATE *ERR_get_state(void) + { + return get_state_func(); + } + +void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), + void (*remove_func)(unsigned long pid)) + { + get_state_func = get_func; + remove_state_func = remove_func; + } + +void ERR_remove_state(unsigned long pid) + { + if (remove_state_func) + remove_state_func(pid); + } + +#endif diff --git a/crypto/openssl/crypto/err/err.h b/crypto/openssl/crypto/err/err.h index 8d9f0da172..dcac415231 100644 --- a/crypto/openssl/crypto/err/err.h +++ b/crypto/openssl/crypto/err/err.h @@ -142,6 +142,7 @@ typedef struct err_state_st #define ERR_LIB_STORE 44 #define ERR_LIB_FIPS 45 #define ERR_LIB_CMS 46 +#define ERR_LIB_JPAKE 47 #define ERR_LIB_USER 128 @@ -175,6 +176,7 @@ typedef struct err_state_st #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) #define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) #define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) +#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__) /* Borland C seems too stupid to be able to shift and do longs in * the pre-processor :-( */ @@ -306,6 +308,12 @@ int ERR_get_next_error_library(void); int ERR_set_mark(void); int ERR_pop_to_mark(void); +#ifdef OPENSSL_FIPS +void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), + void (*remove_func)(unsigned long pid)); +void int_ERR_lib_init(void); +#endif + /* Already defined in ossl_typ.h */ /* typedef struct st_ERR_FNS ERR_FNS; */ /* An application can use this function and provide the return value to loaded diff --git a/crypto/openssl/crypto/err/err_all.c b/crypto/openssl/crypto/err/err_all.c index 5813060ce2..f21a5276ed 100644 --- a/crypto/openssl/crypto/err/err_all.c +++ b/crypto/openssl/crypto/err/err_all.c @@ -94,9 +94,16 @@ #include #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #ifndef OPENSSL_NO_CMS #include #endif +#ifndef OPENSSL_NO_JPAKE +#include +#endif void ERR_load_crypto_strings(void) { @@ -141,8 +148,14 @@ void ERR_load_crypto_strings(void) #endif ERR_load_OCSP_strings(); ERR_load_UI_strings(); +#ifdef OPENSSL_FIPS + ERR_load_FIPS_strings(); +#endif #ifndef OPENSSL_NO_CMS ERR_load_CMS_strings(); #endif +#ifndef OPENSSL_NO_JPAKE + ERR_load_JPAKE_strings(); +#endif #endif } diff --git a/crypto/openssl/crypto/sha/sha1dgst.c b/crypto/openssl/crypto/err/err_bio.c similarity index 89% copy from crypto/openssl/crypto/sha/sha1dgst.c copy to crypto/openssl/crypto/err/err_bio.c index 50d1925cde..a42f804840 100644 --- a/crypto/openssl/crypto/sha/sha1dgst.c +++ b/crypto/openssl/crypto/err/err_bio.c @@ -1,4 +1,4 @@ -/* crypto/sha/sha1dgst.c */ +/* crypto/err/err_prn.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,19 +56,20 @@ * [including the GNU Public Licence.] */ -#include -#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) +#include +#include "cryptlib.h" +#include +#include +#include +#include -#undef SHA_0 -#define SHA_1 - -#include - -const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; - -/* The implementation is in ../md32_common.h */ - -#include "sha_locl.h" - -#endif +static int print_bio(const char *str, size_t len, void *bp) + { + return BIO_write((BIO *)bp, str, len); + } +void ERR_print_errors(BIO *bp) + { + ERR_print_errors_cb(print_bio, bp); + } + diff --git a/crypto/openssl/crypto/err/err.c b/crypto/openssl/crypto/err/err_def.c similarity index 59% copy from crypto/openssl/crypto/err/err.c copy to crypto/openssl/crypto/err/err_def.c index 7952e70ab0..7ed3d84955 100644 --- a/crypto/openssl/crypto/err/err.c +++ b/crypto/openssl/crypto/err/err_def.c @@ -1,4 +1,4 @@ -/* crypto/err/err.c */ +/* crypto/err/err_def.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -119,103 +119,29 @@ #include #include -static void err_load_strings(int lib, ERR_STRING_DATA *str); - -static void ERR_STATE_free(ERR_STATE *s); -#ifndef OPENSSL_NO_ERR -static ERR_STRING_DATA ERR_str_libraries[]= - { -{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, -{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, -{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, -{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, -{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, -{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, -{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, -{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, -{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, -{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, -{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, -{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, -{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, -{ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, -{ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, -{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, -{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, -{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, -{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, -{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, -{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, -{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, -{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, -{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, -{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, -{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, -{0,NULL}, - }; +#define err_clear_data(p,i) \ + do { \ + if (((p)->err_data[i] != NULL) && \ + (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ + { \ + OPENSSL_free((p)->err_data[i]); \ + (p)->err_data[i]=NULL; \ + } \ + (p)->err_data_flags[i]=0; \ + } while(0) -static ERR_STRING_DATA ERR_str_functs[]= - { - {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, - {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, - {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, - {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, - {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, - {ERR_PACK(0,SYS_F_BIND,0), "bind"}, - {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, - {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, -#ifdef OPENSSL_SYS_WINDOWS - {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, -#endif - {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, - {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, - {0,NULL}, - }; +#define err_clear(p,i) \ + do { \ + (p)->err_flags[i]=0; \ + (p)->err_buffer[i]=0; \ + err_clear_data(p,i); \ + (p)->err_file[i]=NULL; \ + (p)->err_line[i]= -1; \ + } while(0) -static ERR_STRING_DATA ERR_str_reasons[]= - { -{ERR_R_SYS_LIB ,"system lib"}, -{ERR_R_BN_LIB ,"BN lib"}, -{ERR_R_RSA_LIB ,"RSA lib"}, -{ERR_R_DH_LIB ,"DH lib"}, -{ERR_R_EVP_LIB ,"EVP lib"}, -{ERR_R_BUF_LIB ,"BUF lib"}, -{ERR_R_OBJ_LIB ,"OBJ lib"}, -{ERR_R_PEM_LIB ,"PEM lib"}, -{ERR_R_DSA_LIB ,"DSA lib"}, -{ERR_R_X509_LIB ,"X509 lib"}, -{ERR_R_ASN1_LIB ,"ASN1 lib"}, -{ERR_R_CONF_LIB ,"CONF lib"}, -{ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, -{ERR_R_EC_LIB ,"EC lib"}, -{ERR_R_SSL_LIB ,"SSL lib"}, -{ERR_R_BIO_LIB ,"BIO lib"}, -{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, -{ERR_R_X509V3_LIB ,"X509V3 lib"}, -{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, -{ERR_R_RAND_LIB ,"RAND lib"}, -{ERR_R_DSO_LIB ,"DSO lib"}, -{ERR_R_ENGINE_LIB ,"ENGINE lib"}, -{ERR_R_OCSP_LIB ,"OCSP lib"}, - -{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, -{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, -{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, -{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, -{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, -{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, - -{ERR_R_FATAL ,"fatal"}, -{ERR_R_MALLOC_FAILURE ,"malloc failure"}, -{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, -{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, -{ERR_R_INTERNAL_ERROR ,"internal error"}, -{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, - -{0,NULL}, - }; -#endif +static void err_load_strings(int lib, ERR_STRING_DATA *str); +static void ERR_STATE_free(ERR_STATE *s); /* Define the predeclared (but externally opaque) "ERR_FNS" type */ struct st_ERR_FNS @@ -327,8 +253,6 @@ static int err_cmp(const void *a_void, const void *b_void); static unsigned long pid_hash(const void *pid_void); /* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */ static int pid_cmp(const void *a_void,const void *pid_void); -static unsigned long get_error_values(int inc,int top,const char **file,int *line, - const char **data,int *flags); /* The internal functions used in the "err_defaults" implementation */ @@ -528,92 +452,6 @@ static int int_err_get_next_lib(void) return ret; } - -#ifndef OPENSSL_NO_ERR -#define NUM_SYS_STR_REASONS 127 -#define LEN_SYS_STR_REASON 32 - -static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; -/* SYS_str_reasons is filled with copies of strerror() results at - * initialization. - * 'errno' values up to 127 should cover all usual errors, - * others will be displayed numerically by ERR_error_string. - * It is crucial that we have something for each reason code - * that occurs in ERR_str_reasons, or bogus reason strings - * will be returned for SYSerr(), which always gets an errno - * value and never one of those 'standard' reason codes. */ - -static void build_SYS_str_reasons(void) - { - /* OPENSSL_malloc cannot be used here, use static storage instead */ - static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; - int i; - static int init = 1; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - return; - } - - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!init) - { - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return; - } - - for (i = 1; i <= NUM_SYS_STR_REASONS; i++) - { - ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - - str->error = (unsigned long)i; - if (str->string == NULL) - { - char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); - char *src = strerror(i); - if (src != NULL) - { - strncpy(*dest, src, sizeof *dest); - (*dest)[sizeof *dest - 1] = '\0'; - str->string = *dest; - } - } - if (str->string == NULL) - str->string = "unknown"; - } - - /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, - * as required by ERR_load_strings. */ - - init = 0; - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } -#endif - -#define err_clear_data(p,i) \ - do { \ - if (((p)->err_data[i] != NULL) && \ - (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ - { \ - OPENSSL_free((p)->err_data[i]); \ - (p)->err_data[i]=NULL; \ - } \ - (p)->err_data_flags[i]=0; \ - } while(0) - -#define err_clear(p,i) \ - do { \ - (p)->err_flags[i]=0; \ - (p)->err_buffer[i]=0; \ - err_clear_data(p,i); \ - (p)->err_file[i]=NULL; \ - (p)->err_line[i]= -1; \ - } while(0) - static void ERR_STATE_free(ERR_STATE *s) { int i; @@ -628,18 +466,6 @@ static void ERR_STATE_free(ERR_STATE *s) OPENSSL_free(s); } -void ERR_load_ERR_strings(void) - { - err_fns_check(); -#ifndef OPENSSL_NO_ERR - err_load_strings(0,ERR_str_libraries); - err_load_strings(0,ERR_str_reasons); - err_load_strings(ERR_LIB_SYS,ERR_str_functs); - build_SYS_str_reasons(); - err_load_strings(ERR_LIB_SYS,SYS_str_reasons); -#endif - } - static void err_load_strings(int lib, ERR_STRING_DATA *str) { while (str->error) @@ -653,7 +479,7 @@ static void err_load_strings(int lib, ERR_STRING_DATA *str) void ERR_load_strings(int lib, ERR_STRING_DATA *str) { - ERR_load_ERR_strings(); + err_fns_check(); err_load_strings(lib, str); } @@ -674,224 +500,6 @@ void ERR_free_strings(void) ERRFN(err_del)(); } -/********************************************************/ - -void ERR_put_error(int lib, int func, int reason, const char *file, - int line) - { - ERR_STATE *es; - -#ifdef _OSD_POSIX - /* In the BS2000-OSD POSIX subsystem, the compiler generates - * path names in the form "*POSIX(/etc/passwd)". - * This dirty hack strips them to something sensible. - * @@@ We shouldn't modify a const string, though. - */ - if (strncmp(file,"*POSIX(", sizeof("*POSIX(")-1) == 0) { - char *end; - - /* Skip the "*POSIX(" prefix */ - file += sizeof("*POSIX(")-1; - end = &file[strlen(file)-1]; - if (*end == ')') - *end = '\0'; - /* Optional: use the basename of the path only. */ - if ((end = strrchr(file, '/')) != NULL) - file = &end[1]; - } -#endif - es=ERR_get_state(); - - es->top=(es->top+1)%ERR_NUM_ERRORS; - if (es->top == es->bottom) - es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; - es->err_flags[es->top]=0; - es->err_buffer[es->top]=ERR_PACK(lib,func,reason); - es->err_file[es->top]=file; - es->err_line[es->top]=line; - err_clear_data(es,es->top); - } - -void ERR_clear_error(void) - { - int i; - ERR_STATE *es; - - es=ERR_get_state(); - - for (i=0; itop=es->bottom=0; - } - - -unsigned long ERR_get_error(void) - { return(get_error_values(1,0,NULL,NULL,NULL,NULL)); } - -unsigned long ERR_get_error_line(const char **file, - int *line) - { return(get_error_values(1,0,file,line,NULL,NULL)); } - -unsigned long ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags) - { return(get_error_values(1,0,file,line,data,flags)); } - - -unsigned long ERR_peek_error(void) - { return(get_error_values(0,0,NULL,NULL,NULL,NULL)); } - -unsigned long ERR_peek_error_line(const char **file, int *line) - { return(get_error_values(0,0,file,line,NULL,NULL)); } - -unsigned long ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags) - { return(get_error_values(0,0,file,line,data,flags)); } - - -unsigned long ERR_peek_last_error(void) - { return(get_error_values(0,1,NULL,NULL,NULL,NULL)); } - -unsigned long ERR_peek_last_error_line(const char **file, int *line) - { return(get_error_values(0,1,file,line,NULL,NULL)); } - -unsigned long ERR_peek_last_error_line_data(const char **file, int *line, - const char **data, int *flags) - { return(get_error_values(0,1,file,line,data,flags)); } - - -static unsigned long get_error_values(int inc, int top, const char **file, int *line, - const char **data, int *flags) - { - int i=0; - ERR_STATE *es; - unsigned long ret; - - es=ERR_get_state(); - - if (inc && top) - { - if (file) *file = ""; - if (line) *line = 0; - if (data) *data = ""; - if (flags) *flags = 0; - - return ERR_R_INTERNAL_ERROR; - } - - if (es->bottom == es->top) return 0; - if (top) - i=es->top; /* last error */ - else - i=(es->bottom+1)%ERR_NUM_ERRORS; /* first error */ - - ret=es->err_buffer[i]; - if (inc) - { - es->bottom=i; - es->err_buffer[i]=0; - } - - if ((file != NULL) && (line != NULL)) - { - if (es->err_file[i] == NULL) - { - *file="NA"; - if (line != NULL) *line=0; - } - else - { - *file=es->err_file[i]; - if (line != NULL) *line=es->err_line[i]; - } - } - - if (data == NULL) - { - if (inc) - { - err_clear_data(es, i); - } - } - else - { - if (es->err_data[i] == NULL) - { - *data=""; - if (flags != NULL) *flags=0; - } - else - { - *data=es->err_data[i]; - if (flags != NULL) *flags=es->err_data_flags[i]; - } - } - return ret; - } - -void ERR_error_string_n(unsigned long e, char *buf, size_t len) - { - char lsbuf[64], fsbuf[64], rsbuf[64]; - const char *ls,*fs,*rs; - unsigned long l,f,r; - - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - r=ERR_GET_REASON(e); - - ls=ERR_lib_error_string(e); - fs=ERR_func_error_string(e); - rs=ERR_reason_error_string(e); - - if (ls == NULL) - BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); - if (fs == NULL) - BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); - if (rs == NULL) - BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); - - BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, - fs?fs:fsbuf, rs?rs:rsbuf); - if (strlen(buf) == len-1) - { - /* output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) /* ... if possible */ - { - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) - { - char *colon = strchr(s, ':'); - if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) - { - /* set colon no. i at last possible position - * (buf[len-1] is the terminating 0)*/ - colon = &buf[len-1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } - } - } - -/* BAD for multi-threading: uses a local buffer if ret == NULL */ -/* ERR_error_string_n should be used instead for ret != NULL - * as ERR_error_string cannot know how large the buffer is */ -char *ERR_error_string(unsigned long e, char *ret) - { - static char buf[256]; - - if (ret == NULL) ret=buf; - ERR_error_string_n(e, ret, 256); - - return ret; - } - LHASH *ERR_get_string_table(void) { err_fns_check(); @@ -982,8 +590,11 @@ static int pid_cmp(const void *a_void, const void *b_void) return((int)((long)((const ERR_STATE *)a_void)->pid - (long)((const ERR_STATE *)b_void)->pid)); } - +#ifdef OPENSSL_FIPS +static void int_err_remove_state(unsigned long pid) +#else void ERR_remove_state(unsigned long pid) +#endif { ERR_STATE tmp; @@ -996,7 +607,11 @@ void ERR_remove_state(unsigned long pid) ERRFN(thread_del_item)(&tmp); } +#ifdef OPENSSL_FIPS + static ERR_STATE *int_err_get_state(void) +#else ERR_STATE *ERR_get_state(void) +#endif { static ERR_STATE fallback; ERR_STATE *ret,tmp,*tmpp=NULL; @@ -1036,95 +651,15 @@ ERR_STATE *ERR_get_state(void) return ret; } -int ERR_get_next_error_library(void) +#ifdef OPENSSL_FIPS +void int_ERR_lib_init(void) { - err_fns_check(); - return ERRFN(get_next_lib)(); - } - -void ERR_set_error_data(char *data, int flags) - { - ERR_STATE *es; - int i; - - es=ERR_get_state(); - - i=es->top; - if (i == 0) - i=ERR_NUM_ERRORS-1; - - err_clear_data(es,i); - es->err_data[i]=data; - es->err_data_flags[i]=flags; - } - -void ERR_add_error_data(int num, ...) - { - va_list args; - int i,n,s; - char *str,*p,*a; - - s=80; - str=OPENSSL_malloc(s+1); - if (str == NULL) return; - str[0]='\0'; - - va_start(args, num); - n=0; - for (i=0; i */ - if (a != NULL) - { - n+=strlen(a); - if (n > s) - { - s=n+20; - p=OPENSSL_realloc(str,s+1); - if (p == NULL) - { - OPENSSL_free(str); - goto err; - } - else - str=p; - } - BUF_strlcat(str,a,(size_t)s+1); - } - } - ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); - -err: - va_end(args); - } - -int ERR_set_mark(void) - { - ERR_STATE *es; - - es=ERR_get_state(); - - if (es->bottom == es->top) return 0; - es->err_flags[es->top]|=ERR_FLAG_MARK; - return 1; + int_ERR_set_state_func(int_err_get_state, int_err_remove_state); } +#endif -int ERR_pop_to_mark(void) +int ERR_get_next_error_library(void) { - ERR_STATE *es; - - es=ERR_get_state(); - - while(es->bottom != es->top - && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) - { - err_clear(es,es->top); - es->top-=1; - if (es->top == -1) es->top=ERR_NUM_ERRORS-1; - } - - if (es->bottom == es->top) return 0; - es->err_flags[es->top]&=~ERR_FLAG_MARK; - return 1; + err_fns_check(); + return ERRFN(get_next_lib)(); } diff --git a/crypto/openssl/crypto/err/err_prn.c b/crypto/openssl/crypto/err/err_prn.c index 2224a901e5..4cdf342fa6 100644 --- a/crypto/openssl/crypto/err/err_prn.c +++ b/crypto/openssl/crypto/err/err_prn.c @@ -86,12 +86,7 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), #ifndef OPENSSL_NO_FP_API static int print_fp(const char *str, size_t len, void *fp) { - BIO bio; - - BIO_set(&bio,BIO_s_file()); - BIO_set_fp(&bio,fp,BIO_NOCLOSE); - - return BIO_printf(&bio, "%s", str); + return fwrite(str, 1, len, fp); } void ERR_print_errors_fp(FILE *fp) { @@ -99,13 +94,64 @@ void ERR_print_errors_fp(FILE *fp) } #endif -static int print_bio(const char *str, size_t len, void *bp) +void ERR_error_string_n(unsigned long e, char *buf, size_t len) { - return BIO_write((BIO *)bp, str, len); + char lsbuf[64], fsbuf[64], rsbuf[64]; + const char *ls,*fs,*rs; + unsigned long l,f,r; + + l=ERR_GET_LIB(e); + f=ERR_GET_FUNC(e); + r=ERR_GET_REASON(e); + + ls=ERR_lib_error_string(e); + fs=ERR_func_error_string(e); + rs=ERR_reason_error_string(e); + + if (ls == NULL) + BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); + if (fs == NULL) + BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); + if (rs == NULL) + BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); + + BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, + fs?fs:fsbuf, rs?rs:rsbuf); + if (strlen(buf) == len-1) + { + /* output may be truncated; make sure we always have 5 + * colon-separated fields, i.e. 4 colons ... */ +#define NUM_COLONS 4 + if (len > NUM_COLONS) /* ... if possible */ + { + int i; + char *s = buf; + + for (i = 0; i < NUM_COLONS; i++) + { + char *colon = strchr(s, ':'); + if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) + { + /* set colon no. i at last possible position + * (buf[len-1] is the terminating 0)*/ + colon = &buf[len-1] - NUM_COLONS + i; + *colon = ':'; + } + s = colon + 1; + } + } + } } -void ERR_print_errors(BIO *bp) + +/* BAD for multi-threading: uses a local buffer if ret == NULL */ +/* ERR_error_string_n should be used instead for ret != NULL + * as ERR_error_string cannot know how large the buffer is */ +char *ERR_error_string(unsigned long e, char *ret) { - ERR_print_errors_cb(print_bio, bp); - } + static char buf[256]; + + if (ret == NULL) ret=buf; + ERR_error_string_n(e, ret, 256); - + return ret; + } diff --git a/crypto/openssl/crypto/evp/digest.c b/crypto/openssl/crypto/err/err_str.c similarity index 51% copy from crypto/openssl/crypto/evp/digest.c copy to crypto/openssl/crypto/err/err_str.c index 762e6d3450..d39040888d 100644 --- a/crypto/openssl/crypto/evp/digest.c +++ b/crypto/openssl/crypto/err/err_str.c @@ -1,4 +1,4 @@ -/* crypto/evp/digest.c */ +/* crypto/err/err_str.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -110,225 +110,186 @@ */ #include +#include +#include #include "cryptlib.h" -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif +#include +#include +#include +#include +#include -void EVP_MD_CTX_init(EVP_MD_CTX *ctx) +#ifndef OPENSSL_NO_ERR +static ERR_STRING_DATA ERR_str_libraries[]= { - memset(ctx,'\0',sizeof *ctx); - } +{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, +{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, +{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, +{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, +{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, +{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, +{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, +{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, +{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, +{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, +{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, +{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, +{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, +{ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, +{ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, +{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, +{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, +{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, +{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, +{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, +{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, +{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, +{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, +{ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, +{ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, +{ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, +{ERR_PACK(ERR_LIB_JPAKE,0,0) ,"JPAKE routines"}, +{0,NULL}, + }; -EVP_MD_CTX *EVP_MD_CTX_create(void) +static ERR_STRING_DATA ERR_str_functs[]= { - EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); - - EVP_MD_CTX_init(ctx); - - return ctx; - } + {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, + {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, + {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, + {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, + {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, + {ERR_PACK(0,SYS_F_BIND,0), "bind"}, + {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, + {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, +#ifdef OPENSSL_SYS_WINDOWS + {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, +#endif + {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, + {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, + {0,NULL}, + }; -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) +static ERR_STRING_DATA ERR_str_reasons[]= { - EVP_MD_CTX_init(ctx); - return EVP_DigestInit_ex(ctx, type, NULL); - } +{ERR_R_SYS_LIB ,"system lib"}, +{ERR_R_BN_LIB ,"BN lib"}, +{ERR_R_RSA_LIB ,"RSA lib"}, +{ERR_R_DH_LIB ,"DH lib"}, +{ERR_R_EVP_LIB ,"EVP lib"}, +{ERR_R_BUF_LIB ,"BUF lib"}, +{ERR_R_OBJ_LIB ,"OBJ lib"}, +{ERR_R_PEM_LIB ,"PEM lib"}, +{ERR_R_DSA_LIB ,"DSA lib"}, +{ERR_R_X509_LIB ,"X509 lib"}, +{ERR_R_ASN1_LIB ,"ASN1 lib"}, +{ERR_R_CONF_LIB ,"CONF lib"}, +{ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, +{ERR_R_EC_LIB ,"EC lib"}, +{ERR_R_SSL_LIB ,"SSL lib"}, +{ERR_R_BIO_LIB ,"BIO lib"}, +{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, +{ERR_R_X509V3_LIB ,"X509V3 lib"}, +{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, +{ERR_R_RAND_LIB ,"RAND lib"}, +{ERR_R_DSO_LIB ,"DSO lib"}, +{ERR_R_ENGINE_LIB ,"ENGINE lib"}, +{ERR_R_OCSP_LIB ,"OCSP lib"}, -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) - { - EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->digest && (!type || - (type && (type->type == ctx->digest->type)))) - goto skip_to_init; - if (type) - { - /* Ensure an ENGINE left lying around from last time is cleared - * (the previous check attempted to avoid this if the same - * ENGINE and EVP_MD could be used). */ - if(ctx->engine) - ENGINE_finish(ctx->engine); - if(impl) - { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_digest_engine(type->type); - if(impl) - { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_MD *d = ENGINE_get_digest(impl, type->type); - if(!d) - { - /* Same comment from evp_enc.c */ - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private digest definition */ - type = d; - /* Store the ENGINE functional reference so we know - * 'type' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } - else - ctx->engine = NULL; - } - else - if(!ctx->digest) - { - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); - return 0; - } -#endif - if (ctx->digest != type) - { - if (ctx->digest && ctx->digest->ctx_size) - OPENSSL_free(ctx->md_data); - ctx->digest=type; - if (type->ctx_size) - ctx->md_data=OPENSSL_malloc(type->ctx_size); - } -#ifndef OPENSSL_NO_ENGINE -skip_to_init: -#endif - return ctx->digest->init(ctx); - } +{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, +{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, +{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, +{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, +{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, +{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, -int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - size_t count) - { - return ctx->digest->update(ctx,data,count); - } +{ERR_R_FATAL ,"fatal"}, +{ERR_R_MALLOC_FAILURE ,"malloc failure"}, +{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, +{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, +{ERR_R_INTERNAL_ERROR ,"internal error"}, +{ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, -/* The caller can assume that this removes any secret data from the context */ -int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) - { - int ret; - ret = EVP_DigestFinal_ex(ctx, md, size); - EVP_MD_CTX_cleanup(ctx); - return ret; - } +{0,NULL}, + }; +#endif -/* The caller can assume that this removes any secret data from the context */ -int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) - { - int ret; +#ifndef OPENSSL_NO_ERR +#define NUM_SYS_STR_REASONS 127 +#define LEN_SYS_STR_REASON 32 - OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); - ret=ctx->digest->final(ctx,md); - if (size != NULL) - *size=ctx->digest->md_size; - if (ctx->digest->cleanup) - { - ctx->digest->cleanup(ctx); - EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); - } - memset(ctx->md_data,0,ctx->digest->ctx_size); - return ret; - } +static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; +/* SYS_str_reasons is filled with copies of strerror() results at + * initialization. + * 'errno' values up to 127 should cover all usual errors, + * others will be displayed numerically by ERR_error_string. + * It is crucial that we have something for each reason code + * that occurs in ERR_str_reasons, or bogus reason strings + * will be returned for SYSerr, which always gets an errno + * value and never one of those 'standard' reason codes. */ -int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) +static void build_SYS_str_reasons(void) { - EVP_MD_CTX_init(out); - return EVP_MD_CTX_copy_ex(out, in); - } + /* OPENSSL_malloc cannot be used here, use static storage instead */ + static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; + int i; + static int init = 1; -int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) - { - unsigned char *tmp_buf; - if ((in == NULL) || (in->digest == NULL)) + CRYPTO_r_lock(CRYPTO_LOCK_ERR); + if (!init) { - EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); - return 0; + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + return; } -#ifndef OPENSSL_NO_ENGINE - /* Make sure it's safe to copy a digest context using an ENGINE */ - if (in->engine && !ENGINE_init(in->engine)) + + CRYPTO_r_unlock(CRYPTO_LOCK_ERR); + CRYPTO_w_lock(CRYPTO_LOCK_ERR); + if (!init) { - EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); - return 0; + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); + return; } -#endif - if (out->digest == in->digest) + for (i = 1; i <= NUM_SYS_STR_REASONS; i++) { - tmp_buf = out->md_data; - EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); - } - else tmp_buf = NULL; - EVP_MD_CTX_cleanup(out); - memcpy(out,in,sizeof *out); + ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - if (out->digest->ctx_size) - { - if (tmp_buf) out->md_data = tmp_buf; - else out->md_data=OPENSSL_malloc(out->digest->ctx_size); - memcpy(out->md_data,in->md_data,out->digest->ctx_size); + str->error = (unsigned long)i; + if (str->string == NULL) + { + char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); + char *src = strerror(i); + if (src != NULL) + { + strncpy(*dest, src, sizeof *dest); + (*dest)[sizeof *dest - 1] = '\0'; + str->string = *dest; + } + } + if (str->string == NULL) + str->string = "unknown"; } - if (out->digest->copy) - return out->digest->copy(out,in); - - return 1; - } - -int EVP_Digest(const void *data, size_t count, - unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) - { - EVP_MD_CTX ctx; - int ret; - - EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); - ret=EVP_DigestInit_ex(&ctx, type, impl) - && EVP_DigestUpdate(&ctx, data, count) - && EVP_DigestFinal_ex(&ctx, md, size); - EVP_MD_CTX_cleanup(&ctx); + /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, + * as required by ERR_load_strings. */ - return ret; - } - -void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) - { - EVP_MD_CTX_cleanup(ctx); - OPENSSL_free(ctx); + init = 0; + + CRYPTO_w_unlock(CRYPTO_LOCK_ERR); } +#endif -/* This call frees resources associated with the context */ -int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) +void ERR_load_ERR_strings(void) { - /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, - * because sometimes only copies of the context are ever finalised. - */ - if (ctx->digest && ctx->digest->cleanup - && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) - ctx->digest->cleanup(ctx); - if (ctx->digest && ctx->digest->ctx_size && ctx->md_data - && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) +#ifndef OPENSSL_NO_ERR + if (ERR_func_error_string(ERR_str_functs[0].error) == NULL) { - OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); - OPENSSL_free(ctx->md_data); + ERR_load_strings(0,ERR_str_libraries); + ERR_load_strings(0,ERR_str_reasons); + ERR_load_strings(ERR_LIB_SYS,ERR_str_functs); + build_SYS_str_reasons(); + ERR_load_strings(ERR_LIB_SYS,SYS_str_reasons); } -#ifndef OPENSSL_NO_ENGINE - if(ctx->engine) - /* The EVP_MD we used belongs to an ENGINE, release the - * functional reference we held for this reason. */ - ENGINE_finish(ctx->engine); #endif - memset(ctx,'\0',sizeof *ctx); - - return 1; } + diff --git a/crypto/openssl/crypto/evp/bio_md.c b/crypto/openssl/crypto/evp/bio_md.c index d648ac6da6..ed5c1135fd 100644 --- a/crypto/openssl/crypto/evp/bio_md.c +++ b/crypto/openssl/crypto/evp/bio_md.c @@ -192,13 +192,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) ret=0; break; case BIO_C_GET_MD_CTX: - if (b->init) - { - pctx=ptr; - *pctx=ctx; - } - else - ret=0; + pctx=ptr; + *pctx=ctx; break; case BIO_C_SET_MD_CTX: if (b->init) diff --git a/crypto/openssl/crypto/rand/rand_lcl.h b/crypto/openssl/crypto/evp/dig_eng.c similarity index 77% copy from crypto/openssl/crypto/rand/rand_lcl.h copy to crypto/openssl/crypto/evp/dig_eng.c index 618a8ec899..64cdf9366c 100644 --- a/crypto/openssl/crypto/rand/rand_lcl.h +++ b/crypto/openssl/crypto/evp/dig_eng.c @@ -1,4 +1,4 @@ -/* crypto/rand/rand_lcl.h */ +/* crypto/evp/digest.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -109,50 +109,72 @@ * */ -#ifndef HEADER_RAND_LCL_H -#define HEADER_RAND_LCL_H +#include +#include "cryptlib.h" +#include +#include +#ifndef OPENSSL_NO_ENGINE +#include +#endif +#include "evp_locl.h" -#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ +#ifndef OPENSSL_NO_ENGINE +#ifdef OPENSSL_FIPS -#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -#define USE_SHA1_RAND -#elif !defined(OPENSSL_NO_MD5) -#define USE_MD5_RAND -#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) -#define USE_MDC2_RAND -#elif !defined(OPENSSL_NO_MD2) -#define USE_MD2_RAND -#else -#error No message digest algorithm available -#endif -#endif +static int do_evp_md_engine_full(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) + { + if (*ptype) + { + /* Ensure an ENGINE left lying around from last time is cleared + * (the previous check attempted to avoid this if the same + * ENGINE and EVP_MD could be used). */ + if(ctx->engine) + ENGINE_finish(ctx->engine); + if(impl) + { + if (!ENGINE_init(impl)) + { + EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); + return 0; + } + } + else + /* Ask if an ENGINE is reserved for this job */ + impl = ENGINE_get_digest_engine((*ptype)->type); + if(impl) + { + /* There's an ENGINE for this job ... (apparently) */ + const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); + if(!d) + { + /* Same comment from evp_enc.c */ + EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); + return 0; + } + /* We'll use the ENGINE's private digest definition */ + *ptype = d; + /* Store the ENGINE functional reference so we know + * 'type' came from an ENGINE and we need to release + * it when done. */ + ctx->engine = impl; + } + else + ctx->engine = NULL; + } + else + if(!ctx->digest) + { + EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_NO_DIGEST_SET); + return 0; + } + return 1; + } -#include -#define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) -#define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL) -#if defined(USE_MD5_RAND) -#include -#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md5(), NULL) -#elif defined(USE_SHA1_RAND) -#include -#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL) -#elif defined(USE_MDC2_RAND) -#include -#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_mdc2(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL) -#elif defined(USE_MD2_RAND) -#include -#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md2(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) +void int_EVP_MD_init_engine_callbacks(void) + { + int_EVP_MD_set_engine_callbacks( + ENGINE_init, ENGINE_finish, do_evp_md_engine_full); + } #endif - - #endif diff --git a/crypto/openssl/crypto/evp/digest.c b/crypto/openssl/crypto/evp/digest.c index 762e6d3450..3bc2d1295c 100644 --- a/crypto/openssl/crypto/evp/digest.c +++ b/crypto/openssl/crypto/evp/digest.c @@ -116,6 +116,7 @@ #ifndef OPENSSL_NO_ENGINE #include #endif +#include "evp_locl.h" void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { @@ -137,18 +138,77 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) return EVP_DigestInit_ex(ctx, type, NULL); } -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) +#ifdef OPENSSL_FIPS + +/* The purpose of these is to trap programs that attempt to use non FIPS + * algorithms in FIPS mode and ignore the errors. + */ + +static int bad_init(EVP_MD_CTX *ctx) + { FIPS_ERROR_IGNORED("Digest init"); return 0;} + +static int bad_update(EVP_MD_CTX *ctx,const void *data,size_t count) + { FIPS_ERROR_IGNORED("Digest update"); return 0;} + +static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) + { FIPS_ERROR_IGNORED("Digest Final"); return 0;} + +static const EVP_MD bad_md = { - EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); + 0, + 0, + 0, + 0, + bad_init, + bad_update, + bad_final, + NULL, + NULL, + NULL, + 0, + {0,0,0,0}, + }; + +#endif + #ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->digest && (!type || - (type && (type->type == ctx->digest->type)))) - goto skip_to_init; - if (type) + +#ifdef OPENSSL_FIPS + +static int do_engine_null(ENGINE *impl) { return 0;} +static int do_evp_md_engine_null(EVP_MD_CTX *ctx, + const EVP_MD **ptype, ENGINE *impl) + { return 1; } + +static int (*do_engine_init)(ENGINE *impl) + = do_engine_null; + +static int (*do_engine_finish)(ENGINE *impl) + = do_engine_null; + +static int (*do_evp_md_engine) + (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) + = do_evp_md_engine_null; + +void int_EVP_MD_set_engine_callbacks( + int (*eng_md_init)(ENGINE *impl), + int (*eng_md_fin)(ENGINE *impl), + int (*eng_md_evp) + (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)) + { + do_engine_init = eng_md_init; + do_engine_finish = eng_md_fin; + do_evp_md_engine = eng_md_evp; + } + +#else + +#define do_engine_init ENGINE_init +#define do_engine_finish ENGINE_finish + +static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) + { + if (*ptype) { /* Ensure an ENGINE left lying around from last time is cleared * (the previous check attempted to avoid this if the same @@ -159,25 +219,25 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { if (!ENGINE_init(impl)) { - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); return 0; } } else /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_digest_engine(type->type); + impl = ENGINE_get_digest_engine((*ptype)->type); if(impl) { /* There's an ENGINE for this job ... (apparently) */ - const EVP_MD *d = ENGINE_get_digest(impl, type->type); + const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); if(!d) { /* Same comment from evp_enc.c */ - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); return 0; } /* We'll use the ENGINE's private digest definition */ - type = d; + *ptype = d; /* Store the ENGINE functional reference so we know * 'type' came from an ENGINE and we need to release * it when done. */ @@ -189,12 +249,52 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) else if(!ctx->digest) { - EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); + EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_NO_DIGEST_SET); return 0; } + return 1; + } + +#endif + +#endif + +int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) + { + M_EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); +#ifdef OPENSSL_FIPS + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_EVP_DIGESTINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); + ctx->digest = &bad_md; + return 0; + } +#endif +#ifndef OPENSSL_NO_ENGINE + /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts + * so this context may already have an ENGINE! Try to avoid releasing + * the previous handle, re-querying for an ENGINE, and having a + * reinitialisation, when it may all be unecessary. */ + if (ctx->engine && ctx->digest && (!type || + (type && (type->type == ctx->digest->type)))) + goto skip_to_init; + if (!do_evp_md_engine(ctx, &type, impl)) + return 0; #endif if (ctx->digest != type) { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + { + if (!(type->flags & EVP_MD_FLAG_FIPS) + && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) + { + EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); + ctx->digest = &bad_md; + return 0; + } + } +#endif if (ctx->digest && ctx->digest->ctx_size) OPENSSL_free(ctx->md_data); ctx->digest=type; @@ -202,7 +302,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) ctx->md_data=OPENSSL_malloc(type->ctx_size); } #ifndef OPENSSL_NO_ENGINE -skip_to_init: + skip_to_init: #endif return ctx->digest->init(ctx); } @@ -210,6 +310,9 @@ skip_to_init: int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif return ctx->digest->update(ctx,data,count); } @@ -226,6 +329,9 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret=ctx->digest->final(ctx,md); @@ -234,7 +340,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) if (ctx->digest->cleanup) { ctx->digest->cleanup(ctx); - EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); + M_EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); } memset(ctx->md_data,0,ctx->digest->ctx_size); return ret; @@ -256,7 +362,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) } #ifndef OPENSSL_NO_ENGINE /* Make sure it's safe to copy a digest context using an ENGINE */ - if (in->engine && !ENGINE_init(in->engine)) + if (in->engine && !do_engine_init(in->engine)) { EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); return 0; @@ -266,7 +372,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) if (out->digest == in->digest) { tmp_buf = out->md_data; - EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); + M_EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); } else tmp_buf = NULL; EVP_MD_CTX_cleanup(out); @@ -292,7 +398,7 @@ int EVP_Digest(const void *data, size_t count, int ret; EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); + M_EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); ret=EVP_DigestInit_ex(&ctx, type, impl) && EVP_DigestUpdate(&ctx, data, count) && EVP_DigestFinal_ex(&ctx, md, size); @@ -314,10 +420,10 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) * because sometimes only copies of the context are ever finalised. */ if (ctx->digest && ctx->digest->cleanup - && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) + && !M_EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) ctx->digest->cleanup(ctx); if (ctx->digest && ctx->digest->ctx_size && ctx->md_data - && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) + && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); @@ -326,7 +432,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) if(ctx->engine) /* The EVP_MD we used belongs to an ENGINE, release the * functional reference we held for this reason. */ - ENGINE_finish(ctx->engine); + do_engine_finish(ctx->engine); #endif memset(ctx,'\0',sizeof *ctx); diff --git a/crypto/openssl/crypto/evp/e_aes.c b/crypto/openssl/crypto/evp/e_aes.c index bd6c0a3a62..c9a5ee8d75 100644 --- a/crypto/openssl/crypto/evp/e_aes.c +++ b/crypto/openssl/crypto/evp/e_aes.c @@ -69,32 +69,29 @@ typedef struct IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, NID_aes_128, 16, 16, 16, 128, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) + EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + aes_init_key, + NULL, NULL, NULL, NULL) IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, NID_aes_192, 16, 24, 16, 128, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) + EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + aes_init_key, + NULL, NULL, NULL, NULL) IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, NID_aes_256, 16, 32, 16, 128, - 0, aes_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) + EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + aes_init_key, + NULL, NULL, NULL, NULL) -#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) +#define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) -IMPLEMENT_AES_CFBR(128,1) -IMPLEMENT_AES_CFBR(192,1) -IMPLEMENT_AES_CFBR(256,1) +IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS) -IMPLEMENT_AES_CFBR(128,8) -IMPLEMENT_AES_CFBR(192,8) -IMPLEMENT_AES_CFBR(256,8) +IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) +IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) diff --git a/crypto/openssl/crypto/evp/e_camellia.c b/crypto/openssl/crypto/evp/e_camellia.c index a7b40d1c60..365d397164 100644 --- a/crypto/openssl/crypto/evp/e_camellia.c +++ b/crypto/openssl/crypto/evp/e_camellia.c @@ -93,7 +93,7 @@ IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY, EVP_CIPHER_get_asn1_iv, NULL) -#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16) +#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits) IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16,0) IMPLEMENT_CAMELLIA_CFBR(128,1) IMPLEMENT_CAMELLIA_CFBR(192,1) diff --git a/crypto/openssl/crypto/evp/e_des.c b/crypto/openssl/crypto/evp/e_des.c index 856323648c..04376df232 100644 --- a/crypto/openssl/crypto/evp/e_des.c +++ b/crypto/openssl/crypto/evp/e_des.c @@ -129,18 +129,21 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, - EVP_CIPH_RAND_KEY, des_init_key, NULL, + EVP_CIPH_RAND_KEY, + des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, - EVP_CIPH_RAND_KEY, des_init_key,NULL, + EVP_CIPH_RAND_KEY, + des_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,des_ctrl) BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, - EVP_CIPH_RAND_KEY,des_init_key,NULL, + EVP_CIPH_RAND_KEY, + des_init_key,NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv,des_ctrl) diff --git a/crypto/openssl/crypto/evp/e_des3.c b/crypto/openssl/crypto/evp/e_des3.c index ac148efab2..f910af19b1 100644 --- a/crypto/openssl/crypto/evp/e_des3.c +++ b/crypto/openssl/crypto/evp/e_des3.c @@ -111,8 +111,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #ifdef KSSL_DEBUG { int i; - char *cp; - printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); + printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", (unsigned long)ctx, ctx->buf_len); printf("\t iv= "); for(i=0;i<8;i++) printf("%02X",ctx->iv[i]); @@ -164,9 +163,9 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, - EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede_init_key, + NULL, NULL, NULL, des3_ctrl) #define des_ede3_cfb64_cipher des_ede_cfb64_cipher @@ -175,21 +174,21 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, + NULL, NULL, NULL, des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, - EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, + NULL, NULL, NULL, des3_ctrl) BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, - EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, + EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, + des_ede3_init_key, + NULL, NULL, NULL, des3_ctrl) static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, @@ -216,7 +215,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, #ifdef KSSL_DEBUG { int i; - printf("des_ede3_init_key(ctx=%lx)\n", ctx); + printf("des_ede3_init_key(ctx=%lx)\n", (unsigned long)ctx); printf("\tKEY= "); for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); printf("\t IV= "); diff --git a/crypto/openssl/crypto/evp/e_null.c b/crypto/openssl/crypto/evp/e_null.c index 5205259f18..0872d733e4 100644 --- a/crypto/openssl/crypto/evp/e_null.c +++ b/crypto/openssl/crypto/evp/e_null.c @@ -69,7 +69,7 @@ static const EVP_CIPHER n_cipher= { NID_undef, 1,0,0, - 0, + EVP_CIPH_FLAG_FIPS, null_init_key, null_cipher, NULL, diff --git a/crypto/openssl/crypto/evp/e_rc4.c b/crypto/openssl/crypto/evp/e_rc4.c index 67af850bea..55baad7446 100644 --- a/crypto/openssl/crypto/evp/e_rc4.c +++ b/crypto/openssl/crypto/evp/e_rc4.c @@ -64,6 +64,7 @@ #include #include #include +#include "evp_locl.h" /* FIXME: surely this is available elsewhere? */ #define EVP_RC4_KEY_SIZE 16 diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/enc_min.c similarity index 50% copy from crypto/openssl/crypto/evp/evp_enc.c copy to crypto/openssl/crypto/evp/enc_min.c index 6e582c458d..3cb4626bef 100644 --- a/crypto/openssl/crypto/evp/evp_enc.c +++ b/crypto/openssl/crypto/evp/enc_min.c @@ -1,4 +1,4 @@ -/* crypto/evp/evp_enc.c */ +/* crypto/evp/enc_min.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,30 +66,128 @@ #endif #include "evp_locl.h" -const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; - void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif memset(ctx,0,sizeof(EVP_CIPHER_CTX)); /* ctx->cipher=NULL; */ } -EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) +#ifdef OPENSSL_FIPS + +/* The purpose of these is to trap programs that attempt to use non FIPS + * algorithms in FIPS mode and ignore the errors. + */ + +static int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) + { FIPS_ERROR_IGNORED("Cipher init"); return 0;} + +static int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { FIPS_ERROR_IGNORED("Cipher update"); return 0;} + +/* NB: no cleanup because it is allowed after failed init */ + +static int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) + { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;} +static int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) + { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;} +static int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) + { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;} + +static const EVP_CIPHER bad_cipher = { - EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); - if (ctx) - EVP_CIPHER_CTX_init(ctx); - return ctx; + 0, + 0, + 0, + 0, + 0, + bad_init, + bad_do_cipher, + NULL, + 0, + bad_set_asn1, + bad_get_asn1, + bad_ctrl, + NULL + }; + +#endif + +#ifndef OPENSSL_NO_ENGINE + +#ifdef OPENSSL_FIPS + +static int do_engine_null(ENGINE *impl) { return 0;} +static int do_evp_enc_engine_null(EVP_CIPHER_CTX *ctx, + const EVP_CIPHER **pciph, ENGINE *impl) + { return 1; } + +static int (*do_engine_finish)(ENGINE *impl) + = do_engine_null; + +static int (*do_evp_enc_engine) + (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl) + = do_evp_enc_engine_null; + +void int_EVP_CIPHER_set_engine_callbacks( + int (*eng_ciph_fin)(ENGINE *impl), + int (*eng_ciph_evp) + (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)) + { + do_engine_finish = eng_ciph_fin; + do_evp_enc_engine = eng_ciph_evp; } -int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv, int enc) +#else + +#define do_engine_finish ENGINE_finish + +static int do_evp_enc_engine(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) { - if (cipher) - EVP_CIPHER_CTX_init(ctx); - return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); + if(impl) + { + if (!ENGINE_init(impl)) + { + EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } + else + /* Ask if an ENGINE is reserved for this job */ + impl = ENGINE_get_cipher_engine((*pcipher)->nid); + if(impl) + { + /* There's an ENGINE for this job ... (apparently) */ + const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); + if(!c) + { + /* One positive side-effect of US's export + * control history, is that we should at least + * be able to avoid using US mispellings of + * "initialisation"? */ + EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); + return 0; + } + /* We'll use the ENGINE's private cipher definition */ + *pcipher = c; + /* Store the ENGINE functional reference so we know + * 'cipher' came from an ENGINE and we need to release + * it when done. */ + ctx->engine = impl; + } + else + ctx->engine = NULL; + return 1; } +#endif + +#endif + int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc) { @@ -101,6 +199,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp enc = 1; ctx->encrypt = enc; } +#ifdef OPENSSL_NO_FIPS + if(FIPS_selftest_failed()) + { + FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); + ctx->cipher = &bad_cipher; + return 0; + } +#endif #ifndef OPENSSL_NO_ENGINE /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts * so this context may already have an ENGINE! Try to avoid releasing @@ -120,39 +226,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp /* Restore encrypt field: it is zeroed by cleanup */ ctx->encrypt = enc; #ifndef OPENSSL_NO_ENGINE - if(impl) - { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_cipher_engine(cipher->nid); - if(impl) - { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); - if(!c) - { - /* One positive side-effect of US's export - * control history, is that we should at least - * be able to avoid using US mispellings of - * "initialisation"? */ - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private cipher definition */ - cipher = c; - /* Store the ENGINE functional reference so we know - * 'cipher' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } - else - ctx->engine = NULL; + if (!do_evp_enc_engine(ctx, &cipher, impl)) + return 0; #endif ctx->cipher=cipher; @@ -219,280 +294,35 @@ skip_to_init: } } - if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { - if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; - } - ctx->buf_len=0; - ctx->final_used=0; - ctx->block_mask=ctx->cipher->block_size-1; - return 1; - } - -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl) - { - if (ctx->encrypt) - return EVP_EncryptUpdate(ctx,out,outl,in,inl); - else return EVP_DecryptUpdate(ctx,out,outl,in,inl); - } - -int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - if (ctx->encrypt) - return EVP_EncryptFinal_ex(ctx,out,outl); - else return EVP_DecryptFinal_ex(ctx,out,outl); - } - -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - if (ctx->encrypt) - return EVP_EncryptFinal(ctx,out,outl); - else return EVP_DecryptFinal(ctx,out,outl); - } - -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv) - { - return EVP_CipherInit(ctx, cipher, key, iv, 1); - } - -int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, - const unsigned char *key, const unsigned char *iv) - { - return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1); - } - -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv) - { - return EVP_CipherInit(ctx, cipher, key, iv, 0); - } - -int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, - const unsigned char *key, const unsigned char *iv) - { - return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0); - } - -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl) - { - int i,j,bl; - - if (inl <= 0) - { - *outl = 0; - return inl == 0; - } - - if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) - { - if(ctx->cipher->do_cipher(ctx,out,in,inl)) - { - *outl=inl; - return 1; - } - else - { - *outl=0; - return 0; - } - } - i=ctx->buf_len; - bl=ctx->cipher->block_size; - OPENSSL_assert(bl <= (int)sizeof(ctx->buf)); - if (i != 0) - { - if (i+inl < bl) - { - memcpy(&(ctx->buf[i]),in,inl); - ctx->buf_len+=inl; - *outl=0; - return 1; - } - else - { - j=bl-i; - memcpy(&(ctx->buf[i]),in,j); - if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0; - inl-=j; - in+=j; - out+=bl; - *outl=bl; - } - } - else - *outl = 0; - i=inl&(bl-1); - inl-=i; - if (inl > 0) - { - if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0; - *outl+=inl; - } - - if (i != 0) - memcpy(ctx->buf,&(in[inl]),i); - ctx->buf_len=i; - return 1; - } - -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int ret; - ret = EVP_EncryptFinal_ex(ctx, out, outl); - return ret; - } - -int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int n,ret; - unsigned int i, b, bl; - - b=ctx->cipher->block_size; - OPENSSL_assert(b <= sizeof ctx->buf); - if (b == 1) - { - *outl=0; - return 1; - } - bl=ctx->buf_len; - if (ctx->flags & EVP_CIPH_NO_PADDING) +#ifdef OPENSSL_FIPS + /* After 'key' is set no further parameters changes are permissible. + * So only check for non FIPS enabling at this point. + */ + if (key && FIPS_mode()) { - if(bl) + if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) + & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) { - EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); + EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); +#if 0 + ERR_add_error_data(2, "cipher=", + EVP_CIPHER_name(ctx->cipher)); +#endif + ctx->cipher = &bad_cipher; return 0; } - *outl = 0; - return 1; } +#endif - n=b-bl; - for (i=bl; ibuf[i]=n; - ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b); - - - if(ret) - *outl=b; - - return ret; + if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { + if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; } - -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl) - { - int fix_len; - unsigned int b; - - if (inl <= 0) - { - *outl = 0; - return inl == 0; - } - - if (ctx->flags & EVP_CIPH_NO_PADDING) - return EVP_EncryptUpdate(ctx, out, outl, in, inl); - - b=ctx->cipher->block_size; - OPENSSL_assert(b <= sizeof ctx->final); - - if(ctx->final_used) - { - memcpy(out,ctx->final,b); - out+=b; - fix_len = 1; - } - else - fix_len = 0; - - - if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) - return 0; - - /* if we have 'decrypted' a multiple of block size, make sure - * we have a copy of this last block */ - if (b > 1 && !ctx->buf_len) - { - *outl-=b; - ctx->final_used=1; - memcpy(ctx->final,&out[*outl],b); - } - else - ctx->final_used = 0; - - if (fix_len) - *outl += b; - + ctx->buf_len=0; + ctx->final_used=0; + ctx->block_mask=ctx->cipher->block_size-1; return 1; } -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int ret; - ret = EVP_DecryptFinal_ex(ctx, out, outl); - return ret; - } - -int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int i,n; - unsigned int b; - - *outl=0; - b=ctx->cipher->block_size; - if (ctx->flags & EVP_CIPH_NO_PADDING) - { - if(ctx->buf_len) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); - return 0; - } - *outl = 0; - return 1; - } - if (b > 1) - { - if (ctx->buf_len || !ctx->final_used) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); - return(0); - } - OPENSSL_assert(b <= sizeof ctx->final); - n=ctx->final[b-1]; - if (n == 0 || n > (int)b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } - for (i=0; ifinal[--b] != n) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } - } - n=ctx->cipher->block_size-n; - for (i=0; ifinal[i]; - *outl=n; - } - else - *outl=0; - return(1); - } - -void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) - { - if (ctx) - { - EVP_CIPHER_CTX_cleanup(ctx); - OPENSSL_free(ctx); - } - } - int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) { if (c->cipher != NULL) @@ -509,31 +339,18 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) if (c->engine) /* The EVP_CIPHER we used belongs to an ENGINE, release the * functional reference we held for this reason. */ - ENGINE_finish(c->engine); + do_engine_finish(c->engine); #endif memset(c,0,sizeof(EVP_CIPHER_CTX)); return 1; } -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) +int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { - if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) - return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); - if(c->key_len == keylen) return 1; - if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) - { - c->key_len = keylen; - return 1; - } - EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH); - return 0; - } - -int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) - { - if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING; - else ctx->flags |= EVP_CIPH_NO_PADDING; - return 1; +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif + return ctx->cipher->do_cipher(ctx,out,in,inl); } int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) @@ -557,12 +374,17 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) return ret; } -int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) +unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) { - if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) - return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); - if (RAND_bytes(key, ctx->key_len) <= 0) - return 0; - return 1; + return ctx->cipher->flags; + } + +int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) + { + return ctx->cipher->iv_len; } +int EVP_CIPHER_nid(const EVP_CIPHER *cipher) + { + return cipher->nid; + } diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h index 09e621bebe..79c097181f 100644 --- a/crypto/openssl/crypto/evp/evp.h +++ b/crypto/openssl/crypto/evp/evp.h @@ -75,6 +75,10 @@ #include #endif +#ifdef OPENSSL_FIPS +#include +#endif + /* #define EVP_RC2_KEY_SIZE 16 #define EVP_RC4_KEY_SIZE 16 @@ -250,9 +254,19 @@ typedef int evp_verify_method(int type,const unsigned char *m, unsigned int m_length,const unsigned char *sigbuf, unsigned int siglen, void *key); +typedef struct + { + EVP_MD_CTX *mctx; + void *key; + } EVP_MD_SVCTX; + #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single * block */ +#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ + +#define EVP_MD_FLAG_SVCTX 0x0800 /* pass EVP_MD_SVCTX to sign/verify */ + #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} #ifndef OPENSSL_NO_DSA @@ -306,6 +320,15 @@ struct env_md_ctx_st #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest * in FIPS mode */ +#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ +#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ +#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */ +#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ +#define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \ + ((ctx->flags>>16) &0xFFFF) /* seed length */ +#define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF /* salt len same as digest */ +#define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE /* salt max or auto recovered */ + struct evp_cipher_st { int nid; @@ -349,6 +372,14 @@ struct evp_cipher_st #define EVP_CIPH_NO_PADDING 0x100 /* cipher handles random key generation */ #define EVP_CIPH_RAND_KEY 0x200 +/* Note if suitable for use in FIPS mode */ +#define EVP_CIPH_FLAG_FIPS 0x400 +/* Allow non FIPS cipher in FIPS mode */ +#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 +/* Allow use default ASN1 get/set iv */ +#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 +/* Buffer length in bits not bytes: CFB1 mode only */ +#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 /* ctrl() values */ @@ -431,6 +462,18 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) +/* Macros to reduce FIPS dependencies: do NOT use in applications */ +#define M_EVP_MD_size(e) ((e)->md_size) +#define M_EVP_MD_block_size(e) ((e)->block_size) +#define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) +#define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) +#define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) +#define M_EVP_MD_type(e) ((e)->type) +#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) +#define M_EVP_MD_CTX_md(e) ((e)->digest) + +#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) + int EVP_MD_type(const EVP_MD *md); #define EVP_MD_nid(e) EVP_MD_type(e) #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) @@ -526,6 +569,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, const unsigned char *salt, const unsigned char *data, int datal, int count, unsigned char *key,unsigned char *iv); +void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags); +void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags); +int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags); + int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv); int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, @@ -881,6 +928,24 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen); void EVP_PBE_cleanup(void); +#ifdef OPENSSL_FIPS +#ifndef OPENSSL_NO_ENGINE +void int_EVP_MD_set_engine_callbacks( + int (*eng_md_init)(ENGINE *impl), + int (*eng_md_fin)(ENGINE *impl), + int (*eng_md_evp) + (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)); +void int_EVP_MD_init_engine_callbacks(void); +void int_EVP_CIPHER_set_engine_callbacks( + int (*eng_ciph_fin)(ENGINE *impl), + int (*eng_ciph_evp) + (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)); +void int_EVP_CIPHER_init_engine_callbacks(void); +#endif +#endif + +void EVP_add_alg_module(void); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -891,16 +956,23 @@ void ERR_load_EVP_strings(void); /* Function codes. */ #define EVP_F_AES_INIT_KEY 133 +#define EVP_F_ALG_MODULE_INIT 138 #define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_D2I_PKEY 100 +#define EVP_F_DO_EVP_ENC_ENGINE 140 +#define EVP_F_DO_EVP_ENC_ENGINE_FULL 141 +#define EVP_F_DO_EVP_MD_ENGINE 139 +#define EVP_F_DO_EVP_MD_ENGINE_FULL 142 #define EVP_F_DSAPKEY2PKCS8 134 #define EVP_F_DSA_PKEY2PKCS8 135 #define EVP_F_ECDSA_PKEY2PKCS8 129 #define EVP_F_ECKEY_PKEY2PKCS8 132 +#define EVP_F_EVP_CIPHERINIT 137 #define EVP_F_EVP_CIPHERINIT_EX 123 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL_EX 101 +#define EVP_F_EVP_DIGESTINIT 136 #define EVP_F_EVP_DIGESTINIT_EX 128 #define EVP_F_EVP_ENCRYPTFINAL_EX 127 #define EVP_F_EVP_MD_CTX_COPY_EX 110 @@ -942,15 +1014,20 @@ void ERR_load_EVP_strings(void); #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 +#define EVP_R_DISABLED_FOR_FIPS 144 #define EVP_R_ENCODE_ERROR 115 +#define EVP_R_ERROR_LOADING_SECTION 145 +#define EVP_R_ERROR_SETTING_FIPS_MODE 146 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 #define EVP_R_EXPECTING_A_ECDSA_KEY 141 #define EVP_R_EXPECTING_A_EC_KEY 142 +#define EVP_R_FIPS_MODE_NOT_SUPPORTED 147 #define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 +#define EVP_R_INVALID_FIPS_MODE 148 #define EVP_R_INVALID_KEY_LENGTH 130 #define EVP_R_IV_TOO_LARGE 102 #define EVP_R_KEYGEN_FAILURE 120 @@ -962,6 +1039,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 +#define EVP_R_UNKNOWN_OPTION 149 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPPORTED_CIPHER 107 diff --git a/crypto/openssl/crypto/evp/evp_acnf.c b/crypto/openssl/crypto/evp/evp_acnf.c index ff3e311cc5..643a1864e8 100644 --- a/crypto/openssl/crypto/evp/evp_acnf.c +++ b/crypto/openssl/crypto/evp/evp_acnf.c @@ -1,5 +1,5 @@ /* evp_acnf.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/asn_moid.c b/crypto/openssl/crypto/evp/evp_cnf.c similarity index 66% copy from crypto/openssl/crypto/asn1/asn_moid.c copy to crypto/openssl/crypto/evp/evp_cnf.c index 9132350f10..2e4db30235 100644 --- a/crypto/openssl/crypto/asn1/asn_moid.c +++ b/crypto/openssl/crypto/evp/evp_cnf.c @@ -1,9 +1,9 @@ -/* asn_moid.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL - * project 2001. +/* evp_cnf.c */ +/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL + * project 2007. */ /* ==================================================================== - * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,12 +63,15 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif -/* Simple ASN1 OID module: add all objects in a given section */ -static int do_create(char *value, char *name); +/* Algorithm configuration module. */ -static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) +static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; const char *oid_section; @@ -77,84 +80,46 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) oid_section = CONF_imodule_get_value(md); if(!(sktmp = NCONF_get_section(cnf, oid_section))) { - ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); + EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); return 0; } for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { oval = sk_CONF_VALUE_value(sktmp, i); - if(!do_create(oval->value, oval->name)) + if (!strcmp(oval->name, "fips_mode")) { - ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); - return 0; + int m; + if (!X509V3_get_value_bool(oval, &m)) + { + EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); + return 0; + } + if (m > 0) + { +#ifdef OPENSSL_FIPS + if (!FIPS_mode() && !FIPS_mode_set(1)) + { + EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE); + return 0; + } +#else + EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); + return 0; +#endif + } + } + else + { + EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); + ERR_add_error_data(4, "name=", oval->name, + ", value=", oval->value); } + } return 1; } -static void oid_module_finish(CONF_IMODULE *md) - { - OBJ_cleanup(); - } - -void ASN1_add_oid_module(void) +void EVP_add_alg_module(void) { - CONF_module_add("oid_section", oid_module_init, oid_module_finish); - } - -/* Create an OID based on a name value pair. Accept two formats. - * shortname = 1.2.3.4 - * shortname = some long name, 1.2.3.4 - */ - - -static int do_create(char *value, char *name) - { - int nid; - ASN1_OBJECT *oid; - char *ln, *ostr, *p, *lntmp; - p = strrchr(value, ','); - if (!p) - { - ln = name; - ostr = value; - } - else - { - ln = NULL; - ostr = p + 1; - if (!*ostr) - return 0; - while(isspace((unsigned char)*ostr)) ostr++; - } - - nid = OBJ_create(ostr, name, ln); - - if (nid == NID_undef) - return 0; - - if (p) - { - ln = value; - while(isspace((unsigned char)*ln)) ln++; - p--; - while(isspace((unsigned char)*p)) - { - if (p == ln) - return 0; - p--; - } - p++; - lntmp = OPENSSL_malloc((p - ln) + 1); - if (lntmp == NULL) - return 0; - memcpy(lntmp, ln, p - ln); - lntmp[p - ln] = 0; - oid = OBJ_nid2obj(nid); - oid->ln = lntmp; - } - - return 1; + CONF_module_add("alg_section", alg_module_init, 0); } - - diff --git a/crypto/openssl/crypto/evp/evp_enc.c b/crypto/openssl/crypto/evp/evp_enc.c index 6e582c458d..30e0ca4d9f 100644 --- a/crypto/openssl/crypto/evp/evp_enc.c +++ b/crypto/openssl/crypto/evp/evp_enc.c @@ -66,13 +66,15 @@ #endif #include "evp_locl.h" -const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; +#ifdef OPENSSL_FIPS + #define M_do_cipher(ctx, out, in, inl) \ + EVP_Cipher(ctx,out,in,inl) +#else + #define M_do_cipher(ctx, out, in, inl) \ + ctx->cipher->do_cipher(ctx,out,in,inl) +#endif -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) - { - memset(ctx,0,sizeof(EVP_CIPHER_CTX)); - /* ctx->cipher=NULL; */ - } +const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { @@ -90,144 +92,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); } -int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, - const unsigned char *key, const unsigned char *iv, int enc) - { - if (enc == -1) - enc = ctx->encrypt; - else - { - if (enc) - enc = 1; - ctx->encrypt = enc; - } -#ifndef OPENSSL_NO_ENGINE - /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts - * so this context may already have an ENGINE! Try to avoid releasing - * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ - if (ctx->engine && ctx->cipher && (!cipher || - (cipher && (cipher->nid == ctx->cipher->nid)))) - goto skip_to_init; -#endif - if (cipher) - { - /* Ensure a context left lying around from last time is cleared - * (the previous check attempted to avoid this if the same - * ENGINE and EVP_CIPHER could be used). */ - EVP_CIPHER_CTX_cleanup(ctx); - - /* Restore encrypt field: it is zeroed by cleanup */ - ctx->encrypt = enc; -#ifndef OPENSSL_NO_ENGINE - if(impl) - { - if (!ENGINE_init(impl)) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - else - /* Ask if an ENGINE is reserved for this job */ - impl = ENGINE_get_cipher_engine(cipher->nid); - if(impl) - { - /* There's an ENGINE for this job ... (apparently) */ - const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); - if(!c) - { - /* One positive side-effect of US's export - * control history, is that we should at least - * be able to avoid using US mispellings of - * "initialisation"? */ - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - /* We'll use the ENGINE's private cipher definition */ - cipher = c; - /* Store the ENGINE functional reference so we know - * 'cipher' came from an ENGINE and we need to release - * it when done. */ - ctx->engine = impl; - } - else - ctx->engine = NULL; -#endif - - ctx->cipher=cipher; - if (ctx->cipher->ctx_size) - { - ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); - if (!ctx->cipher_data) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); - return 0; - } - } - else - { - ctx->cipher_data = NULL; - } - ctx->key_len = cipher->key_len; - ctx->flags = 0; - if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) - { - if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - } - else if(!ctx->cipher) - { - EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); - return 0; - } -#ifndef OPENSSL_NO_ENGINE -skip_to_init: -#endif - /* we assume block size is a power of 2 in *cryptUpdate */ - OPENSSL_assert(ctx->cipher->block_size == 1 - || ctx->cipher->block_size == 8 - || ctx->cipher->block_size == 16); - - if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { - switch(EVP_CIPHER_CTX_mode(ctx)) { - - case EVP_CIPH_STREAM_CIPHER: - case EVP_CIPH_ECB_MODE: - break; - - case EVP_CIPH_CFB_MODE: - case EVP_CIPH_OFB_MODE: - - ctx->num = 0; - - case EVP_CIPH_CBC_MODE: - - OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= - (int)sizeof(ctx->iv)); - if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); - break; - - default: - return 0; - break; - } - } - - if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { - if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; - } - ctx->buf_len=0; - ctx->final_used=0; - ctx->block_mask=ctx->cipher->block_size-1; - return 1; - } - int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { @@ -287,7 +151,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) { - if(ctx->cipher->do_cipher(ctx,out,in,inl)) + if(M_do_cipher(ctx,out,in,inl)) { *outl=inl; return 1; @@ -314,7 +178,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, { j=bl-i; memcpy(&(ctx->buf[i]),in,j); - if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0; + if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; inl-=j; in+=j; out+=bl; @@ -327,7 +191,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, inl-=i; if (inl > 0) { - if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0; + if(!M_do_cipher(ctx,out,in,inl)) return 0; *outl+=inl; } @@ -371,7 +235,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) n=b-bl; for (i=bl; ibuf[i]=n; - ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b); + ret=M_do_cipher(ctx,out,ctx->buf,b); if(ret) @@ -493,28 +357,6 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) } } -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) - { - if (c->cipher != NULL) - { - if(c->cipher->cleanup && !c->cipher->cleanup(c)) - return 0; - /* Cleanse cipher context data */ - if (c->cipher_data) - OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); - } - if (c->cipher_data) - OPENSSL_free(c->cipher_data); -#ifndef OPENSSL_NO_ENGINE - if (c->engine) - /* The EVP_CIPHER we used belongs to an ENGINE, release the - * functional reference we held for this reason. */ - ENGINE_finish(c->engine); -#endif - memset(c,0,sizeof(EVP_CIPHER_CTX)); - return 1; - } - int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) { if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) @@ -536,27 +378,6 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) return 1; } -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - int ret; - if(!ctx->cipher) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); - return 0; - } - - if(!ctx->cipher->ctrl) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); - return 0; - } - - ret = ctx->cipher->ctrl(ctx, type, arg, ptr); - if(ret == -1) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); - return 0; - } - return ret; -} - int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) { if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) @@ -566,3 +387,54 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) return 1; } +#ifndef OPENSSL_NO_ENGINE + +#ifdef OPENSSL_FIPS + +static int do_evp_enc_engine_full(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) + { + if(impl) + { + if (!ENGINE_init(impl)) + { + EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); + return 0; + } + } + else + /* Ask if an ENGINE is reserved for this job */ + impl = ENGINE_get_cipher_engine((*pcipher)->nid); + if(impl) + { + /* There's an ENGINE for this job ... (apparently) */ + const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); + if(!c) + { + /* One positive side-effect of US's export + * control history, is that we should at least + * be able to avoid using US mispellings of + * "initialisation"? */ + EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); + return 0; + } + /* We'll use the ENGINE's private cipher definition */ + *pcipher = c; + /* Store the ENGINE functional reference so we know + * 'cipher' came from an ENGINE and we need to release + * it when done. */ + ctx->engine = impl; + } + else + ctx->engine = NULL; + return 1; + } + +void int_EVP_CIPHER_init_engine_callbacks(void) + { + int_EVP_CIPHER_set_engine_callbacks( + ENGINE_finish, do_evp_enc_engine_full); + } + +#endif + +#endif diff --git a/crypto/openssl/crypto/evp/evp_err.c b/crypto/openssl/crypto/evp/evp_err.c index e8c9e8de9c..b5b900d4fe 100644 --- a/crypto/openssl/crypto/evp/evp_err.c +++ b/crypto/openssl/crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,16 +71,23 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, +{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, +{ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE), "DO_EVP_ENC_ENGINE"}, +{ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE_FULL), "DO_EVP_ENC_ENGINE_FULL"}, +{ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE), "DO_EVP_MD_ENGINE"}, +{ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE_FULL), "DO_EVP_MD_ENGINE_FULL"}, {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, +{ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"}, {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, +{ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"}, {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, @@ -125,15 +132,20 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, +{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, +{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"}, +{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, +{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"}, {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, +{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"}, {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, {ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, {ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, @@ -145,6 +157,8 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, +{ERR_REASON(EVP_R_SEED_KEY_SETUP_FAILED) ,"seed key setup failed"}, +{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"}, {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, diff --git a/crypto/openssl/crypto/evp/evp_lib.c b/crypto/openssl/crypto/evp/evp_lib.c index edb28ef38e..174cf6c594 100644 --- a/crypto/openssl/crypto/evp/evp_lib.c +++ b/crypto/openssl/crypto/evp/evp_lib.c @@ -67,6 +67,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->set_asn1_parameters != NULL) ret=c->cipher->set_asn1_parameters(c,type); + else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) + ret=EVP_CIPHER_set_asn1_iv(c, type); else ret=-1; return(ret); @@ -78,6 +80,8 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->get_asn1_parameters != NULL) ret=c->cipher->get_asn1_parameters(c,type); + else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) + ret=EVP_CIPHER_get_asn1_iv(c, type); else ret=-1; return(ret); @@ -178,11 +182,6 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) return ctx->cipher->block_size; } -int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) - { - return ctx->cipher->do_cipher(ctx,out,in,inl); - } - const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) { return ctx->cipher; @@ -193,11 +192,6 @@ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) return cipher->flags; } -unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->flags; - } - void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) { return ctx->app_data; @@ -213,11 +207,6 @@ int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) return cipher->iv_len; } -int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) - { - return ctx->cipher->iv_len; - } - int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) { return cipher->key_len; @@ -228,11 +217,6 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) return ctx->key_len; } -int EVP_CIPHER_nid(const EVP_CIPHER *cipher) - { - return cipher->nid; - } - int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) { return ctx->cipher->nid; @@ -277,3 +261,18 @@ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) { return (ctx->flags & flags); } + +void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) + { + ctx->flags |= flags; + } + +void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) + { + ctx->flags &= ~flags; + } + +int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) + { + return (ctx->flags & flags); + } diff --git a/crypto/openssl/crypto/evp/evp_locl.h b/crypto/openssl/crypto/evp/evp_locl.h index 073b0adcff..eabcc96f30 100644 --- a/crypto/openssl/crypto/evp/evp_locl.h +++ b/crypto/openssl/crypto/evp/evp_locl.h @@ -1,5 +1,5 @@ /* evp_locl.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== @@ -92,7 +92,7 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ {\ - cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ + cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ return 1;\ } @@ -226,11 +226,27 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - 0, cipher##_init_key, NULL, \ - EVP_CIPHER_set_asn1_iv, \ - EVP_CIPHER_get_asn1_iv, \ - NULL) + (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ + cipher##_init_key, NULL, NULL, NULL, NULL) + +#ifdef OPENSSL_FIPS +#define RC2_set_key private_RC2_set_key +#define RC4_set_key private_RC4_set_key +#define CAST_set_key private_CAST_set_key +#define RC5_32_set_key private_RC5_32_set_key +#define BF_set_key private_BF_set_key +#define Camellia_set_key private_Camellia_set_key +#define idea_set_encrypt_key private_idea_set_encrypt_key + +#define MD5_Init private_MD5_Init +#define MD4_Init private_MD4_Init +#define MD2_Init private_MD2_Init +#define MDC2_Init private_MDC2_Init +#define SHA_Init private_SHA_Init + +#endif + diff --git a/crypto/openssl/crypto/evp/evp_pbe.c b/crypto/openssl/crypto/evp/evp_pbe.c index c26d2de0f3..5e830be65f 100644 --- a/crypto/openssl/crypto/evp/evp_pbe.c +++ b/crypto/openssl/crypto/evp/evp_pbe.c @@ -1,5 +1,5 @@ /* evp_pbe.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/evp/evp_pkey.c b/crypto/openssl/crypto/evp/evp_pkey.c index 0147f3e02a..10d9e9e772 100644 --- a/crypto/openssl/crypto/evp/evp_pkey.c +++ b/crypto/openssl/crypto/evp/evp_pkey.c @@ -1,5 +1,5 @@ /* evp_pkey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/evp/m_dss.c b/crypto/openssl/crypto/evp/m_dss.c index a948c77fa4..6b0c0aa7a3 100644 --- a/crypto/openssl/crypto/evp/m_dss.c +++ b/crypto/openssl/crypto/evp/m_dss.c @@ -81,7 +81,7 @@ static const EVP_MD dsa_md= NID_dsaWithSHA, NID_dsaWithSHA, SHA_DIGEST_LENGTH, - 0, + EVP_MD_FLAG_FIPS, init, update, final, diff --git a/crypto/openssl/crypto/evp/m_dss1.c b/crypto/openssl/crypto/evp/m_dss1.c index c12e13972b..da8babc147 100644 --- a/crypto/openssl/crypto/evp/m_dss1.c +++ b/crypto/openssl/crypto/evp/m_dss1.c @@ -68,6 +68,8 @@ #include #endif +#ifndef OPENSSL_FIPS + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } @@ -98,3 +100,4 @@ const EVP_MD *EVP_dss1(void) return(&dss1_md); } #endif +#endif diff --git a/crypto/openssl/crypto/evp/m_md2.c b/crypto/openssl/crypto/evp/m_md2.c index 5ce849f161..8eee6236ba 100644 --- a/crypto/openssl/crypto/evp/m_md2.c +++ b/crypto/openssl/crypto/evp/m_md2.c @@ -58,6 +58,7 @@ #include #include "cryptlib.h" +#include "evp_locl.h" #ifndef OPENSSL_NO_MD2 diff --git a/crypto/openssl/crypto/evp/m_md4.c b/crypto/openssl/crypto/evp/m_md4.c index 1e0b7c5b42..5cd2ab5ade 100644 --- a/crypto/openssl/crypto/evp/m_md4.c +++ b/crypto/openssl/crypto/evp/m_md4.c @@ -58,6 +58,7 @@ #include #include "cryptlib.h" +#include "evp_locl.h" #ifndef OPENSSL_NO_MD4 diff --git a/crypto/openssl/crypto/evp/m_md5.c b/crypto/openssl/crypto/evp/m_md5.c index 63c142119e..6455829671 100644 --- a/crypto/openssl/crypto/evp/m_md5.c +++ b/crypto/openssl/crypto/evp/m_md5.c @@ -62,6 +62,7 @@ #ifndef OPENSSL_NO_MD5 #include +#include "evp_locl.h" #include #include #include diff --git a/crypto/openssl/crypto/evp/m_mdc2.c b/crypto/openssl/crypto/evp/m_mdc2.c index 36c4e9b134..9f9bcf06ed 100644 --- a/crypto/openssl/crypto/evp/m_mdc2.c +++ b/crypto/openssl/crypto/evp/m_mdc2.c @@ -58,6 +58,7 @@ #include #include "cryptlib.h" +#include "evp_locl.h" #ifndef OPENSSL_NO_MDC2 diff --git a/crypto/openssl/crypto/evp/m_sha.c b/crypto/openssl/crypto/evp/m_sha.c index acccc8f92d..3f30dfc579 100644 --- a/crypto/openssl/crypto/evp/m_sha.c +++ b/crypto/openssl/crypto/evp/m_sha.c @@ -58,6 +58,7 @@ #include #include "cryptlib.h" +#include "evp_locl.h" #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) diff --git a/crypto/openssl/crypto/evp/m_sha1.c b/crypto/openssl/crypto/evp/m_sha1.c index 4679b1c463..471ec30be0 100644 --- a/crypto/openssl/crypto/evp/m_sha1.c +++ b/crypto/openssl/crypto/evp/m_sha1.c @@ -68,6 +68,8 @@ #include #endif +#ifndef OPENSSL_FIPS + static int init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); } @@ -97,7 +99,6 @@ const EVP_MD *EVP_sha1(void) { return(&sha1_md); } -#endif #ifndef OPENSSL_NO_SHA256 static int init224(EVP_MD_CTX *ctx) @@ -202,3 +203,7 @@ static const EVP_MD sha512_md= const EVP_MD *EVP_sha512(void) { return(&sha512_md); } #endif /* ifndef OPENSSL_NO_SHA512 */ + +#endif + +#endif diff --git a/crypto/openssl/crypto/evp/names.c b/crypto/openssl/crypto/evp/names.c index 88c1e780dd..e2e04c3570 100644 --- a/crypto/openssl/crypto/evp/names.c +++ b/crypto/openssl/crypto/evp/names.c @@ -66,6 +66,10 @@ int EVP_add_cipher(const EVP_CIPHER *c) { int r; +#ifdef OPENSSL_FIPS + OPENSSL_init(); +#endif + r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); if (r == 0) return(0); r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); @@ -77,6 +81,9 @@ int EVP_add_digest(const EVP_MD *md) int r; const char *name; +#ifdef OPENSSL_FIPS + OPENSSL_init(); +#endif name=OBJ_nid2sn(md->type); r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); diff --git a/crypto/openssl/crypto/evp/p5_crpt.c b/crypto/openssl/crypto/evp/p5_crpt.c index 48d50014a0..2a265fdee2 100644 --- a/crypto/openssl/crypto/evp/p5_crpt.c +++ b/crypto/openssl/crypto/evp/p5_crpt.c @@ -1,5 +1,5 @@ /* p5_crpt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/evp/p5_crpt2.c b/crypto/openssl/crypto/evp/p5_crpt2.c index c969d5a206..6bec77baf9 100644 --- a/crypto/openssl/crypto/evp/p5_crpt2.c +++ b/crypto/openssl/crypto/evp/p5_crpt2.c @@ -1,5 +1,5 @@ /* p5_crpt2.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/evp/p_sign.c b/crypto/openssl/crypto/evp/p_sign.c index e4ae5906f5..bf41a0db68 100644 --- a/crypto/openssl/crypto/evp/p_sign.c +++ b/crypto/openssl/crypto/evp/p_sign.c @@ -84,10 +84,6 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, MS_STATIC EVP_MD_CTX tmp_ctx; *siglen=0; - EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); - EVP_MD_CTX_cleanup(&tmp_ctx); for (i=0; i<4; i++) { v=ctx->digest->required_pkey_type[i]; @@ -108,7 +104,23 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); return(0); } - return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, - pkey->pkey.ptr)); + EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) + { + EVP_MD_SVCTX sctmp; + sctmp.mctx = &tmp_ctx; + sctmp.key = pkey->pkey.ptr; + i = ctx->digest->sign(ctx->digest->type, + NULL, -1, sigret, siglen, &sctmp); + } + else + { + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); + i = ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, + pkey->pkey.ptr); + } + EVP_MD_CTX_cleanup(&tmp_ctx); + return i; } diff --git a/crypto/openssl/crypto/evp/p_verify.c b/crypto/openssl/crypto/evp/p_verify.c index 21a40a375e..2d46dffe7e 100644 --- a/crypto/openssl/crypto/evp/p_verify.c +++ b/crypto/openssl/crypto/evp/p_verify.c @@ -85,17 +85,29 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); return(-1); } - EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); - EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); - EVP_MD_CTX_cleanup(&tmp_ctx); - if (ctx->digest->verify == NULL) + if (ctx->digest->verify == NULL) { EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); return(0); } - return(ctx->digest->verify(ctx->digest->type,m,m_len, - sigbuf,siglen,pkey->pkey.ptr)); + EVP_MD_CTX_init(&tmp_ctx); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) + { + EVP_MD_SVCTX sctmp; + sctmp.mctx = &tmp_ctx; + sctmp.key = pkey->pkey.ptr; + i = ctx->digest->verify(ctx->digest->type, + NULL, -1, sigbuf, siglen, &sctmp); + } + else + { + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); + i = ctx->digest->verify(ctx->digest->type,m,m_len, + sigbuf,siglen,pkey->pkey.ptr); + } + EVP_MD_CTX_cleanup(&tmp_ctx); + return i; } diff --git a/crypto/openssl/crypto/fips_err.c b/crypto/openssl/crypto/fips_err.c new file mode 100644 index 0000000000..09f11748f6 --- /dev/null +++ b/crypto/openssl/crypto/fips_err.c @@ -0,0 +1,7 @@ +#include + +#ifdef OPENSSL_FIPS +# include "fips_err.h" +#else +static void *dummy=&dummy; +#endif diff --git a/crypto/openssl/crypto/fips_err.h b/crypto/openssl/crypto/fips_err.h new file mode 100644 index 0000000000..b328616858 --- /dev/null +++ b/crypto/openssl/crypto/fips_err.h @@ -0,0 +1,137 @@ +/* crypto/fips_err.h */ +/* ==================================================================== + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file, + * only reason strings will be preserved. + */ + +#include +#include +#include + +/* BEGIN ERROR CODES */ +#ifndef OPENSSL_NO_ERR + +#define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0) +#define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason) + +static ERR_STRING_DATA FIPS_str_functs[]= + { +{ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, +{ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, +{ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"}, +{ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"}, +{ERR_FUNC(FIPS_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, +{ERR_FUNC(FIPS_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_CHECK_INCORE_FINGERPRINT"}, +{ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "FIPS_CHECK_RSA"}, +{ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, +{ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, +{ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_RNG), "FIPS_selftest_rng"}, +{ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"}, +{ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"}, +{ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, +{ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, +{ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"}, +{ERR_FUNC(FIPS_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, +{0,NULL} + }; + +static ERR_STRING_DATA FIPS_str_reasons[]= + { +{ERR_REASON(FIPS_R_CANNOT_READ_EXE) ,"cannot read exe"}, +{ERR_REASON(FIPS_R_CANNOT_READ_EXE_DIGEST),"cannot read exe digest"}, +{ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE),"contradicting evidence"}, +{ERR_REASON(FIPS_R_EXE_DIGEST_DOES_NOT_MATCH),"exe digest does not match"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),"fingerprint does not match"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),"fingerprint does not match nonpic relocated"}, +{ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),"fingerprint does not match segment aliasing"}, +{ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET),"fips mode already set"}, +{ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED) ,"fips selftest failed"}, +{ERR_REASON(FIPS_R_INVALID_KEY_LENGTH) ,"invalid key length"}, +{ERR_REASON(FIPS_R_KEY_TOO_SHORT) ,"key too short"}, +{ERR_REASON(FIPS_R_NON_FIPS_METHOD) ,"non fips method"}, +{ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED) ,"pairwise test failed"}, +{ERR_REASON(FIPS_R_RSA_DECRYPT_ERROR) ,"rsa decrypt error"}, +{ERR_REASON(FIPS_R_RSA_ENCRYPT_ERROR) ,"rsa encrypt error"}, +{ERR_REASON(FIPS_R_SELFTEST_FAILED) ,"selftest failed"}, +{ERR_REASON(FIPS_R_TEST_FAILURE) ,"test failure"}, +{ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM) ,"unsupported platform"}, +{0,NULL} + }; + +#endif + +void ERR_load_FIPS_strings(void) + { +#ifndef OPENSSL_NO_ERR + + if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) + { + ERR_load_strings(0,FIPS_str_functs); + ERR_load_strings(0,FIPS_str_reasons); + } +#endif + } diff --git a/crypto/openssl/crypto/hmac/hmac.c b/crypto/openssl/crypto/hmac/hmac.c index 1d140f7adb..cbc1c76a57 100644 --- a/crypto/openssl/crypto/hmac/hmac.c +++ b/crypto/openssl/crypto/hmac/hmac.c @@ -61,6 +61,8 @@ #include "cryptlib.h" #include +#ifndef OPENSSL_FIPS + void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl) { @@ -178,3 +180,4 @@ void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); } +#endif diff --git a/crypto/openssl/crypto/ia64cpuid.S b/crypto/openssl/crypto/ia64cpuid.S deleted file mode 100644 index 04fbb3439e..0000000000 --- a/crypto/openssl/crypto/ia64cpuid.S +++ /dev/null @@ -1,121 +0,0 @@ -// Works on all IA-64 platforms: Linux, HP-UX, Win64i... -// On Win64i compile with ias.exe. -.text -.global OPENSSL_rdtsc# -.proc OPENSSL_rdtsc# -OPENSSL_rdtsc: -{ .mib; mov r8=ar.itc - br.ret.sptk.many b0 };; -.endp OPENSSL_rdtsc# - -.global OPENSSL_atomic_add# -.proc OPENSSL_atomic_add# -.align 32 -OPENSSL_atomic_add: -{ .mii; ld4 r2=[r32] - nop.i 0 - nop.i 0 };; -.Lspin: -{ .mii; mov ar.ccv=r2 - add r8=r2,r33 - mov r3=r2 };; -{ .mmi; mf - cmpxchg4.acq r2=[r32],r8,ar.ccv - nop.i 0 };; -{ .mib; cmp.ne p6,p0=r2,r3 - nop.i 0 -(p6) br.dpnt .Lspin };; -{ .mib; nop.m 0 - sxt4 r8=r8 - br.ret.sptk.many b0 };; -.endp OPENSSL_atomic_add# - -// Returns a structure comprising pointer to the top of stack of -// the caller and pointer beyond backing storage for the current -// register frame. The latter is required, because it might be -// insufficient to wipe backing storage for the current frame -// (as this procedure does), one might have to go further, toward -// higher addresses to reach for whole "retroactively" saved -// context... -.global OPENSSL_wipe_cpu# -.proc OPENSSL_wipe_cpu# -.align 32 -OPENSSL_wipe_cpu: - .prologue - .fframe 0 - .save ar.pfs,r2 - .save ar.lc,r3 -{ .mib; alloc r2=ar.pfs,0,96,0,96 - mov r3=ar.lc - brp.loop.imp .L_wipe_top,.L_wipe_end-16 - };; -{ .mii; mov r9=ar.bsp - mov r8=pr - mov ar.lc=96 };; - .body -{ .mii; add r9=96*8-8,r9 - mov ar.ec=1 };; - -// One can sweep double as fast, but then we can't quarantee -// that backing storage is wiped... -.L_wipe_top: -{ .mfi; st8 [r9]=r0,-8 - mov f127=f0 - mov r127=r0 } -{ .mfb; nop.m 0 - nop.f 0 - br.ctop.sptk .L_wipe_top };; -.L_wipe_end: - -{ .mfi; mov r11=r0 - mov f6=f0 - mov r14=r0 } -{ .mfi; mov r15=r0 - mov f7=f0 - mov r16=r0 } -{ .mfi; mov r17=r0 - mov f8=f0 - mov r18=r0 } -{ .mfi; mov r19=r0 - mov f9=f0 - mov r20=r0 } -{ .mfi; mov r21=r0 - mov f10=f0 - mov r22=r0 } -{ .mfi; mov r23=r0 - mov f11=f0 - mov r24=r0 } -{ .mfi; mov r25=r0 - mov f12=f0 - mov r26=r0 } -{ .mfi; mov r27=r0 - mov f13=f0 - mov r28=r0 } -{ .mfi; mov r29=r0 - mov f14=f0 - mov r30=r0 } -{ .mfi; mov r31=r0 - mov f15=f0 - nop.i 0 } -{ .mfi; mov f16=f0 } -{ .mfi; mov f17=f0 } -{ .mfi; mov f18=f0 } -{ .mfi; mov f19=f0 } -{ .mfi; mov f20=f0 } -{ .mfi; mov f21=f0 } -{ .mfi; mov f22=f0 } -{ .mfi; mov f23=f0 } -{ .mfi; mov f24=f0 } -{ .mfi; mov f25=f0 } -{ .mfi; mov f26=f0 } -{ .mfi; mov f27=f0 } -{ .mfi; mov f28=f0 } -{ .mfi; mov f29=f0 } -{ .mfi; mov f30=f0 } -{ .mfi; add r9=96*8+8,r9 - mov f31=f0 - mov pr=r8,0x1ffff } -{ .mib; mov r8=sp - mov ar.lc=r3 - br.ret.sptk b0 };; -.endp OPENSSL_wipe_cpu# diff --git a/crypto/openssl/crypto/idea/i_skey.c b/crypto/openssl/crypto/idea/i_skey.c index 3b1bbd8a45..fa75b14466 100644 --- a/crypto/openssl/crypto/idea/i_skey.c +++ b/crypto/openssl/crypto/idea/i_skey.c @@ -57,10 +57,27 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "idea_lcl.h" static IDEA_INT inverse(unsigned int xin); + +#ifdef OPENSSL_FIPS +void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(IDEA) + private_idea_set_encrypt_key(key, ks); + } +void private_idea_set_encrypt_key(const unsigned char *key, + IDEA_KEY_SCHEDULE *ks) +#else void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) +#endif { int i; register IDEA_INT *kt,*kf,r0,r1,r2; diff --git a/crypto/openssl/crypto/idea/idea.h b/crypto/openssl/crypto/idea/idea.h index bf97a37e39..a137d4cbce 100644 --- a/crypto/openssl/crypto/idea/idea.h +++ b/crypto/openssl/crypto/idea/idea.h @@ -83,6 +83,9 @@ typedef struct idea_key_st const char *idea_options(void); void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks); +#ifdef OPENSSL_FIPS +void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); +#endif void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, diff --git a/crypto/openssl/crypto/md2/md2.h b/crypto/openssl/crypto/md2/md2.h index a46120e7d4..d59c9f2593 100644 --- a/crypto/openssl/crypto/md2/md2.h +++ b/crypto/openssl/crypto/md2/md2.h @@ -81,6 +81,9 @@ typedef struct MD2state_st } MD2_CTX; const char *MD2_options(void); +#ifdef OPENSSL_FIPS +int private_MD2_Init(MD2_CTX *c); +#endif int MD2_Init(MD2_CTX *c); int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); int MD2_Final(unsigned char *md, MD2_CTX *c); diff --git a/crypto/openssl/crypto/md2/md2_dgst.c b/crypto/openssl/crypto/md2/md2_dgst.c index 6f68b25c6a..cc4eeaf7a7 100644 --- a/crypto/openssl/crypto/md2/md2_dgst.c +++ b/crypto/openssl/crypto/md2/md2_dgst.c @@ -62,6 +62,11 @@ #include #include #include +#ifdef OPENSSL_FIPS +#include +#endif + +#include const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; @@ -116,7 +121,7 @@ const char *MD2_options(void) return("md2(int)"); } -int MD2_Init(MD2_CTX *c) +FIPS_NON_FIPS_MD_Init(MD2) { c->num=0; memset(c->state,0,sizeof c->state); diff --git a/crypto/openssl/crypto/md4/md4.h b/crypto/openssl/crypto/md4/md4.h index 5598c93a4f..ba1fe4a6ee 100644 --- a/crypto/openssl/crypto/md4/md4.h +++ b/crypto/openssl/crypto/md4/md4.h @@ -105,6 +105,9 @@ typedef struct MD4state_st unsigned int num; } MD4_CTX; +#ifdef OPENSSL_FIPS +int private_MD4_Init(MD4_CTX *c); +#endif int MD4_Init(MD4_CTX *c); int MD4_Update(MD4_CTX *c, const void *data, size_t len); int MD4_Final(unsigned char *md, MD4_CTX *c); diff --git a/crypto/openssl/crypto/md4/md4_dgst.c b/crypto/openssl/crypto/md4/md4_dgst.c index cfef94af39..0f5448601d 100644 --- a/crypto/openssl/crypto/md4/md4_dgst.c +++ b/crypto/openssl/crypto/md4/md4_dgst.c @@ -59,6 +59,11 @@ #include #include "md4_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; @@ -70,7 +75,7 @@ const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD4_Init(MD4_CTX *c) +FIPS_NON_FIPS_MD_Init(MD4) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/openssl/crypto/md5/asm/md5-586.pl b/crypto/openssl/crypto/md5/asm/md5-586.pl deleted file mode 100644 index fa3fa3bed5..0000000000 --- a/crypto/openssl/crypto/md5/asm/md5-586.pl +++ /dev/null @@ -1,306 +0,0 @@ -#!/usr/local/bin/perl - -# Normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X); -# version, non-normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks); - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$A="eax"; -$B="ebx"; -$C="ecx"; -$D="edx"; -$tmp1="edi"; -$tmp2="ebp"; -$X="esi"; - -# What we need to load into $tmp for the next round -%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D)); -@xo=( - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0 - 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1 - 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2 - 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 - ); - -&md5_block("md5_block_asm_host_order"); -&asm_finish(); - -sub Np - { - local($p)=@_; - local(%n)=($A,$D,$B,$A,$C,$B,$D,$C); - return($n{$p}); - } - -sub R0 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &mov($tmp1,$C) if $pos < 0; - &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one - - # body proper - - &comment("R0 $ki"); - &xor($tmp1,$d); # F function - part 2 - - &and($tmp1,$b); # F function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$d); # F function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0 - &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1 - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$b); - } - -sub R1 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R1 $ki"); - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$b); # G function - part 2 - &and($tmp1,$d); # G function - part 3 - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - &xor($tmp1,$c); # G function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1 - &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - -sub R2 - { - local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - # This one is different, only 3 logical operations - -if (($n & 1) == 0) - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($a,$tmp1); - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)); - &mov($tmp1,&Np($c)); - } -else - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($b,$c); # MOVED FORWARD - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1 - &mov($tmp1,-1) if $pos == 1; # I function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - } - -sub R3 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R3 $ki"); - - # ¬($tmp1) - &xor($tmp1,$d) if $pos < 0; # I function - part 2 - - &or($tmp1,$b); # I function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$c); # I function - part 4 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value - &mov($tmp2,&wparam(0)) if $pos == 2; - - &add($a,$tmp1); - &mov($tmp1,-1) if $pos < 1; # H function - part 1 - &add($K,64) if $pos >=1 && !$normal; - - &rotl($a,$s); - - &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time - &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0; - &add($a,$b); - } - - -sub md5_block - { - local($name)=@_; - - &function_begin_B($name,"",3); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - - &push("esi"); - &push("edi"); - &mov($tmp1, &wparam(0)); # edi - &mov($X, &wparam(1)); # esi - &mov($C, &wparam(2)); - &push("ebp"); - &shl($C, 6); - &push("ebx"); - &add($C, $X); # offset we end at - &sub($C, 64); - &mov($A, &DWP( 0,$tmp1,"",0)); - &push($C); # Put on the TOS - &mov($B, &DWP( 4,$tmp1,"",0)); - &mov($C, &DWP( 8,$tmp1,"",0)); - &mov($D, &DWP(12,$tmp1,"",0)); - - &set_label("start") unless $normal; - &comment(""); - &comment("R0 section"); - - &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478); - &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756); - &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db); - &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee); - &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf); - &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a); - &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613); - &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501); - &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8); - &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af); - &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1); - &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be); - &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122); - &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193); - &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e); - &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821); - - &comment(""); - &comment("R1 section"); - &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562); - &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340); - &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51); - &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa); - &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d); - &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453); - &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681); - &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8); - &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6); - &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6); - &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87); - &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed); - &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905); - &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8); - &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9); - &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a); - - &comment(""); - &comment("R2 section"); - &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942); - &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681); - &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122); - &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c); - &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44); - &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9); - &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60); - &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70); - &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6); - &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa); - &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085); - &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05); - &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039); - &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5); - &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8); - &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665); - - &comment(""); - &comment("R3 section"); - &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244); - &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97); - &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7); - &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039); - &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3); - &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92); - &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d); - &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1); - &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f); - &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0); - &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314); - &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1); - &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82); - &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235); - &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb); - &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391); - - # &mov($tmp2,&wparam(0)); # done in the last R3 - # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3 - - &add($A,$tmp1); - &mov($tmp1, &DWP( 4,$tmp2,"",0)); - - &add($B,$tmp1); - &mov($tmp1, &DWP( 8,$tmp2,"",0)); - - &add($C,$tmp1); - &mov($tmp1, &DWP(12,$tmp2,"",0)); - - &add($D,$tmp1); - &mov(&DWP( 0,$tmp2,"",0),$A); - - &mov(&DWP( 4,$tmp2,"",0),$B); - &mov($tmp1,&swtmp(0)) unless $normal; - - &mov(&DWP( 8,$tmp2,"",0),$C); - &mov(&DWP(12,$tmp2,"",0),$D); - - &cmp($tmp1,$X) unless $normal; # check count - &jae(&label("start")) unless $normal; - - &pop("eax"); # pop the temp variable off the stack - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - diff --git a/crypto/openssl/crypto/md5/asm/md5-x86_64.pl b/crypto/openssl/crypto/md5/asm/md5-x86_64.pl deleted file mode 100755 index c36a7febf7..0000000000 --- a/crypto/openssl/crypto/md5/asm/md5-x86_64.pl +++ /dev/null @@ -1,245 +0,0 @@ -#!/usr/bin/perl -w -# -# MD5 optimized for AMD64. -# -# Author: Marc Bevand -# Licence: I hereby disclaim the copyright on this code and place it -# in the public domain. -# - -use strict; - -my $code; - -# round1_step() does: -# dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s) -# %r10d = X[k_next] -# %r11d = z' (copy of z for the next step) -# Each round1_step() takes about 5.71 clocks (9 instructions, 1.58 IPC) -sub round1_step -{ - my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_; - $code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1); - $code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1); - $code .= <A - mov 1*4(%rbp), %ebx # ebx = ctx->B - mov 2*4(%rbp), %ecx # ecx = ctx->C - mov 3*4(%rbp), %edx # edx = ctx->D - # end is 'rdi' - # ptr is 'rsi' - # A is 'eax' - # B is 'ebx' - # C is 'ecx' - # D is 'edx' - - cmp %rdi, %rsi # cmp end with ptr - je .Lend # jmp if ptr == end - - # BEGIN of loop over 16-word blocks -.Lloop: # save old values of A, B, C, D - mov %eax, %r8d - mov %ebx, %r9d - mov %ecx, %r14d - mov %edx, %r15d -EOF -round1_step(-1,'%eax','%ebx','%ecx','%edx', '1','0xd76aa478', '7'); -round1_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xe8c7b756','12'); -round1_step( 0,'%ecx','%edx','%eax','%ebx', '3','0x242070db','17'); -round1_step( 0,'%ebx','%ecx','%edx','%eax', '4','0xc1bdceee','22'); -round1_step( 0,'%eax','%ebx','%ecx','%edx', '5','0xf57c0faf', '7'); -round1_step( 0,'%edx','%eax','%ebx','%ecx', '6','0x4787c62a','12'); -round1_step( 0,'%ecx','%edx','%eax','%ebx', '7','0xa8304613','17'); -round1_step( 0,'%ebx','%ecx','%edx','%eax', '8','0xfd469501','22'); -round1_step( 0,'%eax','%ebx','%ecx','%edx', '9','0x698098d8', '7'); -round1_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8b44f7af','12'); -round1_step( 0,'%ecx','%edx','%eax','%ebx','11','0xffff5bb1','17'); -round1_step( 0,'%ebx','%ecx','%edx','%eax','12','0x895cd7be','22'); -round1_step( 0,'%eax','%ebx','%ecx','%edx','13','0x6b901122', '7'); -round1_step( 0,'%edx','%eax','%ebx','%ecx','14','0xfd987193','12'); -round1_step( 0,'%ecx','%edx','%eax','%ebx','15','0xa679438e','17'); -round1_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x49b40821','22'); - -round2_step(-1,'%eax','%ebx','%ecx','%edx', '6','0xf61e2562', '5'); -round2_step( 0,'%edx','%eax','%ebx','%ecx','11','0xc040b340', '9'); -round2_step( 0,'%ecx','%edx','%eax','%ebx', '0','0x265e5a51','14'); -round2_step( 0,'%ebx','%ecx','%edx','%eax', '5','0xe9b6c7aa','20'); -round2_step( 0,'%eax','%ebx','%ecx','%edx','10','0xd62f105d', '5'); -round2_step( 0,'%edx','%eax','%ebx','%ecx','15', '0x2441453', '9'); -round2_step( 0,'%ecx','%edx','%eax','%ebx', '4','0xd8a1e681','14'); -round2_step( 0,'%ebx','%ecx','%edx','%eax', '9','0xe7d3fbc8','20'); -round2_step( 0,'%eax','%ebx','%ecx','%edx','14','0x21e1cde6', '5'); -round2_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xc33707d6', '9'); -round2_step( 0,'%ecx','%edx','%eax','%ebx', '8','0xf4d50d87','14'); -round2_step( 0,'%ebx','%ecx','%edx','%eax','13','0x455a14ed','20'); -round2_step( 0,'%eax','%ebx','%ecx','%edx', '2','0xa9e3e905', '5'); -round2_step( 0,'%edx','%eax','%ebx','%ecx', '7','0xfcefa3f8', '9'); -round2_step( 0,'%ecx','%edx','%eax','%ebx','12','0x676f02d9','14'); -round2_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x8d2a4c8a','20'); - -round3_step(-1,'%eax','%ebx','%ecx','%edx', '8','0xfffa3942', '4'); -round3_step( 0,'%edx','%eax','%ebx','%ecx','11','0x8771f681','11'); -round3_step( 0,'%ecx','%edx','%eax','%ebx','14','0x6d9d6122','16'); -round3_step( 0,'%ebx','%ecx','%edx','%eax', '1','0xfde5380c','23'); -round3_step( 0,'%eax','%ebx','%ecx','%edx', '4','0xa4beea44', '4'); -round3_step( 0,'%edx','%eax','%ebx','%ecx', '7','0x4bdecfa9','11'); -round3_step( 0,'%ecx','%edx','%eax','%ebx','10','0xf6bb4b60','16'); -round3_step( 0,'%ebx','%ecx','%edx','%eax','13','0xbebfbc70','23'); -round3_step( 0,'%eax','%ebx','%ecx','%edx', '0','0x289b7ec6', '4'); -round3_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xeaa127fa','11'); -round3_step( 0,'%ecx','%edx','%eax','%ebx', '6','0xd4ef3085','16'); -round3_step( 0,'%ebx','%ecx','%edx','%eax', '9', '0x4881d05','23'); -round3_step( 0,'%eax','%ebx','%ecx','%edx','12','0xd9d4d039', '4'); -round3_step( 0,'%edx','%eax','%ebx','%ecx','15','0xe6db99e5','11'); -round3_step( 0,'%ecx','%edx','%eax','%ebx', '2','0x1fa27cf8','16'); -round3_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xc4ac5665','23'); - -round4_step(-1,'%eax','%ebx','%ecx','%edx', '7','0xf4292244', '6'); -round4_step( 0,'%edx','%eax','%ebx','%ecx','14','0x432aff97','10'); -round4_step( 0,'%ecx','%edx','%eax','%ebx', '5','0xab9423a7','15'); -round4_step( 0,'%ebx','%ecx','%edx','%eax','12','0xfc93a039','21'); -round4_step( 0,'%eax','%ebx','%ecx','%edx', '3','0x655b59c3', '6'); -round4_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8f0ccc92','10'); -round4_step( 0,'%ecx','%edx','%eax','%ebx', '1','0xffeff47d','15'); -round4_step( 0,'%ebx','%ecx','%edx','%eax', '8','0x85845dd1','21'); -round4_step( 0,'%eax','%ebx','%ecx','%edx','15','0x6fa87e4f', '6'); -round4_step( 0,'%edx','%eax','%ebx','%ecx', '6','0xfe2ce6e0','10'); -round4_step( 0,'%ecx','%edx','%eax','%ebx','13','0xa3014314','15'); -round4_step( 0,'%ebx','%ecx','%edx','%eax', '4','0x4e0811a1','21'); -round4_step( 0,'%eax','%ebx','%ecx','%edx','11','0xf7537e82', '6'); -round4_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xbd3af235','10'); -round4_step( 0,'%ecx','%edx','%eax','%ebx', '9','0x2ad7d2bb','15'); -round4_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xeb86d391','21'); -$code .= <A = A - mov %ebx, 1*4(%rbp) # ctx->B = B - mov %ecx, 2*4(%rbp) # ctx->C = C - mov %edx, 3*4(%rbp) # ctx->D = D - - pop %r15 - pop %r14 - pop %rbx - pop %rbp - ret -.size md5_block_asm_host_order,.-md5_block_asm_host_order -EOF - -print $code; - -close STDOUT; diff --git a/crypto/openssl/crypto/md5/md5.h b/crypto/openssl/crypto/md5/md5.h index dbdc0e1abc..0761f84a27 100644 --- a/crypto/openssl/crypto/md5/md5.h +++ b/crypto/openssl/crypto/md5/md5.h @@ -105,6 +105,9 @@ typedef struct MD5state_st unsigned int num; } MD5_CTX; +#ifdef OPENSSL_FIPS +int private_MD5_Init(MD5_CTX *c); +#endif int MD5_Init(MD5_CTX *c); int MD5_Update(MD5_CTX *c, const void *data, size_t len); int MD5_Final(unsigned char *md, MD5_CTX *c); diff --git a/crypto/openssl/crypto/md5/md5_dgst.c b/crypto/openssl/crypto/md5/md5_dgst.c index b96e332ba4..47bb9020ee 100644 --- a/crypto/openssl/crypto/md5/md5_dgst.c +++ b/crypto/openssl/crypto/md5/md5_dgst.c @@ -59,6 +59,11 @@ #include #include "md5_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; @@ -70,7 +75,7 @@ const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; #define INIT_DATA_C (unsigned long)0x98badcfeL #define INIT_DATA_D (unsigned long)0x10325476L -int MD5_Init(MD5_CTX *c) +FIPS_NON_FIPS_MD_Init(MD5) { c->A=INIT_DATA_A; c->B=INIT_DATA_B; diff --git a/crypto/openssl/crypto/mdc2/mdc2.h b/crypto/openssl/crypto/mdc2/mdc2.h index 72778a5212..7e1354116a 100644 --- a/crypto/openssl/crypto/mdc2/mdc2.h +++ b/crypto/openssl/crypto/mdc2/mdc2.h @@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st int pad_type; /* either 1 or 2, default 1 */ } MDC2_CTX; - +#ifdef OPENSSL_FIPS +int private_MDC2_Init(MDC2_CTX *c); +#endif int MDC2_Init(MDC2_CTX *c); int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); int MDC2_Final(unsigned char *md, MDC2_CTX *c); diff --git a/crypto/openssl/crypto/mdc2/mdc2dgst.c b/crypto/openssl/crypto/mdc2/mdc2dgst.c index 4aa406edc3..a36b3f578e 100644 --- a/crypto/openssl/crypto/mdc2/mdc2dgst.c +++ b/crypto/openssl/crypto/mdc2/mdc2dgst.c @@ -61,6 +61,11 @@ #include #include #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #undef c2l #define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ @@ -75,7 +80,7 @@ *((c)++)=(unsigned char)(((l)>>24L)&0xff)) static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len); -int MDC2_Init(MDC2_CTX *c) +FIPS_NON_FIPS_MD_Init(MDC2) { c->num=0; c->pad_type=1; diff --git a/crypto/openssl/crypto/mem.c b/crypto/openssl/crypto/mem.c index 6635167228..00ebaf0b9b 100644 --- a/crypto/openssl/crypto/mem.c +++ b/crypto/openssl/crypto/mem.c @@ -101,7 +101,7 @@ static void (*free_locked_func)(void *) = free; /* may be changed as long as 'allow_customize_debug' is set */ /* XXX use correct function pointer types */ -#ifdef CRYPTO_MDEBUG +#if defined(CRYPTO_MDEBUG) && !defined(OPENSSL_FIPS) /* use default functions from mem_dbg.c */ static void (*malloc_debug_func)(void *,int,const char *,int,int) = CRYPTO_dbg_malloc; @@ -110,6 +110,14 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; + +static int (*push_info_func)(const char *info, const char *file, int line) + = CRYPTO_dbg_push_info; +static int (*pop_info_func)(void) + = CRYPTO_dbg_pop_info; +static int (*remove_all_info_func)(void) + = CRYPTO_dbg_remove_all_info; + #else /* applications can use CRYPTO_malloc_debug_init() to select above case * at run-time */ @@ -119,6 +127,13 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) static void (*free_debug_func)(void *,int) = NULL; static void (*set_debug_options_func)(long) = NULL; static long (*get_debug_options_func)(void) = NULL; + + +static int (*push_info_func)(const char *info, const char *file, int line) + = NULL; +static int (*pop_info_func)(void) = NULL; +static int (*remove_all_info_func)(void) = NULL; + #endif @@ -194,6 +209,15 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), return 1; } +void CRYPTO_set_mem_info_functions( + int (*push_info_fn)(const char *info, const char *file, int line), + int (*pop_info_fn)(void), + int (*remove_all_info_fn)(void)) + { + push_info_func = push_info_fn; + pop_info_func = pop_info_fn; + remove_all_info_func = remove_all_info_fn; + } void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), void (**f)(void *)) @@ -399,3 +423,24 @@ long CRYPTO_get_mem_debug_options(void) return get_debug_options_func(); return 0; } + +int CRYPTO_push_info_(const char *info, const char *file, int line) + { + if (push_info_func) + return push_info_func(info, file, line); + return 1; + } + +int CRYPTO_pop_info(void) + { + if (pop_info_func) + return pop_info_func(); + return 1; + } + +int CRYPTO_remove_all_info(void) + { + if (remove_all_info_func) + return remove_all_info_func(); + return 1; + } diff --git a/crypto/openssl/crypto/mem_dbg.c b/crypto/openssl/crypto/mem_dbg.c index 8316485217..dfeb084799 100644 --- a/crypto/openssl/crypto/mem_dbg.c +++ b/crypto/openssl/crypto/mem_dbg.c @@ -330,7 +330,7 @@ static APP_INFO *pop_info(void) return(ret); } -int CRYPTO_push_info_(const char *info, const char *file, int line) +int CRYPTO_dbg_push_info(const char *info, const char *file, int line) { APP_INFO *ami, *amim; int ret=0; @@ -380,7 +380,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) return(ret); } -int CRYPTO_pop_info(void) +int CRYPTO_dbg_pop_info(void) { int ret=0; @@ -395,7 +395,7 @@ int CRYPTO_pop_info(void) return(ret); } -int CRYPTO_remove_all_info(void) +int CRYPTO_dbg_remove_all_info(void) { int ret=0; @@ -793,3 +793,25 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb) lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb); CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); } + +void CRYPTO_malloc_debug_init(void) + { + CRYPTO_set_mem_debug_functions( + CRYPTO_dbg_malloc, + CRYPTO_dbg_realloc, + CRYPTO_dbg_free, + CRYPTO_dbg_set_options, + CRYPTO_dbg_get_options); + CRYPTO_set_mem_info_functions( + CRYPTO_dbg_push_info, + CRYPTO_dbg_pop_info, + CRYPTO_dbg_remove_all_info); + } + +char *CRYPTO_strdup(const char *str, const char *file, int line) + { + char *ret = CRYPTO_malloc(strlen(str)+1, file, line); + + strcpy(ret, str); + return ret; + } diff --git a/crypto/openssl/crypto/conf/conf_mall.c b/crypto/openssl/crypto/o_init.c similarity index 75% copy from crypto/openssl/crypto/conf/conf_mall.c copy to crypto/openssl/crypto/o_init.c index 4ba40cf44c..00ed65a6cf 100644 --- a/crypto/openssl/crypto/conf/conf_mall.c +++ b/crypto/openssl/crypto/o_init.c @@ -1,9 +1,9 @@ -/* conf_mall.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL - * project 2001. +/* o_init.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. */ /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -20,12 +20,12 @@ * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. + * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written @@ -34,7 +34,7 @@ * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -56,25 +56,31 @@ * */ -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif +#include +#include -/* Load all OpenSSL builtin modules */ +/* Perform any essential OpenSSL initialization operations. + * Currently only sets FIPS callbacks + */ -void OPENSSL_load_builtin_modules(void) +void OPENSSL_init(void) { - /* Add builtin modules here */ - ASN1_add_oid_module(); -#ifndef OPENSSL_NO_ENGINE - ENGINE_add_conf_module(); +#ifdef OPENSSL_FIPS + static int done = 0; + if (!done) + { + int_ERR_lib_init(); +#ifdef CRYPTO_MDEBUG + CRYPTO_malloc_debug_init(); +#endif +#ifdef OPENSSL_ENGINE + int_EVP_MD_init_engine_callbacks(); + int_EVP_CIPHER_init_engine_callbacks(); + int_RAND_init_engine_callbacks(); +#endif + done = 1; + } #endif } + diff --git a/crypto/openssl/crypto/objects/obj_dat.h b/crypto/openssl/crypto/objects/obj_dat.h index 0ccc7c62be..dccc15e03c 100644 --- a/crypto/openssl/crypto/objects/obj_dat.h +++ b/crypto/openssl/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 857 -#define NUM_SN 850 -#define NUM_LN 850 -#define NUM_OBJ 804 +#define NUM_NID 859 +#define NUM_SN 852 +#define NUM_LN 852 +#define NUM_OBJ 806 -static unsigned char lvalues[5711]={ +static unsigned char lvalues[5722]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -872,6 +872,8 @@ static unsigned char lvalues[5711]={ 0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ 0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */ +0x55,0x1D,0x2E, /* [5710] OBJ_freshest_crl */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5713] OBJ_id_on_permanentIdentifier */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2256,6 +2258,10 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"HMAC","hmac",NID_hmac,0,NULL,0}, {"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9, &(lvalues[5701]),0}, +{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3, + &(lvalues[5710]),0}, +{"id-on-permanentIdentifier","Permanent Identifier", + NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -2534,6 +2540,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[126]),/* "extendedKeyUsage" */ &(nid_objs[372]),/* "extendedStatus" */ &(nid_objs[462]),/* "favouriteDrink" */ +&(nid_objs[857]),/* "freshestCRL" */ &(nid_objs[453]),/* "friendlyCountry" */ &(nid_objs[490]),/* "friendlyCountryName" */ &(nid_objs[156]),/* "friendlyName" */ @@ -2678,6 +2685,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[279]),/* "id-mod-qualified-cert-93" */ &(nid_objs[281]),/* "id-mod-timestamp-protocol" */ &(nid_objs[264]),/* "id-on" */ +&(nid_objs[858]),/* "id-on-permanentIdentifier" */ &(nid_objs[347]),/* "id-on-personalData" */ &(nid_objs[265]),/* "id-pda" */ &(nid_objs[352]),/* "id-pda-countryOfCitizenship" */ @@ -3200,6 +3208,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[69]),/* "PBKDF2" */ &(nid_objs[162]),/* "PBMAC1" */ &(nid_objs[127]),/* "PKIX" */ +&(nid_objs[858]),/* "Permanent Identifier" */ &(nid_objs[164]),/* "Policy Qualifier CPS" */ &(nid_objs[165]),/* "Policy Qualifier User Notice" */ &(nid_objs[385]),/* "Private" */ @@ -3230,6 +3239,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[89]),/* "X509v3 Certificate Policies" */ &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ +&(nid_objs[857]),/* "X509v3 Freshest CRL" */ &(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ &(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */ @@ -4029,6 +4039,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ +&(nid_objs[857]),/* OBJ_freshest_crl 2 5 29 46 */ &(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ @@ -4476,6 +4487,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */ &(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */ &(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */ +&(nid_objs[858]),/* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */ &(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */ &(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */ &(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */ diff --git a/crypto/openssl/crypto/objects/obj_mac.h b/crypto/openssl/crypto/objects/obj_mac.h index 05fcbe7aa1..ad5f7cfc10 100644 --- a/crypto/openssl/crypto/objects/obj_mac.h +++ b/crypto/openssl/crypto/objects/obj_mac.h @@ -1734,6 +1734,11 @@ #define NID_id_on_personalData 347 #define OBJ_id_on_personalData OBJ_id_on,1L +#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier" +#define LN_id_on_permanentIdentifier "Permanent Identifier" +#define NID_id_on_permanentIdentifier 858 +#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L + #define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" #define NID_id_pda_dateOfBirth 348 #define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L @@ -2235,6 +2240,11 @@ #define NID_ext_key_usage 126 #define OBJ_ext_key_usage OBJ_id_ce,37L +#define SN_freshest_crl "freshestCRL" +#define LN_freshest_crl "X509v3 Freshest CRL" +#define NID_freshest_crl 857 +#define OBJ_freshest_crl OBJ_id_ce,46L + #define SN_inhibit_any_policy "inhibitAnyPolicy" #define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" #define NID_inhibit_any_policy 748 diff --git a/crypto/openssl/crypto/ocsp/ocsp_asn.c b/crypto/openssl/crypto/ocsp/ocsp_asn.c index 39b7a1c568..bfe892ac70 100644 --- a/crypto/openssl/crypto/ocsp/ocsp_asn.c +++ b/crypto/openssl/crypto/ocsp/ocsp_asn.c @@ -1,5 +1,5 @@ /* ocsp_asn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/ocsp/ocsp_ht.c b/crypto/openssl/crypto/ocsp/ocsp_ht.c index a8e569b74a..6abb30b2c0 100644 --- a/crypto/openssl/crypto/ocsp/ocsp_ht.c +++ b/crypto/openssl/crypto/ocsp/ocsp_ht.c @@ -1,5 +1,5 @@ /* ocsp_ht.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ /* ==================================================================== @@ -56,11 +56,12 @@ * */ -#include #include #include #include #include +#include "e_os.h" +#include #include #include #include diff --git a/crypto/openssl/crypto/ocsp/ocsp_srv.c b/crypto/openssl/crypto/ocsp/ocsp_srv.c index fffa134e75..1c606dd0b6 100644 --- a/crypto/openssl/crypto/ocsp/ocsp_srv.c +++ b/crypto/openssl/crypto/ocsp/ocsp_srv.c @@ -1,5 +1,5 @@ /* ocsp_srv.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/ocsp/ocsp_vfy.c b/crypto/openssl/crypto/ocsp/ocsp_vfy.c index 23ea41c847..4a0c3870d8 100644 --- a/crypto/openssl/crypto/ocsp/ocsp_vfy.c +++ b/crypto/openssl/crypto/ocsp/ocsp_vfy.c @@ -1,5 +1,5 @@ /* ocsp_vfy.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/opensslconf.h.in b/crypto/openssl/crypto/opensslconf.h.in deleted file mode 100644 index cee83acf98..0000000000 --- a/crypto/openssl/crypto/opensslconf.h.in +++ /dev/null @@ -1,159 +0,0 @@ -/* crypto/opensslconf.h.in */ - -/* Generate 80386 code? */ -#undef I386_ONLY - -#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ -#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) -#define ENGINESDIR "/usr/local/lib/engines" -#define OPENSSLDIR "/usr/local/ssl" -#endif -#endif - -#undef OPENSSL_UNISTD -#define OPENSSL_UNISTD - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned long -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) -#define CONFIG_HEADER_RC4_LOCL_H -/* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ -#undef RC4_INDEX -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ -#ifndef DES_UNROLL -#undef DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/crypto/openssl/crypto/opensslv.h b/crypto/openssl/crypto/opensslv.h index 5bdd370ac9..09687b5136 100644 --- a/crypto/openssl/crypto/opensslv.h +++ b/crypto/openssl/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x0090809fL +#define OPENSSL_VERSION_NUMBER 0x009080afL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8i-fips 15 Sep 2008" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8j-fips 07 Jan 2009" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8i 15 Sep 2008" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8j 07 Jan 2009" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/openssl/crypto/ossl_typ.h b/crypto/openssl/crypto/ossl_typ.h index 734200428f..0e7a380880 100644 --- a/crypto/openssl/crypto/ossl_typ.h +++ b/crypto/openssl/crypto/ossl_typ.h @@ -100,6 +100,8 @@ typedef int ASN1_NULL; #undef X509_EXTENSIONS #undef X509_CERT_PAIR #undef PKCS7_ISSUER_AND_SERIAL +#undef OCSP_REQUEST +#undef OCSP_RESPONSE #endif #ifdef BIGNUM diff --git a/crypto/openssl/crypto/pem/pem.h b/crypto/openssl/crypto/pem/pem.h index 670afa670b..6f8e01544b 100644 --- a/crypto/openssl/crypto/pem/pem.h +++ b/crypto/openssl/crypto/pem/pem.h @@ -125,6 +125,7 @@ extern "C" { #define PEM_STRING_DSA "DSA PRIVATE KEY" #define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" #define PEM_STRING_PKCS7 "PKCS7" +#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" #define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" #define PEM_STRING_PKCS8INF "PRIVATE KEY" #define PEM_STRING_DHPARAMS "DH PARAMETERS" diff --git a/crypto/openssl/crypto/pem/pem_all.c b/crypto/openssl/crypto/pem/pem_all.c index 66cbc7eb82..69dd19bf2e 100644 --- a/crypto/openssl/crypto/pem/pem_all.c +++ b/crypto/openssl/crypto/pem/pem_all.c @@ -194,7 +194,49 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, #endif +#ifdef OPENSSL_FIPS + +int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + EVP_PKEY_set1_RSA(k, x); + + ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} + +#ifndef OPENSSL_NO_FP_API +int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + + EVP_PKEY_set1_RSA(k, x); + + ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} +#endif + +#else + IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) + +#endif + IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) @@ -224,7 +266,47 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, return pkey_get_dsa(pktmp, dsa); } +#ifdef OPENSSL_FIPS + +int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + EVP_PKEY_set1_DSA(k, x); + + ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} + +#ifndef OPENSSL_NO_FP_API +int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + EVP_PKEY_set1_DSA(k, x); + ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} +#endif + +#else + IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) + +#endif + IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) #ifndef OPENSSL_NO_FP_API @@ -270,8 +352,49 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) + + +#ifdef OPENSSL_FIPS + +int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + EVP_PKEY_set1_EC_KEY(k, x); + + ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} + +#ifndef OPENSSL_NO_FP_API +int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) +{ + EVP_PKEY *k; + int ret; + k = EVP_PKEY_new(); + if (!k) + return 0; + EVP_PKEY_set1_EC_KEY(k, x); + ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); + EVP_PKEY_free(k); + return ret; +} +#endif + +#else + IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) +#endif + IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) #ifndef OPENSSL_NO_FP_API @@ -301,8 +424,59 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything * appropriate.) */ + +#ifdef OPENSSL_FIPS + +static const char *pkey_str(EVP_PKEY *x) + { + switch (x->type) + { + case EVP_PKEY_RSA: + return PEM_STRING_RSA; + + case EVP_PKEY_DSA: + return PEM_STRING_DSA; + + case EVP_PKEY_EC: + return PEM_STRING_ECPRIVATEKEY; + + default: + return NULL; + } + } + + +int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) + { + if (FIPS_mode()) + return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, + (char *)kstr, klen, cb, u); + else + return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, + pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u); + } + +#ifndef OPENSSL_NO_FP_API +int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, + unsigned char *kstr, int klen, + pem_password_cb *cb, void *u) + { + if (FIPS_mode()) + return PEM_write_PKCS8PrivateKey(fp, x, enc, + (char *)kstr, klen, cb, u); + else + return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, + pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u); + } +#endif + +#else IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) +#endif + IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) diff --git a/crypto/openssl/crypto/pem/pem_lib.c b/crypto/openssl/crypto/pem/pem_lib.c index 9bae4c8850..cbafefe416 100644 --- a/crypto/openssl/crypto/pem/pem_lib.c +++ b/crypto/openssl/crypto/pem/pem_lib.c @@ -216,6 +216,9 @@ static int check_pem(const char *nm, const char *name) if(!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7)) return 1; + if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) && + !strcmp(name, PEM_STRING_PKCS7)) return 1; + return 0; } diff --git a/crypto/openssl/crypto/pem/pem_x509.c b/crypto/openssl/crypto/pem/pem_x509.c index 19f88d8d3a..3f709f13e6 100644 --- a/crypto/openssl/crypto/pem/pem_x509.c +++ b/crypto/openssl/crypto/pem/pem_x509.c @@ -1,5 +1,5 @@ /* pem_x509.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pem/pem_xaux.c b/crypto/openssl/crypto/pem/pem_xaux.c index 63ce660cf1..7cc7491009 100644 --- a/crypto/openssl/crypto/pem/pem_xaux.c +++ b/crypto/openssl/crypto/pem/pem_xaux.c @@ -1,5 +1,5 @@ /* pem_xaux.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/perlasm/cbc.pl b/crypto/openssl/crypto/perlasm/cbc.pl deleted file mode 100644 index e43dc9ae15..0000000000 --- a/crypto/openssl/crypto/perlasm/cbc.pl +++ /dev/null @@ -1,351 +0,0 @@ -#!/usr/local/bin/perl - -# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -# des_cblock (*input); -# des_cblock (*output); -# long length; -# des_key_schedule schedule; -# des_cblock (*ivec); -# int enc; -# -# calls -# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); -# - -#&cbc("des_ncbc_encrypt","des_encrypt",0); -#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", -# 1,4,5,3,5,-1); -#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", -# 0,4,5,3,5,-1); -#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", -# 0,6,7,3,4,5); -# -# When doing a cipher that needs bigendian order, -# for encrypt, the iv is kept in bigendian form, -# while for decrypt, it is kept in little endian. -sub cbc - { - local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; - # name is the function name - # enc_func and dec_func and the functions to call for encrypt/decrypt - # swap is true if byte order needs to be reversed - # iv_off is parameter number for the iv - # enc_off is parameter number for the encrypt/decrypt flag - # p1,p2,p3 are the offsets for parameters to be passed to the - # underlying calls. - - &function_begin_B($name,""); - &comment(""); - - $in="esi"; - $out="edi"; - $count="ebp"; - - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - $data_off=4; - $data_off+=4 if ($p1 > 0); - $data_off+=4 if ($p2 > 0); - $data_off+=4 if ($p3 > 0); - - &mov($count, &wparam(2)); # length - - &comment("getting iv ptr from parameter $iv_off"); - &mov("ebx", &wparam($iv_off)); # Get iv ptr - - &mov($in, &DWP(0,"ebx","",0));# iv[0] - &mov($out, &DWP(4,"ebx","",0));# iv[1] - - &push($out); - &push($in); - &push($out); # used in decrypt for iv[1] - &push($in); # used in decrypt for iv[0] - - &mov("ebx", "esp"); # This is the address of tin[2] - - &mov($in, &wparam(0)); # in - &mov($out, &wparam(1)); # out - - # We have loaded them all, how lets push things - &comment("getting encrypt flag from parameter $enc_off"); - &mov("ecx", &wparam($enc_off)); # Get enc flag - if ($p3 > 0) - { - &comment("get and push parameter $p3"); - if ($enc_off != $p3) - { &mov("eax", &wparam($p3)); &push("eax"); } - else { &push("ecx"); } - } - if ($p2 > 0) - { - &comment("get and push parameter $p2"); - if ($enc_off != $p2) - { &mov("eax", &wparam($p2)); &push("eax"); } - else { &push("ecx"); } - } - if ($p1 > 0) - { - &comment("get and push parameter $p1"); - if ($enc_off != $p1) - { &mov("eax", &wparam($p1)); &push("eax"); } - else { &push("ecx"); } - } - &push("ebx"); # push data/iv - - &cmp("ecx",0); - &jz(&label("decrypt")); - - &and($count,0xfffffff8); - &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] - &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] - - &jz(&label("encrypt_finish")); - - ############################################################# - - &set_label("encrypt_loop"); - # encrypt start - # "eax" and "ebx" hold iv (or the last cipher text) - - &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - # eax and ebx are the next iv. - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("encrypt_loop")); - -###################################################################3 - &set_label("encrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - &call(&label("PIC_point")); -&set_label("PIC_point"); - &blindpop("edx"); - &lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx")); - &mov($count,&DWP(0,"ecx",$count,4)) - &add($count,"edx"); - &xor("ecx","ecx"); - &xor("edx","edx"); - #&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); - &jmp_ptr($count); - -&set_label("ej7"); - &xor("edx", "edx") if $ppro; # ppro friendly - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); -&set_label("ej6"); - &movb(&HB("edx"), &BP(5,$in,"",0)); -&set_label("ej5"); - &movb(&LB("edx"), &BP(4,$in,"",0)); -&set_label("ej4"); - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); -&set_label("ej3"); - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &xor("ecx", "ecx") if $ppro; # ppro friendly - &shl("ecx",8); -&set_label("ej2"); - &movb(&HB("ecx"), &BP(1,$in,"",0)); -&set_label("ej1"); - &movb(&LB("ecx"), &BP(0,$in,"",0)); -&set_label("ejend"); - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - &jmp(&label("finish")); - - ############################################################# - ############################################################# - &set_label("decrypt",1); - # decrypt start - &and($count,0xfffffff8); - # The next 2 instructions are only for if the jz is taken - &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] - &jz(&label("decrypt_finish")); - - &set_label("decrypt_loop"); - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &mov(&DWP(0,$out,"",0),"ecx"); - &mov(&DWP(4,$out,"",0),"edx"); - - &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv - &mov(&DWP($data_off+12,"esp","",0), "ebx"); # - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("decrypt_loop")); -############################ ENDIT #######################3 - &set_label("decrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - # this is for when we exit - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - -&set_label("dj7"); - &rotr("edx", 16); - &movb(&BP(6,$out,"",0), &LB("edx")); - &shr("edx",16); -&set_label("dj6"); - &movb(&BP(5,$out,"",0), &HB("edx")); -&set_label("dj5"); - &movb(&BP(4,$out,"",0), &LB("edx")); -&set_label("dj4"); - &mov(&DWP(0,$out,"",0), "ecx"); - &jmp(&label("djend")); -&set_label("dj3"); - &rotr("ecx", 16); - &movb(&BP(2,$out,"",0), &LB("ecx")); - &shl("ecx",16); -&set_label("dj2"); - &movb(&BP(1,$in,"",0), &HB("ecx")); -&set_label("dj1"); - &movb(&BP(0,$in,"",0), &LB("ecx")); -&set_label("djend"); - - # final iv is still in eax:ebx - &jmp(&label("finish")); - - -############################ FINISH #######################3 - &set_label("finish",1); - &mov("ecx", &wparam($iv_off)); # Get iv ptr - - ################################################# - $total=16+4; - $total+=4 if ($p1 > 0); - $total+=4 if ($p2 > 0); - $total+=4 if ($p3 > 0); - &add("esp",$total); - - &mov(&DWP(0,"ecx","",0), "eax"); # save iv - &mov(&DWP(4,"ecx","",0), "ebx"); # save iv - - &function_end_A($name); - - &align(64); - &set_label("cbc_enc_jmp_table"); - &data_word("0"); - &data_word(&label("ej1")."-".&label("PIC_point")); - &data_word(&label("ej2")."-".&label("PIC_point")); - &data_word(&label("ej3")."-".&label("PIC_point")); - &data_word(&label("ej4")."-".&label("PIC_point")); - &data_word(&label("ej5")."-".&label("PIC_point")); - &data_word(&label("ej6")."-".&label("PIC_point")); - &data_word(&label("ej7")."-".&label("PIC_point")); - # not used - #&set_label("cbc_dec_jmp_table",1); - #&data_word("0"); - #&data_word(&label("dj1")."-".&label("PIC_point")); - #&data_word(&label("dj2")."-".&label("PIC_point")); - #&data_word(&label("dj3")."-".&label("PIC_point")); - #&data_word(&label("dj4")."-".&label("PIC_point")); - #&data_word(&label("dj5")."-".&label("PIC_point")); - #&data_word(&label("dj6")."-".&label("PIC_point")); - #&data_word(&label("dj7")."-".&label("PIC_point")); - &align(64); - - &function_end_B($name); - - } - -1; diff --git a/crypto/openssl/crypto/perlasm/readme b/crypto/openssl/crypto/perlasm/readme deleted file mode 100644 index f02bbee75a..0000000000 --- a/crypto/openssl/crypto/perlasm/readme +++ /dev/null @@ -1,124 +0,0 @@ -The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. - -The way to use this library is to start with adding the path to this directory -and then include it. - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -The first thing we do is setup the file and type of assember - -&asm_init($ARGV[0],$0); - -The first argument is the 'type'. Currently -'cpp', 'sol', 'a.out', 'elf' or 'win32'. -Argument 2 is the file name. - -The reciprocal function is -&asm_finish() which should be called at the end. - -There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, -and x86unix.pl which is the unix (gas) version. - -Functions of interest are: -&external_label("des_SPtrans"); declare and external variable -&LB(reg); Low byte for a register -&HB(reg); High byte for a register -&BP(off,base,index,scale) Byte pointer addressing -&DWP(off,base,index,scale) Word pointer addressing -&stack_push(num) Basically a 'sub esp, num*4' with extra -&stack_pop(num) inverse of stack_push -&function_begin(name,extra) Start a function with pushing of - edi, esi, ebx and ebp. extra is extra win32 - external info that may be required. -&function_begin_B(name,extra) Same as norma function_begin but no pushing. -&function_end(name) Call at end of function. -&function_end_A(name) Standard pop and ret, for use inside functions -&function_end_B(name) Call at end but with poping or 'ret'. -&swtmp(num) Address on stack temp word. -&wparam(num) Parameter number num, that was push - in C convention. This all works over pushes - and pops. -&comment("hello there") Put in a comment. -&label("loop") Refer to a label, normally a jmp target. -&set_label("loop") Set a label at this point. -&data_word(word) Put in a word of data. - -So how does this all hold together? Given - -int calc(int len, int *data) - { - int i,j=0; - - for (i=0; i. -# -# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T -# format is way easier to parse. Because it's simpler to "gear" from -# Unix ABI to Windows one [see cross-reference "card" at the end of -# file]. Because Linux targets were available first... -# -# In addition the script also "distills" code suitable for GNU -# assembler, so that it can be compiled with more rigid assemblers, -# such as Solaris /usr/ccs/bin/as. -# -# This translator is not designed to convert *arbitrary* assembler -# code from AT&T format to MASM one. It's designed to convert just -# enough to provide for dual-ABI OpenSSL modules development... -# There *are* limitations and you might have to modify your assembler -# code or this script to achieve the desired result... -# -# Currently recognized limitations: -# -# - can't use multiple ops per line; -# - indirect calls and jumps are not supported; -# -# Dual-ABI styling rules. -# -# 1. Adhere to Unix register and stack layout [see the end for -# explanation]. -# 2. Forget about "red zone," stick to more traditional blended -# stack frame allocation. If volatile storage is actually required -# that is. If not, just leave the stack as is. -# 3. Functions tagged with ".type name,@function" get crafted with -# unified Win64 prologue and epilogue automatically. If you want -# to take care of ABI differences yourself, tag functions as -# ".type name,@abi-omnipotent" instead. -# 4. To optimize the Win64 prologue you can specify number of input -# arguments as ".type name,@function,N." Keep in mind that if N is -# larger than 6, then you *have to* write "abi-omnipotent" code, -# because >6 cases can't be addressed with unified prologue. -# 5. Name local labels as .L*, do *not* use dynamic labels such as 1: -# (sorry about latter). -# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is -# required to identify the spots, where to inject Win64 epilogue! -# But on the pros, it's then prefixed with rep automatically:-) -# 7. Due to MASM limitations [and certain general counter-intuitivity -# of ip-relative addressing] generation of position-independent -# code is assisted by synthetic directive, .picmeup, which puts -# address of the *next* instruction into target register. -# -# Example 1: -# .picmeup %rax -# lea .Label-.(%rax),%rax -# Example 2: -# .picmeup %rcx -# .Lpic_point: -# ... -# lea .Label-.Lpic_point(%rcx),%rbp - -my $output = shift; -open STDOUT,">$output" || die "can't open $output: $!"; - -my $masm=1 if ($output =~ /\.asm/); - -my $current_segment; -my $current_function; - -{ package opcode; # pick up opcodes - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - if ($line =~ /^([a-z]+)/i) { - $self->{op} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - undef $self->{sz}; - if ($self->{op} =~ /(movz)b.*/) { # movz is pain... - $self->{op} = $1; - $self->{sz} = "b"; - } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])/) { - $self->{op} = $1; - $self->{sz} = $2; - } - } - $ret; - } - sub size { - my $self = shift; - my $sz = shift; - $self->{sz} = $sz if (defined($sz) && !defined($self->{sz})); - $self->{sz}; - } - sub out { - my $self = shift; - if (!$masm) { - if ($self->{op} eq "movz") { # movz in pain... - sprintf "%s%s%s",$self->{op},$self->{sz},shift; - } elsif ($self->{op} eq "ret") { - ".byte 0xf3,0xc3"; - } else { - "$self->{op}$self->{sz}"; - } - } else { - $self->{op} =~ s/movz/movzx/; - if ($self->{op} eq "ret") { - $self->{op} = ""; - if ($current_function->{abi} eq "svr4") { - $self->{op} = "mov rdi,QWORD PTR 8[rsp]\t;WIN64 epilogue\n\t". - "mov rsi,QWORD PTR 16[rsp]\n\t"; - } - $self->{op} .= "DB\t0F3h,0C3h\t\t;repret"; - } - $self->{op}; - } - } -} -{ package const; # pick up constants, which start with $ - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - if ($line =~ /^\$([^,]+)/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - } - $ret; - } - sub out { - my $self = shift; - - if (!$masm) { - sprintf "\$%s",$self->{value}; - } else { - $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig; - sprintf "%s",$self->{value}; - } - } -} -{ package ea; # pick up effective addresses: expr(%reg,%reg,scale) - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - if ($line =~ /^([^\(,]*)\(([%\w,]+)\)/) { - $self->{label} = $1; - ($self->{base},$self->{index},$self->{scale})=split(/,/,$2); - $self->{scale} = 1 if (!defined($self->{scale})); - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - $self->{base} =~ s/^%//; - $self->{index} =~ s/^%// if (defined($self->{index})); - } - $ret; - } - sub size {} - sub out { - my $self = shift; - my $sz = shift; - - if (!$masm) { - # elder GNU assembler insists on 64-bit EAs:-( - # on pros side, this results in more compact code:-) - $self->{index} =~ s/^[er](.?[0-9xp])[d]?$/r\1/; - $self->{base} =~ s/^[er](.?[0-9xp])[d]?$/r\1/; - # Solaris /usr/ccs/bin/as can't handle multiplications - # in $self->{label} - $self->{label} =~ s/(?{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; - - if (defined($self->{index})) { - sprintf "%s(%%%s,%%%s,%d)", - $self->{label},$self->{base}, - $self->{index},$self->{scale}; - } else { - sprintf "%s(%%%s)", $self->{label},$self->{base}; - } - } else { - %szmap = ( b=>"BYTE", w=>"WORD", l=>"DWORD", q=>"QWORD" ); - - $self->{label} =~ s/\./\$/g; - $self->{label} =~ s/0x([0-9a-f]+)/0$1h/ig; - $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/); - - if (defined($self->{index})) { - sprintf "%s PTR %s[%s*%d+%s]",$szmap{$sz}, - $self->{label}, - $self->{index},$self->{scale}, - $self->{base}; - } else { - sprintf "%s PTR %s[%s]",$szmap{$sz}, - $self->{label},$self->{base}; - } - } - } -} -{ package register; # pick up registers, which start with %. - sub re { - my $class = shift; # muliple instances... - my $self = {}; - local *line = shift; - undef $ret; - - if ($line =~ /^%(\w+)/) { - bless $self,$class; - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - } - $ret; - } - sub size { - my $self = shift; - undef $ret; - - if ($self->{value} =~ /^r[\d]+b$/i) { $ret="b"; } - elsif ($self->{value} =~ /^r[\d]+w$/i) { $ret="w"; } - elsif ($self->{value} =~ /^r[\d]+d$/i) { $ret="l"; } - elsif ($self->{value} =~ /^r[\w]+$/i) { $ret="q"; } - elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; } - elsif ($self->{value} =~ /^[\w]{2}l$/i) { $ret="b"; } - elsif ($self->{value} =~ /^[\w]{2}$/i) { $ret="w"; } - elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; } - - $ret; - } - sub out { - my $self = shift; - sprintf $masm?"%s":"%%%s",$self->{value}; - } -} -{ package label; # pick up labels, which end with : - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - - if ($line =~ /(^[\.\w]+\:)/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - $self->{value} =~ s/\.L/\$L/ if ($masm); - } - $ret; - } - sub out { - my $self = shift; - - if (!$masm) { - $self->{value}; - } elsif ($self->{value} ne "$current_function->{name}:") { - $self->{value}; - } elsif ($current_function->{abi} eq "svr4") { - my $func = "$current_function->{name} PROC\n". - " mov QWORD PTR 8[rsp],rdi\t;WIN64 prologue\n". - " mov QWORD PTR 16[rsp],rsi\n"; - my $narg = $current_function->{narg}; - $narg=6 if (!defined($narg)); - $func .= " mov rdi,rcx\n" if ($narg>0); - $func .= " mov rsi,rdx\n" if ($narg>1); - $func .= " mov rdx,r8\n" if ($narg>2); - $func .= " mov rcx,r9\n" if ($narg>3); - $func .= " mov r8,QWORD PTR 40[rsp]\n" if ($narg>4); - $func .= " mov r9,QWORD PTR 48[rsp]\n" if ($narg>5); - $func .= "\n"; - } else { - "$current_function->{name} PROC"; - } - } -} -{ package expr; # pick up expressioins - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - - if ($line =~ /(^[^,]+)/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - $self->{value} =~ s/\.L/\$L/g if ($masm); - } - $ret; - } - sub out { - my $self = shift; - $self->{value}; - } -} -{ package directive; # pick up directives, which start with . - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - my $dir; - my %opcode = # lea 2f-1f(%rip),%dst; 1: nop; 2: - ( "%rax"=>0x01058d48, "%rcx"=>0x010d8d48, - "%rdx"=>0x01158d48, "%rbx"=>0x011d8d48, - "%rsp"=>0x01258d48, "%rbp"=>0x012d8d48, - "%rsi"=>0x01358d48, "%rdi"=>0x013d8d48, - "%r8" =>0x01058d4c, "%r9" =>0x010d8d4c, - "%r10"=>0x01158d4c, "%r11"=>0x011d8d4c, - "%r12"=>0x01258d4c, "%r13"=>0x012d8d4c, - "%r14"=>0x01358d4c, "%r15"=>0x013d8d4c ); - - if ($line =~ /^\s*(\.\w+)/) { - if (!$masm) { - $self->{value} = $1; - $line =~ s/\@abi\-omnipotent/\@function/; - $line =~ s/\@function.*/\@function/; - if ($line =~ /\.picmeup\s+(%r[\w]+)/i) { - $self->{value} = sprintf "\t.long\t0x%x,0x90000000",$opcode{$1}; - } else { - $self->{value} = $line; - } - $line = ""; - return $self; - } - - $dir = $1; - $ret = $self; - undef $self->{value}; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - SWITCH: for ($dir) { - /\.(text)/ - && do { my $v=undef; - $v="$current_segment\tENDS\n" if ($current_segment); - $current_segment = "_$1\$"; - $current_segment =~ tr/[a-z]/[A-Z]/; - $v.="$current_segment\tSEGMENT ALIGN(64) 'CODE'"; - $self->{value} = $v; - last; - }; - /\.globl/ && do { $self->{value} = "PUBLIC\t".$line; last; }; - /\.type/ && do { ($sym,$type,$narg) = split(',',$line); - if ($type eq "\@function") { - undef $current_function; - $current_function->{name} = $sym; - $current_function->{abi} = "svr4"; - $current_function->{narg} = $narg; - } elsif ($type eq "\@abi-omnipotent") { - undef $current_function; - $current_function->{name} = $sym; - } - last; - }; - /\.size/ && do { if (defined($current_function)) { - $self->{value}="$current_function->{name}\tENDP"; - undef $current_function; - } - last; - }; - /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; }; - /\.(byte|value|long|quad)/ - && do { my @arr = split(',',$line); - my $sz = substr($1,0,1); - my $last = pop(@arr); - - $sz =~ tr/bvlq/BWDQ/; - $self->{value} = "\tD$sz\t"; - for (@arr) { $self->{value} .= sprintf"0%Xh,",oct; } - $self->{value} .= sprintf"0%Xh",oct($last); - last; - }; - /\.picmeup/ && do { $self->{value} = sprintf"\tDD\t 0%Xh,090000000h",$opcode{$line}; - last; - }; - } - $line = ""; - } - - $ret; - } - sub out { - my $self = shift; - $self->{value}; - } -} - -while($line=<>) { - - chomp($line); - - $line =~ s|[#!].*$||; # get rid of asm-style comments... - $line =~ s|/\*.*\*/||; # ... and C-style comments... - $line =~ s|^\s+||; # ... and skip white spaces in beginning - - undef $label; - undef $opcode; - undef $dst; - undef $src; - undef $sz; - - if ($label=label->re(\$line)) { print $label->out(); } - - if (directive->re(\$line)) { - printf "%s",directive->out(); - } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: { - - if ($src=register->re(\$line)) { opcode->size($src->size()); } - elsif ($src=const->re(\$line)) { } - elsif ($src=ea->re(\$line)) { } - elsif ($src=expr->re(\$line)) { } - - last ARGUMENT if ($line !~ /^,/); - - $line = substr($line,1); $line =~ s/^\s+//; - - if ($dst=register->re(\$line)) { opcode->size($dst->size()); } - elsif ($dst=const->re(\$line)) { } - elsif ($dst=ea->re(\$line)) { } - - } # ARGUMENT: - - $sz=opcode->size(); - - if (defined($dst)) { - if (!$masm) { - printf "\t%s\t%s,%s", $opcode->out($dst->size()), - $src->out($sz),$dst->out($sz); - } else { - printf "\t%s\t%s,%s", $opcode->out(), - $dst->out($sz),$src->out($sz); - } - } elsif (defined($src)) { - printf "\t%s\t%s",$opcode->out(),$src->out($sz); - } else { - printf "\t%s",$opcode->out(); - } - } - - print $line,"\n"; -} - -print "\n$current_segment\tENDS\nEND\n" if ($masm); - -close STDOUT; - -################################################# -# Cross-reference x86_64 ABI "card" -# -# Unix Win64 -# %rax * * -# %rbx - - -# %rcx #4 #1 -# %rdx #3 #2 -# %rsi #2 - -# %rdi #1 - -# %rbp - - -# %rsp - - -# %r8 #5 #3 -# %r9 #6 #4 -# %r10 * * -# %r11 * * -# %r12 - - -# %r13 - - -# %r14 - - -# %r15 - - -# -# (*) volatile register -# (-) preserved by callee -# (#) Nth argument, volatile -# -# In Unix terms top of stack is argument transfer area for arguments -# which could not be accomodated in registers. Or in other words 7th -# [integer] argument resides at 8(%rsp) upon function entry point. -# 128 bytes above %rsp constitute a "red zone" which is not touched -# by signal handlers and can be used as temporal storage without -# allocating a frame. -# -# In Win64 terms N*8 bytes on top of stack is argument transfer area, -# which belongs to/can be overwritten by callee. N is the number of -# arguments passed to callee, *but* not less than 4! This means that -# upon function entry point 5th argument resides at 40(%rsp), as well -# as that 32 bytes from 8(%rsp) can always be used as temporal -# storage [without allocating a frame]. -# -# All the above means that if assembler programmer adheres to Unix -# register and stack layout, but disregards the "red zone" existense, -# it's possible to use following prologue and epilogue to "gear" from -# Unix to Win64 ABI in leaf functions with not more than 6 arguments. -# -# omnipotent_function: -# ifdef WIN64 -# movq %rdi,8(%rsp) -# movq %rsi,16(%rsp) -# movq %rcx,%rdi ; if 1st argument is actually present -# movq %rdx,%rsi ; if 2nd argument is actually ... -# movq %r8,%rdx ; if 3rd argument is ... -# movq %r9,%rcx ; if 4th argument ... -# movq 40(%rsp),%r8 ; if 5th ... -# movq 48(%rsp),%r9 ; if 6th ... -# endif -# ... -# ifdef WIN64 -# movq 8(%rsp),%rdi -# movq 16(%rsp),%rsi -# endif -# ret diff --git a/crypto/openssl/crypto/perlasm/x86asm.pl b/crypto/openssl/crypto/perlasm/x86asm.pl deleted file mode 100644 index 5979122158..0000000000 --- a/crypto/openssl/crypto/perlasm/x86asm.pl +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/local/bin/perl - -# require 'x86asm.pl'; -# &asm_init("cpp","des-586.pl"); -# XXX -# XXX -# main'asm_finish - -sub main'asm_finish - { - &file_end(); - &asm_finish_cpp() if $cpp; - print &asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn,$i386)=@_; - $filename=$fn; - - $elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=0; - if ( ($type eq "elf")) - { $elf=1; require "x86unix.pl"; } - elsif ( ($type eq "a.out")) - { $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "coff" or $type eq "gaswin")) - { $coff=1; require "x86unix.pl"; } - elsif ( ($type eq "cpp")) - { $cpp=1; require "x86unix.pl"; } - elsif ( ($type eq "win32")) - { $win32=1; require "x86ms.pl"; } - elsif ( ($type eq "win32n")) - { $win32=1; require "x86nasm.pl"; } - elsif ( ($type eq "nw-nasm")) - { $netware=1; require "x86nasm.pl"; } - elsif ( ($type eq "nw-mwasm")) - { $netware=1; $mwerks=1; require "x86nasm.pl"; } - else - { - print STDERR <<"EOF"; -Pick one target type from - elf - Linux, FreeBSD, Solaris x86, etc. - a.out - OpenBSD, DJGPP, etc. - coff - GAS/COFF such as Win32 targets - win32 - Windows 95/Windows NT - win32n - Windows 95/Windows NT NASM format - nw-nasm - NetWare NASM format - nw-mwasm- NetWare Metrowerks Assembler -EOF - exit(1); - } - - $pic=0; - for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } - - &asm_init_output(); - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $filename"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of ELF, a.out, COFF, Win32, ..."); -&comment("eric "); -&comment(""); - - $filename =~ s/\.pl$//; - &file($filename); - } - -sub asm_finish_cpp - { - return unless $cpp; - - local($tmp,$i); - foreach $i (&get_labels()) - { - $tmp.="#define $i _$i\n"; - } - print <<"EOF"; -/* Run the C pre-processor over this file with one of the following defined - * ELF - elf object files, - * OUT - a.out object files, - * BSDI - BSDI style a.out object files - * SOL - Solaris style elf - */ - -#define TYPE(a,b) .type a,b -#define SIZE(a,b) .size a,b - -#if defined(OUT) || (defined(BSDI) && !defined(ELF)) -$tmp -#endif - -#ifdef OUT -#define OK 1 -#define ALIGN 4 -#if defined(__CYGWIN__) || defined(__DJGPP__) || (__MINGW32__) -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) .def a; .scl 2; .type 32; .endef -#endif /* __CYGWIN || __DJGPP */ -#endif - -#if defined(BSDI) && !defined(ELF) -#define OK 1 -#define ALIGN 4 -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) -#endif - -#if defined(ELF) || defined(SOL) -#define OK 1 -#define ALIGN 16 -#endif - -#ifndef OK -You need to define one of -ELF - elf systems - linux-elf, NetBSD and DG-UX -OUT - a.out systems - linux-a.out and FreeBSD -SOL - solaris systems, which are elf with strange comment lines -BSDI - a.out with a very primative version of as. -#endif - -/* Let the Assembler begin :-) */ -EOF - } - -1; diff --git a/crypto/openssl/crypto/perlasm/x86unix.pl b/crypto/openssl/crypto/perlasm/x86unix.pl deleted file mode 100644 index e71050b6bc..0000000000 --- a/crypto/openssl/crypto/perlasm/x86unix.pl +++ /dev/null @@ -1,761 +0,0 @@ -#!/usr/local/bin/perl - -package x86unix; # GAS actually... - -$label="L000"; -$const=""; -$constl=0; - -$align=($main'aout)?"4":"16"; -$under=($main'aout or $main'coff)?"_":""; -$dot=($main'aout)?"":"."; -$com_start="#" if ($main'aout or $main'coff); - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -if ($main'cpp) - { - $align="ALIGN"; - $under=""; - $com_start='/*'; - $com_end='*/'; - } - -%lb=( 'eax', '%al', - 'ebx', '%bl', - 'ecx', '%cl', - 'edx', '%dl', - 'ax', '%al', - 'bx', '%bl', - 'cx', '%cl', - 'dx', '%dl', - ); - -%hb=( 'eax', '%ah', - 'ebx', '%bh', - 'ecx', '%ch', - 'edx', '%dh', - 'ax', '%ah', - 'bx', '%bh', - 'cx', '%ch', - 'dx', '%dh', - ); - -%regs=( 'eax', '%eax', - 'ebx', '%ebx', - 'ecx', '%ecx', - 'edx', '%edx', - 'esi', '%esi', - 'edi', '%edi', - 'ebp', '%ebp', - 'esp', '%esp', - - 'mm0', '%mm0', - 'mm1', '%mm1', - 'mm2', '%mm2', - 'mm3', '%mm3', - 'mm4', '%mm4', - 'mm5', '%mm5', - 'mm6', '%mm6', - 'mm7', '%mm7', - - 'xmm0', '%xmm0', - 'xmm1', '%xmm1', - 'xmm2', '%xmm2', - 'xmm3', '%xmm3', - 'xmm4', '%xmm4', - 'xmm5', '%xmm5', - 'xmm6', '%xmm6', - 'xmm7', '%xmm7', - ); - -%reg_val=( - 'eax', 0x00, - 'ebx', 0x03, - 'ecx', 0x01, - 'edx', 0x02, - 'esi', 0x06, - 'edi', 0x07, - 'ebp', 0x05, - 'esp', 0x04, - ); - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'DWP - { - local($addr,$reg1,$reg2,$idx)=@_; - - $ret=""; - $addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/; - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - $ret.=$addr if ($addr ne "") && ($addr ne 0); - if ($reg2 ne "") - { - if($idx ne "" && $idx != 0) - { $ret.="($reg1,$reg2,$idx)"; } - else - { $ret.="($reg1,$reg2)"; } - } - elsif ($reg1 ne "") - { $ret.="($reg1)" } - return($ret); - } - -sub main'QWP - { - return(&main'DWP(@_)); - } - -sub main'BP - { - return(&main'DWP(@_)); - } - -sub main'BC - { - return @_; - } - -sub main'DWC - { - return @_; - } - -#sub main'BP -# { -# local($addr,$reg1,$reg2,$idx)=@_; -# -# $ret=""; -# -# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; -# $reg1="$regs{$reg1}" if defined($regs{$reg1}); -# $reg2="$regs{$reg2}" if defined($regs{$reg2}); -# $ret.=$addr if ($addr ne "") && ($addr ne 0); -# if ($reg2 ne "") -# { $ret.="($reg1,$reg2,$idx)"; } -# else -# { $ret.="($reg1)" } -# return($ret); -# } - -sub main'mov { &out2("movl",@_); } -sub main'movb { &out2("movb",@_); } -sub main'and { &out2("andl",@_); } -sub main'or { &out2("orl",@_); } -sub main'shl { &out2("sall",@_); } -sub main'shr { &out2("shrl",@_); } -sub main'xor { &out2("xorl",@_); } -sub main'xorb { &out2("xorb",@_); } -sub main'add { &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); } -sub main'adc { &out2("adcl",@_); } -sub main'sub { &out2("subl",@_); } -sub main'sbb { &out2("sbbl",@_); } -sub main'rotl { &out2("roll",@_); } -sub main'rotr { &out2("rorl",@_); } -sub main'exch { &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); } -sub main'cmp { &out2("cmpl",@_); } -sub main'lea { &out2("leal",@_); } -sub main'mul { &out1("mull",@_); } -sub main'div { &out1("divl",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jne { &out1("jne",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'ja { &out1("ja",@_); } -sub main'jae { &out1("jae",@_); } -sub main'jb { &out1("jb",@_); } -sub main'jbe { &out1("jbe",@_); } -sub main'jc { &out1("jc",@_); } -sub main'jnc { &out1("jnc",@_); } -sub main'jno { &out1("jno",@_); } -sub main'dec { &out1("decl",@_); } -sub main'inc { &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); } -sub main'push { &out1("pushl",@_); $stack+=4; } -sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'pushf { &out0("pushfl"); $stack+=4; } -sub main'popf { &out0("popfl"); $stack-=4; } -sub main'not { &out1("notl",@_); } -sub main'call { my $pre=$under; - foreach $i (%label) - { if ($label{$i} eq $_[0]) { $pre=''; last; } } - &out1("call",$pre.$_[0]); - } -sub main'call_ptr { &out1p("call",@_); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } -sub main'test { &out2("testl",@_); } -sub main'bt { &out2("btl",@_); } -sub main'leave { &out0("leave"); } -sub main'cpuid { &out0(".byte\t0x0f,0xa2"); } -sub main'rdtsc { &out0(".byte\t0x0f,0x31"); } -sub main'halt { &out0("hlt"); } -sub main'movz { &out2("movzbl",@_); } -sub main'neg { &out1("negl",@_); } -sub main'cld { &out0("cld"); } - -# SSE2 -sub main'emms { &out0("emms"); } -sub main'movd { &out2("movd",@_); } -sub main'movdqu { &out2("movdqu",@_); } -sub main'movdqa { &out2("movdqa",@_); } -sub main'movdq2q{ &out2("movdq2q",@_); } -sub main'movq2dq{ &out2("movq2dq",@_); } -sub main'paddq { &out2("paddq",@_); } -sub main'pmuludq{ &out2("pmuludq",@_); } -sub main'psrlq { &out2("psrlq",@_); } -sub main'psllq { &out2("psllq",@_); } -sub main'pxor { &out2("pxor",@_); } -sub main'por { &out2("por",@_); } -sub main'pand { &out2("pand",@_); } -sub main'movq { - local($p1,$p2,$optimize)=@_; - if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) - # movq between mmx registers can sink Intel CPUs - { push(@out,"\tpshufw\t\$0xe4,%$p2,%$p1\n"); } - else { &out2("movq",@_); } - } - -# The bswapl instruction is new for the 486. Emulate if i386. -sub main'bswap - { - if ($main'i386) - { - &main'comment("bswapl @_"); - &main'exch(main'HB(@_),main'LB(@_)); - &main'rotr(@_,16); - &main'exch(main'HB(@_),main'LB(@_)); - } - else - { - &out1("bswapl",@_); - } - } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$ll,$t); - local(%special)=( "roll",0xD1C0,"rorl",0xD1C8, - "rcll",0xD1D0,"rcrl",0xD1D8, - "shll",0xD1E0,"shrl",0xD1E8, - "sarl",0xD1F8); - - if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1)) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main'comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t"); - $t=&conv($p2).","; - $l=length($t); - push(@out,$t); - $ll=4-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - push(@out,&conv($p1)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - local(%special)=("bswapl",0x0FC8); - - if ((defined($special{$name})) && defined($regs{$p1})) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main'comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t*".&conv($p1)."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub conv - { - local($p)=@_; - -# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - - $p=$regs{$p} if (defined($regs{$p})); - - $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/; - $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/; - return $p; - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - .file "$file.s" -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func)=@_; - - &main'external_label($func); - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { $tmp=push(@out,"TYPE($func,\@function)\n"); } - elsif ($main'coff) - { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - elsif ($main'aout and !$main'pic) - { } - else { $tmp=push(@out,".type\t$func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); - $tmp=<<"EOF"; - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - &main'external_label($func); - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { push(@out,"TYPE($func,\@function)\n"); } - elsif ($main'coff) - { $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - elsif ($main'aout and !$main'pic) - { } - else { push(@out,".type $func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -${dot}L_${func}_end: -EOF - push(@out,$tmp); - - if ($main'cpp) - { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } - elsif ($main'coff or $main'aout) - { } - else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -EOF - push(@out,$tmp); - } - -sub main'function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,"${dot}L_${func}_end:\n"); - if ($main'cpp) - { push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); } - elsif ($main'coff or $main'aout) - { } - else { push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-($num+1)*4,"esp","",0)); -# } - -sub main'comment - { - if (!defined($com_start) or $main'elf) - { # Regarding $main'elf above... - # GNU and SVR4 as'es use different comment delimiters, - push(@out,"\n"); # so we just skip ELF comments... - return; - } - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main'public_label - { - $label{$_[0]}="${under}${_[0]}" if (!defined($label{$_[0]})); - push(@out,".globl\t$label{$_[0]}\n"); - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${dot}${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${dot}${label}${_[0]}"; - $label++; - } - if ($_[1]!=0) - { - if ($_[1]>1) { main'align($_[1]); } - else { push(@out,".align $align\n"); } - } - push(@out,"$label{$_[0]}:\n"); - } - -sub main'file_end - { - # try to detect if SSE2 or MMX extensions were used on ELF platform... - if ($main'elf && grep {/%[x]*mm[0-7]/i} @out) { - local($tmp); - - push (@out,"\n.section\t.bss\n"); - push (@out,".comm\t${under}OPENSSL_ia32cap_P,4,4\n"); - - push (@out,".section\t.init\n"); - # One can argue that it's wasteful to craft every - # SSE/MMX module with this snippet... Well, it's 72 - # bytes long and for the moment we have two modules. - # Let's argue when we have 7 modules or so... - # - # $1<<10 sets a reserved bit to signal that variable - # was initialized already... - &main'picmeup("edx","OPENSSL_ia32cap_P"); - $tmp=<<___; - cmpl \$0,(%edx) - jne 1f - movl \$1<<10,(%edx) - pushf - popl %eax - movl %eax,%ecx - xorl \$1<<21,%eax - pushl %eax - popf - pushf - popl %eax - xorl %ecx,%eax - btl \$21,%eax - jnc 1f - pushl %edi - pushl %ebx - movl %edx,%edi - movl \$1,%eax - .byte 0x0f,0xa2 - orl \$1<<10,%edx - movl %edx,0(%edi) - popl %ebx - popl %edi - jmp 1f - .align $align - 1: -___ - push (@out,$tmp); - } - - if ($const ne "") - { - push(@out,".section .rodata\n"); - push(@out,$const); - $const=""; - } - } - -sub main'data_byte - { - push(@out,"\t.byte\t".join(',',@_)."\n"); - } - -sub main'data_word - { - push(@out,"\t.long\t".join(',',@_)."\n"); - } - -sub main'align - { - my $val=$_[0],$p2,$i; - if ($main'aout) { - for ($p2=0;$val!=0;$val>>=1) { $p2++; } - $val=$p2-1; - $val.=",0x90"; - } - push(@out,".align\t$val\n"); - } - -# debug output functions: puts, putx, printf - -sub main'puts - { - &pushvars(); - &main'push('$Lstring' . ++$constl); - &main'call('puts'); - $stack-=4; - &main'add("esp",4); - &popvars(); - - $const .= "Lstring$constl:\n\t.string \"@_[0]\"\n"; - } - -sub main'putx - { - &pushvars(); - &main'push($_[0]); - &main'push('$Lstring' . ++$constl); - &main'call('printf'); - &main'add("esp",8); - $stack-=8; - &popvars(); - - $const .= "Lstring$constl:\n\t.string \"\%X\"\n"; - } - -sub main'printf - { - $ostack = $stack; - &pushvars(); - for ($i = @_ - 1; $i >= 0; $i--) - { - if ($i == 0) # change this to support %s format strings - { - &main'push('$Lstring' . ++$constl); - $const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n"; - } - else - { - if ($_[$i] =~ /([0-9]*)\(%esp\)/) - { - &main'push(($1 + $stack - $ostack) . '(%esp)'); - } - else - { - &main'push($_[$i]); - } - } - } - &main'call('printf'); - $stack-=4*@_; - &main'add("esp",4*@_); - &popvars(); - } - -sub pushvars - { - &main'pushf(); - &main'push("edx"); - &main'push("ecx"); - &main'push("eax"); - } - -sub popvars - { - &main'pop("eax"); - &main'pop("ecx"); - &main'pop("edx"); - &main'popf(); - } - -sub main'picmeup - { - local($dst,$sym)=@_; - if ($main'cpp) - { - local($tmp)=<<___; -#if (defined(ELF) || defined(SOL)) && defined(PIC) - call 1f -1: popl $regs{$dst} - addl \$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst} - movl $sym\@GOT($regs{$dst}),$regs{$dst} -#else - leal $sym,$regs{$dst} -#endif -___ - push(@out,$tmp); - } - elsif ($main'pic && ($main'elf || $main'aout)) - { - &main'call(&main'label("PIC_me_up")); - &main'set_label("PIC_me_up"); - &main'blindpop($dst); - &main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-". - &main'label("PIC_me_up") . "]"); - &main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst)); - } - else - { - &main'lea($dst,&main'DWP($sym)); - } - } - -sub main'blindpop { &out1("popl",@_); } - -sub main'initseg - { - local($f)=@_; - local($tmp); - if ($main'elf) - { - $tmp=<<___; -.section .init - call $under$f - jmp .Linitalign -.align $align -.Linitalign: -___ - } - elsif ($main'coff) - { - $tmp=<<___; # applies to both Cygwin and Mingw -.section .ctors -.long $under$f -___ - } - elsif ($main'aout) - { - local($ctor)="${under}_GLOBAL_\$I\$$f"; - $tmp=".text\n"; - $tmp.=".type $ctor,\@function\n" if ($main'pic); - $tmp.=<<___; # OpenBSD way... -.globl $ctor -.align 2 -$ctor: - jmp $under$f -___ - } - push(@out,$tmp) if ($tmp); - } - -1; diff --git a/crypto/openssl/crypto/pkcs12/p12_add.c b/crypto/openssl/crypto/pkcs12/p12_add.c index 41bdc00551..1f3e378f5c 100644 --- a/crypto/openssl/crypto/pkcs12/p12_add.c +++ b/crypto/openssl/crypto/pkcs12/p12_add.c @@ -1,5 +1,5 @@ /* p12_add.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_asn.c b/crypto/openssl/crypto/pkcs12/p12_asn.c index a3739fee1a..6e27633817 100644 --- a/crypto/openssl/crypto/pkcs12/p12_asn.c +++ b/crypto/openssl/crypto/pkcs12/p12_asn.c @@ -1,5 +1,5 @@ /* p12_asn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_attr.c b/crypto/openssl/crypto/pkcs12/p12_attr.c index 026cf3826a..68d6c5ad15 100644 --- a/crypto/openssl/crypto/pkcs12/p12_attr.c +++ b/crypto/openssl/crypto/pkcs12/p12_attr.c @@ -1,5 +1,5 @@ /* p12_attr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_crpt.c b/crypto/openssl/crypto/pkcs12/p12_crpt.c index 3ad33c49d8..f8b952e27e 100644 --- a/crypto/openssl/crypto/pkcs12/p12_crpt.c +++ b/crypto/openssl/crypto/pkcs12/p12_crpt.c @@ -1,5 +1,5 @@ /* p12_crpt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_crt.c b/crypto/openssl/crypto/pkcs12/p12_crt.c index 9748256b6f..e863de52ce 100644 --- a/crypto/openssl/crypto/pkcs12/p12_crt.c +++ b/crypto/openssl/crypto/pkcs12/p12_crt.c @@ -1,5 +1,5 @@ /* p12_crt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== @@ -59,6 +59,10 @@ #include #include "cryptlib.h" #include +#ifdef OPENSSL_FIPS +#include +#endif + static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); @@ -90,7 +94,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, /* Set defaults */ if (!nid_cert) + { +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; + else +#endif nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; + } if (!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; if (!iter) diff --git a/crypto/openssl/crypto/pkcs12/p12_decr.c b/crypto/openssl/crypto/pkcs12/p12_decr.c index 74c961a92b..ba77dbbe32 100644 --- a/crypto/openssl/crypto/pkcs12/p12_decr.c +++ b/crypto/openssl/crypto/pkcs12/p12_decr.c @@ -1,5 +1,5 @@ /* p12_decr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_init.c b/crypto/openssl/crypto/pkcs12/p12_init.c index 6bdc132631..d4d84b056a 100644 --- a/crypto/openssl/crypto/pkcs12/p12_init.c +++ b/crypto/openssl/crypto/pkcs12/p12_init.c @@ -1,5 +1,5 @@ /* p12_init.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_key.c b/crypto/openssl/crypto/pkcs12/p12_key.c index 18e72d0a1b..9e57eee4a4 100644 --- a/crypto/openssl/crypto/pkcs12/p12_key.c +++ b/crypto/openssl/crypto/pkcs12/p12_key.c @@ -1,5 +1,5 @@ /* p12_key.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_kiss.c b/crypto/openssl/crypto/pkcs12/p12_kiss.c index c2ee2cc6f3..5c4c6ec988 100644 --- a/crypto/openssl/crypto/pkcs12/p12_kiss.c +++ b/crypto/openssl/crypto/pkcs12/p12_kiss.c @@ -1,5 +1,5 @@ /* p12_kiss.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c index c408cc8ab8..70bfef6e5d 100644 --- a/crypto/openssl/crypto/pkcs12/p12_mutl.c +++ b/crypto/openssl/crypto/pkcs12/p12_mutl.c @@ -1,5 +1,5 @@ /* p12_mutl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_npas.c b/crypto/openssl/crypto/pkcs12/p12_npas.c index 48eacc5c49..47e5e9c377 100644 --- a/crypto/openssl/crypto/pkcs12/p12_npas.c +++ b/crypto/openssl/crypto/pkcs12/p12_npas.c @@ -1,5 +1,5 @@ /* p12_npas.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_p8d.c b/crypto/openssl/crypto/pkcs12/p12_p8d.c index 3c6f377933..deba81e4a9 100644 --- a/crypto/openssl/crypto/pkcs12/p12_p8d.c +++ b/crypto/openssl/crypto/pkcs12/p12_p8d.c @@ -1,5 +1,5 @@ /* p12_p8d.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_p8e.c b/crypto/openssl/crypto/pkcs12/p12_p8e.c index 3d47956652..bf20a77b4c 100644 --- a/crypto/openssl/crypto/pkcs12/p12_p8e.c +++ b/crypto/openssl/crypto/pkcs12/p12_p8e.c @@ -1,5 +1,5 @@ /* p12_p8e.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/p12_utl.c b/crypto/openssl/crypto/pkcs12/p12_utl.c index 243ec76be9..ca30ac4f6d 100644 --- a/crypto/openssl/crypto/pkcs12/p12_utl.c +++ b/crypto/openssl/crypto/pkcs12/p12_utl.c @@ -1,5 +1,5 @@ /* p12_utl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs12/pkcs12.h b/crypto/openssl/crypto/pkcs12/pkcs12.h index a2d7e359a0..4bee605dc0 100644 --- a/crypto/openssl/crypto/pkcs12/pkcs12.h +++ b/crypto/openssl/crypto/pkcs12/pkcs12.h @@ -1,5 +1,5 @@ /* pkcs12.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs7/pk7_asn1.c b/crypto/openssl/crypto/pkcs7/pk7_asn1.c index 77931feeb4..1f70d31386 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_asn1.c +++ b/crypto/openssl/crypto/pkcs7/pk7_asn1.c @@ -1,5 +1,5 @@ /* pk7_asn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs7/pk7_attr.c b/crypto/openssl/crypto/pkcs7/pk7_attr.c index 735c8800e1..d549717169 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_attr.c +++ b/crypto/openssl/crypto/pkcs7/pk7_attr.c @@ -1,5 +1,5 @@ /* pk7_attr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs7/pk7_mime.c b/crypto/openssl/crypto/pkcs7/pk7_mime.c index 17b68992f7..bf190360d7 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_mime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_mime.c @@ -1,5 +1,5 @@ /* pk7_mime.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 5c6b0fe24b..c34db1d6fe 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -1,5 +1,5 @@ /* pk7_smime.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== @@ -282,6 +282,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE); goto err; } + BIO_set_mem_eof_return(tmpout, 0); } else tmpout = out; /* We now have to 'read' from p7bio to calculate digests etc. */ diff --git a/crypto/openssl/crypto/pqueue/pq_compat.h b/crypto/openssl/crypto/pqueue/pq_compat.h index fd36578882..7b2c32725c 100644 --- a/crypto/openssl/crypto/pqueue/pq_compat.h +++ b/crypto/openssl/crypto/pqueue/pq_compat.h @@ -57,6 +57,9 @@ * */ +#ifndef HEADER_PQ_COMPAT_H +#define HEADER_PQ_COMPAT_H + #include #include @@ -145,3 +148,5 @@ *(x) |= mask; \ } while(0) #endif /* OPENSSL_SYS_VMS */ + +#endif diff --git a/crypto/openssl/crypto/rand/md_rand.c b/crypto/openssl/crypto/rand/md_rand.c index 9783d0c23e..0f8dd3e00f 100644 --- a/crypto/openssl/crypto/rand/md_rand.c +++ b/crypto/openssl/crypto/rand/md_rand.c @@ -126,6 +126,10 @@ #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #ifdef BN_DEBUG # define PREDICT @@ -332,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif int do_stir_pool = 0; +#ifdef OPENSSL_FIPS + if(FIPS_mode()) + { + FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); + return 0; + } +#endif + #ifdef PREDICT if (rand_predictable) { diff --git a/crypto/openssl/crypto/rand/rand.h b/crypto/openssl/crypto/rand/rand.h index ac6c021763..ea89153cba 100644 --- a/crypto/openssl/crypto/rand/rand.h +++ b/crypto/openssl/crypto/rand/rand.h @@ -72,7 +72,7 @@ extern "C" { #endif #if defined(OPENSSL_FIPS) -#define FIPS_RAND_SIZE_T size_t +#define FIPS_RAND_SIZE_T int #endif /* Already defined in ossl_typ.h */ @@ -111,6 +111,15 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); int RAND_egd(const char *path); int RAND_egd_bytes(const char *path,int bytes); int RAND_poll(void); +#ifndef OPENSSL_NO_ENGINE +#ifdef OPENSSL_FIPS +void int_RAND_init_engine_callbacks(void); +void int_RAND_set_callbacks( + int (*set_rand_func)(const RAND_METHOD *meth, + const RAND_METHOD **pmeth), + const RAND_METHOD *(*get_rand_func)(const RAND_METHOD **pmeth)); +#endif +#endif #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) @@ -128,11 +137,29 @@ void ERR_load_RAND_strings(void); /* Error codes for the RAND functions. */ /* Function codes. */ +#define RAND_F_ENG_RAND_GET_RAND_METHOD 108 +#define RAND_F_FIPS_RAND 103 +#define RAND_F_FIPS_RAND_BYTES 102 +#define RAND_F_FIPS_RAND_GET_RAND_METHOD 109 +#define RAND_F_FIPS_RAND_SET_DT 106 +#define RAND_F_FIPS_SET_DT 104 +#define RAND_F_FIPS_SET_PRNG_SEED 107 +#define RAND_F_FIPS_SET_TEST_MODE 105 #define RAND_F_RAND_GET_RAND_METHOD 101 #define RAND_F_SSLEAY_RAND_BYTES 100 /* Reason codes. */ +#define RAND_R_NON_FIPS_METHOD 105 +#define RAND_R_NOT_IN_TEST_MODE 106 +#define RAND_R_NO_KEY_SET 107 +#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101 +#define RAND_R_PRNG_ERROR 108 +#define RAND_R_PRNG_KEYED 109 +#define RAND_R_PRNG_NOT_REKEYED 102 +#define RAND_R_PRNG_NOT_RESEEDED 103 #define RAND_R_PRNG_NOT_SEEDED 100 +#define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110 +#define RAND_R_PRNG_STUCK 104 #ifdef __cplusplus } diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_eng.c similarity index 74% copy from crypto/openssl/crypto/rand/rand_lib.c copy to crypto/openssl/crypto/rand/rand_eng.c index 513e338985..1669cef43c 100644 --- a/crypto/openssl/crypto/rand/rand_lib.c +++ b/crypto/openssl/crypto/rand/rand_eng.c @@ -59,40 +59,42 @@ #include #include #include "cryptlib.h" +#include "rand_lcl.h" #include +#ifdef OPENSSL_FIPS +#include +#include +#endif + #ifndef OPENSSL_NO_ENGINE #include #endif -#ifndef OPENSSL_NO_ENGINE +#if defined(OPENSSL_FIPS) && !defined(OPENSSL_NO_ENGINE) + /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref =NULL; -#endif -static const RAND_METHOD *default_RAND_meth = NULL; -int RAND_set_rand_method(const RAND_METHOD *meth) +int eng_RAND_set_rand_method(const RAND_METHOD *meth, const RAND_METHOD **pmeth) { -#ifndef OPENSSL_NO_ENGINE if(funct_ref) { ENGINE_finish(funct_ref); funct_ref = NULL; } -#endif - default_RAND_meth = meth; + *pmeth = meth; return 1; } -const RAND_METHOD *RAND_get_rand_method(void) +const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth) { - if (!default_RAND_meth) + if (!*pmeth) { -#ifndef OPENSSL_NO_ENGINE ENGINE *e = ENGINE_get_default_RAND(); if(e) { - default_RAND_meth = ENGINE_get_RAND(e); - if(!default_RAND_meth) + *pmeth = ENGINE_get_RAND(e); + if(!*pmeth) { ENGINE_finish(e); e = NULL; @@ -101,13 +103,22 @@ const RAND_METHOD *RAND_get_rand_method(void) if(e) funct_ref = e; else -#endif - default_RAND_meth = RAND_SSLeay(); + if(FIPS_mode()) + *pmeth=FIPS_rand_method(); + else + *pmeth = RAND_SSLeay(); } - return default_RAND_meth; + + if(FIPS_mode() + && *pmeth != FIPS_rand_check()) + { + RANDerr(RAND_F_ENG_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); + return 0; + } + + return *pmeth; } -#ifndef OPENSSL_NO_ENGINE int RAND_set_rand_engine(ENGINE *engine) { const RAND_METHOD *tmp_meth = NULL; @@ -127,50 +138,15 @@ int RAND_set_rand_engine(ENGINE *engine) funct_ref = engine; return 1; } -#endif - -void RAND_cleanup(void) - { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->cleanup) - meth->cleanup(); - RAND_set_rand_method(NULL); - } - -void RAND_seed(const void *buf, int num) - { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->seed) - meth->seed(buf,num); - } - -void RAND_add(const void *buf, int num, double entropy) - { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->add) - meth->add(buf,num,entropy); - } - -int RAND_bytes(unsigned char *buf, int num) - { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->bytes) - return meth->bytes(buf,num); - return(-1); - } -int RAND_pseudo_bytes(unsigned char *buf, int num) +void int_RAND_init_engine_callbacks(void) { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->pseudorand) - return meth->pseudorand(buf,num); - return(-1); + static int done = 0; + if (done) + return; + int_RAND_set_callbacks(eng_RAND_set_rand_method, + eng_RAND_get_rand_method); + done = 1; } -int RAND_status(void) - { - const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->status) - return meth->status(); - return 0; - } +#endif diff --git a/crypto/openssl/crypto/rand/rand_err.c b/crypto/openssl/crypto/rand/rand_err.c index 386934dcd1..829fb44d77 100644 --- a/crypto/openssl/crypto/rand/rand_err.c +++ b/crypto/openssl/crypto/rand/rand_err.c @@ -1,6 +1,6 @@ /* crypto/rand/rand_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,6 +70,14 @@ static ERR_STRING_DATA RAND_str_functs[]= { +{ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"}, +{ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"}, +{ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, +{ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"}, +{ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"}, +{ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"}, +{ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"}, +{ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"}, {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0,NULL} @@ -77,7 +85,17 @@ static ERR_STRING_DATA RAND_str_functs[]= static ERR_STRING_DATA RAND_str_reasons[]= { +{ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, +{ERR_REASON(RAND_R_NOT_IN_TEST_MODE) ,"not in test mode"}, +{ERR_REASON(RAND_R_NO_KEY_SET) ,"no key set"}, +{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, +{ERR_REASON(RAND_R_PRNG_ERROR) ,"prng error"}, +{ERR_REASON(RAND_R_PRNG_KEYED) ,"prng keyed"}, +{ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, +{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, +{ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),"prng seed must not match key"}, +{ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, {0,NULL} }; diff --git a/crypto/openssl/crypto/rand/rand_lcl.h b/crypto/openssl/crypto/rand/rand_lcl.h index 618a8ec899..18cc9b1e4a 100644 --- a/crypto/openssl/crypto/rand/rand_lcl.h +++ b/crypto/openssl/crypto/rand/rand_lcl.h @@ -154,5 +154,16 @@ #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif +#ifndef OPENSSL_NO_ENGINE +void int_RAND_set_callbacks( + int (*set_rand_func)(const RAND_METHOD *meth, + const RAND_METHOD **pmeth), + const RAND_METHOD *(*get_rand_func) + (const RAND_METHOD **pmeth)); +int eng_RAND_set_rand_method(const RAND_METHOD *meth, + const RAND_METHOD **pmeth); +const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth); +#endif + #endif diff --git a/crypto/openssl/crypto/rand/rand_lib.c b/crypto/openssl/crypto/rand/rand_lib.c index 513e338985..da6b4e0e86 100644 --- a/crypto/openssl/crypto/rand/rand_lib.c +++ b/crypto/openssl/crypto/rand/rand_lib.c @@ -60,15 +60,82 @@ #include #include "cryptlib.h" #include +#include "rand_lcl.h" +#ifdef OPENSSL_FIPS +#include +#include +#endif + #ifndef OPENSSL_NO_ENGINE #include #endif +static const RAND_METHOD *default_RAND_meth = NULL; + +#ifdef OPENSSL_FIPS + +static int fips_RAND_set_rand_method(const RAND_METHOD *meth, + const RAND_METHOD **pmeth) + { + *pmeth = meth; + return 1; + } + +static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth) + { + if (!*pmeth) + { + if(FIPS_mode()) + *pmeth=FIPS_rand_method(); + else + *pmeth = RAND_SSLeay(); + } + + if(FIPS_mode() + && *pmeth != FIPS_rand_check()) + { + RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); + return 0; + } + + return *pmeth; + } + +static int (*RAND_set_rand_method_func)(const RAND_METHOD *meth, + const RAND_METHOD **pmeth) + = fips_RAND_set_rand_method; +static const RAND_METHOD *(*RAND_get_rand_method_func) + (const RAND_METHOD **pmeth) + = fips_RAND_get_rand_method; + +#ifndef OPENSSL_NO_ENGINE +void int_RAND_set_callbacks( + int (*set_rand_func)(const RAND_METHOD *meth, + const RAND_METHOD **pmeth), + const RAND_METHOD *(*get_rand_func) + (const RAND_METHOD **pmeth)) + { + RAND_set_rand_method_func = set_rand_func; + RAND_get_rand_method_func = get_rand_func; + } +#endif + +int RAND_set_rand_method(const RAND_METHOD *meth) + { + return RAND_set_rand_method_func(meth, &default_RAND_meth); + } + +const RAND_METHOD *RAND_get_rand_method(void) + { + return RAND_get_rand_method_func(&default_RAND_meth); + } + +#else + #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref =NULL; #endif -static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { @@ -129,6 +196,8 @@ int RAND_set_rand_engine(ENGINE *engine) } #endif +#endif + void RAND_cleanup(void) { const RAND_METHOD *meth = RAND_get_rand_method(); diff --git a/crypto/openssl/crypto/rand/randfile.c b/crypto/openssl/crypto/rand/randfile.c index 6c0ec9a41c..d108353bbc 100644 --- a/crypto/openssl/crypto/rand/randfile.c +++ b/crypto/openssl/crypto/rand/randfile.c @@ -81,10 +81,25 @@ # include #endif +#ifdef _WIN32 +#define stat _stat +#define chmod _chmod +#define open _open +#define fdopen _fdopen +#endif + #undef BUFSIZE #define BUFSIZE 1024 #define RAND_DATA 1024 +#ifdef OPENSSL_SYS_VMS +/* This declaration is a nasty hack to get around vms' extension to fopen + * for passing in sharing options being disabled by our /STANDARD=ANSI89 */ +static FILE *(*const vms_fopen)(const char *, const char *, ...) = + (FILE *(*)(const char *, const char *, ...))fopen; +#define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0" +#endif + /* #define RFILE ".rnd" - defined in ../../e_os.h */ /* Note that these functions are intended for seed files only. @@ -106,7 +121,11 @@ int RAND_load_file(const char *file, long bytes) RAND_add(&sb,sizeof(sb),0.0); if (bytes == 0) return(ret); +#ifdef OPENSSL_SYS_VMS + in=vms_fopen(file,"rb",VMS_OPEN_ATTRS); +#else in=fopen(file,"rb"); +#endif if (in == NULL) goto err; #if defined(S_IFBLK) && defined(S_IFCHR) if (sb.st_mode & (S_IFBLK | S_IFCHR)) { @@ -167,7 +186,7 @@ int RAND_write_file(const char *file) #endif } -#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) +#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) { /* For some reason Win32 can't write to files created this way */ @@ -178,8 +197,34 @@ int RAND_write_file(const char *file) out = fdopen(fd, "wb"); } #endif + +#ifdef OPENSSL_SYS_VMS + /* VMS NOTE: Prior versions of this routine created a _new_ + * version of the rand file for each call into this routine, then + * deleted all existing versions named ;-1, and finally renamed + * the current version as ';1'. Under concurrent usage, this + * resulted in an RMS race condition in rename() which could + * orphan files (see vms message help for RMS$_REENT). With the + * fopen() calls below, openssl/VMS now shares the top-level + * version of the rand file. Note that there may still be + * conditions where the top-level rand file is locked. If so, this + * code will then create a new version of the rand file. Without + * the delete and rename code, this can result in ascending file + * versions that stop at version 32767, and this routine will then + * return an error. The remedy for this is to recode the calling + * application to avoid concurrent use of the rand file, or + * synchronize usage at the application level. Also consider + * whether or not you NEED a persistent rand file in a concurrent + * use situation. + */ + + out = vms_fopen(file,"rb+",VMS_OPEN_ATTRS); + if (out == NULL) + out = vms_fopen(file,"wb",VMS_OPEN_ATTRS); +#else if (out == NULL) out = fopen(file,"wb"); +#endif if (out == NULL) goto err; #ifndef NO_CHMOD @@ -201,25 +246,6 @@ int RAND_write_file(const char *file) ret+=i; if (n <= 0) break; } -#ifdef OPENSSL_SYS_VMS - /* Try to delete older versions of the file, until there aren't - any */ - { - char *tmpf; - - tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ - if (tmpf) - { - strcpy(tmpf, file); - strcat(tmpf, ";-1"); - while(delete(tmpf) == 0) - ; - rename(file,";1"); /* Make sure it's version 1, or we - will reach the limit (32767) at - some point... */ - } - } -#endif /* OPENSSL_SYS_VMS */ fclose(out); OPENSSL_cleanse(buf,BUFSIZE); diff --git a/crypto/openssl/crypto/rc2/rc2.h b/crypto/openssl/crypto/rc2/rc2.h index 34c8362317..e542ec94ff 100644 --- a/crypto/openssl/crypto/rc2/rc2.h +++ b/crypto/openssl/crypto/rc2/rc2.h @@ -79,7 +79,9 @@ typedef struct rc2_key_st RC2_INT data[64]; } RC2_KEY; - +#ifdef OPENSSL_FIPS +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); +#endif void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, int enc); diff --git a/crypto/openssl/crypto/rc2/rc2_skey.c b/crypto/openssl/crypto/rc2/rc2_skey.c index 4953642056..4e000e5b99 100644 --- a/crypto/openssl/crypto/rc2/rc2_skey.c +++ b/crypto/openssl/crypto/rc2/rc2_skey.c @@ -57,6 +57,11 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + #include "rc2_locl.h" static unsigned char key_table[256]={ @@ -94,7 +99,19 @@ static unsigned char key_table[256]={ * BSAFE uses the 'retarded' version. What I previously shipped is * the same as specifying 1024 for the 'bits' parameter. Bsafe uses * a version where the bits parameter is the same as len*8 */ + +#ifdef OPENSSL_FIPS void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC2) + private_RC2_set_key(key, len, data, bits); + } +void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, + int bits) +#else +void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +#endif { int i,j; unsigned char *k; diff --git a/crypto/openssl/crypto/rc4/asm/rc4-586.pl b/crypto/openssl/crypto/rc4/asm/rc4-586.pl deleted file mode 100644 index 22bda4b451..0000000000 --- a/crypto/openssl/crypto/rc4/asm/rc4-586.pl +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/local/bin/perl - -# At some point it became apparent that the original SSLeay RC4 -# assembler implementation performs suboptimaly on latest IA-32 -# microarchitectures. After re-tuning performance has changed as -# following: -# -# Pentium +0% -# Pentium III +17% -# AMD +52%(*) -# P4 +180%(**) -# -# (*) This number is actually a trade-off:-) It's possible to -# achieve +72%, but at the cost of -48% off PIII performance. -# In other words code performing further 13% faster on AMD -# would perform almost 2 times slower on Intel PIII... -# For reference! This code delivers ~80% of rc4-amd64.pl -# performance on the same Opteron machine. -# (**) This number requires compressed key schedule set up by -# RC4_set_key and therefore doesn't apply to 0.9.7 [option for -# compressed key schedule is implemented in 0.9.8 and later, -# see commentary section in rc4_skey.c for further details]. -# -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"rc4-586.pl"); - -$x="eax"; -$y="ebx"; -$tx="ecx"; -$ty="edx"; -$in="esi"; -$out="edi"; -$d="ebp"; - -&RC4("RC4"); - -&asm_finish(); - -sub RC4_loop - { - local($n,$p,$char)=@_; - - &comment("Round $n"); - - if ($char) - { - if ($p >= 0) - { - &mov($ty, &swtmp(2)); - &cmp($ty, $in); - &jbe(&label("finished")); - &inc($in); - } - else - { - &add($ty, 8); - &inc($in); - &cmp($ty, $in); - &jb(&label("finished")); - &mov(&swtmp(2), $ty); - } - } - # Moved out - # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0; - - &add( &LB($y), &LB($tx)); - &mov( $ty, &DWP(0,$d,$y,4)); - # XXX - &mov( &DWP(0,$d,$x,4),$ty); - &add( $ty, $tx); - &mov( &DWP(0,$d,$y,4),$tx); - &and( $ty, 0xff); - &inc( &LB($x)); # NEXT ROUND - &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND - &mov( $ty, &DWP(0,$d,$ty,4)); - - if (!$char) - { - #moved up into last round - if ($p >= 1) - { - &add( $out, 8) - } - &movb( &BP($n,"esp","",0), &LB($ty)); - } - else - { - # Note in+=8 has occured - &movb( &HB($ty), &BP(-1,$in,"",0)); - # XXX - &xorb(&LB($ty), &HB($ty)); - # XXX - &movb(&BP($n,$out,"",0),&LB($ty)); - } - } - - -sub RC4 - { - local($name)=@_; - - &function_begin_B($name,""); - - &mov($ty,&wparam(1)); # len - &cmp($ty,0); - &jne(&label("proceed")); - &ret(); - &set_label("proceed"); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &push("esi"); - &xor( $x, $x); # avoid partial register stalls - &push("edi"); - &xor( $y, $y); # avoid partial register stalls - &mov( $d, &wparam(0)); # key - &mov( $in, &wparam(2)); - - &movb( &LB($x), &BP(0,$d,"",1)); - &movb( &LB($y), &BP(4,$d,"",1)); - - &mov( $out, &wparam(3)); - &inc( &LB($x)); - - &stack_push(3); # 3 temp variables - &add( $d, 8); - - # detect compressed schedule, see commentary section in rc4_skey.c... - # in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant, - # as compressed key schedule is set up in 0.9.8 and later. - &cmp(&DWP(256,$d),-1); - &je(&label("RC4_CHAR")); - - &lea( $ty, &DWP(-8,$ty,$in)); - - # check for 0 length input - - &mov( &swtmp(2), $ty); # this is now address to exit at - &mov( $tx, &DWP(0,$d,$x,4)); - - &cmp( $ty, $in); - &jb( &label("end")); # less than 8 bytes - - &set_label("start"); - - # filling DELAY SLOT - &add( $in, 8); - - &RC4_loop(0,-1,0); - &RC4_loop(1,0,0); - &RC4_loop(2,0,0); - &RC4_loop(3,0,0); - &RC4_loop(4,0,0); - &RC4_loop(5,0,0); - &RC4_loop(6,0,0); - &RC4_loop(7,1,0); - - &comment("apply the cipher text"); - # xor the cipher data with input - - #&add( $out, 8); #moved up into last round - - &mov( $tx, &swtmp(0)); - &mov( $ty, &DWP(-8,$in,"",0)); - &xor( $tx, $ty); - &mov( $ty, &DWP(-4,$in,"",0)); - &mov( &DWP(-8,$out,"",0), $tx); - &mov( $tx, &swtmp(1)); - &xor( $tx, $ty); - &mov( $ty, &swtmp(2)); # load end ptr; - &mov( &DWP(-4,$out,"",0), $tx); - &mov( $tx, &DWP(0,$d,$x,4)); - &cmp($in, $ty); - &jbe(&label("start")); - - &set_label("end"); - - # There is quite a bit of extra crap in RC4_loop() for this - # first round - &RC4_loop(0,-1,1); - &RC4_loop(1,0,1); - &RC4_loop(2,0,1); - &RC4_loop(3,0,1); - &RC4_loop(4,0,1); - &RC4_loop(5,0,1); - &RC4_loop(6,1,1); - - &jmp(&label("finished")); - - &align(16); - # this is essentially Intel P4 specific codepath, see rc4_skey.c, - # and is engaged in 0.9.8 and later context... - &set_label("RC4_CHAR"); - - &lea ($ty,&DWP(0,$in,$ty)); - &mov (&swtmp(2),$ty); - &movz ($tx,&BP(0,$d,$x)); - - # strangely enough unrolled loop performs over 20% slower... - &set_label("RC4_CHAR_loop"); - &add (&LB($y),&LB($tx)); - &movz ($ty,&BP(0,$d,$y)); - &movb (&BP(0,$d,$y),&LB($tx)); - &movb (&BP(0,$d,$x),&LB($ty)); - &add (&LB($ty),&LB($tx)); - &movz ($ty,&BP(0,$d,$ty)); - &add (&LB($x),1); - &xorb (&LB($ty),&BP(0,$in)); - &lea ($in,&BP(1,$in)); - &movz ($tx,&BP(0,$d,$x)); - &cmp ($in,&swtmp(2)); - &movb (&BP(0,$out),&LB($ty)); - &lea ($out,&BP(1,$out)); - &jb (&label("RC4_CHAR_loop")); - - &set_label("finished"); - &dec( $x); - &stack_pop(3); - &movb( &BP(-4,$d,"",0),&LB($y)); - &movb( &BP(-8,$d,"",0),&LB($x)); - - &function_end($name); - } - diff --git a/crypto/openssl/crypto/rc4/asm/rc4-ia64.S b/crypto/openssl/crypto/rc4/asm/rc4-ia64.S deleted file mode 100644 index a322d0c718..0000000000 --- a/crypto/openssl/crypto/rc4/asm/rc4-ia64.S +++ /dev/null @@ -1,160 +0,0 @@ -// ==================================================================== -// Written by Andy Polyakov for the OpenSSL -// project. -// -// Rights for redistribution and usage in source and binary forms are -// granted according to the OpenSSL license. Warranty of any kind is -// disclaimed. -// ==================================================================== - -.ident "rc4-ia64.S, Version 2.0" -.ident "IA-64 ISA artwork by Andy Polyakov " - -// What's wrong with compiler generated code? Because of the nature of -// C language, compiler doesn't [dare to] reorder load and stores. But -// being memory-bound, RC4 should benefit from reorder [on in-order- -// execution core such as IA-64]. But what can we reorder? At the very -// least we can safely reorder references to key schedule in respect -// to input and output streams. Secondly, from the first [close] glance -// it appeared that it's possible to pull up some references to -// elements of the key schedule itself. Original rationale ["prior -// loads are not safe only for "degenerated" key schedule, when some -// elements equal to the same value"] was kind of sloppy. I should have -// formulated as it really was: if we assume that pulling up reference -// to key[x+1] is not safe, then it would mean that key schedule would -// "degenerate," which is never the case. The problem is that this -// holds true in respect to references to key[x], but not to key[y]. -// Legitimate "collisions" do occur within every 256^2 bytes window. -// Fortunately there're enough free instruction slots to keep prior -// reference to key[x+1], detect "collision" and compensate for it. -// All this without sacrificing a single clock cycle:-) Throughput is -// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated -// code and +30% - if compared to HP-UX C. Unrolling loop below should -// give >30% on top of that... - -.text -.explicit - -#if defined(_HPUX_SOURCE) && !defined(_LP64) -# define ADDP addp4 -#else -# define ADDP add -#endif - -#ifndef SZ -#define SZ 4 // this is set to sizeof(RC4_INT) -#endif -// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for -// assembler implementation, while SZ==1 code is ~30% slower. -#if SZ==1 // RC4_INT is unsigned char -# define LDKEY ld1 -# define STKEY st1 -# define OFF 0 -#elif SZ==4 // RC4_INT is unsigned int -# define LDKEY ld4 -# define STKEY st4 -# define OFF 2 -#elif SZ==8 // RC4_INT is unsigned long -# define LDKEY ld8 -# define STKEY st8 -# define OFF 3 -#endif - -out=r8; // [expanded] output pointer -inp=r9; // [expanded] output pointer -prsave=r10; -key=r28; // [expanded] pointer to RC4_KEY -ksch=r29; // (key->data+255)[&~(sizeof(key->data)-1)] -xx=r30; -yy=r31; - -// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out); -.global RC4# -.proc RC4# -.align 32 -.skip 16 -RC4: - .prologue - .fframe 0 - .save ar.pfs,r2 - .save ar.lc,r3 - .save pr,prsave -{ .mii; alloc r2=ar.pfs,4,12,0,16 - mov prsave=pr - ADDP key=0,in0 };; -{ .mib; cmp.eq p6,p0=0,in1 // len==0? - mov r3=ar.lc -(p6) br.ret.spnt.many b0 };; // emergency exit - - .body - .rotr dat[4],key_x[4],tx[2],rnd[2],key_y[2],ty[1]; - -{ .mib; LDKEY xx=[key],SZ // load key->x - add in1=-1,in1 // adjust len for loop counter - nop.b 0 } -{ .mib; ADDP inp=0,in2 - ADDP out=0,in3 - brp.loop.imp .Ltop,.Lexit-16 };; -{ .mmi; LDKEY yy=[key] // load key->y - add ksch=SZ,key - mov ar.lc=in1 } -{ .mmi; mov key_y[1]=r0 // guarantee inequality - // in first iteration - add xx=1,xx - mov pr.rot=1<<16 };; -{ .mii; nop.m 0 - dep key_x[1]=xx,r0,OFF,8 - mov ar.ec=3 };; // note that epilogue counter - // is off by 1. I compensate - // for this at exit... -.Ltop: -// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which -// theoretically gives asymptotic performance of clock frequency -// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is -// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently -// splits the last bundle and you end up with 5*n spin-rate:-( -// Originally the loop was scheduled for 3*n and relied on key -// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But -// *(out++)=dat, which maps to st1, had same effect [inadvertent -// bundle split] and holded the loop back. Rescheduling for 4*n -// made it possible to eliminate dependence on specific alignment -// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would -// require unrolling, sticking to variable shift instruction for -// collecting output [to avoid starvation for integer shifter] and -// copying of key schedule to controlled place in stack [so that -// deposit instruction can serve as substitute for whole -// key->data+((x&255)<data[0])))]... -{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat - (p16) add xx=1,xx // x++ - (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<y - mov pr=prsave,0x1ffff - nop.b 0 } -{ .mib; st1 [out]=dat[3],1 // compensate for truncated - // epilogue counter - add xx=-1,xx - nop.b 0 };; -{ .mib; STKEY [key]=xx // save key->x - mov ar.lc=r3 - br.ret.sptk.many b0 };; -.endp RC4# diff --git a/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl b/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl deleted file mode 100755 index 4b990cba07..0000000000 --- a/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl +++ /dev/null @@ -1,240 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in -# "hand-coded assembler"] doesn't stand for the whole improvement -# coefficient. It turned out that eliminating RC4_CHAR from config -# line results in ~40% improvement (yes, even for C implementation). -# Presumably it has everything to do with AMD cache architecture and -# RAW or whatever penalties. Once again! The module *requires* config -# line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' -# I simply 'inc %r8b'. Even though optimization manual discourages -# to operate on partial registers, it turned out to be the best bet. -# At least for AMD... How IA32E would perform remains to be seen... - -# As was shown by Marc Bevand reordering of couple of load operations -# results in even higher performance gain of 3.3x:-) At least on -# Opteron... For reference, 1x in this case is RC4_CHAR C-code -# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock. -# Latter means that if you want to *estimate* what to expect from -# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz. - -# Intel P4 EM64T core was found to run the AMD64 code really slow... -# The only way to achieve comparable performance on P4 was to keep -# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to -# compose blended code, which would perform even within 30% marginal -# on either AMD and Intel platforms, I implement both cases. See -# rc4_skey.c for further details... - -# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing -# those with add/sub results in 50% performance improvement of folded -# loop... - -# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T -# performance by >30% [unlike P4 32-bit case that is]. But this is -# provided that loads are reordered even more aggressively! Both code -# pathes, AMD64 and EM64T, reorder loads in essentially same manner -# as my IA-64 implementation. On Opteron this resulted in modest 5% -# improvement [I had to test it], while final Intel P4 performance -# achieves respectful 432MBps on 2.8GHz processor now. For reference. -# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than -# RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU µ-arch detection -# is not implemented, then this final RC4_CHAR code-path should be -# preferred, as it provides better *all-round* performance]. - -$output=shift; -open STDOUT,"| $^X ../perlasm/x86_64-xlate.pl $output"; - -$dat="%rdi"; # arg1 -$len="%rsi"; # arg2 -$inp="%rdx"; # arg3 -$out="%rcx"; # arg4 - -@XX=("%r8","%r10"); -@TX=("%r9","%r11"); -$YY="%r12"; -$TY="%r13"; - -$code=<<___; -.text - -.globl RC4 -.type RC4,\@function,4 -.align 16 -RC4: or $len,$len - jne .Lentry - ret -.Lentry: - push %r12 - push %r13 - - add \$8,$dat - movl -8($dat),$XX[0]#d - movl -4($dat),$YY#d - cmpl \$-1,256($dat) - je .LRC4_CHAR - inc $XX[0]#b - movl ($dat,$XX[0],4),$TX[0]#d - test \$-8,$len - jz .Lloop1 - jmp .Lloop8 -.align 16 -.Lloop8: -___ -for ($i=0;$i<8;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - mov $XX[0],$XX[1] - movl ($dat,$YY,4),$TY#d - ror \$8,%rax # ror is redundant when $i=0 - inc $XX[1]#b - movl ($dat,$XX[1],4),$TX[1]#d - cmp $XX[1],$YY - movl $TX[0]#d,($dat,$YY,4) - cmove $TX[0],$TX[1] - movl $TY#d,($dat,$XX[0],4) - add $TX[0]#b,$TY#b - movb ($dat,$TY,4),%al -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - ror \$8,%rax - sub \$8,$len - - xor ($inp),%rax - add \$8,$inp - mov %rax,($out) - add \$8,$out - - test \$-8,$len - jnz .Lloop8 - cmp \$0,$len - jne .Lloop1 -___ -$code.=<<___; -.Lexit: - sub \$1,$XX[0]#b - movl $XX[0]#d,-8($dat) - movl $YY#d,-4($dat) - - pop %r13 - pop %r12 - ret -.align 16 -.Lloop1: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - inc $inp - movb $TY#b,($out) - inc $out - dec $len - jnz .Lloop1 - jmp .Lexit - -.align 16 -.LRC4_CHAR: - add \$1,$XX[0]#b - movzb ($dat,$XX[0]),$TX[0]#d - test \$-8,$len - jz .Lcloop1 - push %rbx - jmp .Lcloop8 -.align 16 -.Lcloop8: - mov ($inp),%eax - mov 4($inp),%ebx -___ -# unroll 2x4-wise, because 64-bit rotates kill Intel P4... -for ($i=0;$i<4;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%al - ror \$8,%eax -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -for ($i=4;$i<8;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%bl - ror \$8,%ebx -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - lea -8($len),$len - mov %eax,($out) - lea 8($inp),$inp - mov %ebx,4($out) - lea 8($out),$out - - test \$-8,$len - jnz .Lcloop8 - pop %rbx - cmp \$0,$len - jne .Lcloop1 - jmp .Lexit -___ -$code.=<<___; -.align 16 -.Lcloop1: - add $TX[0]#b,$YY#b - movzb ($dat,$YY),$TY#d - movb $TX[0]#b,($dat,$YY) - movb $TY#b,($dat,$XX[0]) - add $TX[0]#b,$TY#b - add \$1,$XX[0]#b - movzb ($dat,$TY),$TY#d - movzb ($dat,$XX[0]),$TX[0]#d - xorb ($inp),$TY#b - lea 1($inp),$inp - movb $TY#b,($out) - lea 1($out),$out - sub \$1,$len - jnz .Lcloop1 - jmp .Lexit -.size RC4,.-RC4 -___ - -$code =~ s/#([bwd])/$1/gm; - -print $code; - -close STDOUT; diff --git a/crypto/openssl/crypto/rc4/rc4.h b/crypto/openssl/crypto/rc4/rc4.h index 7aec04fe93..2d8620d33b 100644 --- a/crypto/openssl/crypto/rc4/rc4.h +++ b/crypto/openssl/crypto/rc4/rc4.h @@ -76,6 +76,9 @@ typedef struct rc4_key_st const char *RC4_options(void); +#ifdef OPENSSL_FIPS +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); +#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); diff --git a/crypto/openssl/crypto/evp/evp_acnf.c b/crypto/openssl/crypto/rc4/rc4_fblk.c similarity index 78% copy from crypto/openssl/crypto/evp/evp_acnf.c copy to crypto/openssl/crypto/rc4/rc4_fblk.c index ff3e311cc5..1b2a42979b 100644 --- a/crypto/openssl/crypto/evp/evp_acnf.c +++ b/crypto/openssl/crypto/rc4/rc4_fblk.c @@ -1,9 +1,9 @@ -/* evp_acnf.c */ -/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL - * project 2001. +/* crypto/rc4/rc4_fblk.c */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. */ /* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -49,25 +49,27 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * */ -#include "cryptlib.h" -#include -#include +#include +#include "rc4_locl.h" +#include +#include +#ifdef OPENSSL_FIPS +#include +#endif -/* Load all algorithms and configure OpenSSL. - * This function is called automatically when - * OPENSSL_LOAD_CONF is set. +/* FIPS mode blocking for RC4 has to be done separately since RC4_set_key + * may be implemented in an assembly language file. */ -void OPENSSL_add_all_algorithms_conf(void) +#ifdef OPENSSL_FIPS +void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) { - OPENSSL_add_all_algorithms_noconf(); - OPENSSL_config(NULL); + if (FIPS_mode()) + FIPS_BAD_ABORT(RC4) + private_RC4_set_key(key, len, data); } +#endif + diff --git a/crypto/openssl/crypto/rc4/rc4_skey.c b/crypto/openssl/crypto/rc4/rc4_skey.c index 46b77ec321..4478d1a4b3 100644 --- a/crypto/openssl/crypto/rc4/rc4_skey.c +++ b/crypto/openssl/crypto/rc4/rc4_skey.c @@ -59,6 +59,11 @@ #include #include "rc4_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; @@ -85,7 +90,11 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ +#ifdef OPENSSL_FIPS +void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +#else void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) +#endif { register RC4_INT tmp; register int id1,id2; @@ -127,7 +136,12 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) * * */ - if (OPENSSL_ia32cap_P & (1<<20)) { +#ifdef OPENSSL_FIPS + unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc(); + if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) { +#else + if (OPENSSL_ia32cap_P & (1<<28)) { +#endif unsigned char *cp=(unsigned char *)d; for (i=0;i<256;i++) cp[i]=i; diff --git a/crypto/openssl/crypto/rc5/rc5.h b/crypto/openssl/crypto/rc5/rc5.h index 4b3c153b50..f73a2a02a4 100644 --- a/crypto/openssl/crypto/rc5/rc5.h +++ b/crypto/openssl/crypto/rc5/rc5.h @@ -94,7 +94,10 @@ typedef struct rc5_key_st RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; } RC5_32_KEY; - +#ifdef OPENSSL_FIPS +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds); +#endif void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds); void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, diff --git a/crypto/openssl/crypto/rc5/rc5_skey.c b/crypto/openssl/crypto/rc5/rc5_skey.c index a2e00a41c5..247fa6500c 100644 --- a/crypto/openssl/crypto/rc5/rc5_skey.c +++ b/crypto/openssl/crypto/rc5/rc5_skey.c @@ -56,11 +56,28 @@ * [including the GNU Public Licence.] */ +#include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include "rc5_locl.h" +#ifdef OPENSSL_FIPS +void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) + { + if (FIPS_mode()) + FIPS_BAD_ABORT(RC5) + private_RC5_32_set_key(key, len, data, rounds); + } +void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, + int rounds) +#else void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, int rounds) +#endif { RC5_32_INT L[64],l,ll,A,B,*S,k; int i,j,m,c,t,ii,jj; diff --git a/crypto/openssl/crypto/ripemd/asm/rips.cpp b/crypto/openssl/crypto/ripemd/asm/rips.cpp deleted file mode 100644 index f7a13677a9..0000000000 --- a/crypto/openssl/crypto/ripemd/asm/rips.cpp +++ /dev/null @@ -1,82 +0,0 @@ -// -// gettsc.inl -// -// gives access to the Pentium's (secret) cycle counter -// -// This software was written by Leonard Janke (janke@unixg.ubc.ca) -// in 1996-7 and is entered, by him, into the public domain. - -#if defined(__WATCOMC__) -void GetTSC(unsigned long&); -#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax]; -#elif defined(__GNUC__) -inline -void GetTSC(unsigned long& tsc) -{ - asm volatile(".byte 15, 49\n\t" - : "=eax" (tsc) - : - : "%edx", "%eax"); -} -#elif defined(_MSC_VER) -inline -void GetTSC(unsigned long& tsc) -{ - unsigned long a; - __asm _emit 0fh - __asm _emit 31h - __asm mov a, eax; - tsc=a; -} -#endif - -#include -#include -#include - -#define ripemd160_block_x86 ripemd160_block_asm_host_order - -extern "C" { -void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num); -} - -void main(int argc,char *argv[]) - { - unsigned char buffer[64*256]; - RIPEMD160_CTX ctx; - unsigned long s1,s2,e1,e2; - unsigned char k[16]; - unsigned long data[2]; - unsigned char iv[8]; - int i,num=0,numm; - int j=0; - - if (argc >= 2) - num=atoi(argv[1]); - - if (num == 0) num=16; - if (num > 250) num=16; - numm=num+2; -#if 0 - num*=64; - numm*=64; -#endif - - for (j=0; j<6; j++) - { - for (i=0; i<10; i++) /**/ - { - ripemd160_block_x86(&ctx,buffer,numm); - GetTSC(s1); - ripemd160_block_x86(&ctx,buffer,numm); - GetTSC(e1); - GetTSC(s2); - ripemd160_block_x86(&ctx,buffer,num); - GetTSC(e2); - ripemd160_block_x86(&ctx,buffer,num); - } - printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num*64, - e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2); - } - } - diff --git a/crypto/openssl/crypto/ripemd/asm/rmd-586.pl b/crypto/openssl/crypto/ripemd/asm/rmd-586.pl deleted file mode 100644 index 0ab6f76bff..0000000000 --- a/crypto/openssl/crypto/ripemd/asm/rmd-586.pl +++ /dev/null @@ -1,590 +0,0 @@ -#!/usr/local/bin/perl - -# Normal is the -# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks); - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$A="ecx"; -$B="esi"; -$C="edi"; -$D="ebx"; -$E="ebp"; -$tmp1="eax"; -$tmp2="edx"; - -$KL1=0x5A827999; -$KL2=0x6ED9EBA1; -$KL3=0x8F1BBCDC; -$KL4=0xA953FD4E; -$KR0=0x50A28BE6; -$KR1=0x5C4DD124; -$KR2=0x6D703EF3; -$KR3=0x7A6D76E9; - - -@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15, - 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8, - 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12, - 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2, - 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13, - ); - -@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12, - 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2, - 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13, - 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14, - 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11, - ); - -@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8, - 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12, - 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5, - 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12, - 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6, - ); - -@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6, - 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11, - 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5, - 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8, - 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, - ); - -&ripemd160_block("ripemd160_block_asm_host_order"); -&asm_finish(); - -sub Xv - { - local($n)=@_; - return(&swtmp($n)); - # tmp on stack - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D); - return($n{$p}); - } - -sub RIP1 - { - local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_; - - &comment($p++); - if ($p & 1) - { - #&mov($tmp1, $c) if $o == -1; - &xor($tmp1, $d) if $o == -1; - &mov($tmp2, &Xv($pos)); - &xor($tmp1, $b); - &add($a, $tmp2); - &rotl($c, 10); - &add($a, $tmp1); - &mov($tmp1, &Np($c)); # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &xor($tmp1, $d); - &mov($tmp2, &Xv($pos)); - &xor($tmp1, $b); - &add($a, $tmp1); - &mov($tmp1, &Np($c)) if $o <= 0; - &mov($tmp1, -1) if $o == 1; - # XXX if $o == 2; - &rotl($c, 10); - &add($a, $tmp2); - &xor($tmp1, &Np($d)) if $o <= 0; - &mov($tmp2, &Xv($pos2)) if $o == 1; - &mov($tmp2, &wparam(0)) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP2 - { - local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_; - -# XXXXXX - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, &Xv($pos)) if $o < -1; -# &mov($tmp1, -1) if $o < -1; - - &add($a, $tmp2); - &mov($tmp2, $c); - &sub($tmp1, $b); - &and($tmp2, $b); - &and($tmp1, $d); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &mov($tmp2, -1) if $o <= 0; - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - # XXX - &add($a, $tmp1); - &mov($tmp1, $c); - &sub($tmp2, $b); - &and($tmp1, $b); - &and($tmp2, $d); - if ($o != 2) - { - &or($tmp1, $tmp2); - &mov($tmp2, &Xv($pos2)) if $o <= 0; - &mov($tmp2, -1) if $o == 1; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &mov($tmp1, -1) if $o <= 0; - &sub($tmp2, &Np($c)) if $o == 1; - } else { - &or($tmp2, $tmp1); - &mov($tmp1, &Np($c)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &xor($tmp1, &Np($d)); - } - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP3 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_; - - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, -1) if $o < -1; -# &sub($tmp2, $c) if $o < -1; - &mov($tmp1, &Xv($pos)); - &or($tmp2, $b); - &add($a, $tmp1); - &xor($tmp2, $d); - &mov($tmp1, -1) if $o <= 0; # NEXT - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &sub($tmp1, &Np($c)) if $o <= 0; # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &mov($tmp2, &Xv($pos)); - &or($tmp1, $b); - &add($a, $tmp2); - &xor($tmp1, $d); - &mov($tmp2, -1) if $o <= 0; # NEXT - &mov($tmp2, -1) if $o == 1; - &mov($tmp2, &Xv($pos2)) if $o == 2; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &sub($tmp2, &Np($c)) if $o <= 0; # NEXT - &mov($tmp1, &Np($d)) if $o == 1; - &mov($tmp1, -1) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP4 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; - - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, -1) if $o == -2; -# &mov($tmp1, $d) if $o == -2; - &sub($tmp2, $d); - &and($tmp1, $b); - &and($tmp2, $c); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2)); - &mov($tmp2, -1) unless $o > 0; # NEXT - # XXX - &add($a, $tmp1); - &mov($tmp1, &Np($d)) unless $o > 0; # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &sub($tmp2, $d); - &and($tmp1, $b); - &and($tmp2, $c); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2)); - &mov($tmp2, -1) if $o == 0; # NEXT - &mov($tmp2, -1) if $o == 1; - &mov($tmp2, -1) if $o == 2; - # XXX - &add($a, $tmp1); - &mov($tmp1, &Np($d)) if $o == 0; # NEXT - &sub($tmp2, &Np($d)) if $o == 1; - &sub($tmp2, &Np($c)) if $o == 2; - # XXX - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP5 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; - - &comment($p++); - if ($p & 1) - { - &mov($tmp2, -1) if $o == -2; - &sub($tmp2, $d) if $o == -2; - &mov($tmp1, &Xv($pos)); - &or($tmp2, $c); - &add($a, $tmp1); - &xor($tmp2, $b); - &mov($tmp1, -1) if $o <= 0; - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &sub($tmp1, &Np($d)) if $o <= 0; - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &mov($tmp2, &Xv($pos)); - &or($tmp1, $c); - &add($a, $tmp2); - &xor($tmp1, $b); - &mov($tmp2, -1) if $o <= 0; - &mov($tmp2, &wparam(0)) if $o == 1; # Middle code - &mov($tmp2, -1) if $o == 2; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &sub($tmp2, &Np($d)) if $o <= 0; - &mov(&swtmp(16), $A) if $o == 1; - &mov($tmp1, &Np($d)) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub ripemd160_block - { - local($name)=@_; - - &function_begin_B($name,"",3); - - # parameter 1 is the RIPEMD160_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov($tmp2, &wparam(0)); - &mov($tmp1, &wparam(1)); - &push("esi"); - &mov($A, &DWP( 0,$tmp2,"",0)); - &push("edi"); - &mov($B, &DWP( 4,$tmp2,"",0)); - &push("ebp"); - &mov($C, &DWP( 8,$tmp2,"",0)); - &push("ebx"); - &stack_push(16+5+6); - # Special comment about the figure of 6. - # Idea is to pad the current frame so - # that the top of the stack gets fairly - # aligned. Well, as you realize it would - # always depend on how the frame below is - # aligned. The good news are that gcc-2.95 - # and later does keep first argument at - # least double-wise aligned. - # - - &set_label("start") unless $normal; - &comment(""); - - # &mov($tmp1, &wparam(1)); # Done at end of loop - # &mov($tmp2, &wparam(0)); # Done at end of loop - - for ($z=0; $z<16; $z+=2) - { - &mov($D, &DWP( $z*4,$tmp1,"",0)); - &mov($E, &DWP( ($z+1)*4,$tmp1,"",0)); - &mov(&swtmp($z), $D); - &mov(&swtmp($z+1), $E); - } - &mov($tmp1, $C); - &mov($D, &DWP(12,$tmp2,"",0)); - &mov($E, &DWP(16,$tmp2,"",0)); - - &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1); - &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0); - &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0); - &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0); - &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0); - &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0); - &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0); - &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0); - &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0); - &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0); - &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0); - &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0); - &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0); - &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0); - &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0); - &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]); - - &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1); - &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0); - &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0); - &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1); - - &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1); - &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0); - &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0); - &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1); - - &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1); - &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0); - &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0); - &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1); - - &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1); - &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0); - &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0); - &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1); - - # &mov($tmp2, &wparam(0)); # moved into last RIP5 - # &mov(&swtmp(16), $A); - &mov($A, &DWP( 0,$tmp2,"",0)); - &mov(&swtmp(16+1), $B); - &mov(&swtmp(16+2), $C); - &mov($B, &DWP( 4,$tmp2,"",0)); - &mov(&swtmp(16+3), $D); - &mov($C, &DWP( 8,$tmp2,"",0)); - &mov(&swtmp(16+4), $E); - &mov($D, &DWP(12,$tmp2,"",0)); - &mov($E, &DWP(16,$tmp2,"",0)); - - &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2); - &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0); - &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0); - &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2); - - &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2); - &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0); - &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0); - &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2); - - &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2); - &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0); - &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0); - &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]); - - &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2); - &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0); - &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0); - &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2); - - &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2); - &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0); - &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0); - &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0); - &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0); - &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0); - &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0); - &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0); - &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0); - &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0); - &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0); - &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0); - &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0); - &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0); - &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0); - &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2); - - # &mov($tmp2, &wparam(0)); # Moved into last round - - &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B - &add($D, $tmp1); - &mov($tmp1, &swtmp(16+2)); # $c - &add($D, $tmp1); - - &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C - &add($E, $tmp1); - &mov($tmp1, &swtmp(16+3)); # $d - &add($E, $tmp1); - - &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D - &add($A, $tmp1); - &mov($tmp1, &swtmp(16+4)); # $e - &add($A, $tmp1); - - - &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E - &add($B, $tmp1); - &mov($tmp1, &swtmp(16+0)); # $a - &add($B, $tmp1); - - &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A - &add($C, $tmp1); - &mov($tmp1, &swtmp(16+1)); # $b - &add($C, $tmp1); - - &mov($tmp1, &wparam(2)); - - &mov(&DWP( 0,$tmp2,"",0), $D); - &mov(&DWP( 4,$tmp2,"",0), $E); - &mov(&DWP( 8,$tmp2,"",0), $A); - &sub($tmp1,1); - &mov(&DWP(12,$tmp2,"",0), $B); - &mov(&DWP(16,$tmp2,"",0), $C); - - &jle(&label("get_out")); - - &mov(&wparam(2),$tmp1); - &mov($C, $A); - &mov($tmp1, &wparam(1)); - &mov($A, $D); - &add($tmp1, 64); - &mov($B, $E); - &mov(&wparam(1),$tmp1); - - &jmp(&label("start")); - - &set_label("get_out"); - - &stack_pop(16+5+6); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - diff --git a/crypto/openssl/crypto/ripemd/ripemd.h b/crypto/openssl/crypto/ripemd/ripemd.h index 033a5965b5..3b6d04386d 100644 --- a/crypto/openssl/crypto/ripemd/ripemd.h +++ b/crypto/openssl/crypto/ripemd/ripemd.h @@ -90,7 +90,9 @@ typedef struct RIPEMD160state_st RIPEMD160_LONG data[RIPEMD160_LBLOCK]; unsigned int num; } RIPEMD160_CTX; - +#ifdef OPENSSL_FIPS +int private_RIPEMD160_Init(RIPEMD160_CTX *c); +#endif int RIPEMD160_Init(RIPEMD160_CTX *c); int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); diff --git a/crypto/openssl/crypto/ripemd/rmd_dgst.c b/crypto/openssl/crypto/ripemd/rmd_dgst.c index 61626284b8..ead11d075a 100644 --- a/crypto/openssl/crypto/ripemd/rmd_dgst.c +++ b/crypto/openssl/crypto/ripemd/rmd_dgst.c @@ -59,6 +59,11 @@ #include #include "rmd_locl.h" #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; @@ -69,7 +74,7 @@ const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); # endif -int RIPEMD160_Init(RIPEMD160_CTX *c) +FIPS_NON_FIPS_MD_Init(RIPEMD160) { c->A=RIPEMD160_A; c->B=RIPEMD160_B; diff --git a/crypto/openssl/crypto/ripemd/rmd_locl.h b/crypto/openssl/crypto/ripemd/rmd_locl.h index f14b346e66..ce12a8000e 100644 --- a/crypto/openssl/crypto/ripemd/rmd_locl.h +++ b/crypto/openssl/crypto/ripemd/rmd_locl.h @@ -72,7 +72,7 @@ */ #ifdef RMD160_ASM # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_data_order ripemd160_block_asm_data_order +# define ripemd160_block_host_order ripemd160_block_asm_data_order # endif #endif diff --git a/crypto/openssl/crypto/rsa/rsa.h b/crypto/openssl/crypto/rsa/rsa.h index 3699afaaaf..5bb932ae15 100644 --- a/crypto/openssl/crypto/rsa/rsa.h +++ b/crypto/openssl/crypto/rsa/rsa.h @@ -74,6 +74,25 @@ #error RSA is disabled. #endif +/* If this flag is set the RSA method is FIPS compliant and can be used + * in FIPS mode. This is set in the validated module method. If an + * application sets this flag in its own methods it is its reposibility + * to ensure the result is compliant. + */ + +#define RSA_FLAG_FIPS_METHOD 0x0400 + +/* If this flag is set the operations normally disabled in FIPS mode are + * permitted it is then the applications responsibility to ensure that the + * usage is compliant. + */ + +#define RSA_FLAG_NON_FIPS_ALLOW 0x0400 + +#ifdef OPENSSL_FIPS +#define FIPS_RSA_SIZE_T int +#endif + #ifdef __cplusplus extern "C" { #endif @@ -163,6 +182,8 @@ struct rsa_st # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 #endif +#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024 + #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 #endif @@ -240,6 +261,11 @@ RSA * RSA_generate_key(int bits, unsigned long e,void /* New version */ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); +int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, + const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, + const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, + const BIGNUM *e, BN_GENCB *cb); +int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb); int RSA_check_key(const RSA *); /* next 4 return -1 on error */ @@ -257,6 +283,11 @@ int RSA_up_ref(RSA *r); int RSA_flags(const RSA *r); +#ifdef OPENSSL_FIPS +RSA *FIPS_rsa_new(void); +void FIPS_rsa_free(RSA *r); +#endif + void RSA_set_default_method(const RSA_METHOD *meth); const RSA_METHOD *RSA_get_default_method(void); const RSA_METHOD *RSA_get_method(const RSA *rsa); @@ -370,6 +401,8 @@ void ERR_load_RSA_strings(void); /* Error codes for the RSA functions. */ /* Function codes. */ +#define RSA_F_FIPS_RSA_SIGN 140 +#define RSA_F_FIPS_RSA_VERIFY 141 #define RSA_F_MEMORY_LOCK 100 #define RSA_F_RSA_BUILTIN_KEYGEN 129 #define RSA_F_RSA_CHECK_KEY 123 @@ -401,7 +434,11 @@ void ERR_load_RSA_strings(void); #define RSA_F_RSA_PADDING_CHECK_X931 128 #define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT_FP 116 +#define RSA_F_RSA_PRIVATE_ENCRYPT 137 +#define RSA_F_RSA_PUBLIC_DECRYPT 138 #define RSA_F_RSA_SETUP_BLINDING 136 +#define RSA_F_RSA_SET_DEFAULT_METHOD 139 +#define RSA_F_RSA_SET_METHOD 142 #define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_VERIFY 119 @@ -435,10 +472,12 @@ void ERR_load_RSA_strings(void); #define RSA_R_KEY_SIZE_TOO_SMALL 120 #define RSA_R_LAST_OCTET_INVALID 134 #define RSA_R_MODULUS_TOO_LARGE 105 +#define RSA_R_NON_FIPS_METHOD 141 #define RSA_R_NO_PUBLIC_EXPONENT 140 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 +#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 142 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 diff --git a/crypto/openssl/crypto/rsa/rsa_asn1.c b/crypto/openssl/crypto/rsa/rsa_asn1.c index bbbf26d50e..6e8a803e81 100644 --- a/crypto/openssl/crypto/rsa/rsa_asn1.c +++ b/crypto/openssl/crypto/rsa/rsa_asn1.c @@ -1,5 +1,5 @@ /* rsa_asn1.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c index 283ddd8f1f..0ac6418449 100644 --- a/crypto/openssl/crypto/rsa/rsa_eay.c +++ b/crypto/openssl/crypto/rsa/rsa_eay.c @@ -115,7 +115,7 @@ #include #include -#ifndef RSA_NULL +#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS) static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); diff --git a/crypto/openssl/crypto/rsa/rsa_lib.c b/crypto/openssl/crypto/rsa/rsa_eng.c similarity index 73% copy from crypto/openssl/crypto/rsa/rsa_lib.c copy to crypto/openssl/crypto/rsa/rsa_eng.c index 104aa4c1f2..383a7045b2 100644 --- a/crypto/openssl/crypto/rsa/rsa_lib.c +++ b/crypto/openssl/crypto/rsa/rsa_eng.c @@ -80,6 +80,13 @@ RSA *RSA_new(void) void RSA_set_default_method(const RSA_METHOD *meth) { +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) + { + RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_METHOD); + return; + } +#endif default_RSA_meth = meth; } @@ -111,6 +118,13 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) /* NB: The caller is specifically setting a method, so it's not up to us * to deal with which ENGINE it comes from. */ const RSA_METHOD *mtmp; +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) + { + RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_METHOD); + return 0; + } +#endif mtmp = rsa->meth; if (mtmp->finish) mtmp->finish(rsa); #ifndef OPENSSL_NO_ENGINE @@ -163,6 +177,18 @@ RSA *RSA_new_method(ENGINE *engine) } } #endif +#ifdef OPENSSL_FIPS + if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) + { + RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_METHOD); +#ifndef OPENSSL_NO_ENGINE + if (ret->engine) + ENGINE_finish(ret->engine); +#endif + OPENSSL_free(ret); + return NULL; + } +#endif ret->pad=0; ret->version=0; @@ -271,163 +297,11 @@ void *RSA_get_ex_data(const RSA *r, int idx) return(CRYPTO_get_ex_data(&r->ex_data,idx)); } -int RSA_size(const RSA *r) - { - return(BN_num_bytes(r->n)); - } - -int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); - } - -int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); - } - -int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); - } - -int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); - } - int RSA_flags(const RSA *r) { return((r == NULL)?0:r->meth->flags); } -void RSA_blinding_off(RSA *rsa) - { - if (rsa->blinding != NULL) - { - BN_BLINDING_free(rsa->blinding); - rsa->blinding=NULL; - } - rsa->flags &= ~RSA_FLAG_BLINDING; - rsa->flags |= RSA_FLAG_NO_BLINDING; - } - -int RSA_blinding_on(RSA *rsa, BN_CTX *ctx) - { - int ret=0; - - if (rsa->blinding != NULL) - RSA_blinding_off(rsa); - - rsa->blinding = RSA_setup_blinding(rsa, ctx); - if (rsa->blinding == NULL) - goto err; - - rsa->flags |= RSA_FLAG_BLINDING; - rsa->flags &= ~RSA_FLAG_NO_BLINDING; - ret=1; -err: - return(ret); - } - -static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, - const BIGNUM *q, BN_CTX *ctx) -{ - BIGNUM *ret = NULL, *r0, *r1, *r2; - - if (d == NULL || p == NULL || q == NULL) - return NULL; - - BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - if (r2 == NULL) - goto err; - - if (!BN_sub(r1, p, BN_value_one())) goto err; - if (!BN_sub(r2, q, BN_value_one())) goto err; - if (!BN_mul(r0, r1, r2, ctx)) goto err; - - ret = BN_mod_inverse(NULL, d, r0, ctx); -err: - BN_CTX_end(ctx); - return ret; -} - -BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) -{ - BIGNUM local_n; - BIGNUM *e,*n; - BN_CTX *ctx; - BN_BLINDING *ret = NULL; - - if (in_ctx == NULL) - { - if ((ctx = BN_CTX_new()) == NULL) return 0; - } - else - ctx = in_ctx; - - BN_CTX_start(ctx); - e = BN_CTX_get(ctx); - if (e == NULL) - { - RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (rsa->e == NULL) - { - e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); - if (e == NULL) - { - RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT); - goto err; - } - } - else - e = rsa->e; - - - if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) - { - /* if PRNG is not properly seeded, resort to secret - * exponent as unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); - } - - if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) - { - /* Set BN_FLG_CONSTTIME flag */ - n = &local_n; - BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME); - } - else - n = rsa->n; - - ret = BN_BLINDING_create_param(NULL, e, n, ctx, - rsa->meth->bn_mod_exp, rsa->_method_mod_n); - if (ret == NULL) - { - RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); - goto err; - } - BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); -err: - BN_CTX_end(ctx); - if (in_ctx == NULL) - BN_CTX_free(ctx); - if(rsa->e == NULL) - BN_free(e); - - return ret; -} - int RSA_memory_lock(RSA *r) { int i,j,k,off; diff --git a/crypto/openssl/crypto/rsa/rsa_err.c b/crypto/openssl/crypto/rsa/rsa_err.c index fe3ba1b44b..501f5ea389 100644 --- a/crypto/openssl/crypto/rsa/rsa_err.c +++ b/crypto/openssl/crypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* crypto/rsa/rsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,6 +70,8 @@ static ERR_STRING_DATA RSA_str_functs[]= { +{ERR_FUNC(RSA_F_FIPS_RSA_SIGN), "FIPS_RSA_SIGN"}, +{ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_RSA_VERIFY"}, {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, @@ -101,7 +103,11 @@ static ERR_STRING_DATA RSA_str_functs[]= {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, +{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"}, +{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, +{ERR_FUNC(RSA_F_RSA_SET_DEFAULT_METHOD), "RSA_set_default_method"}, +{ERR_FUNC(RSA_F_RSA_SET_METHOD), "RSA_set_method"}, {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, @@ -138,10 +144,12 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, +{ERR_REASON(RSA_R_NON_FIPS_METHOD) ,"non fips method"}, {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, +{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, diff --git a/crypto/openssl/crypto/rsa/rsa_gen.c b/crypto/openssl/crypto/rsa/rsa_gen.c index 767f7ab682..41278f83c6 100644 --- a/crypto/openssl/crypto/rsa/rsa_gen.c +++ b/crypto/openssl/crypto/rsa/rsa_gen.c @@ -68,6 +68,8 @@ #include #include +#ifndef OPENSSL_FIPS + static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); /* NB: this wrapper would normally be placed in rsa_lib.c and the static @@ -217,3 +219,4 @@ err: return ok; } +#endif diff --git a/crypto/openssl/crypto/rsa/rsa_lib.c b/crypto/openssl/crypto/rsa/rsa_lib.c index 104aa4c1f2..5714841f4c 100644 --- a/crypto/openssl/crypto/rsa/rsa_lib.c +++ b/crypto/openssl/crypto/rsa/rsa_lib.c @@ -67,215 +67,6 @@ #include #endif -const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; - -static const RSA_METHOD *default_RSA_meth=NULL; - -RSA *RSA_new(void) - { - RSA *r=RSA_new_method(NULL); - - return r; - } - -void RSA_set_default_method(const RSA_METHOD *meth) - { - default_RSA_meth = meth; - } - -const RSA_METHOD *RSA_get_default_method(void) - { - if (default_RSA_meth == NULL) - { -#ifdef RSA_NULL - default_RSA_meth=RSA_null_method(); -#else -#if 0 /* was: #ifdef RSAref */ - default_RSA_meth=RSA_PKCS1_RSAref(); -#else - default_RSA_meth=RSA_PKCS1_SSLeay(); -#endif -#endif - } - - return default_RSA_meth; - } - -const RSA_METHOD *RSA_get_method(const RSA *rsa) - { - return rsa->meth; - } - -int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) - { - /* NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. */ - const RSA_METHOD *mtmp; - mtmp = rsa->meth; - if (mtmp->finish) mtmp->finish(rsa); -#ifndef OPENSSL_NO_ENGINE - if (rsa->engine) - { - ENGINE_finish(rsa->engine); - rsa->engine = NULL; - } -#endif - rsa->meth = meth; - if (meth->init) meth->init(rsa); - return 1; - } - -RSA *RSA_new_method(ENGINE *engine) - { - RSA *ret; - - ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); - if (ret == NULL) - { - RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); - return NULL; - } - - ret->meth = RSA_get_default_method(); -#ifndef OPENSSL_NO_ENGINE - if (engine) - { - if (!ENGINE_init(engine)) - { - RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); - OPENSSL_free(ret); - return NULL; - } - ret->engine = engine; - } - else - ret->engine = ENGINE_get_default_RSA(); - if(ret->engine) - { - ret->meth = ENGINE_get_RSA(ret->engine); - if(!ret->meth) - { - RSAerr(RSA_F_RSA_NEW_METHOD, - ERR_R_ENGINE_LIB); - ENGINE_finish(ret->engine); - OPENSSL_free(ret); - return NULL; - } - } -#endif - - ret->pad=0; - ret->version=0; - ret->n=NULL; - ret->e=NULL; - ret->d=NULL; - ret->p=NULL; - ret->q=NULL; - ret->dmp1=NULL; - ret->dmq1=NULL; - ret->iqmp=NULL; - ret->references=1; - ret->_method_mod_n=NULL; - ret->_method_mod_p=NULL; - ret->_method_mod_q=NULL; - ret->blinding=NULL; - ret->mt_blinding=NULL; - ret->bignum_data=NULL; - ret->flags=ret->meth->flags; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) - { -#ifndef OPENSSL_NO_ENGINE - if (ret->engine) - ENGINE_finish(ret->engine); -#endif - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - OPENSSL_free(ret); - ret=NULL; - } - return(ret); - } - -void RSA_free(RSA *r) - { - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"RSA_free, bad reference count\n"); - abort(); - } -#endif - - if (r->meth->finish) - r->meth->finish(r); -#ifndef OPENSSL_NO_ENGINE - if (r->engine) - ENGINE_finish(r->engine); -#endif - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); - - if (r->n != NULL) BN_clear_free(r->n); - if (r->e != NULL) BN_clear_free(r->e); - if (r->d != NULL) BN_clear_free(r->d); - if (r->p != NULL) BN_clear_free(r->p); - if (r->q != NULL) BN_clear_free(r->q); - if (r->dmp1 != NULL) BN_clear_free(r->dmp1); - if (r->dmq1 != NULL) BN_clear_free(r->dmq1); - if (r->iqmp != NULL) BN_clear_free(r->iqmp); - if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); - if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); - OPENSSL_free(r); - } - -int RSA_up_ref(RSA *r) - { - int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif -#ifdef REF_CHECK - if (i < 2) - { - fprintf(stderr, "RSA_up_ref, bad reference count\n"); - abort(); - } -#endif - return ((i > 1) ? 1 : 0); - } - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, - new_func, dup_func, free_func); - } - -int RSA_set_ex_data(RSA *r, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); - } - -void *RSA_get_ex_data(const RSA *r, int idx) - { - return(CRYPTO_get_ex_data(&r->ex_data,idx)); - } - -int RSA_size(const RSA *r) - { - return(BN_num_bytes(r->n)); - } - int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { @@ -285,6 +76,13 @@ int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) + { + RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); } @@ -297,12 +95,19 @@ int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) + { + RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); } -int RSA_flags(const RSA *r) +int RSA_size(const RSA *r) { - return((r == NULL)?0:r->meth->flags); + return(BN_num_bytes(r->n)); } void RSA_blinding_off(RSA *rsa) @@ -427,48 +232,3 @@ err: return ret; } - -int RSA_memory_lock(RSA *r) - { - int i,j,k,off; - char *p; - BIGNUM *bn,**t[6],*b; - BN_ULONG *ul; - - if (r->d == NULL) return(1); - t[0]= &r->d; - t[1]= &r->p; - t[2]= &r->q; - t[3]= &r->dmp1; - t[4]= &r->dmq1; - t[5]= &r->iqmp; - k=sizeof(BIGNUM)*6; - off=k/sizeof(BN_ULONG)+1; - j=1; - for (i=0; i<6; i++) - j+= (*t[i])->top; - if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) - { - RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); - return(0); - } - bn=(BIGNUM *)p; - ul=(BN_ULONG *)&(p[off]); - for (i=0; i<6; i++) - { - b= *(t[i]); - *(t[i])= &(bn[i]); - memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); - bn[i].flags=BN_FLG_STATIC_DATA; - bn[i].d=ul; - memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); - ul+=b->top; - BN_clear_free(b); - } - - /* I should fix this so it can still be done */ - r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); - - r->bignum_data=p; - return(1); - } diff --git a/crypto/openssl/crypto/rsa/rsa_null.c b/crypto/openssl/crypto/rsa/rsa_null.c index 491572c82b..2f2202f142 100644 --- a/crypto/openssl/crypto/rsa/rsa_null.c +++ b/crypto/openssl/crypto/rsa/rsa_null.c @@ -1,5 +1,5 @@ /* rsa_null.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/rsa/rsa_oaep.c b/crypto/openssl/crypto/rsa/rsa_oaep.c index 3652677a99..4d30c9d2d3 100644 --- a/crypto/openssl/crypto/rsa/rsa_oaep.c +++ b/crypto/openssl/crypto/rsa/rsa_oaep.c @@ -187,7 +187,7 @@ int PKCS1_MGF1(unsigned char *mask, long len, int mdlen; EVP_MD_CTX_init(&c); - mdlen = EVP_MD_size(dgst); + mdlen = M_EVP_MD_size(dgst); for (i = 0; outlen < len; i++) { cnt[0] = (unsigned char)((i >> 24) & 255); diff --git a/crypto/openssl/crypto/rsa/rsa_pss.c b/crypto/openssl/crypto/rsa/rsa_pss.c index e19d18c5b9..9b993aca49 100644 --- a/crypto/openssl/crypto/rsa/rsa_pss.c +++ b/crypto/openssl/crypto/rsa/rsa_pss.c @@ -1,5 +1,5 @@ /* rsa_pss.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ /* ==================================================================== @@ -81,7 +81,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; - hLen = EVP_MD_size(Hash); + hLen = M_EVP_MD_size(Hash); /* * Negative sLen has special meanings: * -1 sLen == hLen @@ -176,7 +176,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; - hLen = EVP_MD_size(Hash); + hLen = M_EVP_MD_size(Hash); /* * Negative sLen has special meanings: * -1 sLen == hLen diff --git a/crypto/openssl/crypto/rsa/rsa_sign.c b/crypto/openssl/crypto/rsa/rsa_sign.c index 71aabeea1b..5488c06f6d 100644 --- a/crypto/openssl/crypto/rsa/rsa_sign.c +++ b/crypto/openssl/crypto/rsa/rsa_sign.c @@ -90,6 +90,14 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, i = SSL_SIG_LENGTH; s = m; } else { + /* NB: in FIPS mode block anything that isn't a TLS signature */ +#ifdef OPENSSL_FIPS + if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) + { + RSAerr(RSA_F_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif sig.algor= &algor; sig.algor->algorithm=OBJ_nid2obj(type); if (sig.algor->algorithm == NULL) @@ -167,10 +175,22 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); goto err; } - if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { + if(dtype == NID_md5_sha1) + { + if (m_len != SSL_SIG_LENGTH) + { RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); goto err; - } + } + } + /* NB: in FIPS mode block anything that isn't a TLS signature */ +#ifdef OPENSSL_FIPS + else if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) + { + RSAerr(RSA_F_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); + return 0; + } +#endif i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); if (i <= 0) goto err; diff --git a/crypto/openssl/crypto/rsa/rsa_x931.c b/crypto/openssl/crypto/rsa/rsa_x931.c index e918654176..21548e37ed 100644 --- a/crypto/openssl/crypto/rsa/rsa_x931.c +++ b/crypto/openssl/crypto/rsa/rsa_x931.c @@ -1,5 +1,5 @@ /* rsa_x931.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/asn1/a_verify.c b/crypto/openssl/crypto/rsa/rsa_x931g.c similarity index 50% copy from crypto/openssl/crypto/asn1/a_verify.c copy to crypto/openssl/crypto/rsa/rsa_x931g.c index fdce6e4380..c640cc2ec9 100644 --- a/crypto/openssl/crypto/asn1/a_verify.c +++ b/crypto/openssl/crypto/rsa/rsa_x931g.c @@ -1,4 +1,4 @@ -/* crypto/asn1/a_verify.c */ +/* crypto/rsa/rsa_gen.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -57,125 +57,199 @@ */ #include +#include #include +#include +#include +#include -#include "cryptlib.h" +#ifndef OPENSSL_FIPS -#ifndef NO_SYS_TYPES_H -# include -#endif +/* X9.31 RSA key derivation and generation */ -#include -#include -#include -#include -#include +int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, + const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, + const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, + const BIGNUM *e, BN_GENCB *cb) + { + BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL; + BN_CTX *ctx=NULL,*ctx2=NULL; -#ifndef NO_ASN1_OLD + if (!rsa) + goto err; -int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, - char *data, EVP_PKEY *pkey) - { - EVP_MD_CTX ctx; - const EVP_MD *type; - unsigned char *p,*buf_in=NULL; - int ret= -1,i,inl; - - EVP_MD_CTX_init(&ctx); - i=OBJ_obj2nid(a->algorithm); - type=EVP_get_digestbyname(OBJ_nid2sn(i)); - if (type == NULL) - { - ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + ctx = BN_CTX_new(); + BN_CTX_start(ctx); + if (!ctx) goto err; - } - - inl=i2d(data,NULL); - buf_in=OPENSSL_malloc((unsigned int)inl); - if (buf_in == NULL) - { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); + + r0 = BN_CTX_get(ctx); + r1 = BN_CTX_get(ctx); + r2 = BN_CTX_get(ctx); + r3 = BN_CTX_get(ctx); + + if (r3 == NULL) goto err; + if (!rsa->e) + { + rsa->e = BN_dup(e); + if (!rsa->e) + goto err; } - p=buf_in; + else + e = rsa->e; + + /* If not all parameters present only calculate what we can. + * This allows test programs to output selective parameters. + */ - i2d(data,&p); - EVP_VerifyInit_ex(&ctx,type, NULL); - EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); + if (Xp && !rsa->p) + { + rsa->p = BN_new(); + if (!rsa->p) + goto err; - OPENSSL_cleanse(buf_in,(unsigned int)inl); - OPENSSL_free(buf_in); + if (!BN_X931_derive_prime_ex(rsa->p, p1, p2, + Xp, Xp1, Xp2, e, ctx, cb)) + goto err; + } - if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, - (unsigned int)signature->length,pkey) <= 0) + if (Xq && !rsa->q) { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; + rsa->q = BN_new(); + if (!rsa->q) + goto err; + if (!BN_X931_derive_prime_ex(rsa->q, q1, q2, + Xq, Xq1, Xq2, e, ctx, cb)) + goto err; } - /* we don't need to zero the 'ctx' because we just checked - * public information */ - /* memset(&ctx,0,sizeof(ctx)); */ - ret=1; -err: - EVP_MD_CTX_cleanup(&ctx); - return(ret); - } -#endif + if (!rsa->p || !rsa->q) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + return 2; + } + /* Since both primes are set we can now calculate all remaining + * components. + */ -int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature, - void *asn, EVP_PKEY *pkey) - { - EVP_MD_CTX ctx; - const EVP_MD *type; - unsigned char *buf_in=NULL; - int ret= -1,i,inl; - - EVP_MD_CTX_init(&ctx); - i=OBJ_obj2nid(a->algorithm); - type=EVP_get_digestbyname(OBJ_nid2sn(i)); - if (type == NULL) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + /* calculate n */ + rsa->n=BN_new(); + if (rsa->n == NULL) + goto err; + if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; - } - if (!EVP_VerifyInit_ex(&ctx,type, NULL)) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); - ret=0; + /* calculate d */ + if (!BN_sub(r1,rsa->p,BN_value_one())) + goto err; /* p-1 */ + if (!BN_sub(r2,rsa->q,BN_value_one())) + goto err; /* q-1 */ + if (!BN_mul(r0,r1,r2,ctx)) + goto err; /* (p-1)(q-1) */ + + if (!BN_gcd(r3, r1, r2, ctx)) goto err; - } - inl = ASN1_item_i2d(asn, &buf_in, it); - - if (buf_in == NULL) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); + if (!BN_div(r0, NULL, r0, r3, ctx)) + goto err; /* LCM((p-1)(q-1)) */ + + ctx2 = BN_CTX_new(); + if (!ctx2) goto err; - } - EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); + rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ + if (rsa->d == NULL) + goto err; - OPENSSL_cleanse(buf_in,(unsigned int)inl); - OPENSSL_free(buf_in); + /* calculate d mod (p-1) */ + rsa->dmp1=BN_new(); + if (rsa->dmp1 == NULL) + goto err; + if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) + goto err; - if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, - (unsigned int)signature->length,pkey) <= 0) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); - ret=0; + /* calculate d mod (q-1) */ + rsa->dmq1=BN_new(); + if (rsa->dmq1 == NULL) goto err; + if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) + goto err; + + /* calculate inverse of q mod p */ + rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); + + err: + if (ctx) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); } - /* we don't need to zero the 'ctx' because we just checked - * public information */ - /* memset(&ctx,0,sizeof(ctx)); */ - ret=1; -err: - EVP_MD_CTX_cleanup(&ctx); - return(ret); + if (ctx2) + BN_CTX_free(ctx2); + /* If this is set all calls successful */ + if (rsa->iqmp != NULL) + return 1; + + return 0; + } +int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb) + { + int ok = 0; + BIGNUM *Xp = NULL, *Xq = NULL; + BN_CTX *ctx = NULL; + + ctx = BN_CTX_new(); + if (!ctx) + goto error; + + BN_CTX_start(ctx); + Xp = BN_CTX_get(ctx); + Xq = BN_CTX_get(ctx); + if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx)) + goto error; + rsa->p = BN_new(); + rsa->q = BN_new(); + if (!rsa->p || !rsa->q) + goto error; + + /* Generate two primes from Xp, Xq */ + + if (!BN_X931_generate_prime_ex(rsa->p, NULL, NULL, NULL, NULL, Xp, + e, ctx, cb)) + goto error; + + if (!BN_X931_generate_prime_ex(rsa->q, NULL, NULL, NULL, NULL, Xq, + e, ctx, cb)) + goto error; + + /* Since rsa->p and rsa->q are valid this call will just derive + * remaining RSA components. + */ + + if (!RSA_X931_derive_ex(rsa, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, e, cb)) + goto error; + + ok = 1; + + error: + if (ctx) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } + + if (ok) + return 1; + + return 0; + + } + +#endif diff --git a/crypto/openssl/crypto/sha/asm/README b/crypto/openssl/crypto/sha/asm/README deleted file mode 100644 index b7e755765f..0000000000 --- a/crypto/openssl/crypto/sha/asm/README +++ /dev/null @@ -1 +0,0 @@ -C2.pl works diff --git a/crypto/openssl/crypto/sha/asm/sha1-586.pl b/crypto/openssl/crypto/sha/asm/sha1-586.pl deleted file mode 100644 index 4f8521f1e2..0000000000 --- a/crypto/openssl/crypto/sha/asm/sha1-586.pl +++ /dev/null @@ -1,430 +0,0 @@ -#!/usr/local/bin/perl - -# It was noted that Intel IA-32 C compiler generates code which -# performs ~30% *faster* on P4 CPU than original *hand-coded* -# SHA1 assembler implementation. To address this problem (and -# prove that humans are still better than machines:-), the -# original code was overhauled, which resulted in following -# performance changes: -# -# compared with original compared with Intel cc -# assembler impl. generated code -# Pentium -16% +48% -# PIII/AMD +8% +16% -# P4 +85%(!) +45% -# -# As you can see Pentium came out as looser:-( Yet I reckoned that -# improvement on P4 outweights the loss and incorporate this -# re-tuned code to 0.9.7 and later. -# ---------------------------------------------------------------- -# Those who for any particular reason absolutely must score on -# Pentium can replace this module with one from 0.9.6 distribution. -# This "offer" shall be revoked the moment programming interface to -# this module is changed, in which case this paragraph should be -# removed. -# ---------------------------------------------------------------- -# - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); - -$A="eax"; -$B="ecx"; -$C="ebx"; -$D="edx"; -$E="edi"; -$T="esi"; -$tmp1="ebp"; - -$off=9*4; - -@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6); - -&sha1_block_data("sha1_block_asm_data_order"); - -&asm_finish(); - -sub Nn - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - return($n{$p}); - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A); - return($n{$p}); - } - -sub Na - { - local($n)=@_; - return( (($n )&0x0f), - (($n+ 2)&0x0f), - (($n+ 8)&0x0f), - (($n+13)&0x0f), - (($n+ 1)&0x0f)); - } - -sub X_expand - { - local($in)=@_; - - &comment("First, load the words onto the stack in network byte order"); - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,$in,"",0)); - &bswap($A); - &bswap($B); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - - &comment("We now have the X array on the stack"); - &comment("starting at sp-4"); - } - -# Rules of engagement -# F is always trashable at the start, the running total. -# E becomes the next F so it can be trashed after it has been 'accumulated' -# F becomes A in the next round. We don't need to access it much. -# During the X update part, the result ends up in $X[$n0]. - -sub BODY_00_15 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("00_15 $n"); - - &mov($f,$c); # f to hold F_00_19(b,c,d) - if ($n==0) { &mov($tmp1,$a); } - else { &mov($a,$tmp1); } - &rotl($tmp1,5); # tmp1=ROTATE(a,5) - &xor($f,$d); - &and($f,$b); - &add($tmp1,$e); # tmp1+=e; - &mov($e,&swtmp($n)); # e becomes volatile and - # is loaded with xi - &xor($f,$d); # f holds F_00_19(b,c,d) - &rotr($b,2); # b=ROTATE(b,30) - &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi - - if ($n==15) { &add($f,$tmp1); } # f+=tmp1 - else { &add($tmp1,$f); } - } - -sub BODY_16_19 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - - &comment("16_19 $n"); - - &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) - &xor($f,&swtmp($n0)); - &xor($tmp1,$d); - &xor($f,&swtmp($n2)); - &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) - &rotr($b,2); # b=ROTATE(b,30) - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROATE(f,1) - &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) - &mov(&swtmp($n0),$f); # xi=f - &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e - &mov($e,$a); # e becomes volatile - &rotl($e,5); # e=ROTATE(a,5) - &add($f,$tmp1); # f+=F_00_19(b,c,d) - &add($f,$e); # f+=ROTATE(a,5) - } - -sub BODY_20_39 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("20_39 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - - &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &rotr($b,2); # b=ROTATE(b,30) - &xor($f,&swtmp($n1)); - &xor($tmp1,$c); - &xor($f,&swtmp($n2)); - &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &add($tmp1,$e); - &mov(&swtmp($n0),$f); # xi=f - &mov($e,$a); # e becomes volatile - &rotl($e,5); # e=ROTATE(a,5) - &lea($f,&DWP($K,$f,$tmp1,1)); # f+=K_20_39+e - &add($f,$e); # f+=ROTATE(a,5) - } - -sub BODY_40_59 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("40_59 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &mov($tmp1,&swtmp($n1)); - &xor($f,$tmp1); - &mov($tmp1,&swtmp($n2)); - &xor($f,$tmp1); - &mov($tmp1,&swtmp($n3)); - &xor($f,$tmp1); # f holds xa^xb^xc^xd - &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) - &rotl($f,1); # f=ROTATE(f,1) - &or($tmp1,$c); - &mov(&swtmp($n0),$f); # xi=f - &and($tmp1,$d); - &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e - &mov($e,$b); # e becomes volatile and is used - # to calculate F_40_59(b,c,d) - &rotr($b,2); # b=ROTATE(b,30) - &and($e,$c); - &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d) - &mov($e,$a); - &rotl($e,5); # e=ROTATE(a,5) - &add($f,$tmp1); # f+=tmp1; - &add($f,$e); # f+=ROTATE(a,5) - } - -sub BODY_60_79 - { - &BODY_20_39(@_); - } - -sub sha1_block_host - { - local($name, $sclabel)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,"esi","",0)); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - &jmp($sclabel); - &function_end_B($name); - } - - -sub sha1_block_data - { - local($name)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - &set_label("start") unless $normal; - - &X_expand("esi"); - &mov(&wparam(1),"esi"); - - &set_label("shortcut", 0, 1); - &comment(""); - &comment("Start processing"); - - # odd start - &mov($A, &DWP( 0,"ebp","",0)); - &mov($B, &DWP( 4,"ebp","",0)); - $X="esp"; - &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C); - &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E); - - &comment("End processing"); - &comment(""); - # D is the tmp value - - # E -> A - # T -> B - # A -> C - # B -> D - # C -> E - # D -> T - - &mov($tmp1,&wparam(0)); - - &mov($D, &DWP(12,$tmp1,"",0)); - &add($D,$B); - &mov($B, &DWP( 4,$tmp1,"",0)); - &add($B,$T); - &mov($T, $A); - &mov($A, &DWP( 0,$tmp1,"",0)); - &mov(&DWP(12,$tmp1,"",0),$D); - - &add($A,$E); - &mov($E, &DWP(16,$tmp1,"",0)); - &add($E,$C); - &mov($C, &DWP( 8,$tmp1,"",0)); - &add($C,$T); - - &mov(&DWP( 0,$tmp1,"",0),$A); - &mov("esi",&wparam(1)); - &mov(&DWP( 8,$tmp1,"",0),$C); - &add("esi",64); - &mov("eax",&swtmp(17)); - &mov(&DWP(16,$tmp1,"",0),$E); - &cmp("esi","eax"); - &mov(&DWP( 4,$tmp1,"",0),$B); - &jb(&label("start")); - - &stack_pop(18+9); - &pop("edi"); - &pop("ebx"); - &pop("ebp"); - &pop("esi"); - &ret(); - - # keep a note of shortcut label so it can be used outside - # block. - my $sclabel = &label("shortcut"); - - &function_end_B($name); - # Putting this here avoids problems with MASM in debugging mode - &sha1_block_host("sha1_block_asm_host_order", $sclabel); - } - diff --git a/crypto/openssl/crypto/sha/asm/sha1-ia64.pl b/crypto/openssl/crypto/sha/asm/sha1-ia64.pl deleted file mode 100644 index cb9dfad124..0000000000 --- a/crypto/openssl/crypto/sha/asm/sha1-ia64.pl +++ /dev/null @@ -1,549 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# Eternal question is what's wrong with compiler generated code? The -# trick is that it's possible to reduce the number of shifts required -# to perform rotations by maintaining copy of 32-bit value in upper -# bits of 64-bit register. Just follow mux2 and shrp instructions... -# Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which -# is >50% better than HP C and >2x better than gcc. As of this moment -# performance under little-endian OS such as Linux and Windows will be -# a bit lower, because data has to be picked in reverse byte-order. -# It's possible to resolve this issue by implementing third function, -# sha1_block_asm_data_order_aligned, which would temporarily flip -# BE field in User Mask register... - -$code=<<___; -.ident \"sha1-ia64.s, version 1.0\" -.ident \"IA-64 ISA artwork by Andy Polyakov \" -.explicit - -___ - - -if ($^O eq "hpux") { - $ADDP="addp4"; - for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); } -} else { $ADDP="add"; } -for (@ARGV) { $big_endian=1 if (/\-DB_ENDIAN/); - $big_endian=0 if (/\-DL_ENDIAN/); } -if (!defined($big_endian)) - { $big_endian=(unpack('L',pack('N',1))==1); } - -#$human=1; -if ($human) { # useful for visual code auditing... - ($A,$B,$C,$D,$E,$T) = ("A","B","C","D","E","T"); - ($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4"); - ($K_00_19, $K_20_39, $K_40_59, $K_60_79) = - ( "K_00_19","K_20_39","K_40_59","K_60_79" ); - @X= ( "X0", "X1", "X2", "X3", "X4", "X5", "X6", "X7", - "X8", "X9","X10","X11","X12","X13","X14","X15" ); -} -else { - ($A,$B,$C,$D,$E,$T) = ("loc0","loc1","loc2","loc3","loc4","loc5"); - ($h0,$h1,$h2,$h3,$h4) = ("loc6","loc7","loc8","loc9","loc10"); - ($K_00_19, $K_20_39, $K_40_59, $K_60_79) = - ( "r14", "r15", "loc11", "loc12" ); - @X= ( "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", - "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31" ); -} - -sub BODY_00_15 { -local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f,$unaligned)=@_; - -if ($unaligned) { - $code.=<<___; -{ .mmi; ld1 tmp0=[inp],2 // MSB - ld1 tmp1=[tmp3],2 };; -{ .mmi; ld1 tmp2=[inp],2 - ld1 $X[$i&0xf]=[tmp3],2 // LSB - dep tmp1=tmp0,tmp1,8,8 };; -{ .mii; cmp.ne p16,p0=r0,r0 // no misaligned prefetch - dep $X[$i&0xf]=tmp2,$X[$i&0xf],8,8;; - dep $X[$i&0xf]=tmp1,$X[$i&0xf],16,16 };; -{ .mmi; nop.m 0 -___ - } -elsif ($i<15) { - $code.=<<___; -{ .mmi; ld4 $X[($i+1)&0xf]=[inp],4 // prefetch -___ - } -else { - $code.=<<___; -{ .mmi; nop.m 0 -___ - } -if ($i<15) { - $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 -{ .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 - extr.u tmp1=$a,27,5 };; // a>>27 -{ .mib; add $f=$f,tmp0 // f+=F_00_19(b,c,d) - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mib; or tmp1=tmp1,tmp5 // ROTATE(a,5) - mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - mux2 $X[$i&0xf]=$X[$i&0xf],0x44 - nop.i 0 };; - -___ - } -else { - $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 ;;? -{ .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 - extr.u tmp1=$a,27,5 } // a>>27 -{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 - xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 - nop.i 0 };; -{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d) - xor tmp2=tmp2,tmp3 // +1 - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) - mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1) - mux2 $X[$i&0xf]=$X[$i&0xf],0x44 };; - -___ - } -} - -sub BODY_16_19 { -local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f)=@_; - -$code.=<<___; -{ .mmi; mov $X[$i&0xf]=$f // Xupdate - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 -{ .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=$f,tmp4 // f+=e+K_00_19 - extr.u tmp1=$a,27,5 } // a>>27 -{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 - xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 - nop.i 0 };; -{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d) - xor tmp2=tmp2,tmp3 // +1 - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) - mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1) - nop.i 0 };; - -___ -} - -sub BODY_20_39 { -local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f,$Konst)=@_; - $Konst = $K_20_39 if (!defined($Konst)); - -if ($i<79) { -$code.=<<___; -{ .mib; mov $X[$i&0xf]=$f // Xupdate - dep.z tmp5=$a,5,27 } // a<<5 -{ .mib; xor tmp0=$c,$b - add tmp4=$e,$Konst };; -{ .mmi; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d - add $f=$f,tmp4 // f+=e+K_20_39 - extr.u tmp1=$a,27,5 } // a>>27 -{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 - xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 - nop.i 0 };; -{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d) - xor tmp2=tmp2,tmp3 // +1 - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) - mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1) - nop.i 0 };; - -___ -} -else { -$code.=<<___; -{ .mib; mov $X[$i&0xf]=$f // Xupdate - dep.z tmp5=$a,5,27 } // a<<5 -{ .mib; xor tmp0=$c,$b - add tmp4=$e,$Konst };; -{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d - extr.u tmp1=$a,27,5 } // a>>27 -{ .mib; add $f=$f,tmp4 // f+=e+K_20_39 - add $h1=$h1,$a };; // wrap up -{ .mmi; -(p16) ld4.s $X[0]=[inp],4 // non-faulting prefetch - add $f=$f,tmp0 // f+=F_20_39(b,c,d) - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) ;;? -{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) - add $h3=$h3,$c };; // wrap up -{ .mib; add tmp3=1,inp // used in unaligned codepath - add $f=$f,tmp1 } // f+=ROTATE(a,5) -{ .mib; add $h2=$h2,$b // wrap up - add $h4=$h4,$d };; // wrap up - -___ -} -} - -sub BODY_40_59 { -local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f)=@_; - -$code.=<<___; -{ .mmi; mov $X[$i&0xf]=$f // Xupdate - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 -{ .mmi; and tmp1=$d,$b - add tmp4=$e,$K_40_59 };; -{ .mmi; or tmp0=tmp0,tmp1 // (b&c)|(b&d) - add $f=$f,tmp4 // f+=e+K_40_59 - extr.u tmp1=$a,27,5 } // a>>27 -{ .mmi; and tmp4=$c,$d - xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 - xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 - };; -{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) - xor tmp2=tmp2,tmp3 // +1 - shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mmi; or tmp0=tmp0,tmp4 // F_40_59(b,c,d)=(b&c)|(b&d)|(c&d) - mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp0 // f+=F_40_59(b,c,d) - shrp $e=tmp2,tmp2,31;; // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1) - add $f=$f,tmp1 };; // f+=ROTATE(a,5) - -___ -} -sub BODY_60_79 { &BODY_20_39(@_,$K_60_79); } - -$code.=<<___; -.text - -tmp0=r8; -tmp1=r9; -tmp2=r10; -tmp3=r11; -ctx=r32; // in0 -inp=r33; // in1 - -// void sha1_block_asm_host_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_host_order# -.proc sha1_block_asm_host_order# -.align 32 -sha1_block_asm_host_order: - .prologue - .fframe 0 - .save ar.pfs,r0 - .save ar.lc,r3 -{ .mmi; alloc tmp1=ar.pfs,3,15,0,0 - $ADDP tmp0=4,ctx - mov r3=ar.lc } -{ .mmi; $ADDP ctx=0,ctx - $ADDP inp=0,inp - mov r2=pr };; -tmp4=in2; -tmp5=loc13; -tmp6=loc14; - .body -{ .mlx; ld4 $h0=[ctx],8 - movl $K_00_19=0x5a827999 } -{ .mlx; ld4 $h1=[tmp0],8 - movl $K_20_39=0x6ed9eba1 };; -{ .mlx; ld4 $h2=[ctx],8 - movl $K_40_59=0x8f1bbcdc } -{ .mlx; ld4 $h3=[tmp0] - movl $K_60_79=0xca62c1d6 };; -{ .mmi; ld4 $h4=[ctx],-16 - add in2=-1,in2 // adjust num for ar.lc - mov ar.ec=1 };; -{ .mmi; ld4 $X[0]=[inp],4 // prefetch - cmp.ne p16,p0=r0,in2 // prefecth at loop end - mov ar.lc=in2 };; // brp.loop.imp: too far - -.Lhtop: -{ .mmi; mov $A=$h0 - mov $B=$h1 - mux2 tmp6=$h1,0x44 } -{ .mmi; mov $C=$h2 - mov $D=$h3 - mov $E=$h4 };; - -___ - - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); - -$code.=<<___; -{ .mmb; add $h0=$h0,$E - nop.m 0 - br.ctop.dptk.many .Lhtop };; -.Lhend: -{ .mmi; add tmp0=4,ctx - mov ar.lc=r3 };; -{ .mmi; st4 [ctx]=$h0,8 - st4 [tmp0]=$h1,8 };; -{ .mmi; st4 [ctx]=$h2,8 - st4 [tmp0]=$h3 };; -{ .mib; st4 [ctx]=$h4,-16 - mov pr=r2,0x1ffff - br.ret.sptk.many b0 };; -.endp sha1_block_asm_host_order# -___ - - -$code.=<<___; -// void sha1_block_asm_data_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_data_order# -.proc sha1_block_asm_data_order# -.align 32 -sha1_block_asm_data_order: -___ -$code.=<<___ if ($big_endian); -{ .mmi; and r2=3,inp };; -{ .mib; cmp.eq p6,p0=r0,r2 -(p6) br.dptk.many sha1_block_asm_host_order };; -___ -$code.=<<___; - .prologue - .fframe 0 - .save ar.pfs,r0 - .save ar.lc,r3 -{ .mmi; alloc tmp1=ar.pfs,3,15,0,0 - $ADDP tmp0=4,ctx - mov r3=ar.lc } -{ .mmi; $ADDP ctx=0,ctx - $ADDP inp=0,inp - mov r2=pr };; -tmp4=in2; -tmp5=loc13; -tmp6=loc14; - .body -{ .mlx; ld4 $h0=[ctx],8 - movl $K_00_19=0x5a827999 } -{ .mlx; ld4 $h1=[tmp0],8 - movl $K_20_39=0x6ed9eba1 };; -{ .mlx; ld4 $h2=[ctx],8 - movl $K_40_59=0x8f1bbcdc } -{ .mlx; ld4 $h3=[tmp0] - movl $K_60_79=0xca62c1d6 };; -{ .mmi; ld4 $h4=[ctx],-16 - add in2=-1,in2 // adjust num for ar.lc - mov ar.ec=1 };; -{ .mmi; nop.m 0 - add tmp3=1,inp - mov ar.lc=in2 };; // brp.loop.imp: too far - -.Ldtop: -{ .mmi; mov $A=$h0 - mov $B=$h1 - mux2 tmp6=$h1,0x44 } -{ .mmi; mov $C=$h2 - mov $D=$h3 - mov $E=$h4 };; - -___ - - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C,1); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); - -$code.=<<___; -{ .mmb; add $h0=$h0,$E - nop.m 0 - br.ctop.dptk.many .Ldtop };; -.Ldend: -{ .mmi; add tmp0=4,ctx - mov ar.lc=r3 };; -{ .mmi; st4 [ctx]=$h0,8 - st4 [tmp0]=$h1,8 };; -{ .mmi; st4 [ctx]=$h2,8 - st4 [tmp0]=$h3 };; -{ .mib; st4 [ctx]=$h4,-16 - mov pr=r2,0x1ffff - br.ret.sptk.many b0 };; -.endp sha1_block_asm_data_order# -___ - -print $code; diff --git a/crypto/openssl/crypto/sha/asm/sha512-ia64.pl b/crypto/openssl/crypto/sha/asm/sha512-ia64.pl deleted file mode 100755 index 0aea02399a..0000000000 --- a/crypto/openssl/crypto/sha/asm/sha512-ia64.pl +++ /dev/null @@ -1,432 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# SHA256/512_Transform for Itanium. -# -# sha512_block runs in 1003 cycles on Itanium 2, which is almost 50% -# faster than gcc and >60%(!) faster than code generated by HP-UX -# compiler (yes, HP-UX is generating slower code, because unlike gcc, -# it failed to deploy "shift right pair," 'shrp' instruction, which -# substitutes for 64-bit rotate). -# -# 924 cycles long sha256_block outperforms gcc by over factor of 2(!) -# and HP-UX compiler - by >40% (yes, gcc won sha512_block, but lost -# this one big time). Note that "formally" 924 is about 100 cycles -# too much. I mean it's 64 32-bit rounds vs. 80 virtually identical -# 64-bit ones and 1003*64/80 gives 802. Extra cycles, 2 per round, -# are spent on extra work to provide for 32-bit rotations. 32-bit -# rotations are still handled by 'shrp' instruction and for this -# reason lower 32 bits are deposited to upper half of 64-bit register -# prior 'shrp' issue. And in order to minimize the amount of such -# operations, X[16] values are *maintained* with copies of lower -# halves in upper halves, which is why you'll spot such instructions -# as custom 'mux2', "parallel 32-bit add," 'padd4' and "parallel -# 32-bit unsigned right shift," 'pshr4.u' instructions here. -# -# Rules of engagement. -# -# There is only one integer shifter meaning that if I have two rotate, -# deposit or extract instructions in adjacent bundles, they shall -# split [at run-time if they have to]. But note that variable and -# parallel shifts are performed by multi-media ALU and *are* pairable -# with rotates [and alike]. On the backside MMALU is rather slow: it -# takes 2 extra cycles before the result of integer operation is -# available *to* MMALU and 2(*) extra cycles before the result of MM -# operation is available "back" *to* integer ALU, not to mention that -# MMALU itself has 2 cycles latency. However! I explicitly scheduled -# these MM instructions to avoid MM stalls, so that all these extra -# latencies get "hidden" in instruction-level parallelism. -# -# (*) 2 cycles on Itanium 1 and 1 cycle on Itanium 2. But I schedule -# for 2 in order to provide for best *overall* performance, -# because on Itanium 1 stall on MM result is accompanied by -# pipeline flush, which takes 6 cycles:-( -# -# Resulting performance numbers for 900MHz Itanium 2 system: -# -# The 'numbers' are in 1000s of bytes per second processed. -# type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes -# sha1(*) 6210.14k 20376.30k 52447.83k 85870.05k 105478.12k -# sha256 7476.45k 20572.05k 41538.34k 56062.29k 62093.18k -# sha512 4996.56k 20026.28k 47597.20k 85278.79k 111501.31k -# -# (*) SHA1 numbers are for HP-UX compiler and are presented purely -# for reference purposes. I bet it can improved too... -# -# To generate code, pass the file name with either 256 or 512 in its -# name and compiler flags. - -$output=shift; - -if ($output =~ /512.*\.[s|asm]/) { - $SZ=8; - $BITS=8*$SZ; - $LDW="ld8"; - $STW="st8"; - $ADD="add"; - $SHRU="shr.u"; - $TABLE="K512"; - $func="sha512_block"; - @Sigma0=(28,34,39); - @Sigma1=(14,18,41); - @sigma0=(1, 8, 7); - @sigma1=(19,61, 6); - $rounds=80; -} elsif ($output =~ /256.*\.[s|asm]/) { - $SZ=4; - $BITS=8*$SZ; - $LDW="ld4"; - $STW="st4"; - $ADD="padd4"; - $SHRU="pshr4.u"; - $TABLE="K256"; - $func="sha256_block"; - @Sigma0=( 2,13,22); - @Sigma1=( 6,11,25); - @sigma0=( 7,18, 3); - @sigma1=(17,19,10); - $rounds=64; -} else { die "nonsense $output"; } - -open STDOUT,">$output" || die "can't open $output: $!"; - -if ($^O eq "hpux") { - $ADDP="addp4"; - for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); } -} else { $ADDP="add"; } -for (@ARGV) { $big_endian=1 if (/\-DB_ENDIAN/); - $big_endian=0 if (/\-DL_ENDIAN/); } -if (!defined($big_endian)) - { $big_endian=(unpack('L',pack('N',1))==1); } - -$code=<<___; -.ident \"$output, version 1.0\" -.ident \"IA-64 ISA artwork by Andy Polyakov \" -.explicit -.text - -prsave=r14; -K=r15; -A=r16; B=r17; C=r18; D=r19; -E=r20; F=r21; G=r22; H=r23; -T1=r24; T2=r25; -s0=r26; s1=r27; t0=r28; t1=r29; -Ktbl=r30; -ctx=r31; // 1st arg -input=r48; // 2nd arg -num=r49; // 3rd arg -sgm0=r50; sgm1=r51; // small constants - -// void $func (SHA_CTX *ctx, const void *in,size_t num[,int host]) -.global $func# -.proc $func# -.align 32 -$func: - .prologue - .fframe 0 - .save ar.pfs,r2 - .save ar.lc,r3 - .save pr,prsave -{ .mmi; alloc r2=ar.pfs,3,17,0,16 - $ADDP ctx=0,r32 // 1st arg - mov r3=ar.lc } -{ .mmi; $ADDP input=0,r33 // 2nd arg - addl Ktbl=\@ltoff($TABLE#),gp - mov prsave=pr };; - - .body -{ .mii; ld8 Ktbl=[Ktbl] - mov num=r34 };; // 3rd arg - -{ .mib; add r8=0*$SZ,ctx - add r9=1*$SZ,ctx - brp.loop.imp .L_first16,.L_first16_ctop - } -{ .mib; add r10=2*$SZ,ctx - add r11=3*$SZ,ctx - brp.loop.imp .L_rest,.L_rest_ctop - };; -// load A-H -{ .mmi; $LDW A=[r8],4*$SZ - $LDW B=[r9],4*$SZ - mov sgm0=$sigma0[2] } -{ .mmi; $LDW C=[r10],4*$SZ - $LDW D=[r11],4*$SZ - mov sgm1=$sigma1[2] };; -{ .mmi; $LDW E=[r8] - $LDW F=[r9] } -{ .mmi; $LDW G=[r10] - $LDW H=[r11] - cmp.ne p15,p14=0,r35 };; // used in sha256_block - -.L_outer: -{ .mii; mov ar.lc=15 - mov ar.ec=1 };; -.align 32 -.L_first16: -.rotr X[16] -___ -$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32); -{ .mib; (p14) add r9=1,input - (p14) add r10=2,input } -{ .mib; (p14) add r11=3,input - (p15) br.dptk.few .L_host };; -{ .mmi; (p14) ld1 r8=[input],$SZ - (p14) ld1 r9=[r9] } -{ .mmi; (p14) ld1 r10=[r10] - (p14) ld1 r11=[r11] };; -{ .mii; (p14) dep r9=r8,r9,8,8 - (p14) dep r11=r10,r11,8,8 };; -{ .mib; (p14) dep X[15]=r9,r11,16,16 };; -.L_host: -{ .mib; (p15) $LDW X[15]=[input],$SZ // X[i]=*input++ - dep.z $t1=E,32,32 } -{ .mib; $LDW K=[Ktbl],$SZ - zxt4 E=E };; -{ .mmi; or $t1=$t1,E - and T1=F,E - and T2=A,B } -{ .mmi; andcm r8=G,E - and r9=A,C - mux2 $t0=A,0x44 };; // copy lower half to upper -{ .mib; xor T1=T1,r8 // T1=((e & f) ^ (~e & g)) - _rotr r11=$t1,$Sigma1[0] } // ROTR(e,14) -{ .mib; and r10=B,C - xor T2=T2,r9 };; -___ -$t0="A", $t1="E", $code.=<<___ if ($BITS==64); -{ .mmi; $LDW X[15]=[input],$SZ // X[i]=*input++ - and T1=F,E - and T2=A,B } -{ .mmi; $LDW K=[Ktbl],$SZ - andcm r8=G,E - and r9=A,C };; -{ .mmi; xor T1=T1,r8 //T1=((e & f) ^ (~e & g)) - and r10=B,C - _rotr r11=$t1,$Sigma1[0] } // ROTR(e,14) -{ .mmi; xor T2=T2,r9 - mux1 X[15]=X[15],\@rev };; // eliminated in big-endian -___ -$code.=<<___; -{ .mib; add T1=T1,H // T1=Ch(e,f,g)+h - _rotr r8=$t1,$Sigma1[1] } // ROTR(e,18) -{ .mib; xor T2=T2,r10 // T2=((a & b) ^ (a & c) ^ (b & c)) - mov H=G };; -{ .mib; xor r11=r8,r11 - _rotr r9=$t1,$Sigma1[2] } // ROTR(e,41) -{ .mib; mov G=F - mov F=E };; -{ .mib; xor r9=r9,r11 // r9=Sigma1(e) - _rotr r10=$t0,$Sigma0[0] } // ROTR(a,28) -{ .mib; add T1=T1,K // T1=Ch(e,f,g)+h+K512[i] - mov E=D };; -{ .mib; add T1=T1,r9 // T1+=Sigma1(e) - _rotr r11=$t0,$Sigma0[1] } // ROTR(a,34) -{ .mib; mov D=C - mov C=B };; -{ .mib; add T1=T1,X[15] // T1+=X[i] - _rotr r8=$t0,$Sigma0[2] } // ROTR(a,39) -{ .mib; xor r10=r10,r11 - mux2 X[15]=X[15],0x44 };; // eliminated in 64-bit -{ .mmi; xor r10=r8,r10 // r10=Sigma0(a) - mov B=A - add A=T1,T2 };; -.L_first16_ctop: -{ .mib; add E=E,T1 - add A=A,r10 // T2=Maj(a,b,c)+Sigma0(a) - br.ctop.sptk .L_first16 };; - -{ .mib; mov ar.lc=$rounds-17 } -{ .mib; mov ar.ec=1 };; -.align 32 -.L_rest: -.rotr X[16] -{ .mib; $LDW K=[Ktbl],$SZ - _rotr r8=X[15-1],$sigma0[0] } // ROTR(s0,1) -{ .mib; $ADD X[15]=X[15],X[15-9] // X[i&0xF]+=X[(i+9)&0xF] - $SHRU s0=X[15-1],sgm0 };; // s0=X[(i+1)&0xF]>>7 -{ .mib; and T1=F,E - _rotr r9=X[15-1],$sigma0[1] } // ROTR(s0,8) -{ .mib; andcm r10=G,E - $SHRU s1=X[15-14],sgm1 };; // s1=X[(i+14)&0xF]>>6 -{ .mmi; xor T1=T1,r10 // T1=((e & f) ^ (~e & g)) - xor r9=r8,r9 - _rotr r10=X[15-14],$sigma1[0] };;// ROTR(s1,19) -{ .mib; and T2=A,B - _rotr r11=X[15-14],$sigma1[1] }// ROTR(s1,61) -{ .mib; and r8=A,C };; -___ -$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32); -// I adhere to mmi; in order to hold Itanium 1 back and avoid 6 cycle -// pipeline flush in last bundle. Note that even on Itanium2 the -// latter stalls for one clock cycle... -{ .mmi; xor s0=s0,r9 // s0=sigma0(X[(i+1)&0xF]) - dep.z $t1=E,32,32 } -{ .mmi; xor r10=r11,r10 - zxt4 E=E };; -{ .mmi; or $t1=$t1,E - xor s1=s1,r10 // s1=sigma1(X[(i+14)&0xF]) - mux2 $t0=A,0x44 };; // copy lower half to upper -{ .mmi; xor T2=T2,r8 - _rotr r9=$t1,$Sigma1[0] } // ROTR(e,14) -{ .mmi; and r10=B,C - add T1=T1,H // T1=Ch(e,f,g)+h - $ADD X[15]=X[15],s0 };; // X[i&0xF]+=sigma0(X[(i+1)&0xF]) -___ -$t0="A", $t1="E", $code.=<<___ if ($BITS==64); -{ .mib; xor s0=s0,r9 // s0=sigma0(X[(i+1)&0xF]) - _rotr r9=$t1,$Sigma1[0] } // ROTR(e,14) -{ .mib; xor r10=r11,r10 - xor T2=T2,r8 };; -{ .mib; xor s1=s1,r10 // s1=sigma1(X[(i+14)&0xF]) - add T1=T1,H } -{ .mib; and r10=B,C - $ADD X[15]=X[15],s0 };; // X[i&0xF]+=sigma0(X[(i+1)&0xF]) -___ -$code.=<<___; -{ .mmi; xor T2=T2,r10 // T2=((a & b) ^ (a & c) ^ (b & c)) - mov H=G - _rotr r8=$t1,$Sigma1[1] };; // ROTR(e,18) -{ .mmi; xor r11=r8,r9 - $ADD X[15]=X[15],s1 // X[i&0xF]+=sigma1(X[(i+14)&0xF]) - _rotr r9=$t1,$Sigma1[2] } // ROTR(e,41) -{ .mmi; mov G=F - mov F=E };; -{ .mib; xor r9=r9,r11 // r9=Sigma1(e) - _rotr r10=$t0,$Sigma0[0] } // ROTR(a,28) -{ .mib; add T1=T1,K // T1=Ch(e,f,g)+h+K512[i] - mov E=D };; -{ .mib; add T1=T1,r9 // T1+=Sigma1(e) - _rotr r11=$t0,$Sigma0[1] } // ROTR(a,34) -{ .mib; mov D=C - mov C=B };; -{ .mmi; add T1=T1,X[15] // T1+=X[i] - xor r10=r10,r11 - _rotr r8=$t0,$Sigma0[2] };; // ROTR(a,39) -{ .mmi; xor r10=r8,r10 // r10=Sigma0(a) - mov B=A - add A=T1,T2 };; -.L_rest_ctop: -{ .mib; add E=E,T1 - add A=A,r10 // T2=Maj(a,b,c)+Sigma0(a) - br.ctop.sptk .L_rest };; - -{ .mib; add r8=0*$SZ,ctx - add r9=1*$SZ,ctx } -{ .mib; add r10=2*$SZ,ctx - add r11=3*$SZ,ctx };; -{ .mmi; $LDW r32=[r8],4*$SZ - $LDW r33=[r9],4*$SZ } -{ .mmi; $LDW r34=[r10],4*$SZ - $LDW r35=[r11],4*$SZ - cmp.ltu p6,p7=1,num };; -{ .mmi; $LDW r36=[r8],-4*$SZ - $LDW r37=[r9],-4*$SZ -(p6) add Ktbl=-$SZ*$rounds,Ktbl } -{ .mmi; $LDW r38=[r10],-4*$SZ - $LDW r39=[r11],-4*$SZ -(p7) mov ar.lc=r3 };; -{ .mmi; add A=A,r32 - add B=B,r33 - add C=C,r34 } -{ .mmi; add D=D,r35 - add E=E,r36 - add F=F,r37 };; -{ .mmi; $STW [r8]=A,4*$SZ - $STW [r9]=B,4*$SZ - add G=G,r38 } -{ .mmi; $STW [r10]=C,4*$SZ - $STW [r11]=D,4*$SZ - add H=H,r39 };; -{ .mmi; $STW [r8]=E - $STW [r9]=F -(p6) add num=-1,num } -{ .mmb; $STW [r10]=G - $STW [r11]=H -(p6) br.dptk.many .L_outer };; - -{ .mib; mov pr=prsave,0x1ffff - br.ret.sptk.many b0 };; -.endp $func# -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/_rotr(\s+)([^=]+)=([^,]+),([0-9]+)/shrp$1$2=$3,$3,$4/gm; -if ($BITS==64) { - $code =~ s/mux2(\s+)\S+/nop.i$1 0x0/gm; - $code =~ s/mux1(\s+)\S+/nop.i$1 0x0/gm if ($big_endian); -} - -print $code; - -print<<___ if ($BITS==32); -.align 64 -.type K256#,\@object -K256: data4 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 - data4 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 - data4 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 - data4 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 - data4 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc - data4 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da - data4 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 - data4 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 - data4 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 - data4 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 - data4 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 - data4 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 - data4 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 - data4 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 - data4 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 - data4 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -.size K256#,$SZ*$rounds -___ -print<<___ if ($BITS==64); -.align 64 -.type K512#,\@object -K512: data8 0x428a2f98d728ae22,0x7137449123ef65cd - data8 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc - data8 0x3956c25bf348b538,0x59f111f1b605d019 - data8 0x923f82a4af194f9b,0xab1c5ed5da6d8118 - data8 0xd807aa98a3030242,0x12835b0145706fbe - data8 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2 - data8 0x72be5d74f27b896f,0x80deb1fe3b1696b1 - data8 0x9bdc06a725c71235,0xc19bf174cf692694 - data8 0xe49b69c19ef14ad2,0xefbe4786384f25e3 - data8 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65 - data8 0x2de92c6f592b0275,0x4a7484aa6ea6e483 - data8 0x5cb0a9dcbd41fbd4,0x76f988da831153b5 - data8 0x983e5152ee66dfab,0xa831c66d2db43210 - data8 0xb00327c898fb213f,0xbf597fc7beef0ee4 - data8 0xc6e00bf33da88fc2,0xd5a79147930aa725 - data8 0x06ca6351e003826f,0x142929670a0e6e70 - data8 0x27b70a8546d22ffc,0x2e1b21385c26c926 - data8 0x4d2c6dfc5ac42aed,0x53380d139d95b3df - data8 0x650a73548baf63de,0x766a0abb3c77b2a8 - data8 0x81c2c92e47edaee6,0x92722c851482353b - data8 0xa2bfe8a14cf10364,0xa81a664bbc423001 - data8 0xc24b8b70d0f89791,0xc76c51a30654be30 - data8 0xd192e819d6ef5218,0xd69906245565a910 - data8 0xf40e35855771202a,0x106aa07032bbd1b8 - data8 0x19a4c116b8d2d0c8,0x1e376c085141ab53 - data8 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8 - data8 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb - data8 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3 - data8 0x748f82ee5defb2fc,0x78a5636f43172f60 - data8 0x84c87814a1f0ab72,0x8cc702081a6439ec - data8 0x90befffa23631e28,0xa4506cebde82bde9 - data8 0xbef9a3f7b2c67915,0xc67178f2e372532b - data8 0xca273eceea26619c,0xd186b8c721c0c207 - data8 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178 - data8 0x06f067aa72176fba,0x0a637dc5a2c898a6 - data8 0x113f9804bef90dae,0x1b710b35131c471b - data8 0x28db77f523047d84,0x32caab7b40c72493 - data8 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c - data8 0x4cc5d4becb3e42b6,0x597f299cfc657e2a - data8 0x5fcb6fab3ad6faec,0x6c44198c4a475817 -.size K512#,$SZ*$rounds -___ diff --git a/crypto/openssl/crypto/sha/asm/sha512-sse2.pl b/crypto/openssl/crypto/sha/asm/sha512-sse2.pl deleted file mode 100644 index 10902bf673..0000000000 --- a/crypto/openssl/crypto/sha/asm/sha512-sse2.pl +++ /dev/null @@ -1,404 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# SHA512_Transform_SSE2. -# -# As the name suggests, this is an IA-32 SSE2 implementation of -# SHA512_Transform. Motivating factor for the undertaken effort was that -# SHA512 was observed to *consistently* perform *significantly* poorer -# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit -# platforms on the other hand SHA512 tend to outperform SHA256 [~50% -# seem to be common improvement factor]. All this is perfectly natural, -# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially -# a 64-bit instruction set? Is it rich enough to implement SHA512? -# If answer was "no," then you wouldn't have been reading this... -# -# Throughput performance in MBps (larger is better): -# -# 2.4GHz P4 1.4GHz AMD32 1.4GHz AMD64(*) -# SHA256/gcc(*) 54 43 59 -# SHA512/gcc 17 23 92 -# SHA512/sse2 61(**) 57(**) -# SHA512/icc 26 28 -# SHA256/icc(*) 65 54 -# -# (*) AMD64 and SHA256 numbers are presented mostly for amusement or -# reference purposes. -# (**) I.e. it gives ~2-3x speed-up if compared with compiler generated -# code. One can argue that hand-coded *non*-SSE2 implementation -# would perform better than compiler generated one as well, and -# that comparison is therefore not exactly fair. Well, as SHA512 -# puts enormous pressure on IA-32 GP register bank, I reckon that -# hand-coded version wouldn't perform significantly better than -# one compiled with icc, ~20% perhaps... So that this code would -# still outperform it with distinguishing marginal. But feel free -# to prove me wrong:-) -# -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386"); - -$K512="esi"; # K512[80] table, found at the end... -#$W512="esp"; # $W512 is not just W512[16]: it comprises *two* copies - # of W512[16] and a copy of A-H variables... -$W512_SZ=8*(16+16+8); # see above... -#$Kidx="ebx"; # index in K512 table, advances from 0 to 80... -$Widx="edx"; # index in W512, wraps around at 16... -$data="edi"; # 16 qwords of input data... -$A="mm0"; # B-D and -$E="mm1"; # F-H are allocated dynamically... -$Aoff=256+0; # A-H offsets relative to $W512... -$Boff=256+8; -$Coff=256+16; -$Doff=256+24; -$Eoff=256+32; -$Foff=256+40; -$Goff=256+48; -$Hoff=256+56; - -sub SHA2_ROUND() -{ local ($kidx,$widx)=@_; - - # One can argue that one could reorder instructions for better - # performance. Well, I tried and it doesn't seem to make any - # noticeable difference. Modern out-of-order execution cores - # reorder instructions to their liking in either case and they - # apparently do decent job. So we can keep the code more - # readable/regular/comprehensible:-) - - # I adhere to 64-bit %mmX registers in order to avoid/not care - # about #GP exceptions on misaligned 128-bit access, most - # notably in paddq with memory operand. Not to mention that - # SSE2 intructions operating on %mmX can be scheduled every - # cycle [and not every second one if operating on %xmmN]. - - &movq ("mm4",&QWP($Foff,$W512)); # load f - &movq ("mm5",&QWP($Goff,$W512)); # load g - &movq ("mm6",&QWP($Hoff,$W512)); # load h - - &movq ("mm2",$E); # %mm2 is sliding right - &movq ("mm3",$E); # %mm3 is sliding left - &psrlq ("mm2",14); - &psllq ("mm3",23); - &movq ("mm7","mm2"); # %mm7 is T1 - &pxor ("mm7","mm3"); - &psrlq ("mm2",4); - &psllq ("mm3",23); - &pxor ("mm7","mm2"); - &pxor ("mm7","mm3"); - &psrlq ("mm2",23); - &psllq ("mm3",4); - &pxor ("mm7","mm2"); - &pxor ("mm7","mm3"); # T1=Sigma1_512(e) - - &movq (&QWP($Foff,$W512),$E); # f = e - &movq (&QWP($Goff,$W512),"mm4"); # g = f - &movq (&QWP($Hoff,$W512),"mm5"); # h = g - - &pxor ("mm4","mm5"); # f^=g - &pand ("mm4",$E); # f&=e - &pxor ("mm4","mm5"); # f^=g - &paddq ("mm7","mm4"); # T1+=Ch(e,f,g) - - &movq ("mm2",&QWP($Boff,$W512)); # load b - &movq ("mm3",&QWP($Coff,$W512)); # load c - &movq ($E,&QWP($Doff,$W512)); # e = d - - &paddq ("mm7","mm6"); # T1+=h - &paddq ("mm7",&QWP(0,$K512,$kidx,8)); # T1+=K512[i] - &paddq ("mm7",&QWP(0,$W512,$widx,8)); # T1+=W512[i] - &paddq ($E,"mm7"); # e += T1 - - &movq ("mm4",$A); # %mm4 is sliding right - &movq ("mm5",$A); # %mm5 is sliding left - &psrlq ("mm4",28); - &psllq ("mm5",25); - &movq ("mm6","mm4"); # %mm6 is T2 - &pxor ("mm6","mm5"); - &psrlq ("mm4",6); - &psllq ("mm5",5); - &pxor ("mm6","mm4"); - &pxor ("mm6","mm5"); - &psrlq ("mm4",5); - &psllq ("mm5",6); - &pxor ("mm6","mm4"); - &pxor ("mm6","mm5"); # T2=Sigma0_512(a) - - &movq (&QWP($Boff,$W512),$A); # b = a - &movq (&QWP($Coff,$W512),"mm2"); # c = b - &movq (&QWP($Doff,$W512),"mm3"); # d = c - - &movq ("mm4",$A); # %mm4=a - &por ($A,"mm3"); # a=a|c - &pand ("mm4","mm3"); # %mm4=a&c - &pand ($A,"mm2"); # a=(a|c)&b - &por ("mm4",$A); # %mm4=(a&c)|((a|c)&b) - &paddq ("mm6","mm4"); # T2+=Maj(a,b,c) - - &movq ($A,"mm7"); # a=T1 - &paddq ($A,"mm6"); # a+=T2 -} - -$func="sha512_block_sse2"; - -&function_begin_B($func); - if (0) {# Caller is expected to check if it's appropriate to - # call this routine. Below 3 lines are retained for - # debugging purposes... - &picmeup("eax","OPENSSL_ia32cap"); - &bt (&DWP(0,"eax"),26); - &jnc ("SHA512_Transform"); - } - - &push ("ebp"); - &mov ("ebp","esp"); - &push ("ebx"); - &push ("esi"); - &push ("edi"); - - &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg - &mov ($data,&DWP(12,"ebp")); # input data, 2nd arg - &call (&label("pic_point")); # make it PIC! -&set_label("pic_point"); - &blindpop($K512); - &lea ($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512)); - - $W512 = "esp"; # start using %esp as W512 - &sub ($W512,$W512_SZ); - &and ($W512,-16); # ensure 128-bit alignment - - # make private copy of A-H - # v assume the worst and stick to unaligned load - &movdqu ("xmm0",&QWP(0,$Widx)); - &movdqu ("xmm1",&QWP(16,$Widx)); - &movdqu ("xmm2",&QWP(32,$Widx)); - &movdqu ("xmm3",&QWP(48,$Widx)); - -&align(8); -&set_label("_chunk_loop"); - - &movdqa (&QWP($Aoff,$W512),"xmm0"); # a,b - &movdqa (&QWP($Coff,$W512),"xmm1"); # c,d - &movdqa (&QWP($Eoff,$W512),"xmm2"); # e,f - &movdqa (&QWP($Goff,$W512),"xmm3"); # g,h - - &xor ($Widx,$Widx); - - &movdq2q($A,"xmm0"); # load a - &movdq2q($E,"xmm2"); # load e - - # Why aren't loops unrolled? It makes sense to unroll if - # execution time for loop body is comparable with branch - # penalties and/or if whole data-set resides in register bank. - # Neither is case here... Well, it would be possible to - # eliminate few store operations, but it would hardly affect - # so to say stop-watch performance, as there is a lot of - # available memory slots to fill. It will only relieve some - # pressure off memory bus... - - # flip input stream byte order... - &mov ("eax",&DWP(0,$data,$Widx,8)); - &mov ("ebx",&DWP(4,$data,$Widx,8)); - &bswap ("eax"); - &bswap ("ebx"); - &mov (&DWP(0,$W512,$Widx,8),"ebx"); # W512[i] - &mov (&DWP(4,$W512,$Widx,8),"eax"); - &mov (&DWP(128+0,$W512,$Widx,8),"ebx"); # copy of W512[i] - &mov (&DWP(128+4,$W512,$Widx,8),"eax"); - -&align(8); -&set_label("_1st_loop"); # 0-15 - # flip input stream byte order... - &mov ("eax",&DWP(0+8,$data,$Widx,8)); - &mov ("ebx",&DWP(4+8,$data,$Widx,8)); - &bswap ("eax"); - &bswap ("ebx"); - &mov (&DWP(0+8,$W512,$Widx,8),"ebx"); # W512[i] - &mov (&DWP(4+8,$W512,$Widx,8),"eax"); - &mov (&DWP(128+0+8,$W512,$Widx,8),"ebx"); # copy of W512[i] - &mov (&DWP(128+4+8,$W512,$Widx,8),"eax"); -&set_label("_1st_looplet"); - &SHA2_ROUND($Widx,$Widx); &inc($Widx); - -&cmp ($Widx,15) -&jl (&label("_1st_loop")); -&je (&label("_1st_looplet")); # playing similar trick on 2nd loop - # does not improve performance... - - $Kidx = "ebx"; # start using %ebx as Kidx - &mov ($Kidx,$Widx); - -&align(8); -&set_label("_2nd_loop"); # 16-79 - &and($Widx,0xf); - - # 128-bit fragment! I update W512[i] and W512[i+1] in - # parallel:-) Note that I refer to W512[(i&0xf)+N] and not to - # W512[(i+N)&0xf]! This is exactly what I maintain the second - # copy of W512[16] for... - &movdqu ("xmm0",&QWP(8*1,$W512,$Widx,8)); # s0=W512[i+1] - &movdqa ("xmm2","xmm0"); # %xmm2 is sliding right - &movdqa ("xmm3","xmm0"); # %xmm3 is sliding left - &psrlq ("xmm2",1); - &psllq ("xmm3",56); - &movdqa ("xmm0","xmm2"); - &pxor ("xmm0","xmm3"); - &psrlq ("xmm2",6); - &psllq ("xmm3",7); - &pxor ("xmm0","xmm2"); - &pxor ("xmm0","xmm3"); - &psrlq ("xmm2",1); - &pxor ("xmm0","xmm2"); # s0 = sigma0_512(s0); - - &movdqa ("xmm1",&QWP(8*14,$W512,$Widx,8)); # s1=W512[i+14] - &movdqa ("xmm4","xmm1"); # %xmm4 is sliding right - &movdqa ("xmm5","xmm1"); # %xmm5 is sliding left - &psrlq ("xmm4",6); - &psllq ("xmm5",3); - &movdqa ("xmm1","xmm4"); - &pxor ("xmm1","xmm5"); - &psrlq ("xmm4",13); - &psllq ("xmm5",42); - &pxor ("xmm1","xmm4"); - &pxor ("xmm1","xmm5"); - &psrlq ("xmm4",42); - &pxor ("xmm1","xmm4"); # s1 = sigma1_512(s1); - - # + have to explictly load W512[i+9] as it's not 128-bit - # v aligned and paddq would throw an exception... - &movdqu ("xmm6",&QWP(8*9,$W512,$Widx,8)); - &paddq ("xmm0","xmm1"); # s0 += s1 - &paddq ("xmm0","xmm6"); # s0 += W512[i+9] - &paddq ("xmm0",&QWP(0,$W512,$Widx,8)); # s0 += W512[i] - - &movdqa (&QWP(0,$W512,$Widx,8),"xmm0"); # W512[i] = s0 - &movdqa (&QWP(16*8,$W512,$Widx,8),"xmm0"); # copy of W512[i] - - # as the above fragment was 128-bit, we "owe" 2 rounds... - &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); - &SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx); - -&cmp ($Kidx,80); -&jl (&label("_2nd_loop")); - - # update A-H state - &mov ($Widx,&DWP(8,"ebp")); # A-H state, 1st arg - &movq (&QWP($Aoff,$W512),$A); # write out a - &movq (&QWP($Eoff,$W512),$E); # write out e - &movdqu ("xmm0",&QWP(0,$Widx)); - &movdqu ("xmm1",&QWP(16,$Widx)); - &movdqu ("xmm2",&QWP(32,$Widx)); - &movdqu ("xmm3",&QWP(48,$Widx)); - &paddq ("xmm0",&QWP($Aoff,$W512)); # 128-bit additions... - &paddq ("xmm1",&QWP($Coff,$W512)); - &paddq ("xmm2",&QWP($Eoff,$W512)); - &paddq ("xmm3",&QWP($Goff,$W512)); - &movdqu (&QWP(0,$Widx),"xmm0"); - &movdqu (&QWP(16,$Widx),"xmm1"); - &movdqu (&QWP(32,$Widx),"xmm2"); - &movdqu (&QWP(48,$Widx),"xmm3"); - -&add ($data,16*8); # advance input data pointer -&dec (&DWP(16,"ebp")); # decrement 3rd arg -&jnz (&label("_chunk_loop")); - - # epilogue - &emms (); # required for at least ELF and Win32 ABIs - &mov ("edi",&DWP(-12,"ebp")); - &mov ("esi",&DWP(-8,"ebp")); - &mov ("ebx",&DWP(-4,"ebp")); - &leave (); -&ret (); - -&align(64); -&set_label("K512"); # Yes! I keep it in the code segment! - &data_word(0xd728ae22,0x428a2f98); # u64 - &data_word(0x23ef65cd,0x71374491); # u64 - &data_word(0xec4d3b2f,0xb5c0fbcf); # u64 - &data_word(0x8189dbbc,0xe9b5dba5); # u64 - &data_word(0xf348b538,0x3956c25b); # u64 - &data_word(0xb605d019,0x59f111f1); # u64 - &data_word(0xaf194f9b,0x923f82a4); # u64 - &data_word(0xda6d8118,0xab1c5ed5); # u64 - &data_word(0xa3030242,0xd807aa98); # u64 - &data_word(0x45706fbe,0x12835b01); # u64 - &data_word(0x4ee4b28c,0x243185be); # u64 - &data_word(0xd5ffb4e2,0x550c7dc3); # u64 - &data_word(0xf27b896f,0x72be5d74); # u64 - &data_word(0x3b1696b1,0x80deb1fe); # u64 - &data_word(0x25c71235,0x9bdc06a7); # u64 - &data_word(0xcf692694,0xc19bf174); # u64 - &data_word(0x9ef14ad2,0xe49b69c1); # u64 - &data_word(0x384f25e3,0xefbe4786); # u64 - &data_word(0x8b8cd5b5,0x0fc19dc6); # u64 - &data_word(0x77ac9c65,0x240ca1cc); # u64 - &data_word(0x592b0275,0x2de92c6f); # u64 - &data_word(0x6ea6e483,0x4a7484aa); # u64 - &data_word(0xbd41fbd4,0x5cb0a9dc); # u64 - &data_word(0x831153b5,0x76f988da); # u64 - &data_word(0xee66dfab,0x983e5152); # u64 - &data_word(0x2db43210,0xa831c66d); # u64 - &data_word(0x98fb213f,0xb00327c8); # u64 - &data_word(0xbeef0ee4,0xbf597fc7); # u64 - &data_word(0x3da88fc2,0xc6e00bf3); # u64 - &data_word(0x930aa725,0xd5a79147); # u64 - &data_word(0xe003826f,0x06ca6351); # u64 - &data_word(0x0a0e6e70,0x14292967); # u64 - &data_word(0x46d22ffc,0x27b70a85); # u64 - &data_word(0x5c26c926,0x2e1b2138); # u64 - &data_word(0x5ac42aed,0x4d2c6dfc); # u64 - &data_word(0x9d95b3df,0x53380d13); # u64 - &data_word(0x8baf63de,0x650a7354); # u64 - &data_word(0x3c77b2a8,0x766a0abb); # u64 - &data_word(0x47edaee6,0x81c2c92e); # u64 - &data_word(0x1482353b,0x92722c85); # u64 - &data_word(0x4cf10364,0xa2bfe8a1); # u64 - &data_word(0xbc423001,0xa81a664b); # u64 - &data_word(0xd0f89791,0xc24b8b70); # u64 - &data_word(0x0654be30,0xc76c51a3); # u64 - &data_word(0xd6ef5218,0xd192e819); # u64 - &data_word(0x5565a910,0xd6990624); # u64 - &data_word(0x5771202a,0xf40e3585); # u64 - &data_word(0x32bbd1b8,0x106aa070); # u64 - &data_word(0xb8d2d0c8,0x19a4c116); # u64 - &data_word(0x5141ab53,0x1e376c08); # u64 - &data_word(0xdf8eeb99,0x2748774c); # u64 - &data_word(0xe19b48a8,0x34b0bcb5); # u64 - &data_word(0xc5c95a63,0x391c0cb3); # u64 - &data_word(0xe3418acb,0x4ed8aa4a); # u64 - &data_word(0x7763e373,0x5b9cca4f); # u64 - &data_word(0xd6b2b8a3,0x682e6ff3); # u64 - &data_word(0x5defb2fc,0x748f82ee); # u64 - &data_word(0x43172f60,0x78a5636f); # u64 - &data_word(0xa1f0ab72,0x84c87814); # u64 - &data_word(0x1a6439ec,0x8cc70208); # u64 - &data_word(0x23631e28,0x90befffa); # u64 - &data_word(0xde82bde9,0xa4506ceb); # u64 - &data_word(0xb2c67915,0xbef9a3f7); # u64 - &data_word(0xe372532b,0xc67178f2); # u64 - &data_word(0xea26619c,0xca273ece); # u64 - &data_word(0x21c0c207,0xd186b8c7); # u64 - &data_word(0xcde0eb1e,0xeada7dd6); # u64 - &data_word(0xee6ed178,0xf57d4f7f); # u64 - &data_word(0x72176fba,0x06f067aa); # u64 - &data_word(0xa2c898a6,0x0a637dc5); # u64 - &data_word(0xbef90dae,0x113f9804); # u64 - &data_word(0x131c471b,0x1b710b35); # u64 - &data_word(0x23047d84,0x28db77f5); # u64 - &data_word(0x40c72493,0x32caab7b); # u64 - &data_word(0x15c9bebc,0x3c9ebe0a); # u64 - &data_word(0x9c100d4c,0x431d67c4); # u64 - &data_word(0xcb3e42b6,0x4cc5d4be); # u64 - &data_word(0xfc657e2a,0x597f299c); # u64 - &data_word(0x3ad6faec,0x5fcb6fab); # u64 - &data_word(0x4a475817,0x6c44198c); # u64 - -&function_end_B($func); - -&asm_finish(); diff --git a/crypto/openssl/crypto/sha/sha.h b/crypto/openssl/crypto/sha/sha.h index eed44d7f94..47a2c29f66 100644 --- a/crypto/openssl/crypto/sha/sha.h +++ b/crypto/openssl/crypto/sha/sha.h @@ -106,6 +106,9 @@ typedef struct SHAstate_st } SHA_CTX; #ifndef OPENSSL_NO_SHA0 +#ifdef OPENSSL_FIPS +int private_SHA_Init(SHA_CTX *c); +#endif int SHA_Init(SHA_CTX *c); int SHA_Update(SHA_CTX *c, const void *data, size_t len); int SHA_Final(unsigned char *md, SHA_CTX *c); diff --git a/crypto/openssl/crypto/sha/sha1_one.c b/crypto/openssl/crypto/sha/sha1_one.c index 7c65b60276..4831174198 100644 --- a/crypto/openssl/crypto/sha/sha1_one.c +++ b/crypto/openssl/crypto/sha/sha1_one.c @@ -61,7 +61,7 @@ #include #include -#ifndef OPENSSL_NO_SHA1 +#if !defined(OPENSSL_NO_SHA1) unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; diff --git a/crypto/openssl/crypto/sha/sha1dgst.c b/crypto/openssl/crypto/sha/sha1dgst.c index 50d1925cde..d31f0781a0 100644 --- a/crypto/openssl/crypto/sha/sha1dgst.c +++ b/crypto/openssl/crypto/sha/sha1dgst.c @@ -63,6 +63,10 @@ #define SHA_1 #include +#ifdef OPENSSL_FIPS +#include +#endif + const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; diff --git a/crypto/openssl/crypto/sha/sha256.c b/crypto/openssl/crypto/sha/sha256.c index 867f90cc97..3256a83e98 100644 --- a/crypto/openssl/crypto/sha/sha256.c +++ b/crypto/openssl/crypto/sha/sha256.c @@ -12,12 +12,19 @@ #include #include +#ifdef OPENSSL_FIPS +#include +#endif + #include const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT; int SHA224_Init (SHA256_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=0xc1059ed8UL; c->h[1]=0x367cd507UL; c->h[2]=0x3070dd17UL; c->h[3]=0xf70e5939UL; c->h[4]=0xffc00b31UL; c->h[5]=0x68581511UL; @@ -29,6 +36,9 @@ int SHA224_Init (SHA256_CTX *c) int SHA256_Init (SHA256_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=0x6a09e667UL; c->h[1]=0xbb67ae85UL; c->h[2]=0x3c6ef372UL; c->h[3]=0xa54ff53aUL; c->h[4]=0x510e527fUL; c->h[5]=0x9b05688cUL; diff --git a/crypto/openssl/crypto/sha/sha512.c b/crypto/openssl/crypto/sha/sha512.c index 987fc07c99..f5ed468b85 100644 --- a/crypto/openssl/crypto/sha/sha512.c +++ b/crypto/openssl/crypto/sha/sha512.c @@ -5,6 +5,10 @@ * ==================================================================== */ #include +#ifdef OPENSSL_FIPS +#include +#endif + #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512) /* * IMPLEMENTATION NOTES. @@ -61,6 +65,9 @@ const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT; int SHA384_Init (SHA512_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=U64(0xcbbb9d5dc1059ed8); c->h[1]=U64(0x629a292a367cd507); c->h[2]=U64(0x9159015a3070dd17); @@ -76,6 +83,9 @@ int SHA384_Init (SHA512_CTX *c) int SHA512_Init (SHA512_CTX *c) { +#ifdef OPENSSL_FIPS + FIPS_selftest_check(); +#endif c->h[0]=U64(0x6a09e667f3bcc908); c->h[1]=U64(0xbb67ae8584caa73b); c->h[2]=U64(0x3c6ef372fe94f82b); @@ -327,7 +337,7 @@ static const SHA_LONG64 K512[80] = { ((SHA_LONG64)hi)<<32|lo; }) # else # define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\ - unsigned int hi=p[0],lo=p[1]; \ + unsigned int hi=p[0],lo=p[1]; \ asm ("bswapl %0; bswapl %1;" \ : "=r"(lo),"=r"(hi) \ : "0"(lo),"1"(hi)); \ diff --git a/crypto/openssl/crypto/sha/sha_dgst.c b/crypto/openssl/crypto/sha/sha_dgst.c index 70eb56032c..598f4d721a 100644 --- a/crypto/openssl/crypto/sha/sha_dgst.c +++ b/crypto/openssl/crypto/sha/sha_dgst.c @@ -57,6 +57,12 @@ */ #include +#include +#ifdef OPENSSL_FIPS +#include +#endif + +#include #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) #undef SHA_1 diff --git a/crypto/openssl/crypto/sha/sha_locl.h b/crypto/openssl/crypto/sha/sha_locl.h index e37e5726e3..da46ddfe79 100644 --- a/crypto/openssl/crypto/sha/sha_locl.h +++ b/crypto/openssl/crypto/sha/sha_locl.h @@ -122,8 +122,15 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); #define INIT_DATA_h3 0x10325476UL #define INIT_DATA_h4 0xc3d2e1f0UL +#if defined(SHA_0) && defined(OPENSSL_FIPS) +FIPS_NON_FIPS_MD_Init(SHA) +#else int HASH_INIT (SHA_CTX *c) +#endif { +#if defined(SHA_1) && defined(OPENSSL_FIPS) + FIPS_selftest_check(); +#endif c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; c->h2=INIT_DATA_h2; diff --git a/crypto/openssl/crypto/symhacks.h b/crypto/openssl/crypto/symhacks.h index 64528ad5c2..6cfb5fe479 100644 --- a/crypto/openssl/crypto/symhacks.h +++ b/crypto/openssl/crypto/symhacks.h @@ -179,6 +179,11 @@ #define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn #undef ENGINE_get_load_privkey_function #define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn +#undef ENGINE_set_load_ssl_client_cert_function +#define ENGINE_set_load_ssl_client_cert_function \ + ENGINE_set_ld_ssl_clnt_cert_fn +#undef ENGINE_get_ssl_client_cert_function +#define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn /* Hack some long OCSP names */ #undef OCSP_REQUEST_get_ext_by_critical diff --git a/crypto/openssl/crypto/ui/ui_openssl.c b/crypto/openssl/crypto/ui/ui_openssl.c index 1f23a45a33..ef930bf247 100644 --- a/crypto/openssl/crypto/ui/ui_openssl.c +++ b/crypto/openssl/crypto/ui/ui_openssl.c @@ -677,6 +677,8 @@ static int noecho_fgets(char *buf, int size, FILE *tty) size--; #ifdef WIN16TTY i=_inchar(); +#elif defined(_WIN32) + i=_getch(); #else i=getch(); #endif diff --git a/crypto/openssl/crypto/x509/by_dir.c b/crypto/openssl/crypto/x509/by_dir.c index 37f9a48206..341e0ba6a4 100644 --- a/crypto/openssl/crypto/x509/by_dir.c +++ b/crypto/openssl/crypto/x509/by_dir.c @@ -74,6 +74,10 @@ #include #include +#ifdef _WIN32 +#define stat _stat +#endif + typedef struct lookup_dir_st { BUF_MEM *buffer; diff --git a/crypto/openssl/crypto/x509/x509_cmp.c b/crypto/openssl/crypto/x509/x509_cmp.c index 0d6bc653b2..e4c682fc44 100644 --- a/crypto/openssl/crypto/x509/x509_cmp.c +++ b/crypto/openssl/crypto/x509/x509_cmp.c @@ -322,10 +322,16 @@ unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; + EVP_MD_CTX md_ctx; /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x,NULL); - EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); + EVP_MD_CTX_init(&md_ctx); + EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); + EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); + EVP_DigestFinal_ex(&md_ctx,md,NULL); + EVP_MD_CTX_cleanup(&md_ctx); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) diff --git a/crypto/openssl/crypto/x509/x509_trs.c b/crypto/openssl/crypto/x509/x509_trs.c index 9c84a59d52..ed18700585 100644 --- a/crypto/openssl/crypto/x509/x509_trs.c +++ b/crypto/openssl/crypto/x509/x509_trs.c @@ -1,5 +1,5 @@ /* x509_trs.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509/x509_vpm.c b/crypto/openssl/crypto/x509/x509_vpm.c index e9db6d62a7..c92e65936f 100644 --- a/crypto/openssl/crypto/x509/x509_vpm.c +++ b/crypto/openssl/crypto/x509/x509_vpm.c @@ -1,5 +1,5 @@ /* x509_vpm.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509/x509cset.c b/crypto/openssl/crypto/x509/x509cset.c index 9d1646d5c8..7f4004b291 100644 --- a/crypto/openssl/crypto/x509/x509cset.c +++ b/crypto/openssl/crypto/x509/x509cset.c @@ -1,5 +1,5 @@ /* crypto/x509/x509cset.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509/x509spki.c b/crypto/openssl/crypto/x509/x509spki.c index ed868b838e..02a203d72c 100644 --- a/crypto/openssl/crypto/x509/x509spki.c +++ b/crypto/openssl/crypto/x509/x509spki.c @@ -1,5 +1,5 @@ /* x509spki.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/ext_dat.h b/crypto/openssl/crypto/x509v3/ext_dat.h index 5c063ac65d..3eaec46f8a 100644 --- a/crypto/openssl/crypto/x509v3/ext_dat.h +++ b/crypto/openssl/crypto/x509v3/ext_dat.h @@ -1,5 +1,5 @@ /* ext_dat.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_cache.c b/crypto/openssl/crypto/x509v3/pcy_cache.c index c18beb89f5..1030931b71 100644 --- a/crypto/openssl/crypto/x509v3/pcy_cache.c +++ b/crypto/openssl/crypto/x509v3/pcy_cache.c @@ -1,5 +1,5 @@ /* pcy_cache.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_data.c b/crypto/openssl/crypto/x509v3/pcy_data.c index 4711b1ee92..fb392b901f 100644 --- a/crypto/openssl/crypto/x509v3/pcy_data.c +++ b/crypto/openssl/crypto/x509v3/pcy_data.c @@ -1,5 +1,5 @@ /* pcy_data.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_int.h b/crypto/openssl/crypto/x509v3/pcy_int.h index ba62a209da..3780de4fcd 100644 --- a/crypto/openssl/crypto/x509v3/pcy_int.h +++ b/crypto/openssl/crypto/x509v3/pcy_int.h @@ -1,5 +1,5 @@ /* pcy_int.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_lib.c b/crypto/openssl/crypto/x509v3/pcy_lib.c index dae4840bc5..93bfd92703 100644 --- a/crypto/openssl/crypto/x509v3/pcy_lib.c +++ b/crypto/openssl/crypto/x509v3/pcy_lib.c @@ -1,5 +1,5 @@ /* pcy_lib.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_map.c b/crypto/openssl/crypto/x509v3/pcy_map.c index 35221e8ba8..f28796e6d4 100644 --- a/crypto/openssl/crypto/x509v3/pcy_map.c +++ b/crypto/openssl/crypto/x509v3/pcy_map.c @@ -1,5 +1,5 @@ /* pcy_map.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_node.c b/crypto/openssl/crypto/x509v3/pcy_node.c index dcc1554e29..6587cb05ab 100644 --- a/crypto/openssl/crypto/x509v3/pcy_node.c +++ b/crypto/openssl/crypto/x509v3/pcy_node.c @@ -1,5 +1,5 @@ /* pcy_node.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/pcy_tree.c b/crypto/openssl/crypto/x509v3/pcy_tree.c index b1ce77b9af..6c87a7f506 100644 --- a/crypto/openssl/crypto/x509v3/pcy_tree.c +++ b/crypto/openssl/crypto/x509v3/pcy_tree.c @@ -1,5 +1,5 @@ /* pcy_tree.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_addr.c b/crypto/openssl/crypto/x509v3/v3_addr.c index c6730ab3fd..a37f844d3c 100644 --- a/crypto/openssl/crypto/x509v3/v3_addr.c +++ b/crypto/openssl/crypto/x509v3/v3_addr.c @@ -878,6 +878,7 @@ int v3_addr_canonize(IPAddrBlocks *addr) v3_addr_get_afi(f))) return 0; } + (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); sk_IPAddressFamily_sort(addr); assert(v3_addr_is_canonical(addr)); return 1; diff --git a/crypto/openssl/crypto/x509v3/v3_akey.c b/crypto/openssl/crypto/x509v3/v3_akey.c index ac0548b775..c6b68ee221 100644 --- a/crypto/openssl/crypto/x509v3/v3_akey.c +++ b/crypto/openssl/crypto/x509v3/v3_akey.c @@ -1,5 +1,5 @@ /* v3_akey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_akeya.c b/crypto/openssl/crypto/x509v3/v3_akeya.c index 2aafa26ba7..2c50f7360e 100644 --- a/crypto/openssl/crypto/x509v3/v3_akeya.c +++ b/crypto/openssl/crypto/x509v3/v3_akeya.c @@ -1,5 +1,5 @@ /* v3_akey_asn1.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_alt.c b/crypto/openssl/crypto/x509v3/v3_alt.c index bb2f5bc54e..58b2952478 100644 --- a/crypto/openssl/crypto/x509v3/v3_alt.c +++ b/crypto/openssl/crypto/x509v3/v3_alt.c @@ -1,5 +1,5 @@ /* v3_alt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== @@ -527,7 +527,8 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, return gen; err: - GENERAL_NAME_free(gen); + if (!out) + GENERAL_NAME_free(gen); return NULL; } diff --git a/crypto/openssl/crypto/x509v3/v3_bcons.c b/crypto/openssl/crypto/x509v3/v3_bcons.c index 74b1233071..82aa488f75 100644 --- a/crypto/openssl/crypto/x509v3/v3_bcons.c +++ b/crypto/openssl/crypto/x509v3/v3_bcons.c @@ -1,5 +1,5 @@ /* v3_bcons.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_bitst.c b/crypto/openssl/crypto/x509v3/v3_bitst.c index cf31f0816e..058d0d4dce 100644 --- a/crypto/openssl/crypto/x509v3/v3_bitst.c +++ b/crypto/openssl/crypto/x509v3/v3_bitst.c @@ -1,5 +1,5 @@ /* v3_bitst.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_conf.c b/crypto/openssl/crypto/x509v3/v3_conf.c index 2b867305fb..11eb6b7fd5 100644 --- a/crypto/openssl/crypto/x509v3/v3_conf.c +++ b/crypto/openssl/crypto/x509v3/v3_conf.c @@ -1,5 +1,5 @@ /* v3_conf.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_cpols.c b/crypto/openssl/crypto/x509v3/v3_cpols.c index a40f490aa9..95596055ab 100644 --- a/crypto/openssl/crypto/x509v3/v3_cpols.c +++ b/crypto/openssl/crypto/x509v3/v3_cpols.c @@ -1,5 +1,5 @@ /* v3_cpols.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_crld.c b/crypto/openssl/crypto/x509v3/v3_crld.c index c6e3ebae7b..181a8977b1 100644 --- a/crypto/openssl/crypto/x509v3/v3_crld.c +++ b/crypto/openssl/crypto/x509v3/v3_crld.c @@ -1,5 +1,5 @@ /* v3_crld.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_enum.c b/crypto/openssl/crypto/x509v3/v3_enum.c index a236cb22e1..36576eaa4d 100644 --- a/crypto/openssl/crypto/x509v3/v3_enum.c +++ b/crypto/openssl/crypto/x509v3/v3_enum.c @@ -1,5 +1,5 @@ /* v3_enum.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_extku.c b/crypto/openssl/crypto/x509v3/v3_extku.c index a4efe0031e..c0d14500ed 100644 --- a/crypto/openssl/crypto/x509v3/v3_extku.c +++ b/crypto/openssl/crypto/x509v3/v3_extku.c @@ -1,5 +1,5 @@ /* v3_extku.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_genn.c b/crypto/openssl/crypto/x509v3/v3_genn.c index 650b510980..84b4b1c881 100644 --- a/crypto/openssl/crypto/x509v3/v3_genn.c +++ b/crypto/openssl/crypto/x509v3/v3_genn.c @@ -1,5 +1,5 @@ /* v3_genn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_ia5.c b/crypto/openssl/crypto/x509v3/v3_ia5.c index b739ccd036..4ff12b52b5 100644 --- a/crypto/openssl/crypto/x509v3/v3_ia5.c +++ b/crypto/openssl/crypto/x509v3/v3_ia5.c @@ -1,5 +1,5 @@ /* v3_ia5.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_info.c b/crypto/openssl/crypto/x509v3/v3_info.c index e0ef69de42..e1b8699f92 100644 --- a/crypto/openssl/crypto/x509v3/v3_info.c +++ b/crypto/openssl/crypto/x509v3/v3_info.c @@ -1,5 +1,5 @@ /* v3_info.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_int.c b/crypto/openssl/crypto/x509v3/v3_int.c index 9a48dc1508..4bfd14cf46 100644 --- a/crypto/openssl/crypto/x509v3/v3_int.c +++ b/crypto/openssl/crypto/x509v3/v3_int.c @@ -1,5 +1,5 @@ /* v3_int.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_lib.c b/crypto/openssl/crypto/x509v3/v3_lib.c index f3015ea610..df3a48f43e 100644 --- a/crypto/openssl/crypto/x509v3/v3_lib.c +++ b/crypto/openssl/crypto/x509v3/v3_lib.c @@ -1,5 +1,5 @@ /* v3_lib.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_ncons.c b/crypto/openssl/crypto/x509v3/v3_ncons.c index 42e7f5a879..4e706be3e1 100644 --- a/crypto/openssl/crypto/x509v3/v3_ncons.c +++ b/crypto/openssl/crypto/x509v3/v3_ncons.c @@ -1,5 +1,5 @@ /* v3_ncons.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_ocsp.c b/crypto/openssl/crypto/x509v3/v3_ocsp.c index 62aac06335..e426ea930c 100644 --- a/crypto/openssl/crypto/x509v3/v3_ocsp.c +++ b/crypto/openssl/crypto/x509v3/v3_ocsp.c @@ -1,5 +1,5 @@ /* v3_ocsp.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_pcons.c b/crypto/openssl/crypto/x509v3/v3_pcons.c index 13248c2ada..86c0ff70e6 100644 --- a/crypto/openssl/crypto/x509v3/v3_pcons.c +++ b/crypto/openssl/crypto/x509v3/v3_pcons.c @@ -1,5 +1,5 @@ /* v3_pcons.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_pku.c b/crypto/openssl/crypto/x509v3/v3_pku.c index 5c4626e89b..076f3ff48e 100644 --- a/crypto/openssl/crypto/x509v3/v3_pku.c +++ b/crypto/openssl/crypto/x509v3/v3_pku.c @@ -1,5 +1,5 @@ /* v3_pku.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_pmaps.c b/crypto/openssl/crypto/x509v3/v3_pmaps.c index 626303264f..da03bbc35d 100644 --- a/crypto/openssl/crypto/x509v3/v3_pmaps.c +++ b/crypto/openssl/crypto/x509v3/v3_pmaps.c @@ -1,5 +1,5 @@ /* v3_pmaps.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_prn.c b/crypto/openssl/crypto/x509v3/v3_prn.c index 20bd9bda19..c1bb17f105 100644 --- a/crypto/openssl/crypto/x509v3/v3_prn.c +++ b/crypto/openssl/crypto/x509v3/v3_prn.c @@ -1,5 +1,5 @@ /* v3_prn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_purp.c b/crypto/openssl/crypto/x509v3/v3_purp.c index c54e7887c7..e18751e01c 100644 --- a/crypto/openssl/crypto/x509v3/v3_purp.c +++ b/crypto/openssl/crypto/x509v3/v3_purp.c @@ -1,5 +1,5 @@ /* v3_purp.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_skey.c b/crypto/openssl/crypto/x509v3/v3_skey.c index da0a3558f6..202c9e4896 100644 --- a/crypto/openssl/crypto/x509v3/v3_skey.c +++ b/crypto/openssl/crypto/x509v3/v3_skey.c @@ -1,5 +1,5 @@ /* v3_skey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_sxnet.c b/crypto/openssl/crypto/x509v3/v3_sxnet.c index eaea9ea01b..2a6bf11b65 100644 --- a/crypto/openssl/crypto/x509v3/v3_sxnet.c +++ b/crypto/openssl/crypto/x509v3/v3_sxnet.c @@ -1,5 +1,5 @@ /* v3_sxnet.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x509v3/v3_utl.c b/crypto/openssl/crypto/x509v3/v3_utl.c index ac171ca940..a4236bbb6d 100644 --- a/crypto/openssl/crypto/x509v3/v3_utl.c +++ b/crypto/openssl/crypto/x509v3/v3_utl.c @@ -1,5 +1,5 @@ /* v3_utl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ /* ==================================================================== @@ -736,17 +736,20 @@ static int ipv6_from_asc(unsigned char *v6, const char *in) /* Format result */ - /* Copy initial part */ - if (v6stat.zero_pos > 0) + if (v6stat.zero_pos >= 0) + { + /* Copy initial part */ memcpy(v6, v6stat.tmp, v6stat.zero_pos); - /* Zero middle */ - if (v6stat.total != 16) + /* Zero middle */ memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); - /* Copy final part */ - if (v6stat.total != v6stat.zero_pos) - memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, - v6stat.tmp + v6stat.zero_pos, - v6stat.total - v6stat.zero_pos); + /* Copy final part */ + if (v6stat.total != v6stat.zero_pos) + memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, + v6stat.tmp + v6stat.zero_pos, + v6stat.total - v6stat.zero_pos); + } + else + memcpy(v6, v6stat.tmp, 16); return 1; } diff --git a/crypto/openssl/crypto/x509v3/x509v3.h b/crypto/openssl/crypto/x509v3/x509v3.h index 5ba59f71c9..9ef83da755 100644 --- a/crypto/openssl/crypto/x509v3/x509v3.h +++ b/crypto/openssl/crypto/x509v3/x509v3.h @@ -1,5 +1,5 @@ /* x509v3.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ /* ==================================================================== diff --git a/crypto/openssl/crypto/x86_64cpuid.pl b/crypto/openssl/crypto/x86_64cpuid.pl deleted file mode 100644 index 4d88ad191b..0000000000 --- a/crypto/openssl/crypto/x86_64cpuid.pl +++ /dev/null @@ -1,138 +0,0 @@ -#!/usr/bin/env perl - -$output=shift; -$win64a=1 if ($output =~ /win64a\.[s|asm]/); -open STDOUT,">$output" || die "can't open $output: $!"; - -print<<___ if(defined($win64a)); -_TEXT SEGMENT -PUBLIC OPENSSL_rdtsc -ALIGN 16 -OPENSSL_rdtsc PROC - rdtsc - shl rdx,32 - or rax,rdx - ret -OPENSSL_rdtsc ENDP - -PUBLIC OPENSSL_atomic_add -ALIGN 16 -OPENSSL_atomic_add PROC - mov eax,DWORD PTR[rcx] -\$Lspin: lea r8,DWORD PTR[rdx+rax] -lock cmpxchg DWORD PTR[rcx],r8d - jne \$Lspin - mov eax,r8d - cdqe - ret -OPENSSL_atomic_add ENDP - -PUBLIC OPENSSL_wipe_cpu -ALIGN 16 -OPENSSL_wipe_cpu PROC - pxor xmm0,xmm0 - pxor xmm1,xmm1 - pxor xmm2,xmm2 - pxor xmm3,xmm3 - pxor xmm4,xmm4 - pxor xmm5,xmm5 - xor rcx,rcx - xor rdx,rdx - xor r8,r8 - xor r9,r9 - xor r10,r10 - xor r11,r11 - lea rax,QWORD PTR[rsp+8] - ret -OPENSSL_wipe_cpu ENDP - -OPENSSL_ia32_cpuid PROC - mov r8,rbx - mov eax,1 - cpuid - shl rcx,32 - mov eax,edx - mov rbx,r8 - or rax,rcx - ret -OPENSSL_ia32_cpuid ENDP -_TEXT ENDS - -CRT\$XIU SEGMENT -EXTRN OPENSSL_cpuid_setup:PROC -DQ OPENSSL_cpuid_setup -CRT\$XIU ENDS -END -___ -print<<___ if(!defined($win64a)); -.text -.globl OPENSSL_rdtsc -.align 16 -OPENSSL_rdtsc: - rdtsc - shlq \$32,%rdx - orq %rdx,%rax - ret -.size OPENSSL_rdtsc,.-OPENSSL_rdtsc - -.globl OPENSSL_atomic_add -.type OPENSSL_atomic_add,\@function -.align 16 -OPENSSL_atomic_add: - movl (%rdi),%eax -.Lspin: leaq (%rsi,%rax),%r8 -lock; cmpxchgl %r8d,(%rdi) - jne .Lspin - movl %r8d,%eax - .byte 0x48,0x98 - ret -.size OPENSSL_atomic_add,.-OPENSSL_atomic_add - -.globl OPENSSL_wipe_cpu -.type OPENSSL_wipe_cpu,\@function -.align 16 -OPENSSL_wipe_cpu: - pxor %xmm0,%xmm0 - pxor %xmm1,%xmm1 - pxor %xmm2,%xmm2 - pxor %xmm3,%xmm3 - pxor %xmm4,%xmm4 - pxor %xmm5,%xmm5 - pxor %xmm6,%xmm6 - pxor %xmm7,%xmm7 - pxor %xmm8,%xmm8 - pxor %xmm9,%xmm9 - pxor %xmm10,%xmm10 - pxor %xmm11,%xmm11 - pxor %xmm12,%xmm12 - pxor %xmm13,%xmm13 - pxor %xmm14,%xmm14 - pxor %xmm15,%xmm15 - xorq %rcx,%rcx - xorq %rdx,%rdx - xorq %rsi,%rsi - xorq %rdi,%rdi - xorq %r8,%r8 - xorq %r9,%r9 - xorq %r10,%r10 - xorq %r11,%r11 - leaq 8(%rsp),%rax - ret -.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu - -.globl OPENSSL_ia32_cpuid -.align 16 -OPENSSL_ia32_cpuid: - movq %rbx,%r8 - movl \$1,%eax - cpuid - shlq \$32,%rcx - movl %edx,%eax - movq %r8,%rbx - orq %rcx,%rax - ret -.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid - -.section .init - call OPENSSL_cpuid_setup -___ diff --git a/crypto/openssl/crypto/x86cpuid.pl b/crypto/openssl/crypto/x86cpuid.pl deleted file mode 100644 index c53c9bc998..0000000000 --- a/crypto/openssl/crypto/x86cpuid.pl +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/env perl - -push(@INC,"perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"x86cpuid"); - -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&function_begin("OPENSSL_ia32_cpuid"); - &xor ("edx","edx"); - &pushf (); - &pop ("eax"); - &mov ("ecx","eax"); - &xor ("eax",1<<21); - &push ("eax"); - &popf (); - &pushf (); - &pop ("eax"); - &xor ("ecx","eax"); - &bt ("ecx",21); - &jnc (&label("nocpuid")); - &mov ("eax",1); - &cpuid (); -&set_label("nocpuid"); - &mov ("eax","edx"); - &mov ("edx","ecx"); -&function_end("OPENSSL_ia32_cpuid"); - -&external_label("OPENSSL_ia32cap_P"); - -&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("notsc")); - &rdtsc (); -&set_label("notsc"); - &ret (); -&function_end_B("OPENSSL_rdtsc"); - -# This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], -# but it's safe to call it on any [supported] 32-bit platform... -# Just check for [non-]zero return value... -&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &bt (&DWP(0,"ecx"),4); - &jnc (&label("nohalt")); # no TSC - - &data_word(0x9058900e); # push %cs; pop %eax - &and ("eax",3); - &jnz (&label("nohalt")); # not enough privileges - - &pushf (); - &pop ("eax") - &bt ("eax",9); - &jnc (&label("nohalt")); # interrupts are disabled - - &rdtsc (); - &push ("edx"); - &push ("eax"); - &halt (); - &rdtsc (); - - &sub ("eax",&DWP(0,"esp")); - &sbb ("edx",&DWP(4,"esp")); - &add ("esp",8); - &ret (); - -&set_label("nohalt"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_instrument_halt"); - -# Essentially there is only one use for this function. Under DJGPP: -# -# #include -# ... -# i=OPENSSL_far_spin(_dos_ds,0x46c); -# ... -# to obtain the number of spins till closest timer interrupt. - -&function_begin_B("OPENSSL_far_spin"); - &pushf (); - &pop ("eax") - &bt ("eax",9); - &jnc (&label("nospin")); # interrupts are disabled - - &mov ("eax",&DWP(4,"esp")); - &mov ("ecx",&DWP(8,"esp")); - &data_word (0x90d88e1e); # push %ds, mov %eax,%ds - &xor ("eax","eax"); - &mov ("edx",&DWP(0,"ecx")); - &jmp (&label("spin")); - - &align (16); -&set_label("spin"); - &inc ("eax"); - &cmp ("edx",&DWP(0,"ecx")); - &je (&label("spin")); - - &data_word (0x1f909090); # pop %ds - &ret (); - -&set_label("nospin"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &ret (); -&function_end_B("OPENSSL_far_spin"); - -&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); - &xor ("eax","eax"); - &xor ("edx","edx"); - &picmeup("ecx","OPENSSL_ia32cap_P"); - &mov ("ecx",&DWP(0,"ecx")); - &bt (&DWP(0,"ecx"),1); - &jnc (&label("no_x87")); - if ($sse2) { - &bt (&DWP(0,"ecx"),26); - &jnc (&label("no_sse2")); - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); - &set_label("no_sse2"); - } - # just a bunch of fldz to zap the fp/mm bank followed by finit... - &data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b); -&set_label("no_x87"); - &lea ("eax",&DWP(4,"esp")); - &ret (); -&function_end_B("OPENSSL_wipe_cpu"); - -&function_begin_B("OPENSSL_atomic_add"); - &mov ("edx",&DWP(4,"esp")); # fetch the pointer, 1st arg - &mov ("ecx",&DWP(8,"esp")); # fetch the increment, 2nd arg - &push ("ebx"); - &nop (); - &mov ("eax",&DWP(0,"edx")); -&set_label("spin"); - &lea ("ebx",&DWP(0,"eax","ecx")); - &nop (); - &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is envolved and is always reloaded - &jne (&label("spin")); - &mov ("eax","ebx"); # OpenSSL expects the new value - &pop ("ebx"); - &ret (); -&function_end_B("OPENSSL_atomic_add"); - -# This function can become handy under Win32 in situations when -# we don't know which calling convention, __stdcall or __cdecl(*), -# indirect callee is using. In C it can be deployed as -# -#ifdef OPENSSL_CPUID_OBJ -# type OPENSSL_indirect_call(void *f,...); -# ... -# OPENSSL_indirect_call(func,[up to $max arguments]); -#endif -# -# (*) it's designed to work even for __fastcall if number of -# arguments is 1 or 2! -&function_begin_B("OPENSSL_indirect_call"); - { - my $i,$max=7; # $max has to be chosen as 4*n-1 - # in order to preserve eventual - # stack alignment - &push ("ebp"); - &mov ("ebp","esp"); - &sub ("esp",$max*4); - &mov ("ecx",&DWP(12,"ebp")); - &mov (&DWP(0,"esp"),"ecx"); - &mov ("edx",&DWP(16,"ebp")); - &mov (&DWP(4,"esp"),"edx"); - for($i=2;$i<$max;$i++) - { - # Some copies will be redundant/bogus... - &mov ("eax",&DWP(12+$i*4,"ebp")); - &mov (&DWP(0+$i*4,"esp"),"eax"); - } - &call_ptr (&DWP(8,"ebp"));# make the call... - &mov ("esp","ebp"); # ... and just restore the stack pointer - # without paying attention to what we called, - # (__cdecl *func) or (__stdcall *one). - &pop ("ebp"); - &ret (); - } -&function_end_B("OPENSSL_indirect_call"); - -&initseg("OPENSSL_cpuid_setup"); - -&asm_finish(); diff --git a/crypto/openssl/doc/HOWTO/certificates.txt b/crypto/openssl/doc/HOWTO/certificates.txt deleted file mode 100644 index a8a34c7abc..0000000000 --- a/crypto/openssl/doc/HOWTO/certificates.txt +++ /dev/null @@ -1,105 +0,0 @@ - - HOWTO certificates - -1. Introduction - -How you handle certificates depend a great deal on what your role is. -Your role can be one or several of: - - - User of some client software - - User of some server software - - Certificate authority - -This file is for users who wish to get a certificate of their own. -Certificate authorities should read ca.txt. - -In all the cases shown below, the standard configuration file, as -compiled into openssl, will be used. You may find it in /etc/, -/usr/local/ssl/ or somewhere else. The name is openssl.cnf, and -is better described in another HOWTO . If you want to -use a different configuration file, use the argument '-config {file}' -with the command shown below. - - -2. Relationship with keys - -Certificates are related to public key cryptography by containing a -public key. To be useful, there must be a corresponding private key -somewhere. With OpenSSL, public keys are easily derived from private -keys, so before you create a certificate or a certificate request, you -need to create a private key. - -Private keys are generated with 'openssl genrsa' if you want a RSA -private key, or 'openssl gendsa' if you want a DSA private key. -Further information on how to create private keys can be found in -another HOWTO . The rest of this text assumes you have -a private key in the file privkey.pem. - - -3. Creating a certificate request - -To create a certificate, you need to start with a certificate -request (or, as some certificate authorities like to put -it, "certificate signing request", since that's exactly what they do, -they sign it and give you the result back, thus making it authentic -according to their policies). A certificate request can then be sent -to a certificate authority to get it signed into a certificate, or if -you have your own certificate authority, you may sign it yourself, or -if you need a self-signed certificate (because you just want a test -certificate or because you are setting up your own CA). - -The certificate request is created like this: - - openssl req -new -key privkey.pem -out cert.csr - -Now, cert.csr can be sent to the certificate authority, if they can -handle files in PEM format. If not, use the extra argument '-outform' -followed by the keyword for the format to use (see another HOWTO -). In some cases, that isn't sufficient and you will -have to be more creative. - -When the certificate authority has then done the checks the need to -do (and probably gotten payment from you), they will hand over your -new certificate to you. - -Section 5 will tell you more on how to handle the certificate you -received. - - -4. Creating a self-signed test certificate - -If you don't want to deal with another certificate authority, or just -want to create a test certificate for yourself. This is similar to -creating a certificate request, but creates a certificate instead of -a certificate request. This is NOT the recommended way to create a -CA certificate, see ca.txt. - - openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 - - -5. What to do with the certificate - -If you created everything yourself, or if the certificate authority -was kind enough, your certificate is a raw DER thing in PEM format. -Your key most definitely is if you have followed the examples above. -However, some (most?) certificate authorities will encode them with -things like PKCS7 or PKCS12, or something else. Depending on your -applications, this may be perfectly OK, it all depends on what they -know how to decode. If not, There are a number of OpenSSL tools to -convert between some (most?) formats. - -So, depending on your application, you may have to convert your -certificate and your key to various formats, most often also putting -them together into one file. The ways to do this is described in -another HOWTO , I will just mention the simplest case. -In the case of a raw DER thing in PEM format, and assuming that's all -right for yor applications, simply concatenating the certificate and -the key into a new file and using that one should be enough. With -some applications, you don't even have to do that. - - -By now, you have your cetificate and your private key and can start -using the software that depend on it. - --- -Richard Levitte diff --git a/crypto/openssl/doc/HOWTO/keys.txt b/crypto/openssl/doc/HOWTO/keys.txt deleted file mode 100644 index 7ae2a3a118..0000000000 --- a/crypto/openssl/doc/HOWTO/keys.txt +++ /dev/null @@ -1,73 +0,0 @@ - - HOWTO keys - -1. Introduction - -Keys are the basis of public key algorithms and PKI. Keys usually -come in pairs, with one half being the public key and the other half -being the private key. With OpenSSL, the private key contains the -public key information as well, so a public key doesn't need to be -generated separately. - -Public keys come in several flavors, using different cryptographic -algorithms. The most popular ones associated with certificates are -RSA and DSA, and this HOWTO will show how to generate each of them. - - -2. To generate a RSA key - -A RSA key can be used both for encryption and for signing. - -Generating a key for the RSA algorithm is quite easy, all you have to -do is the following: - - openssl genrsa -des3 -out privkey.pem 2048 - -With this variant, you will be prompted for a protecting password. If -you don't want your key to be protected by a password, remove the flag -'-des3' from the command line above. - - NOTE: if you intend to use the key together with a server - certificate, it may be a good thing to avoid protecting it - with a password, since that would mean someone would have to - type in the password every time the server needs to access - the key. - -The number 2048 is the size of the key, in bits. Today, 2048 or -higher is recommended for RSA keys, as fewer amount of bits is -consider insecure or to be insecure pretty soon. - - -3. To generate a DSA key - -A DSA key can be used for signing only. This is important to keep -in mind to know what kind of purposes a certificate request with a -DSA key can really be used for. - -Generating a key for the DSA algorithm is a two-step process. First, -you have to generate parameters from which to generate the key: - - openssl dsaparam -out dsaparam.pem 2048 - -The number 2048 is the size of the key, in bits. Today, 2048 or -higher is recommended for DSA keys, as fewer amount of bits is -consider insecure or to be insecure pretty soon. - -When that is done, you can generate a key using the parameters in -question (actually, several keys can be generated from the same -parameters): - - openssl gendsa -des3 -out privkey.pem dsaparam.pem - -With this variant, you will be prompted for a protecting password. If -you don't want your key to be protected by a password, remove the flag -'-des3' from the command line above. - - NOTE: if you intend to use the key together with a server - certificate, it may be a good thing to avoid protecting it - with a password, since that would mean someone would have to - type in the password every time the server needs to access - the key. - --- -Richard Levitte diff --git a/crypto/openssl/doc/HOWTO/proxy_certificates.txt b/crypto/openssl/doc/HOWTO/proxy_certificates.txt deleted file mode 100644 index 3d36b02f6b..0000000000 --- a/crypto/openssl/doc/HOWTO/proxy_certificates.txt +++ /dev/null @@ -1,322 +0,0 @@ - - HOWTO proxy certificates - -0. WARNING - -NONE OF THE CODE PRESENTED HERE HAVE BEEN CHECKED! They are just an -example to show you how things can be done. There may be typos or -type conflicts, and you will have to resolve them. - -1. Introduction - -Proxy certificates are defined in RFC 3820. They are really usual -certificates with the mandatory extension proxyCertInfo. - -Proxy certificates are issued by an End Entity (typically a user), -either directly with the EE certificate as issuing certificate, or by -extension through an already issued proxy certificate.. They are used -to extend rights to some other entity (a computer process, typically, -or sometimes to the user itself), so it can perform operations in the -name of the owner of the EE certificate. - -See http://www.ietf.org/rfc/rfc3820.txt for more information. - - -2. A warning about proxy certificates - -Noone seems to have tested proxy certificates with security in mind. -Basically, to this date, it seems that proxy certificates have only -been used in a world that's highly aware of them. What would happen -if an unsuspecting application is to validate a chain of certificates -that contains proxy certificates? It would usually consider the leaf -to be the certificate to check for authorisation data, and since proxy -certificates are controlled by the EE certificate owner alone, it's -would be normal to consider what the EE certificate owner could do -with them. - -subjectAltName and issuerAltName are forbidden in proxy certificates, -and this is enforced in OpenSSL. The subject must be the same as the -issuer, with one commonName added on. - -Possible threats are, as far as has been imagined so far: - - - impersonation through commonName (think server certificates). - - use of additional extensions, possibly non-standard ones used in - certain environments, that would grant extra or different - authorisation rights. - -For this reason, OpenSSL requires that the use of proxy certificates -be explicitely allowed. Currently, this can be done using the -following methods: - - - if the application calls X509_verify_cert() itself, it can do the - following prior to that call (ctx is the pointer passed in the call - to X509_verify_cert()): - - X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); - - - in all other cases, proxy certificate validation can be enabled - before starting the application by setting the envirnoment variable - OPENSSL_ALLOW_PROXY with some non-empty value. - -There are thoughts to allow proxy certificates with a line in the -default openssl.cnf, but that's still in the future. - - -3. How to create proxy cerificates - -It's quite easy to create proxy certificates, by taking advantage of -the lack of checks of the 'openssl x509' application (*ahem*). But -first, you need to create a configuration section that contains a -definition of the proxyCertInfo extension, a little like this: - - [ v3_proxy ] - # A proxy certificate MUST NEVER be a CA certificate. - basicConstraints=CA:FALSE - - # Usual authority key ID - authorityKeyIdentifier=keyid,issuer:always - - # Now, for the extension that marks this certificate as a proxy one - proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB - -It's also possible to give the proxy extension in a separate section: - - proxyCertInfo=critical,@proxy_ext - - [ proxy_ext ] - language=id-ppl-anyLanguage - pathlen=0 - policy=text:BC - -The policy value has a specific syntax, {syntag}:{string}, where the -syntag determines what will be done with the string. The recognised -syntags are as follows: - - text indicates that the string is simply the bytes, not - encoded in any kind of way: - - policy=text:räksmörgÃ¥s - - Previous versions of this design had a specific tag - for UTF-8 text. However, since the bytes are copied - as-is anyway, there's no need for it. Instead, use - the text: tag, like this: - - policy=text:räksmörgÃ¥s - - hex indicates the string is encoded in hex, with colons - between each byte (every second hex digit): - - policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73 - - Previous versions of this design had a tag to insert a - complete DER blob. However, the only legal use for - this would be to surround the bytes that would go with - the hex: tag with what's needed to construct a correct - OCTET STRING. Since hex: does that, the DER tag felt - superfluous, and was therefore removed. - - file indicates that the text of the policy should really be - taken from a file. The string is then really a file - name. This is useful for policies that are large - (more than a few of lines) XML documents, for example. - -The 'policy' setting can be split up in multiple lines like this: - - 0.policy=This is - 1.polisy= a multi- - 2.policy=line policy. - -NOTE: the proxy policy value is the part that determines the rights -granted to the process using the proxy certificate. The value is -completely dependent on the application reading and interpretting it! - -Now that you have created an extension section for your proxy -certificate, you can now easily create a proxy certificate like this: - - openssl req -new -config openssl.cnf \ - -out proxy.req -keyout proxy.key - openssl x509 -req -CAcreateserial -in proxy.req -days 7 \ - -out proxy.crt -CA user.crt -CAkey user.key \ - -extfile openssl.cnf -extensions v3_proxy - -It's just as easy to create a proxy certificate using another proxy -certificate as issuer (note that I'm using a different configuration -section for it): - - openssl req -new -config openssl.cnf \ - -out proxy2.req -keyout proxy2.key - openssl x509 -req -CAcreateserial -in proxy2.req -days 7 \ - -out proxy2.crt -CA proxy.crt -CAkey proxy.key \ - -extfile openssl.cnf -extensions v3_proxy2 - - -4. How to have your application interpret the policy? - -The basic way to interpret proxy policies is to prepare some default -rights, then do a check of the proxy certificate against the a chain -of proxy certificates, user certificate and CA certificates, and see -what rights came out by the end. Sounds easy, huh? It almost is. - -The slightly complicated part is how to pass data between your -application and the certificate validation procedure. - -You need the following ingredients: - - - a callback routing that will be called for every certificate that's - validated. It will be called several times for each certificates, - so you must be attentive to when it's a good time to do the proxy - policy interpretation and check, as well as to fill in the defaults - when the EE certificate is checked. - - - a structure of data that's shared between your application code and - the callback. - - - a wrapper function that sets it all up. - - - an ex_data index function that creates an index into the generic - ex_data store that's attached to an X509 validation context. - -This is some cookbook code for you to fill in: - - /* In this example, I will use a view of granted rights as a bit - array, one bit for each possible right. */ - typedef struct your_rights { - unsigned char rights[total_rights / 8]; - } YOUR_RIGHTS; - - /* The following procedure will create an index for the ex_data - store in the X509 validation context the first time it's called. - Subsequent calls will return the same index. */ - static int get_proxy_auth_ex_data_idx(void) - { - static volatile int idx = -1; - if (idx < 0) - { - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - if (idx < 0) - { - idx = X509_STORE_CTX_get_ex_new_index(0, - "for verify callback", - NULL,NULL,NULL); - } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - } - return idx; - } - - /* Callback to be given to the X509 validation procedure. */ - static int verify_callback(int ok, X509_STORE_CTX *ctx) - { - if (ok == 1) /* It's REALLY important you keep the proxy policy - check within this secion. It's important to know - that when ok is 1, the certificates are checked - from top to bottom. You get the CA root first, - followed by the possible chain of intermediate - CAs, followed by the EE certificate, followed by - the possible proxy certificates. */ - { - X509 *xs = ctx->current_cert; - - if (xs->ex_flags & EXFLAG_PROXY) - { - YOUR_RIGHTS *rights = - (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx, - get_proxy_auth_ex_data_idx()); - PROXY_CERT_INFO_EXTENSION *pci = - X509_get_ext_d2i(xs, NID_proxyCertInfo, NULL, NULL); - - switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) - { - case NID_Independent: - /* Do whatever you need to grant explicit rights to - this particular proxy certificate, usually by - pulling them from some database. If there are none - to be found, clear all rights (making this and any - subsequent proxy certificate void of any rights). - */ - memset(rights->rights, 0, sizeof(rights->rights)); - break; - case NID_id_ppl_inheritAll: - /* This is basically a NOP, we simply let the current - rights stand as they are. */ - break; - default: - /* This is usually the most complex section of code. - You really do whatever you want as long as you - follow RFC 3820. In the example we use here, the - simplest thing to do is to build another, temporary - bit array and fill it with the rights granted by - the current proxy certificate, then use it as a - mask on the accumulated rights bit array, and - voilà, you now have a new accumulated rights bit - array. */ - { - int i; - YOUR_RIGHTS tmp_rights; - memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights)); - - /* process_rights() is supposed to be a procedure - that takes a string and it's length, interprets - it and sets the bits in the YOUR_RIGHTS pointed - at by the third argument. */ - process_rights((char *) pci->proxyPolicy->policy->data, - pci->proxyPolicy->policy->length, - &tmp_rights); - - for(i = 0; i < total_rights / 8; i++) - rights->rights[i] &= tmp_rights.rights[i]; - } - break; - } - PROXY_CERT_INFO_EXTENSION_free(pci); - } - else if (!(xs->ex_flags & EXFLAG_CA)) - { - /* We have a EE certificate, let's use it to set default! - */ - YOUR_RIGHTS *rights = - (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx, - get_proxy_auth_ex_data_idx()); - - /* The following procedure finds out what rights the owner - of the current certificate has, and sets them in the - YOUR_RIGHTS structure pointed at by the second - argument. */ - set_default_rights(xs, rights); - } - } - return ok; - } - - static int my_X509_verify_cert(X509_STORE_CTX *ctx, - YOUR_RIGHTS *needed_rights) - { - int i; - int (*save_verify_cb)(int ok,X509_STORE_CTX *ctx) = ctx->verify_cb; - YOUR_RIGHTS rights; - - X509_STORE_CTX_set_verify_cb(ctx, verify_callback); - X509_STORE_CTX_set_ex_data(ctx, get_proxy_auth_ex_data_idx(), &rights); - X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); - ok = X509_verify_cert(ctx); - - if (ok == 1) - { - ok = check_needed_rights(rights, needed_rights); - } - - X509_STORE_CTX_set_verify_cb(ctx, save_verify_cb); - - return ok; - } - -If you use SSL or TLS, you can easily set up a callback to have the -certificates checked properly, using the code above: - - SSL_CTX_set_cert_verify_callback(s_ctx, my_X509_verify_cert, &needed_rights); - - --- -Richard Levitte diff --git a/crypto/openssl/doc/README b/crypto/openssl/doc/README deleted file mode 100644 index 6ecc14d994..0000000000 --- a/crypto/openssl/doc/README +++ /dev/null @@ -1,12 +0,0 @@ - - apps/openssl.pod .... Documentation of OpenSSL `openssl' command - crypto/crypto.pod ... Documentation of OpenSSL crypto.h+libcrypto.a - ssl/ssl.pod ......... Documentation of OpenSSL ssl.h+libssl.a - openssl.txt ......... Assembled documentation files for OpenSSL [not final] - ssleay.txt .......... Assembled documentation of ancestor SSLeay [obsolete] - standards.txt ....... Assembled pointers to standards, RFCs or internet drafts - that are related to OpenSSL. - - An archive of HTML documents for the SSLeay library is available from - http://www.columbia.edu/~ariel/ssleay/ - diff --git a/crypto/openssl/doc/apps/CA.pl.pod b/crypto/openssl/doc/apps/CA.pl.pod new file mode 100644 index 0000000000..ed69952f37 --- /dev/null +++ b/crypto/openssl/doc/apps/CA.pl.pod @@ -0,0 +1,179 @@ + +=pod + +=head1 NAME + +CA.pl - friendlier interface for OpenSSL certificate programs + +=head1 SYNOPSIS + +B +[B<-?>] +[B<-h>] +[B<-help>] +[B<-newcert>] +[B<-newreq>] +[B<-newreq-nodes>] +[B<-newca>] +[B<-xsign>] +[B<-sign>] +[B<-signreq>] +[B<-signcert>] +[B<-verify>] +[B] + +=head1 DESCRIPTION + +The B script is a perl script that supplies the relevant command line +arguments to the B command for some common certificate operations. +It is intended to simplify the process of certificate creation and management +by the use of some simple options. + +=head1 COMMAND OPTIONS + +=over 4 + +=item B, B<-h>, B<-help> + +prints a usage message. + +=item B<-newcert> + +creates a new self signed certificate. The private key and certificate are +written to the file "newreq.pem". + +=item B<-newreq> + +creates a new certificate request. The private key and request are +written to the file "newreq.pem". + +=item B<-newreq-nodes> + +is like B<-newreq> except that the private key will not be encrypted. + +=item B<-newca> + +creates a new CA hierarchy for use with the B program (or the B<-signcert> +and B<-xsign> options). The user is prompted to enter the filename of the CA +certificates (which should also contain the private key) or by hitting ENTER +details of the CA will be prompted for. The relevant files and directories +are created in a directory called "demoCA" in the current directory. + +=item B<-pkcs12> + +create a PKCS#12 file containing the user certificate, private key and CA +certificate. It expects the user certificate and private key to be in the +file "newcert.pem" and the CA certificate to be in the file demoCA/cacert.pem, +it creates a file "newcert.p12". This command can thus be called after the +B<-sign> option. The PKCS#12 file can be imported directly into a browser. +If there is an additional argument on the command line it will be used as the +"friendly name" for the certificate (which is typically displayed in the browser +list box), otherwise the name "My Certificate" is used. + +=item B<-sign>, B<-signreq>, B<-xsign> + +calls the B program to sign a certificate request. It expects the request +to be in the file "newreq.pem". The new certificate is written to the file +"newcert.pem" except in the case of the B<-xsign> option when it is written +to standard output. + + +=item B<-signCA> + +this option is the same as the B<-signreq> option except it uses the configuration +file section B and so makes the signed request a valid CA certificate. This +is useful when creating intermediate CA from a root CA. + +=item B<-signcert> + +this option is the same as B<-sign> except it expects a self signed certificate +to be present in the file "newreq.pem". + +=item B<-verify> + +verifies certificates against the CA certificate for "demoCA". If no certificates +are specified on the command line it tries to verify the file "newcert.pem". + +=item B + +one or more optional certificate file names for use with the B<-verify> command. + +=back + +=head1 EXAMPLES + +Create a CA hierarchy: + + CA.pl -newca + +Complete certificate creation example: create a CA, create a request, sign +the request and finally create a PKCS#12 file containing it. + + CA.pl -newca + CA.pl -newreq + CA.pl -signreq + CA.pl -pkcs12 "My Test Certificate" + +=head1 DSA CERTIFICATES + +Although the B creates RSA CAs and requests it is still possible to +use it with DSA certificates and requests using the L command +directly. The following example shows the steps that would typically be taken. + +Create some DSA parameters: + + openssl dsaparam -out dsap.pem 1024 + +Create a DSA CA certificate and private key: + + openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem + +Create the CA directories and files: + + CA.pl -newca + +enter cacert.pem when prompted for the CA file name. + +Create a DSA certificate request and private key (a different set of parameters +can optionally be created first): + + openssl req -out newreq.pem -newkey dsa:dsap.pem + +Sign the request: + + CA.pl -signreq + +=head1 NOTES + +Most of the filenames mentioned can be modified by editing the B script. + +If the demoCA directory already exists then the B<-newca> command will not +overwrite it and will do nothing. This can happen if a previous call using +the B<-newca> option terminated abnormally. To get the correct behaviour +delete the demoCA directory if it already exists. + +Under some environments it may not be possible to run the B script +directly (for example Win32) and the default configuration file location may +be wrong. In this case the command: + + perl -S CA.pl + +can be used and the B environment variable changed to point to +the correct path of the configuration file "openssl.cnf". + +The script is intended as a simple front end for the B program for use +by a beginner. Its behaviour isn't always what is wanted. For more control over the +behaviour of the certificate commands call the B command directly. + +=head1 ENVIRONMENT VARIABLES + +The variable B if defined allows an alternative configuration +file location to be specified, it should contain the full path to the +configuration file, not just its directory. + +=head1 SEE ALSO + +L, L, L, L, +L + +=cut diff --git a/crypto/openssl/doc/apps/asn1parse.pod b/crypto/openssl/doc/apps/asn1parse.pod new file mode 100644 index 0000000000..542d969066 --- /dev/null +++ b/crypto/openssl/doc/apps/asn1parse.pod @@ -0,0 +1,171 @@ +=pod + +=head1 NAME + +asn1parse - ASN.1 parsing tool + +=head1 SYNOPSIS + +B B +[B<-inform PEM|DER>] +[B<-in filename>] +[B<-out filename>] +[B<-noout>] +[B<-offset number>] +[B<-length number>] +[B<-i>] +[B<-oid filename>] +[B<-strparse offset>] +[B<-genstr string>] +[B<-genconf file>] + +=head1 DESCRIPTION + +The B command is a diagnostic utility that can parse ASN.1 +structures. It can also be used to extract data from ASN.1 formatted data. + +=head1 OPTIONS + +=over 4 + +=item B<-inform> B + +the input format. B is binary format and B (the default) is base64 +encoded. + +=item B<-in filename> + +the input file, default is standard input + +=item B<-out filename> + +output file to place the DER encoded data into. If this +option is not present then no data will be output. This is most useful when +combined with the B<-strparse> option. + +=item B<-noout> + +don't output the parsed version of the input file. + +=item B<-offset number> + +starting offset to begin parsing, default is start of file. + +=item B<-length number> + +number of bytes to parse, default is until end of file. + +=item B<-i> + +indents the output according to the "depth" of the structures. + +=item B<-oid filename> + +a file containing additional OBJECT IDENTIFIERs (OIDs). The format of this +file is described in the NOTES section below. + +=item B<-strparse offset> + +parse the contents octets of the ASN.1 object starting at B. This +option can be used multiple times to "drill down" into a nested structure. + +=item B<-genstr string>, B<-genconf file> + +generate encoded data based on B, B or both using +ASN1_generate_nconf() format. If B only is present then the string +is obtained from the default section using the name B. The encoded +data is passed through the ASN1 parser and printed out as though it came +from a file, the contents can thus be examined and written to a file +using the B option. + +=back + +=head2 OUTPUT + +The output will typically contain lines like this: + + 0:d=0 hl=4 l= 681 cons: SEQUENCE + +..... + + 229:d=3 hl=3 l= 141 prim: BIT STRING + 373:d=2 hl=3 l= 162 cons: cont [ 3 ] + 376:d=3 hl=3 l= 159 cons: SEQUENCE + 379:d=4 hl=2 l= 29 cons: SEQUENCE + 381:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier + 386:d=5 hl=2 l= 22 prim: OCTET STRING + 410:d=4 hl=2 l= 112 cons: SEQUENCE + 412:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier + 417:d=5 hl=2 l= 105 prim: OCTET STRING + 524:d=4 hl=2 l= 12 cons: SEQUENCE + +..... + +This example is part of a self signed certificate. Each line starts with the +offset in decimal. B specifies the current depth. The depth is increased +within the scope of any SET or SEQUENCE. B gives the header length +(tag and length octets) of the current type. B gives the length of +the contents octets. + +The B<-i> option can be used to make the output more readable. + +Some knowledge of the ASN.1 structure is needed to interpret the output. + +In this example the BIT STRING at offset 229 is the certificate public key. +The contents octets of this will contain the public key information. This can +be examined using the option B<-strparse 229> to yield: + + 0:d=0 hl=3 l= 137 cons: SEQUENCE + 3:d=1 hl=3 l= 129 prim: INTEGER :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897 + 135:d=1 hl=2 l= 3 prim: INTEGER :010001 + +=head1 NOTES + +If an OID is not part of OpenSSL's internal table it will be represented in +numerical form (for example 1.2.3.4). The file passed to the B<-oid> option +allows additional OIDs to be included. Each line consists of three columns, +the first column is the OID in numerical format and should be followed by white +space. The second column is the "short name" which is a single word followed +by white space. The final column is the rest of the line and is the +"long name". B displays the long name. Example: + +C<1.2.3.4 shortName A long name> + +=head1 EXAMPLES + +Parse a file: + + openssl asn1parse -in file.pem + +Parse a DER file: + + openssl asn1parse -inform DER -in file.der + +Generate a simple UTF8String: + + openssl asn1parse -genstr 'UTF8:Hello World' + +Generate and write out a UTF8String, don't print parsed output: + + openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der + +Generate using a config file: + + openssl asn1parse -genconf asn1.cnf -noout -out asn1.der + +Example config file: + + asn1=SEQUENCE:seq_sect + + [seq_sect] + + field1=BOOL:TRUE + field2=EXP:0, UTF8:some random string + + +=head1 BUGS + +There should be options to change the format of output lines. The output of some +ASN.1 types is not well handled (if at all). + +=cut diff --git a/crypto/openssl/doc/apps/ca.pod b/crypto/openssl/doc/apps/ca.pod new file mode 100644 index 0000000000..5618c2dc9d --- /dev/null +++ b/crypto/openssl/doc/apps/ca.pod @@ -0,0 +1,671 @@ + +=pod + +=head1 NAME + +ca - sample minimal CA application + +=head1 SYNOPSIS + +B B +[B<-verbose>] +[B<-config filename>] +[B<-name section>] +[B<-gencrl>] +[B<-revoke file>] +[B<-crl_reason reason>] +[B<-crl_hold instruction>] +[B<-crl_compromise time>] +[B<-crl_CA_compromise time>] +[B<-crldays days>] +[B<-crlhours hours>] +[B<-crlexts section>] +[B<-startdate date>] +[B<-enddate date>] +[B<-days arg>] +[B<-md arg>] +[B<-policy arg>] +[B<-keyfile arg>] +[B<-key arg>] +[B<-passin arg>] +[B<-cert file>] +[B<-selfsign>] +[B<-in file>] +[B<-out file>] +[B<-notext>] +[B<-outdir dir>] +[B<-infiles>] +[B<-spkac file>] +[B<-ss_cert file>] +[B<-preserveDN>] +[B<-noemailDN>] +[B<-batch>] +[B<-msie_hack>] +[B<-extensions section>] +[B<-extfile section>] +[B<-engine id>] +[B<-subj arg>] +[B<-utf8>] +[B<-multivalue-rdn>] + +=head1 DESCRIPTION + +The B command is a minimal CA application. It can be used +to sign certificate requests in a variety of forms and generate +CRLs it also maintains a text database of issued certificates +and their status. + +The options descriptions will be divided into each purpose. + +=head1 CA OPTIONS + +=over 4 + +=item B<-config filename> + +specifies the configuration file to use. + +=item B<-name section> + +specifies the configuration file section to use (overrides +B in the B section). + +=item B<-in filename> + +an input filename containing a single certificate request to be +signed by the CA. + +=item B<-ss_cert filename> + +a single self signed certificate to be signed by the CA. + +=item B<-spkac filename> + +a file containing a single Netscape signed public key and challenge +and additional field values to be signed by the CA. See the B +section for information on the required format. + +=item B<-infiles> + +if present this should be the last option, all subsequent arguments +are assumed to the the names of files containing certificate requests. + +=item B<-out filename> + +the output file to output certificates to. The default is standard +output. The certificate details will also be printed out to this +file. + +=item B<-outdir directory> + +the directory to output certificates to. The certificate will be +written to a filename consisting of the serial number in hex with +".pem" appended. + +=item B<-cert> + +the CA certificate file. + +=item B<-keyfile filename> + +the private key to sign requests with. + +=item B<-key password> + +the password used to encrypt the private key. Since on some +systems the command line arguments are visible (e.g. Unix with +the 'ps' utility) this option should be used with caution. + +=item B<-selfsign> + +indicates the issued certificates are to be signed with the key +the certificate requests were signed with (given with B<-keyfile>). +Cerificate requests signed with a different key are ignored. If +B<-spkac>, B<-ss_cert> or B<-gencrl> are given, B<-selfsign> is +ignored. + +A consequence of using B<-selfsign> is that the self-signed +certificate appears among the entries in the certificate database +(see the configuration option B), and uses the same +serial number counter as all other certificates sign with the +self-signed certificate. + +=item B<-passin arg> + +the key password source. For more information about the format of B +see the B section in L. + +=item B<-verbose> + +this prints extra details about the operations being performed. + +=item B<-notext> + +don't output the text form of a certificate to the output file. + +=item B<-startdate date> + +this allows the start date to be explicitly set. The format of the +date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure). + +=item B<-enddate date> + +this allows the expiry date to be explicitly set. The format of the +date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure). + +=item B<-days arg> + +the number of days to certify the certificate for. + +=item B<-md alg> + +the message digest to use. Possible values include md5, sha1 and mdc2. +This option also applies to CRLs. + +=item B<-policy arg> + +this option defines the CA "policy" to use. This is a section in +the configuration file which decides which fields should be mandatory +or match the CA certificate. Check out the B section +for more information. + +=item B<-msie_hack> + +this is a legacy option to make B work with very old versions of +the IE certificate enrollment control "certenr3". It used UniversalStrings +for almost everything. Since the old control has various security bugs +its use is strongly discouraged. The newer control "Xenroll" does not +need this option. + +=item B<-preserveDN> + +Normally the DN order of a certificate is the same as the order of the +fields in the relevant policy section. When this option is set the order +is the same as the request. This is largely for compatibility with the +older IE enrollment control which would only accept certificates if their +DNs match the order of the request. This is not needed for Xenroll. + +=item B<-noemailDN> + +The DN of a certificate can contain the EMAIL field if present in the +request DN, however it is good policy just having the e-mail set into +the altName extension of the certificate. When this option is set the +EMAIL field is removed from the certificate' subject and set only in +the, eventually present, extensions. The B keyword can be +used in the configuration file to enable this behaviour. + +=item B<-batch> + +this sets the batch mode. In this mode no questions will be asked +and all certificates will be certified automatically. + +=item B<-extensions section> + +the section of the configuration file containing certificate extensions +to be added when a certificate is issued (defaults to B +unless the B<-extfile> option is used). If no extension section is +present then, a V1 certificate is created. If the extension section +is present (even if it is empty), then a V3 certificate is created. + +=item B<-extfile file> + +an additional configuration file to read certificate extensions from +(using the default section unless the B<-extensions> option is also +used). + +=item B<-engine id> + +specifying an engine (by it's unique B string) will cause B +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. + +=item B<-subj arg> + +supersedes subject name given in the request. +The arg must be formatted as I, +characters may be escaped by \ (backslash), no spaces are skipped. + +=item B<-utf8> + +this option causes field values to be interpreted as UTF8 strings, by +default they are interpreted as ASCII. This means that the field +values, whether prompted from a terminal or obtained from a +configuration file, must be valid UTF8 strings. + +=item B<-multivalue-rdn> + +this option causes the -subj argument to be interpretedt with full +support for multivalued RDNs. Example: + +I + +If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>. + +=back + +=head1 CRL OPTIONS + +=over 4 + +=item B<-gencrl> + +this option generates a CRL based on information in the index file. + +=item B<-crldays num> + +the number of days before the next CRL is due. That is the days from +now to place in the CRL nextUpdate field. + +=item B<-crlhours num> + +the number of hours before the next CRL is due. + +=item B<-revoke filename> + +a filename containing a certificate to revoke. + +=item B<-crl_reason reason> + +revocation reason, where B is one of: B, B, +B, B, B, B, +B or B. The matching of B is case +insensitive. Setting any revocation reason will make the CRL v2. + +In practive B is not particularly useful because it is only used +in delta CRLs which are not currently implemented. + +=item B<-crl_hold instruction> + +This sets the CRL revocation reason code to B and the hold +instruction to B which must be an OID. Although any OID can be +used only B (the use of which is discouraged by RFC2459) +B or B will normally be used. + +=item B<-crl_compromise time> + +This sets the revocation reason to B and the compromise time to +B