Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import OpenSSL 1.0.1 stable of 20110605:

Browse Source 
this is sort of a sidegrade onto the release branch. Changes against the
last version imported:

*) Backport libcrypto audit of return value checking from HEAD, not
   all cases can be covered as some introduce binary incompatibilities.
   [Steve Henson]

*) Redirect RSA operations to FIPS module including keygen,
   encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
   [Steve Henson]

*) Add similar low level API blocking to ciphers.
   [Steve Henson]

*) Low level digest APIs are not approved in FIPS mode: any attempt
   to use these will cause a fatal error. Applications that *really* want
   to use them can use the private_* version instead.
   [Steve Henson]

*) Redirect cipher operations to FIPS module for FIPS builds.
   [Steve Henson]

*) Redirect digest operations to FIPS module for FIPS builds.
   [Steve Henson]

*) Update build system to add "fips" flag which will link in fipscanister.o
   for static and shared library builds embedding a signature if needed.
   [Steve Henson]

*) Output TLS supported curves in preference order instead of numerical
   order. This is currently hardcoded for the highest order curves first.
   This should be configurable so applications can judge speed vs strength.
   [Steve Henson]

*) Add protection against ECDSA timing attacks as mentioned in the paper
   by Billy Bob Brumley and Nicola Tuveri, see:

      http://eprint.iacr.org/2011/232.pdf

   [Billy Bob Brumley and Nicola Tuveri]

*) Add TLS v1.2 server support for client authentication.
   [Steve Henson]

*) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
   and enable MD5.
   [Steve Henson]

*) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
   FIPS modules versions.
   [Steve Henson]

*) Add TLS v1.2 client side support for client authentication. Keep cache
   of handshake records longer as we don't know the hash algorithm to use
   until after the certificate request message is received.
   [Steve Henson]

*) Initial TLS v1.2 client support. Add a default signature algorithms
   extension including all the algorithms we support. Parse new signature
   format in client key exchange. Relax some ECC signing restrictions for
   TLS v1.2 as indicated in RFC5246.
   [Steve Henson]

*) Add server support for TLS v1.2 signature algorithms extension. Switch
   to new signature format when needed using client digest preference.
   All server ciphersuites should now work correctly in TLS v1.2. No client
   support yet and no support for client certificates.
   [Steve Henson]

*) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
   to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
   ciphersuites. At present only RSA key exchange ciphersuites work with
   TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
   SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
   and version checking.
   [Steve Henson]

*) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
   with this defined it will not be affected by any changes to ssl internal
   structures. Add several utility functions to allow openssl application
   to work with OPENSSL_NO_SSL_INTERN defined.
   [Steve Henson]

*) Add SRP support.
   [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]

*) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
   [Steve Henson]

*) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
   elliptic curve NIST-P224 with constant-time single point multiplication on
   typical inputs.  EC_GROUP_new_by_curve_name() will automatically use this
   (while EC_GROUP_new_curve_GFp() currently won't and prefers the more
   flexible implementations).

   The implementation requires support for the nonstandard type __uint128_t,
   and so is disabled by default.  To include this in your build of OpenSSL,
   use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
   and run "make depend" (or "make update").
   [Emilia K<E4>sper <emilia.kasper@esat.kuleuven.be> (Google)]

*) Permit abbreviated handshakes when renegotiating using the function
   SSL_renegotiate_abbreviated().
   [Robin Seggelmann <seggelmann@fh-muenster.de>]

*) Add call to ENGINE_register_all_complete() to
   ENGINE_load_builtin_engines(), so some implementations get used
   automatically instead of needing explicit application support.
   [Steve Henson]

*) Add support for TLS key exporter as described in RFC5705.
   [Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
This commit is contained in:
spz 2011-06-05 14:55:58 +00:00
parent 33c7476cb2
commit 4e3dcb232d
443 changed files with 18107 additions and 5351 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
crypto/external/bsd/openssl/dist/ACKNOWLEDGMENTS vendored Normal file
View File

@ -0,0 +1,25 @@
The OpenSSL project depends on volunteer efforts and financial support from
the end user community. That support comes in the form of donations and paid
sponsorships, software support contracts, paid consulting services
and commissioned software development.
Since all these activities support the continued development and improvement
of OpenSSL we consider all these clients and customers as sponsors of the
OpenSSL project.
We would like to identify and thank the following such sponsors for their past
or current significant support of the OpenSSL project:
Very significant support:
OpenGear: www.opengear.com
Significant support:
PSW Group: www.psw.net
Please note that we ask permission to identify sponsors and that some sponsors
we consider eligible for inclusion here have requested to remain anonymous.
Additional sponsorship or financial support is always welcome: for more
information please contact the OpenSSL Software Foundation.

326
crypto/external/bsd/openssl/dist/CHANGES vendored
View File

@ -2,7 +2,117 @@
OpenSSL CHANGES
_______________
Changes between 1.0.0 and 1.1.0 [xx XXX xxxx]
Changes between 1.0.0d and 1.0.1 [xx XXX xxxx]
*) Backport libcrypto audit of return value checking from HEAD, not
all cases can be covered as some introduce binary incompatibilities.
[Steve Henson]
*) Redirect RSA operations to FIPS module including keygen,
encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
[Steve Henson]
*) Add similar low level API blocking to ciphers.
[Steve Henson]
*) Low level digest APIs are not approved in FIPS mode: any attempt
to use these will cause a fatal error. Applications that *really* want
to use them can use the private_* version instead.
[Steve Henson]
*) Redirect cipher operations to FIPS module for FIPS builds.
[Steve Henson]
*) Redirect digest operations to FIPS module for FIPS builds.
[Steve Henson]
*) Update build system to add "fips" flag which will link in fipscanister.o
for static and shared library builds embedding a signature if needed.
[Steve Henson]
*) Output TLS supported curves in preference order instead of numerical
order. This is currently hardcoded for the highest order curves first.
This should be configurable so applications can judge speed vs strength.
[Steve Henson]
*) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
http://eprint.iacr.org/2011/232.pdf
[Billy Bob Brumley and Nicola Tuveri]
*) Add TLS v1.2 server support for client authentication.
[Steve Henson]
*) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
and enable MD5.
[Steve Henson]
*) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
FIPS modules versions.
[Steve Henson]
*) Add TLS v1.2 client side support for client authentication. Keep cache
of handshake records longer as we don't know the hash algorithm to use
until after the certificate request message is received.
[Steve Henson]
*) Initial TLS v1.2 client support. Add a default signature algorithms
extension including all the algorithms we support. Parse new signature
format in client key exchange. Relax some ECC signing restrictions for
TLS v1.2 as indicated in RFC5246.
[Steve Henson]
*) Add server support for TLS v1.2 signature algorithms extension. Switch
to new signature format when needed using client digest preference.
All server ciphersuites should now work correctly in TLS v1.2. No client
support yet and no support for client certificates.
[Steve Henson]
*) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
ciphersuites. At present only RSA key exchange ciphersuites work with
TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
and version checking.
[Steve Henson]
*) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
with this defined it will not be affected by any changes to ssl internal
structures. Add several utility functions to allow openssl application
to work with OPENSSL_NO_SSL_INTERN defined.
[Steve Henson]
*) Add SRP support.
[Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
*) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
[Steve Henson]
*) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for
elliptic curve NIST-P224 with constant-time single point multiplication on
typical inputs. EC_GROUP_new_by_curve_name() will automatically use this
(while EC_GROUP_new_curve_GFp() currently won't and prefers the more
flexible implementations).
The implementation requires support for the nonstandard type __uint128_t,
and so is disabled by default. To include this in your build of OpenSSL,
use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,
and run "make depend" (or "make update").
[Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
*) Permit abbreviated handshakes when renegotiating using the function
SSL_renegotiate_abbreviated().
[Robin Seggelmann <seggelmann@fh-muenster.de>]
*) Add call to ENGINE_register_all_complete() to
ENGINE_load_builtin_engines(), so some implementations get used
automatically instead of needing explicit application support.
[Steve Henson]
*) Add support for TLS key exporter as described in RFC5705.
[Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
*) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
a few changes are required:
@ -14,34 +124,63 @@
Add command line options to s_client/s_server.
[Steve Henson]
*) Experiemental password based recipient info support for CMS library:
implementing RFC3211.
Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
*) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
[Neel Mehta, Adam Langley, Bodo Moeller (Google)]
*) Fix bug in string printing code: if *any* escaping is enabled we must
escape the escape character (backslash) or the resulting string is
ambiguous.
[Steve Henson]
*) Split password based encryption into PBES2 and PBKDF2 functions. This
neatly separates the code into cipher and PBE sections and is required
for some algorithms that split PBES2 into separate pieces (such as
password based CMS).
Changes between 1.0.0b and 1.0.0c [2 Dec 2010]
*) Disable code workaround for ancient and obsolete Netscape browsers
and servers: an attacker can use it in a ciphersuite downgrade attack.
Thanks to Martin Rex for discovering this bug. CVE-2010-4180
[Steve Henson]
*) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
return value is ignored. NB. The functions RAND_add(), RAND_seed(),
BIO_set_cipher() and some obscure PEM functions were changed so they
can now return an error. The RAND changes required a change to the
RAND_METHOD structure.
*) Fixed J-PAKE implementation error, originally discovered by
Sebastien Martini, further info and confirmation from Stefan
Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
[Ben Laurie]
Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
[Steve Henson]
*) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
a gcc attribute to warn if the result of a function is ignored. This
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
whose return value is often ignored.
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
Changes between 0.9.8m (?) and 1.0.0 [xx XXX xxxx]
Changes between 1.0.0 and 1.0.0a [01 Jun 2010]
*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
change when encrypting or decrypting.
[Bodo Moeller]
*) Check return value of int_rsa_verify in pkey_rsa_verifyrecover
(CVE-2010-1633)
[Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
Changes between 0.9.8n and 1.0.0 [29 Mar 2010]
*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
context. The operation can be customised via the ctrl mechanism in
case ENGINEs want to include additional functionality.
[Steve Henson]
*) Tolerate yet another broken PKCS#8 key format: private key value negative.
[Steve Henson]
*) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
output hashes compatible with older versions of OpenSSL.
[Willy Weisz <weisz@vcpc.univie.ac.at>]
*) Fix compression algorithm handling: if resuming a session use the
compression algorithm of the resumed session instead of determining
it from client hello again. Don't allow server to change algorithm.
[Steve Henson]
*) Add load_crls() function to apps tidying load_certs() too. Add option
to verify utility to allow additional CRLs to be included.
@ -864,11 +1003,131 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
Changes between 0.9.8q and 0.9.8r [8 Feb 2011]
Changes between 0.9.8l (?) and 0.9.8m (?) [xx XXX xxxx]
*) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
[Neel Mehta, Adam Langley, Bodo Moeller (Google)]
*) Fix bug in string printing code: if *any* escaping is enabled we must
escape the escape character (backslash) or the resulting string is
ambiguous.
[Steve Henson]
Changes between 0.9.8p and 0.9.8q [2 Dec 2010]
*) Disable code workaround for ancient and obsolete Netscape browsers
and servers: an attacker can use it in a ciphersuite downgrade attack.
Thanks to Martin Rex for discovering this bug. CVE-2010-4180
[Steve Henson]
*) Fixed J-PAKE implementation error, originally discovered by
Sebastien Martini, further info and confirmation from Stefan
Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
[Ben Laurie]
Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
[Steve Henson]
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
*) Don't reencode certificate when calculating signature: cache and use
the original encoding instead. This makes signature verification of
some broken encodings work correctly.
[Steve Henson]
*) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
is also one of the inputs.
[Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
*) Don't repeatedly append PBE algorithms to table if they already exist.
Sort table on each new add. This effectively makes the table read only
after all algorithms are added and subsequent calls to PKCS12_pbe_add
etc are non-op.
[Steve Henson]
Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
[NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
OpenSSL 1.0.0.]
*) Correct a typo in the CMS ASN1 module which can result in invalid memory
access or freeing data twice (CVE-2010-0742)
[Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
*) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
common in certificates and some applications which only call
SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
[Steve Henson]
*) VMS fixes:
Reduce copying into .apps and .test in makevms.com
Don't try to use blank CA certificate in CA.com
Allow use of C files from original directories in maketests.com
[Steven M. Schweda" <sms@antinode.info>]
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
update s->server with a new major version number. As of
- OpenSSL 0.9.8m if 'short' is a 16-bit type,
- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
the previous behavior could result in a read attempt at NULL when
receiving specific incorrect SSL/TLS records once record payload
protection is active. (CVE-2010-0740)
[Bodo Moeller, Adam Langley <agl@chromium.org>]
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]
Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
*) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
[Martin Olsson, Neel Mehta]
*) Fix X509_STORE locking: Every 'objs' access requires a lock (to
accommodate for stack sorting, always a write lock!).
[Bodo Moeller]
*) On some versions of WIN32 Heap32Next is very slow. This can cause
excessive delays in the RAND_poll(): over a minute. As a workaround
include a time check in the inner Heap32Next loop too.
[Steve Henson]
*) The code that handled flushing of data in SSL/TLS originally used the
BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
the problem outlined in PR#1949. The fix suggested there however can
trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
of Apache). So instead simplify the code to flush unconditionally.
This should be fine since flushing with no data to flush is a no op.
[Steve Henson]
*) Handle TLS versions 2.0 and later properly and correctly use the
highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
off ancient servers have a habit of sticking around for a while...
[Steve Henson]
*) Modify compression code so it frees up structures without using the
ex_data callbacks. This works around a problem where some applications
call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
restarting) then use compression (e.g. SSL with compression) later.
This results in significant per-connection memory leaks and
has caused some security issues including CVE-2008-1678 and
CVE-2009-4355.
[Steve Henson]
*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
change when encrypting or decrypting.
[Bodo Moeller]
*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
connect (but not renegotiate) with servers which do not support RI.
connect and renegotiate with servers which do not support RI.
Until RI is more widely deployed this option is enabled by default.
[Steve Henson]
@ -876,14 +1135,14 @@
[Steve Henson]
*) If client attempts to renegotiate and doesn't support RI respond with
a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
Some renegotiating TLS clients will continue a connection gracefully
when they receive the alert. Unfortunately OpenSSL mishandled
this alert and would hang waiting for a server hello which it will never
receive. Now we treat a received no_renegotiation alert as a fatal
error. This is because applications requesting a renegotiation might well
expect it to succeed and would have no code in place to handle the server
denying it so the only safe thing to do is to terminate the connection.
a no_renegotiation alert as required by RFC5746. Some renegotiating
TLS clients will continue a connection gracefully when they receive
the alert. Unfortunately OpenSSL mishandled this alert and would hang
waiting for a server hello which it will never receive. Now we treat a
received no_renegotiation alert as a fatal error. This is because
applications requesting a renegotiation might well expect it to succeed
and would have no code in place to handle the server denying it so the
only safe thing to do is to terminate the connection.
[Steve Henson]
*) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
@ -895,10 +1154,9 @@
the updated NID creation version. This should correctly handle UTF8.
[Steve Henson]
*) Implement draft-ietf-tls-renegotiation. Re-enable
renegotiation but require the extension as needed. Unfortunately,
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION turns out to be a
bad idea. It has been replaced by
*) Implement RFC5746. Re-enable renegotiation but require the extension
as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
turns out to be a bad idea. It has been replaced by
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
SSL_CTX_set_options(). This is really not recommended unless you
know what you are doing.

95
crypto/external/bsd/openssl/dist/Configure vendored
View File

@ -123,17 +123,17 @@ my $tlib="-lnsl -lsocket";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes-586.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o";
my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes-586.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o";
my $x86_elf_asm="$x86_asm:elf";
my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o aesni-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o";
my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o";
my $ia64_asm="ia64cpuid.o:bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::void";
my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::void";
my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::void";
my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::::::::void";
my $mips3_asm=":bn-mips3.o::::::::::::void";
my $s390x_asm="s390xcpuid.o:bn-s390x.o s390x-mont.o::aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::void";
my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o::aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::void";
my $armv4_asm=":bn_asm.o armv4-mont.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::void";
my $ppc32_asm="ppccpuid.o:bn-ppc.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::";
my $ppc64_asm="ppccpuid.o:bn-ppc.o ppc-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::";
@ -163,10 +163,10 @@ my %table=(
# Our development configs
"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG_UNUSED -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-debug", "gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe::(unknown)::::::",
"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
@ -188,7 +188,7 @@ my %table=(
"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-linux-x86_64", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@ -491,7 +491,9 @@ my %table=(
#
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o aesni-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
@ -503,7 +505,7 @@ my %table=(
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
# MinGW
"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DOPENSSL_NO_CAPIENG -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-lws2_32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
# compiled with one compiler with application compiled with another
# compiler. It's possible to engage Applink support in mingw64 build,
@ -511,7 +513,7 @@ my %table=(
# handling, one can't seriously consider its binaries for using with
# non-mingw64 run-time environment. And as mingw64 is always consistent
# with itself, Applink is never engaged and can as well be omitted.
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE:::MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
@ -547,7 +549,7 @@ my %table=(
##### MacOS X (a.k.a. Rhapsody or Darwin) setup
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
@ -583,6 +585,7 @@ my %table=(
);
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
debug-VC-WIN64I debug-VC-WIN64A
VC-NT VC-CE VC-WIN32 debug-VC-WIN32
BC-32
netware-clib netware-clib-bsdsock
@ -625,6 +628,9 @@ my $openssldir="";
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
my $fipsdir="/usr/local/ssl/fips-2.0/";
my $fipslibdir="";
my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
@ -659,11 +665,13 @@ my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $processor="";
my $default_ranlib;
my $perl;
my $fips=0;
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
"ec-nistp224-64-gcc-128" => "default",
"gmp" => "default",
"jpake" => "experimental",
"md2" => "default",
@ -805,6 +813,10 @@ PROCESS_ARGS:
}
elsif (/^386$/)
{ $processor=386; }
elsif (/^fips$/)
{
$fips=1;
}
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
@ -849,6 +861,18 @@ PROCESS_ARGS:
{
$withargs{"zlib-include"}="-I$1";
}
elsif (/^--with-fipsdir=(.*)$/)
{
$fipsdir="$1/";
}
elsif (/^--with-fipslibdir=(.*)$/)
{
$fipslibdir="$1/";
}
elsif (/^--with-baseaddr=(.*)$/)
{
$baseaddr="$1";
}
elsif (/^--cross-compile-prefix=(.*)$/)
{
$cross_compile_prefix=$1;
@ -923,6 +947,11 @@ if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
$disabled{"ssl2"} = "forced";
}
if ($fips && $fipslibdir eq "")
{
$fipslibdir = $fipsdir . "lib/";
}
# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
@ -943,6 +972,12 @@ if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
$disabled{"gost"} = "forced";
}
# SRP requires TLSEXT
if (defined($disabled{"tlsext"}))
{
$disabled{"srp"} = "forced";
}
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
@ -992,7 +1027,7 @@ foreach (sort (keys %disabled))
else
{
my ($ALGO, $algo);
($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/;
($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
@ -1041,8 +1076,6 @@ $exe_ext=".pm" if ($target =~ /vos/);
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";
$libdir="lib" if $libdir eq "";
$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
or $perl="perl";
@ -1095,6 +1128,14 @@ my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
my $multilib = $fields[$idx_multilib];
# if $prefix/lib$multilib is not an existing directory, then
# assume that it's not searched by linker automatically, in
# which case adding $multilib suffix causes more grief than
# we're ready to tolerate, so don't...
$multilib="" if !-d "$prefix/lib$multilib";
$libdir="lib$multilib" if $libdir eq "";
$cflags = "$cflags$exp_cflags";
# '%' in $lflags is used to split flags to "pre-" and post-flags
@ -1102,6 +1143,12 @@ my ($prelflags,$postlflags)=split('%',$lflags);
if (defined($postlflags)) { $lflags=$postlflags; }
else { $lflags=$prelflags; undef $prelflags; }
if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
{
$cflags =~ s/\-mno\-cygwin\s*//;
$shared_ldflag =~ s/\-mno\-cygwin\s*//;
}
my $no_shared_warn=0;
my $no_user_cflags=0;
@ -1363,6 +1410,12 @@ $cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
if ($fips)
{
$openssl_other_defines.="#define OPENSSL_FIPS\n";
$cflags .= " -I\$(FIPSDIR)include";
}
$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
@ -1395,7 +1448,6 @@ if ($rmd160_obj =~ /\.o$/)
if ($aes_obj =~ /\.o$/)
{
$cflags.=" -DAES_ASM";
$aes_obj =~ s/\s*aesni\-x86\.o// if ($no_sse2);
}
else {
$aes_obj=$aes_enc;
@ -1531,6 +1583,12 @@ while (<IN>)
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
s/^BASEADDR=.*/BASEADDR=$baseaddr/;
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@ -1674,10 +1732,7 @@ while (<IN>)
}
elsif (/^#define\s+ENGINESDIR/)
{
# $foo is to become "$prefix/lib$multilib/engines";
# as Makefile.org and engines/Makefile are adapted for
# $multilib suffix.
my $foo = "$prefix/lib/engines";
my $foo = "$prefix/$libdir/engines";
$foo =~ s/\\/\\\\/g;
print OUT "#define ENGINESDIR \"$foo\"\n";
}
@ -1793,11 +1848,11 @@ EOF
(system $make_command.$make_targets) == 0 or exit $?
if $make_targets ne "";
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
} else {
# No path for Perl known ...
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {

55
crypto/external/bsd/openssl/dist/FAQ vendored
View File

@ -52,6 +52,9 @@ OpenSSL - Frequently Asked Questions
* Why does the OpenSSL test suite fail in sha512t on x86 CPU?
* Why does compiler fail to compile sha512.c?
* Test suite still fails, what to do?
* I think I've found a bug, what should I do?
* I'm SURE I've found a bug, how do I report it?
* I've found a security issue, how do I report it?
[PROG] Questions about programming with OpenSSL
@ -79,7 +82,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.8k was released on Mar 25th, 2009.
OpenSSL 1.0.0d was released on Feb 8th, 2011.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@ -131,7 +134,7 @@ OpenSSL. Information on the OpenSSL mailing lists is available from
* Where can I get a compiled version of OpenSSL?
You can finder pointers to binary distributions in
http://www.openssl.org/related/binaries.html .
<URL: http://www.openssl.org/related/binaries.html> .
Some applications that use OpenSSL are distributed in binary form.
When using such an application, you don't need to install OpenSSL
@ -463,7 +466,7 @@ administrators.
Other projects do have other policies so you can for example extract the CA
bundle used by Mozilla and/or modssl as described in this article:
http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
<URL: http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html>
[BUILD] =======================================================================
@ -505,7 +508,7 @@ when you run the test suite (using "make test"). The message returned is
"bc: 1 not implemented".
The best way to deal with this is to find another implementation of bc
and compile/install it. GNU bc (see http://www.gnu.org/software/software.html
and compile/install it. GNU bc (see <URL: http://www.gnu.org/software/software.html>
for download instructions) can be safely used, for example.
@ -516,7 +519,7 @@ that the OpenSSL bntest throws at it. This gets triggered when you run the
test suite (using "make test"). The message returned is "bc: stack empty".
The best way to deal with this is to find another implementation of bc
and compile/install it. GNU bc (see http://www.gnu.org/software/software.html
and compile/install it. GNU bc (see <URL: http://www.gnu.org/software/software.html>
for download instructions) can be safely used, for example.
@ -709,6 +712,46 @@ never make sense, and tend to emerge when you least expect them. In order
to identify one, drop optimization level, e.g. by editing CFLAG line in
top-level Makefile, recompile and re-run the test.
* I think I've found a bug, what should I do?
If you are a new user then it is quite likely you haven't found a bug and
something is happening you aren't familiar with. Check this FAQ, the associated
documentation and the mailing lists for similar queries. If you are still
unsure whether it is a bug or not submit a query to the openssl-users mailing
list.
* I'm SURE I've found a bug, how do I report it?
Bug reports with no security implications should be sent to the request
tracker. This can be done by mailing the report to <rt@openssl.org> (or its
alias <openssl-bugs@openssl.org>), please note that messages sent to the
request tracker also appear in the public openssl-dev mailing list.
The report should be in plain text. Any patches should be sent as
plain text attachments because some mailers corrupt patches sent inline.
If your issue affects multiple versions of OpenSSL check any patches apply
cleanly and, if possible include patches to each affected version.
The report should be given a meaningful subject line briefly summarising the
issue. Just "bug in OpenSSL" or "bug in OpenSSL 0.9.8n" is not very helpful.
By sending reports to the request tracker the bug can then be given a priority
and assigned to the appropriate maintainer. The history of discussions can be
accessed and if the issue has been addressed or a reason why not. If patches
are only sent to openssl-dev they can be mislaid if a team member has to
wade through months of old messages to review the discussion.
See also <URL: http://www.openssl.org/support/rt.html>
* I've found a security issue, how do I report it?
If you think your bug has security implications then please send it to
openssl-security@openssl.org if you don't get a prompt reply at least
acknowledging receipt then resend or mail it directly to one of the
more active team members (e.g. Steve).
[PROG] ========================================================================
* Is OpenSSL thread-safe?
@ -722,7 +765,7 @@ file.
Multi-threaded applications must provide two callback functions to
OpenSSL by calling CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
including 0.9.8[abc...]. As of version 0.9.9, CRYPTO_set_id_callback()
including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback()
and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
and friends. This is described in the threads(3) manpage.

6
crypto/external/bsd/openssl/dist/INSTALL vendored
View File

@ -103,6 +103,12 @@
define preprocessor symbols, specify additional libraries,
library directories or other compiler options.
-DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
BSD. Useful if you are running ocf-linux or something
similar. Once enabled you can also enable the use of
cryptodev digests, which is usually slower unless you have
large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
it.
Installation in Detail
----------------------

52
crypto/external/bsd/openssl/dist/INSTALL.VMS vendored
View File

@ -71,7 +71,7 @@ the top to understand how to use them. However, if you want to
compile all you can get, the simplest is to use MAKEVMS.COM in the top
directory. The syntax is the following:
@MAKEVMS <option> <rsaref-p> <debug-p> [<compiler>]
@MAKEVMS <option> <bits> <debug-p> [<compiler>]
<option> must be one of the following:
@ -87,24 +87,11 @@ directory. The syntax is the following:
TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
<rsaref-p> must be one of the following:
<bits> must be one of the following:
RSAREF compile using the RSAREF Library
NORSAREF compile without using RSAREF
Note 0: The RSAREF library IS NO LONGER NEEDED. The RSA patent
expires September 20, 2000, and RSA Security chose to make
the algorithm public domain two weeks before that.
Note 1: If you still want to use RSAREF, the library is NOT INCLUDED
and you have to download it. RSA Security doesn't carry it
any more, but there are a number of places where you can find
it. You have to get the ".tar-Z" file as the ".zip" file
doesn't have the directory structure stored. You have to
extract the file into the [.RSAREF] directory as that is where
the scripts will look for the files.
Note 2: I have never done this, so I've no idea if it works or not.
"" compile using default pointer size
32 compile using 32 bit pointer size
64 compile using 64 bit pointer size
<debug-p> must be one of the following:
@ -117,12 +104,13 @@ Note 2: I have never done this, so I've no idea if it works or not.
GNUC For GNU C.
You will find the crypto library in [.xxx.EXE.CRYPTO], called LIBCRYPTO.OLB,
where xxx is VAX or AXP. You will find the SSL library in [.xxx.EXE.SSL],
named LIBSSL.OLB, and you will find a bunch of useful programs in
[.xxx.EXE.APPS]. However, these shouldn't be used right off unless it's
just to test them. For production use, make sure you install first, see
Installation below.
You will find the crypto library in [.xxx.EXE.CRYPTO] (where xxx is VAX,
ALPHA or IA64), called SSL_LIBCRYPTO32.OLB or SSL_LIBCRYPTO.OLB depending
on how it was built. You will find the SSL library in [.xxx.EXE.SSL],
named SSL_LIBSSL32.OLB or SSL_LIBSSL.OLB, and you will find a bunch of
useful programs in [.xxx.EXE.APPS]. However, these shouldn't be used
right off unless it's just to test them. For production use, make sure
you install first, see Installation below.
Note 1: Some programs in this package require a TCP/IP library.
@ -170,12 +158,14 @@ Installation:
Installation is easy, just do the following:
@INSTALL <root>
@INSTALL <root> <bits>
<root> is the directory in which everything will be installed,
subdirectories, libraries, header files, programs and startup command
procedures.
<bits> works the same way as for MAKEVMS.COM
N.B.: INSTALL.COM builds a new directory structure, different from
the directory tree where you have now build OpenSSL.
@ -196,6 +186,10 @@ following command procedures:
sets up the symbols to the applications. Should be called
from for example SYS$MANAGER:SYLOGIN.COM
OPENSSL_UNDO.COM
deassigns the logical names created with OPENSSL_STARTUP.COM.
The logical names that are set up are the following:
SSLROOT a dotted concealed logical name pointing at the
@ -203,7 +197,6 @@ The logical names that are set up are the following:
SSLCERTS Initially an empty directory, this is the default
location for certificate files.
SSLMISC Various scripts.
SSLPRIVATE Initially an empty directory, this is the default
location for private key files.
@ -211,8 +204,9 @@ The logical names that are set up are the following:
programs.
SSLINCLUDE Contains the header files needed if you want to
compile programs with libcrypto or libssl.
SSLLIB Contains the OpenSSL library files (LIBCRYPTO.OLB
and LIBSSL.OLB) themselves.
SSLLIB Contains the OpenSSL library files themselves:
- SSL_LIBCRYPTO32.OLB and SSL_LIBSSL32.OLB or
- SSL_LIBCRYPTO.OLB and SSL_LIBSSL.OLB
OPENSSL Same as SSLINCLUDE. This is because the standard
way to include OpenSSL header files from version
@ -296,4 +290,4 @@ have any ideas.
--
Richard Levitte <richard@levitte.org>
2000-02-27
2000-02-27, 2011-03-18

22
crypto/external/bsd/openssl/dist/INSTALL.W32 vendored
View File

@ -185,6 +185,15 @@
required. Run the installers and do whatever magic they say it takes
to start MSYS bash shell with GNU tools on its PATH.
N.B. Since source tar-ball can contain symbolic links, it's essential
that you use accompanying MSYS tar to unpack the source. It will
either handle them in one way or another or fail to extract them,
which does the trick too. Latter means that you may safely ignore all
"cannot create symlink" messages, as they will be "re-created" at
configure stage by copying corresponding files. Alternative programs
were observed to create empty files instead, which results in build
failure.
* Compile OpenSSL:
$ ./config
@ -297,7 +306,18 @@
desktop, which is not available to service processes. The toolkit is
designed to detect in which context it's currently executed, GUI,
console app or service, and act accordingly, namely whether or not to
actually make GUI calls.
actually make GUI calls. Additionally those who wish to
/DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and actually keep them
off service process should consider implementing and exporting from
.exe image in question own _OPENSSL_isservice not relying on USER32.DLL.
E.g., on Windows Vista and later you could:
__declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
{ DWORD sess;
if (ProcessIdToSessionId(GetCurrentProcessId(),&sess))
return sess==0;
return FALSE;
}
If you link with OpenSSL .DLLs, then you're expected to include into
your application code small "shim" snippet, which provides glue between

2
crypto/external/bsd/openssl/dist/LICENSE vendored
View File

@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

50
crypto/external/bsd/openssl/dist/Makefile.org vendored
View File

@ -109,6 +109,30 @@ LIBKRB5=
ZLIB_INCLUDE=
LIBZLIB=
# TOP level FIPS install directory.
FIPSDIR=
# This is the location of fipscanister.o and friends.
# The FIPS module build will place it $(INSTALLTOP)/lib
# but since $(INSTALLTOP) can only take the default value
# when the module is built it will be in /usr/local/ssl/lib
# $(INSTALLTOP) for this build may be different so hard
# code the path.
FIPSLIBDIR=
# The location of the library which contains fipscanister.o
# normally it will be libcrypto unless fipsdso is set in which
# case it will be libfips. If not compiling in FIPS mode at all
# this is empty making it a useful test for a FIPS compile.
FIPSCANLIB=
# Shared library base address. Currently only used on Windows.
#
BASEADDR=
DIRS= crypto ssl engines apps test tools
ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
@ -121,7 +145,7 @@ SDIRS= \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
cms pqueue ts jpake store
cms pqueue ts jpake srp store cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@ -205,6 +229,9 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
WP_ASM_OBJ='$(WP_ASM_OBJ)' \
PERLASM_SCHEME='$(PERLASM_SCHEME)' \
FIPSLIBDIR='${FIPSLIBDIR}' \
FIPSDIR='${FIPSDIR}' \
FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@ -258,9 +285,20 @@ all_testapps: build_libs build_testapps
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
libcrypto$(SHLIB_EXT): libcrypto.a
fips_premain_dso$(EXE_EXT): libcrypto.a
[ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAGS) \
-DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
$(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
libcrypto.a $(EX_LIBS)
libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
$(MAKE) SHLIBDIRS=crypto build-shared; \
if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
FIPSLD_LIBCRYPTO=libcrypto.a ; \
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)bin/fipsld; \
export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
fi; \
$(MAKE) -e SHLIBDIRS=crypto build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@ -426,7 +464,7 @@ tags:
errors:
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@ -551,7 +589,7 @@ install_sw:
fi; \
done; \
( here="`pwd`"; \
cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
$(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
if [ "$(INSTALLTOP)" != "/usr" ]; then \
echo 'OpenSSL shared libraries have been installed in:'; \
@ -594,7 +632,7 @@ install_docs:
$(INSTALL_PREFIX)$(MANDIR)/man3 \
$(INSTALL_PREFIX)$(MANDIR)/man5 \
$(INSTALL_PREFIX)$(MANDIR)/man7
@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \

26
crypto/external/bsd/openssl/dist/Makefile.shared vendored
View File

@ -135,7 +135,7 @@ LINK_SO_A_VIA_O= \
ALL=$$ALLSYMSFLAGS; ALLSYMSFLAGS=; NOALLSYMSFLAGS=; \
( $(SET_X); \
ld $(LDFLAGS) -r -o lib$(LIBNAME).o $$ALL lib$(LIBNAME).a $(LIBEXTRAS) ); \
$(LINK_SO) && rm -f $(LIBNAME).o
$(LINK_SO) && rm -f lib$(LIBNAME).o
LINK_SO_A_UNPACKED= \
UNPACKDIR=link_tmp.$$$$; rm -rf $$UNPACKDIR; mkdir $$UNPACKDIR; \
@ -207,17 +207,29 @@ link_app.bsd:
fi; $(LINK_APP)
# For Darwin AKA Mac OS/X (dyld)
# link_o.darwin produces .so, because we let it use dso_dlfcn module,
# which has .so extension hard-coded. One can argue that one should
# develop special dso module for MacOS X. At least manual encourages
# to use native NSModule(3) API and refers to dlfcn as termporary hack.
# Originally link_o.darwin produced .so, because it was hard-coded
# in dso_dlfcn module. At later point dso_dlfcn switched to .dylib
# extension in order to allow for run-time linking with vendor-
# supplied shared libraries such as libz, so that link_o.darwin had
# to be harmonized with it. This caused minor controversy, because
# it was believed that dlopen can't be used to dynamically load
# .dylib-s, only so called bundle modules (ones linked with -bundle
# flag). The belief seems to be originating from pre-10.4 release,
# where dlfcn functionality was emulated by dlcompat add-on. In
# 10.4 dlopen was rewritten as native part of dyld and is documented
# to be capable of loading both dynamic libraries and bundles. In
# order to provide compatibility with pre-10.4 dlopen, modules are
# linked with -bundle flag, which makes .dylib extension misleading.
# It works, because dlopen is [and always was] extension-agnostic.
# Alternative to this heuristic approach is to develop specific
# MacOS X dso module relying on whichever "native" dyld interface.
link_o.darwin:
@ $(CALC_VERSIONS); \
SHLIB=lib$(LIBNAME); \
SHLIB_SUFFIX=.so; \
SHLIB_SUFFIX=.dylib; \
ALLSYMSFLAGS='-all_load'; \
NOALLSYMSFLAGS=''; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
SHAREDFLAGS="$(CFLAGS) `echo $(SHARED_LDFLAGS) | sed s/dynamiclib/bundle/`"; \
if [ -n "$(LIBVERSION)" ]; then \
SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
fi; \

66
crypto/external/bsd/openssl/dist/NEWS vendored
View File

@ -5,8 +5,30 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.8k and OpenSSL 1.0:
Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d:
o Fix for security issue CVE-2011-0014
Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
o Fix mishandling of absent EC point format extension.
o Fix various platform compilation issues.
o Corrected fix for security issue CVE-2010-3864.
Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
o Fix for security issue CVE-2010-3864.
o Fix for CVE-2010-2939
o Fix WIN32 build system for GOST ENGINE.
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
o Fix for security issue CVE-2010-1633.
o GOST MAC and CFB fixes.
Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0:
o RFC3280 path validation: sufficient to process PKITS tests.
o Integrated support for PVK files and keyblobs.
@ -29,6 +51,48 @@
o Opaque PRF Input TLS extension support.
o Updated time routines to avoid OS limitations.
Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r:
o Fix for security issue CVE-2011-0014
Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p:
o Fix for security issue CVE-2010-3864.
Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
o Fix for security issue CVE-2010-0742.
o Various DTLS fixes.
o Recognise SHA2 certificates if only SSL algorithms added.
o Fix for no-rc4 compilation.
o Chil ENGINE unload workaround.
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
o CFB cipher definition fixes.
o Fix security issues CVE-2010-0740 and CVE-2010-0433.
Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m:
o Cipher definition fixes.
o Workaround for slow RAND_poll() on some WIN32 versions.
o Remove MD2 from algorithm tables.
o SPKAC handling fixes.
o Support for RFC5746 TLS renegotiation extension.
o Compression memory leak fixed.
o Compression session resumption fixed.
o Ticket and SNI coexistence fixes.
o Many fixes to DTLS handling.
Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l:
o Temporary work around for CVE-2009-3555: disable renegotiation.
Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
o Fix various build issues.

4
crypto/external/bsd/openssl/dist/PROBLEMS vendored
View File

@ -36,7 +36,9 @@ may differ on your machine.
As long as Apple doesn't fix the problem with ld, this problem building
OpenSSL will remain as is.
OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by
passing -Wl,-search_paths_first, but it's unknown if the flag was
supported from the initial MacOS X release.
* Parallell make leads to errors

4
crypto/external/bsd/openssl/dist/README vendored
View File

@ -1,7 +1,7 @@
OpenSSL 1.1.0-dev XX xxx XXXX
OpenSSL 1.0.1-dev
Copyright (c) 1998-2009 The OpenSSL Project
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

20
crypto/external/bsd/openssl/dist/STATUS vendored
View File

@ -1,10 +1,26 @@
OpenSSL STATUS Last modified at
______________ Date: 2009/04/03 11:45:14
______________ Date: 2011/02/08 17:48:40
DEVELOPMENT STATE
o OpenSSL 1.0.0-beta1: Released on April 1st, 2009
o OpenSSL 1.1.0: Under development...
o OpenSSL 1.0.1: Under development...
o OpenSSL 1.0.0d: Released on February 8nd, 2011
o OpenSSL 1.0.0c: Released on December 2nd, 2010
o OpenSSL 1.0.0b: Released on November 16th, 2010
o OpenSSL 1.0.0a: Released on June 1st, 2010
o OpenSSL 1.0.0: Released on March 29th, 2010
o OpenSSL 0.9.8r: Released on February 8nd, 2011
o OpenSSL 0.9.8q: Released on December 2nd, 2010
o OpenSSL 0.9.8p: Released on November 16th, 2010
o OpenSSL 0.9.8o: Released on June 1st, 2010
o OpenSSL 0.9.8n: Released on March 24th, 2010
o OpenSSL 0.9.8m: Released on February 25th, 2010
o OpenSSL 0.9.8l: Released on November 5th, 2009
o OpenSSL 0.9.8k: Released on March 25th, 2009
o OpenSSL 0.9.8j: Released on January 7th, 2009
o OpenSSL 0.9.8i: Released on September 15th, 2008
o OpenSSL 0.9.8h: Released on May 28th, 2008
o OpenSSL 0.9.8g: Released on October 19th, 2007
o OpenSSL 0.9.8f: Released on October 11th, 2007

170
crypto/external/bsd/openssl/dist/TABLE vendored
View File

@ -228,7 +228,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -259,7 +259,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -290,7 +290,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -321,7 +321,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -383,7 +383,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -538,7 +538,7 @@ $bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -724,7 +724,7 @@ $bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -755,7 +755,7 @@ $bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = bn_asm.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -1003,7 +1003,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1034,7 +1034,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1065,7 +1065,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1189,7 +1189,7 @@ $bn_ops = BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1211,7 +1211,7 @@ $multilib =
*** darwin-ppc-cc
$cc = cc
$cflags = -arch ppc -O3 -DB_ENDIAN
$cflags = -arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id = MACOSX
@ -1282,7 +1282,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -1344,7 +1344,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1406,7 +1406,7 @@ $bn_ops = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1426,9 +1426,71 @@ $ranlib =
$arflags =
$multilib =
*** debug-VC-WIN64A
$cc = cl
$cflags = -W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
$unistd =
$thread_cflag =
$sys_id = WIN64A
$lflags =
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = bn_asm.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
$cast_obj =
$rc4_obj = rc4-x86_64.o
$rmd160_obj =
$rc5_obj =
$wp_obj = wp-x86_64.o
$cmll_obj = cmll-x86_64.o cmll_misc.o
$perlasm_scheme = auto
$dso_scheme = win32
$shared_target=
$shared_cflag =
$shared_ldflag =
$shared_extension =
$ranlib =
$arflags =
$multilib =
*** debug-VC-WIN64I
$cc = cl
$cflags = -W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
$unistd =
$thread_cflag =
$sys_id = WIN64I
$lflags =
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = ia64cpuid.o
$bn_obj = ia64.o
$des_obj =
$aes_obj = aes_core.o aes_cbc.o aes-ia64.o
$bf_obj =
$md5_obj = md5-ia64.o
$sha1_obj = sha1-ia64.o sha256-ia64.o sha512-ia64.o
$cast_obj =
$rc4_obj =
$rmd160_obj =
$rc5_obj =
$wp_obj =
$cmll_obj =
$perlasm_scheme = ias
$dso_scheme = win32
$shared_target=
$shared_cflag =
$shared_ldflag =
$shared_extension =
$ranlib =
$arflags =
$multilib =
*** debug-ben
$cc = gcc
$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe
$cflags = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG_UNUSED -O2 -pedantic -Wall -Wshadow -Werror -pipe
$unistd =
$thread_cflag = (unknown)
$sys_id =
@ -1458,8 +1520,8 @@ $arflags =
$multilib =
*** debug-ben-debug
$cc = gcc
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -DBN_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe
$cc = gcc44
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe
$unistd =
$thread_cflag = (unknown)
$sys_id =
@ -1623,7 +1685,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1654,7 +1716,7 @@ $bn_ops = BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1778,7 +1840,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1809,7 +1871,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1902,7 +1964,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -1933,7 +1995,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -2057,7 +2119,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -2088,7 +2150,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -2119,7 +2181,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -2150,7 +2212,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -2305,7 +2367,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -2327,7 +2389,7 @@ $multilib =
*** debug-steve32
$cc = gcc
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g -pipe
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
@ -2336,7 +2398,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -2358,7 +2420,7 @@ $multilib =
*** debug-steve64
$cc = gcc
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g -DMD32_REG_T=int
$cflags = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int
$unistd =
$thread_cflag = -D_REENTRANT
$sys_id =
@ -2367,7 +2429,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -2522,7 +2584,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3049,7 +3111,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3390,7 +3452,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3452,7 +3514,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3545,7 +3607,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3728,7 +3790,7 @@ $thread_cflag = -D_REENTRANT
$sys_id =
$lflags = -ldl
$bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = s390xcpuid.o
$cpuid_obj = s390xcap.o s390xcpuid.o
$bn_obj = bn-s390x.o s390x-mont.o
$des_obj =
$aes_obj = aes-s390x.o
@ -3824,7 +3886,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -3877,16 +3939,16 @@ $multilib = 64
*** mingw
$cc = gcc
$cflags = -mno-cygwin -DL_ENDIAN -DOPENSSL_NO_CAPIENG -fomit-frame-pointer -O3 -march=i486 -Wall
$cflags = -mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall
$unistd =
$thread_cflag =
$thread_cflag = -D_MT
$sys_id = MINGW32
$lflags = -lws2_32 -lgdi32
$lflags = -lws2_32 -lgdi32 -lcrypt32
$bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -3910,14 +3972,14 @@ $multilib =
$cc = gcc
$cflags = -mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE
$unistd =
$thread_cflag =
$thread_cflag = -D_MT
$sys_id = MINGW64
$lflags = -lws2_32 -lgdi32 -lcrypt32
$bn_ops = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -4475,7 +4537,7 @@ $bn_ops = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -4506,7 +4568,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -4754,7 +4816,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -4847,7 +4909,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -4878,7 +4940,7 @@ $bn_ops = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
$cpuid_obj = x86_64cpuid.o
$bn_obj = x86_64-gcc.o x86_64-mont.o
$des_obj =
$aes_obj = aes-x86_64.o aesni-x86_64.o
$aes_obj = aes-x86_64.o
$bf_obj =
$md5_obj = md5-x86_64.o
$sha1_obj = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
@ -5188,7 +5250,7 @@ $bn_ops = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o
@ -5219,7 +5281,7 @@ $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
$cpuid_obj = x86cpuid.o
$bn_obj = bn-586.o co-586.o x86-mont.o
$des_obj = des-586.o crypt586.o
$aes_obj = aes-586.o aesni-x86.o
$aes_obj = aes-586.o
$bf_obj = bf-586.o
$md5_obj = md5-586.o
$sha1_obj = sha1-586.o sha256-586.o sha512-586.o

67
crypto/external/bsd/openssl/dist/VMS/install-vms.com vendored Executable file
View File

@ -0,0 +1,67 @@
$! install-vms.com -- Installs the files in a given directory tree
$!
$! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 23-MAY-1998 19:22
$!
$! P1 root of the directory tree
$!
$!
$! Announce/identify.
$!
$ proc = f$environment( "procedure")
$ write sys$output "@@@ "+ -
f$parse( proc, , , "name")+ f$parse( proc, , , "type")
$!
$ on error then goto tidy
$ on control_c then goto tidy
$!
$ if p1 .eqs. ""
$ then
$ write sys$output "First argument missing."
$ write sys$output -
"Should be the directory where you want things installed."
$ exit
$ endif
$
$ if (f$getsyi( "cpu") .lt. 128)
$ then
$ arch = "VAX"
$ else
$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
$ if (arch .eqs. "") then arch = "UNK"
$ endif
$
$ root = f$parse( P1, "[]A.;0", , , "SYNTAX_ONLY, NO_CONCEAL")- "A.;0"
$ root_dev = f$parse( root, , , "device", "syntax_only")
$ root_dir = f$parse( root, , , "directory", "syntax_only") - -
"[000000." - "][" - "[" - "]"
$ root = root_dev + "[" + root_dir
$
$ define /nolog wrk_sslroot 'root'.] /translation_attributes = concealed
$ define /nolog wrk_sslinclude wrk_sslroot:[include]
$
$ if f$parse( "wrk_sslroot:[000000]") .eqs. "" then -
create /directory /log wrk_sslroot:[000000]
$ if f$parse( "wrk_sslinclude:") .eqs. "" then -
create /directory /log wrk_sslinclude:
$ if f$parse( "wrk_sslroot:[vms]") .eqs. "" then -
create /directory /log wrk_sslroot:[vms]
$!
$ copy /log /protection = world:re openssl_startup.com wrk_sslroot:[vms]
$ copy /log /protection = world:re openssl_undo.com wrk_sslroot:[vms]
$ copy /log /protection = world:re openssl_utils.com wrk_sslroot:[vms]
$!
$ tidy:
$!
$ call deass wrk_sslroot
$ call deass wrk_sslinclude
$!
$ exit
$!
$ deass: subroutine
$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
$ then
$ deassign /process 'p1'
$ endif
$ endsubroutine
$!

235
crypto/external/bsd/openssl/dist/VMS/mkshared.com vendored
View File

@ -1,85 +1,162 @@
$! MKSHARED.COM -- script to created shareable images on VMS
$! MKSHARED.COM -- Create shareable images.
$!
$! No command line parameters. This should be run at the start of the source
$! tree (the same directory where one finds INSTALL.VMS).
$! P1: "64" for 64-bit pointers.
$!
$! Input: [.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB
$! [.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]LIBSSL.OLB
$! Output: [.xxx.EXE.CRYPTO]LIBCRYPTO.OPT,.MAP,.EXE
$! [.xxx.EXE.SSL]LIBSSL.OPT,.MAP,.EXE
$! P2: Zlib object library path (optional).
$!
$! Input: [.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO[32].OLB
$! [.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]SSL_LIBSSL[32].OLB
$! Output: [.xxx.EXE.CRYPTO]SSL_LIBCRYPTO_SHR[32].OPT,.MAP,.EXE
$! [.xxx.EXE.SSL]SSL_LIBSSL_SRH[32].OPT,.MAP,.EXE
$!
$! So far, tests have only been made on VMS for Alpha. VAX will come in time.
$! ===========================================================================
$
$!
$! Announce/identify.
$!
$ proc = f$environment( "procedure")
$ write sys$output "@@@ "+ -
f$parse( proc, , , "name")+ f$parse( proc, , , "type")
$!
$! Save the original default device:[directory].
$!
$ def_orig = f$environment( "default")
$ on error then goto tidy
$ on control_c then goto tidy
$!
$! SET DEFAULT to the main kit directory.
$!
$ proc = f$environment("procedure")
$ proc = f$parse( "A.;", proc)- "A.;"
$ set default 'proc'
$ set default [-]
$!
$! ----- Prepare info for processing: version number and file info
$ gosub read_version_info
$ if libver .eqs. ""
$ then
$ write sys$error "ERROR: Couldn't find any library version info..."
$ exit
$ go to tidy:
$ endif
$
$ if (f$getsyi("cpu").lt.128)
$ if (f$getsyi("cpu") .lt. 128)
$ then
$ arch := VAX
$ else
$ arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if (arch .eqs. "") then arch = "UNK"
$ endif
$
$ if arch .nes. "VAX"
$ then
$ arch_vax = 0
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
$ libdir = "[.''ARCH'.EXE.CRYPTO]"
$ libolb = "''libdir'LIBCRYPTO.OLB"
$ libopt = "''libdir'LIBCRYPTO.OPT"
$ libmap = "''libdir'LIBCRYPTO.MAP"
$ libgoal= "''libdir'LIBCRYPTO.EXE"
$ libref = ""
$ gosub create_nonvax_shr
$ libid = "SSL"
$ libnum = "[.UTIL]SSLEAY.NUM"
$ libdir = "[.''ARCH'.EXE.SSL]"
$ libolb = "''libdir'LIBSSL.OLB"
$ libopt = "''libdir'LIBSSL.OPT"
$ libmap = "''libdir'LIBSSL.MAP"
$ libgoal= "''libdir'LIBSSL.EXE"
$ libref = "[.''ARCH'.EXE.CRYPTO]LIBCRYPTO.EXE"
$ gosub create_nonvax_shr
$ else
$ arch_vax = 1
$ arch = "VAX"
$ else
$ arch_vax = 0
$ arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if (arch .eqs. "") then arch = "UNK"
$ endif
$!
$ archd = arch
$ lib32 = "32"
$ shr = "SHR32"
$!
$ if (p1 .nes. "")
$ then
$ if (p1 .eqs. "64")
$ then
$ archd = arch+ "_64"
$ lib32 = ""
$ shr = "SHR"
$ else
$ if (p1 .nes. "32")
$ then
$ write sys$output "Second argument invalid."
$ write sys$output "It should be "32", "64", or nothing."
$ exit
$ endif
$ endif
$ endif
$!
$ ZLIB = p2
$ zlib_lib = ""
$ if (ZLIB .nes. "")
$ then
$ file2 = f$parse( ZLIB, "libz.olb", , , "syntax_only")
$ if (f$search( file2) .eqs. "")
$ then
$ write sys$output ""
$ write sys$output "The Option ", ZLIB, " Is Invalid."
$ write sys$output " Can't find library: ''file2'"
$ write sys$output ""
$ goto tidy
$ endif
$ zlib_lib = ", ''file2' /library"
$ endif
$!
$ if (arch_vax)
$ then
$ libtit = "CRYPTO_TRANSFER_VECTOR"
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
$ libdir = "[.''ARCH'.EXE.CRYPTO]"
$ libmar = "''libdir'LIBCRYPTO.MAR"
$ libolb = "''libdir'LIBCRYPTO.OLB"
$ libopt = "''libdir'LIBCRYPTO.OPT"
$ libobj = "''libdir'LIBCRYPTO.OBJ"
$ libmap = "''libdir'LIBCRYPTO.MAP"
$ libgoal= "''libdir'LIBCRYPTO.EXE"
$ libdir = "[.''ARCHD'.EXE.CRYPTO]"
$ libmar = "''libdir'SSL_LIBCRYPTO_''shr'.MAR"
$ libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
$ libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
$ libobj = "''libdir'SSL_LIBCRYPTO_''shr'.OBJ"
$ libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
$ libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
$ libref = ""
$ libvec = "LIBCRYPTO"
$ gosub create_vax_shr
$ if f$search( libolb) .nes. "" then gosub create_vax_shr
$ libtit = "SSL_TRANSFER_VECTOR"
$ libid = "SSL"
$ libnum = "[.UTIL]SSLEAY.NUM"
$ libdir = "[.''ARCH'.EXE.SSL]"
$ libmar = "''libdir'LIBSSL.MAR"
$ libolb = "''libdir'LIBSSL.OLB"
$ libopt = "''libdir'LIBSSL.OPT"
$ libobj = "''libdir'LIBSSL.OBJ"
$ libmap = "''libdir'LIBSSL.MAP"
$ libgoal= "''libdir'LIBSSL.EXE"
$ libref = "[.''ARCH'.EXE.CRYPTO]LIBCRYPTO.EXE"
$ libdir = "[.''ARCHD'.EXE.SSL]"
$ libmar = "''libdir'SSL_LIBSSL_''shr'.MAR"
$ libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
$ libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
$ libobj = "''libdir'SSL_LIBSSL_''shr'.OBJ"
$ libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
$ libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
$ libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
$ libvec = "LIBSSL"
$ gosub create_vax_shr
$ if f$search( libolb) .nes. "" then gosub create_vax_shr
$ else
$ libid = "Crypto"
$ libnum = "[.UTIL]LIBEAY.NUM"
$ libdir = "[.''ARCHD'.EXE.CRYPTO]"
$ libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
$ libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
$ libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
$ libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
$ libref = ""
$ if f$search( libolb) .nes. "" then gosub create_nonvax_shr
$ libid = "SSL"
$ libnum = "[.UTIL]SSLEAY.NUM"
$ libdir = "[.''ARCHD'.EXE.SSL]"
$ libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
$ libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
$ libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
$ libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
$ libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
$ if f$search( libolb) .nes. "" then gosub create_nonvax_shr
$ endif
$!
$ tidy:
$!
$! Close any open files.
$!
$ if (f$trnlnm( "libnum", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
close libnum
$!
$ if (f$trnlnm( "mar", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
close mar
$!
$ if (f$trnlnm( "opt", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
close opt
$!
$ if (f$trnlnm( "vf", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
close vf
$!
$! Restore the original default device:[directory].
$!
$ set default 'def_orig'
$ exit
$
$! ----- Soubroutines to build the shareable libraries
$! ----- Subroutines to build the shareable libraries
$! For each supported architecture, there's a main shareable library
$! creator, which is called from the main code above.
$! The creator will define a number of variables to tell the next levels of
@ -111,9 +188,9 @@ $! ----- Subroutines for non-VAX
$! -----
$! The creator routine
$ create_nonvax_shr:
$ open/write opt 'libopt'
$ open /write opt 'libopt'
$ write opt "identification=""",libid," ",libverstr,""""
$ write opt libolb,"/lib"
$ write opt libolb, " /library"
$ if libref .nes. "" then write opt libref,"/SHARE"
$ write opt "SYMBOL_VECTOR=(-"
$ libfirstentry := true
@ -124,7 +201,8 @@ $ gosub read_func_num
$ write opt ")"
$ write opt "GSMATCH=",libvmatch,",",libver
$ close opt
$ link/map='libmap'/full/share='libgoal' 'libopt'/option
$ link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
'zlib_lib'
$ return
$
$! The record writer routine
@ -158,7 +236,7 @@ $! ----- Subroutines for VAX
$! -----
$! The creator routine
$ create_vax_shr:
$ open/write mar 'libmar'
$ open /write mar 'libmar'
$ type sys$input:/out=mar:
;
; Transfer vector for VAX shareable image
@ -193,10 +271,10 @@ $! libwriter := write_vax_vtransfer_entry
$! gosub read_func_num
$ write mar " .END"
$ close mar
$ open/write opt 'libopt'
$ open /write opt 'libopt'
$ write opt "identification=""",libid," ",libverstr,""""
$ write opt libobj
$ write opt libolb,"/lib"
$ write opt libolb, " /library"
$ if libref .nes. "" then write opt libref,"/SHARE"
$ type sys$input:/out=opt:
!
@ -215,7 +293,8 @@ $ libwriter := write_vax_psect_attr
$ gosub read_func_num
$ close opt
$ macro/obj='libobj' 'libmar'
$ link/map='libmap'/full/share='libgoal' 'libopt'/option
$ link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
'zlib_lib'
$ return
$
$! The record writer routine for VAX functions
@ -237,9 +316,9 @@ $ return
$
$! ----- Common subroutines
$! -----
$! The .num file reader. This one has great responsability.
$! The .num file reader. This one has great responsibility.
$ read_func_num:
$ open libnum 'libnum'
$ open /read libnum 'libnum'
$ goto read_nums
$
$ read_nums:
@ -247,27 +326,30 @@ $ libentrynum=0
$ liblastentry:=false
$ entrycount=0
$ loop:
$ read/end=loop_end/err=loop_end libnum line
$ entrynum=f$int(f$element(1," ",f$edit(line,"COMPRESS,TRIM")))
$ entryinfo=f$element(2," ",f$edit(line,"COMPRESS,TRIM"))
$ curentry=f$element(0," ",f$edit(line,"COMPRESS,TRIM"))
$ info_exist=f$element(0,":",entryinfo)
$ info_platforms=","+f$element(1,":",entryinfo)+","
$ info_kind=f$element(2,":",entryinfo)
$ info_algorithms=","+f$element(3,":",entryinfo)+","
$ read /end=loop_end /err=loop_end libnum line
$ lin = f$edit( line, "COMPRESS,TRIM")
$! Skip a "#" comment line.
$ if (f$extract( 0, 1, lin) .eqs. "#") then goto loop
$ entrynum = f$int(f$element( 1, " ", lin))
$ entryinfo = f$element( 2, " ", lin)
$ curentry = f$element( 0, " ", lin)
$ info_exist = f$element( 0, ":", entryinfo)
$ info_platforms = ","+ f$element(1, ":", entryinfo)+ ","
$ info_kind = f$element( 2, ":", entryinfo)
$ info_algorithms = ","+ f$element( 3, ":", entryinfo)+ ","
$ if info_exist .eqs. "NOEXIST" then goto loop
$ truesum = 0
$ falsesum = 0
$ negatives = 1
$ plat_i = 0
$ loop1:
$ plat_entry = f$element(plat_i,",",info_platforms)
$ plat_entry = f$element( plat_i, ",", info_platforms)
$ plat_i = plat_i + 1
$ if plat_entry .eqs. "" then goto loop1
$ if plat_entry .nes. ","
$ then
$ if f$extract(0,1,plat_entry) .nes. "!" then negatives = 0
$ if f$getsyi("CPU") .lt. 128
$ if (arch_vax)
$ then
$ if plat_entry .eqs. "EXPORT_VAR_AS_FUNCTION" then -
$ truesum = truesum + 1
@ -276,6 +358,7 @@ $ falsesum = falsesum + 1
$ endif
$!
$ if ((plat_entry .eqs. "VMS") .or. -
((plat_entry .eqs. "ZLIB") .and. (ZLIB .nes. "")) .or. -
(arch_vax .and. (plat_entry .eqs. "VMSVAX"))) then -
truesum = truesum + 1
$!
@ -345,7 +428,7 @@ $
$! The version number reader
$ read_version_info:
$ libver = ""
$ open/read vf [.CRYPTO]OPENSSLV.H
$ open /read vf [.CRYPTO]OPENSSLV.H
$ loop_rvi:
$ read/err=endloop_rvi/end=endloop_rvi vf rvi_line
$ if rvi_line - "SHLIB_VERSION_NUMBER """ .eqs. rvi_line then -

108
crypto/external/bsd/openssl/dist/VMS/openssl_startup.com vendored Executable file
View File

@ -0,0 +1,108 @@
$!
$! Startup file for OpenSSL 1.x.
$!
$! 2011-03-05 SMS.
$!
$! This procedure must reside in the OpenSSL installation directory.
$! It will fail if it is copied to a different location.
$!
$! P1 qualifier(s) for DEFINE. For example, "/SYSTEM" to get the
$! logical names defined in the system logical name table.
$!
$! P2 "64", to use executables which were built with 64-bit pointers.
$!
$! Good (default) and bad status values.
$!
$ status = %x00010001 ! RMS$_NORMAL, normal successful completion.
$ rms_e_fnf = %x00018292 ! RMS$_FNF, file not found.
$!
$! Prepare for problems.
$!
$ orig_dev_dir = f$environment( "DEFAULT")
$ on control_y then goto clean_up
$ on error then goto clean_up
$!
$! Determine hardware architecture.
$!
$ if (f$getsyi( "cpu") .lt. 128)
$ then
$ arch_name = "VAX"
$ else
$ arch_name = f$edit( f$getsyi( "arch_name"), "upcase")
$ if (arch_name .eqs. "") then arch_name = "UNK"
$ endif
$!
$ if (p2 .eqs. "64")
$ then
$ arch_name_exe = arch_name+ "_64"
$ else
$ arch_name_exe = arch_name
$ endif
$!
$! Derive the OpenSSL installation device:[directory] from the location
$! of this command procedure.
$!
$ proc = f$environment( "procedure")
$ proc_dev_dir = f$parse( "A.;", proc, , , "no_conceal") - "A.;"
$ proc_dev = f$parse( proc_dev_dir, , , "device", "syntax_only")
$ proc_dir = f$parse( proc_dev_dir, , , "directory", "syntax_only") - -
".][000000"- "[000000."- "]["- "["- "]"
$ proc_dev_dir = proc_dev+ "["+ proc_dir+ "]"
$ set default 'proc_dev_dir'
$ set default [-]
$ ossl_dev_dir = f$environment( "default")
$!
$! Check existence of expected directories (to see if this procedure has
$! been moved away from its proper place).
$!
$ if ((f$search( "certs.dir;1") .eqs. "") .or. -
(f$search( "include.dir;1") .eqs. "") .or. -
(f$search( "private.dir;1") .eqs. "") .or. -
(f$search( "vms.dir;1") .eqs. ""))
$ then
$ write sys$output -
" Can't find expected common OpenSSL directories in:"
$ write sys$output " ''ossl_dev_dir'"
$ status = rms_e_fnf
$ goto clean_up
$ endif
$!
$ if ((f$search( "''arch_name_exe'_exe.dir;1") .eqs. "") .or. -
(f$search( "''arch_name'_lib.dir;1") .eqs. ""))
$ then
$ write sys$output -
" Can't find expected architecture-specific OpenSSL directories in:"
$ write sys$output " ''ossl_dev_dir'"
$ status = rms_e_fnf
$ goto clean_up
$ endif
$!
$! All seems well (enough). Define the OpenSSL logical names.
$!
$ ossl_root = ossl_dev_dir- "]"+ ".]"
$ define /translation_attributes = concealed /nolog'p1 SSLROOT 'ossl_root'
$ define /nolog 'p1' SSLCERTS sslroot:[certs]
$ define /nolog 'p1' SSLINCLUDE sslroot:[include]
$ define /nolog 'p1' SSLPRIVATE sslroot:[private]
$ define /nolog 'p1' SSLEXE sslroot:['arch_name_exe'_exe]
$ define /nolog 'p1' SSLLIB sslroot:['arch_name'_lib]
$!
$! Defining OPENSSL lets a C program use "#include <openssl/{foo}.h>":
$ define /nolog 'p1' OPENSSL SSLINCLUDE:
$!
$! Run a site-specific procedure, if it exists.
$!
$ if f$search( "sslroot:[vms]openssl_systartup.com") .nes."" then -
@ sslroot:[vms]openssl_systartup.com
$!
$! Restore the original default dev:[dir] (if known).
$!
$ clean_up:
$!
$ if (f$type( orig_dev_dir) .nes. "")
$ then
$ set default 'orig_dev_dir'
$ endif
$!
$ EXIT 'status'
$!

20
crypto/external/bsd/openssl/dist/VMS/openssl_undo.com vendored Executable file
View File

@ -0,0 +1,20 @@
$!
$! Deassign OpenSSL logical names.
$!
$ call deass "OPENSSL" "''p1'"
$ call deass "SSLCERTS" "''p1'"
$ call deass "SSLEXE" "''p1'"
$ call deass "SSLINCLUDE" "''p1'"
$ call deass "SSLLIB" "''p1'"
$ call deass "SSLPRIVATE" "''p1'"
$ call deass "SSLROOT" "''p1'"
$!
$ exit
$!
$deass: subroutine
$ if (f$trnlnm( p1) .nes. "")
$ then
$ deassign 'p2' 'p1'
$ endif
$ endsubroutine
$!

100
crypto/external/bsd/openssl/dist/apps/CA.com vendored
View File

@ -37,14 +37,25 @@ $ VERIFY = openssl + " verify"
$ X509 = openssl + " x509"
$ PKCS12 = openssl + " pkcs12"
$ echo = "write sys$Output"
$ RET = 1
$!
$ s = F$PARSE(F$ENVIRONMENT("DEFAULT"),"[]") - "].;"
$ CATOP := 's'.demoCA
$ CAKEY := ]cakey.pem
$ CACERT := ]cacert.pem
$! 2010-12-20 SMS.
$! Use a concealed logical name to reduce command line lengths, to
$! avoid DCL errors on VAX:
$! %DCL-W-TKNOVF, command element is too long - shorten
$! (Path segments like "openssl-1_0_1-stable-SNAP-20101217" accumulate
$! quickly.)
$!
$ CATOP = F$PARSE( F$ENVIRONMENT( "DEFAULT"), "[]")- "].;"+ ".demoCA.]"
$ define /translation_attributes = concealed CATOP 'CATOP'
$!
$ on error then goto clean_up
$ on control_y then goto clean_up
$!
$ CAKEY = "CATOP:[private]cakey.pem"
$ CACERT = "CATOP:[000000]cacert.pem"
$
$ __INPUT := SYS$COMMAND
$ RET = 1
$!
$ i = 1
$opt_loop:
@ -55,7 +66,7 @@ $
$ IF (prog_opt .EQS. "?" .OR. prog_opt .EQS. "-h" .OR. prog_opt .EQS. "-help")
$ THEN
$ echo "usage: CA -newcert|-newreq|-newca|-sign|-verify"
$ exit
$ goto clean_up
$ ENDIF
$!
$ IF (prog_opt .EQS. "-input")
@ -69,7 +80,7 @@ $!
$ IF (prog_opt .EQS. "-newcert")
$ THEN
$ ! Create a certificate.
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ REQ -new -x509 -keyout newreq.pem -out newreq.pem 'DAYS'
$ RET=$STATUS
$ echo "Certificate (and private key) is in newreq.pem"
@ -79,7 +90,7 @@ $!
$ IF (prog_opt .EQS. "-newreq")
$ THEN
$ ! Create a certificate request
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ REQ -new -keyout newreq.pem -out newreq.pem 'DAYS'
$ RET=$STATUS
$ echo "Request (and private key) is in newreq.pem"
@ -90,41 +101,40 @@ $ IF (prog_opt .EQS. "-newca")
$ THEN
$ ! If explicitly asked for or it doesn't exist then setup the directory
$ ! structure that Eric likes to manage things.
$ IF F$SEARCH(CATOP+"]serial.") .EQS. ""
$ IF F$SEARCH( "CATOP:[000000]serial.") .EQS. ""
$ THEN
$ CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP']
$ CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.certs]
$ CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.crl]
$ CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.newcerts]
$ CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.private]
$ CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[000000]
$ CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[certs]
$ CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[crl]
$ CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[newcerts]
$ CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[private]
$
$ OPEN /WRITE ser_file 'CATOP']serial.
$ OPEN /WRITE ser_file CATOP:[000000]serial.
$ WRITE ser_file "01"
$ CLOSE ser_file
$ APPEND/NEW NL: 'CATOP']index.txt
$ APPEND /NEW_VERSION NL: CATOP:[000000]index.txt
$
$ ! The following is to make sure access() doesn't get confused. It
$ ! really needs one file in the directory to give correct answers...
$ COPY NLA0: 'CATOP'.certs].;
$ COPY NLA0: 'CATOP'.crl].;
$ COPY NLA0: 'CATOP'.newcerts].;
$ COPY NLA0: 'CATOP'.private].;
$ COPY NLA0: CATOP:[certs].;
$ COPY NLA0: CATOP:[crl].;
$ COPY NLA0: CATOP:[newcerts].;
$ COPY NLA0: CATOP:[private].;
$ ENDIF
$!
$ IF F$SEARCH(CATOP+".private"+CAKEY) .EQS. ""
$ IF F$SEARCH( CAKEY) .EQS. ""
$ THEN
$ READ '__INPUT' FILE -
/PROMT="CA certificate filename (or enter to create)"
$ IF F$SEARCH(FILE) .NES. ""
/PROMPT="CA certificate filename (or enter to create): "
$ IF (FILE .NES. "") .AND. (F$SEARCH(FILE) .NES. "")
$ THEN
$ COPY 'FILE' 'CATOP'.private'CAKEY'
$ RET=$STATUS
$ COPY 'FILE' 'CAKEY'
$ RET=$STATUS
$ ELSE
$ echo "Making CA certificate ..."
$ DEFINE/USER SYS$INPUT '__INPUT'
$ REQ -new -x509 -keyout 'CATOP'.private'CAKEY' -
-out 'CATOP''CACERT' 'DAYS'
$ RET=$STATUS
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ REQ -new -x509 -keyout 'CAKEY' -out 'CACERT' 'DAYS'
$ RET=$STATUS
$ ENDIF
$ ENDIF
$ GOTO opt_loop_continue
@ -135,16 +145,16 @@ $ THEN
$ i = i + 1
$ cname = P'i'
$ IF cname .EQS. "" THEN cname = "My certificate"
$ PKCS12 -in newcert.pem -inkey newreq.pem -certfile 'CATOP''CACERT -
-out newcert.p12 -export -name "''cname'"
$ PKCS12 -in newcert.pem -inkey newreq.pem -certfile 'CACERT' -
-out newcert.p12 -export -name "''cname'"
$ RET=$STATUS
$ exit RET
$ goto clean_up
$ ENDIF
$!
$ IF (prog_opt .EQS. "-xsign")
$ THEN
$!
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ CA -policy policy_anything -infiles newreq.pem
$ RET=$STATUS
$ GOTO opt_loop_continue
@ -153,7 +163,7 @@ $!
$ IF ((prog_opt .EQS. "-sign") .OR. (prog_opt .EQS. "-signreq"))
$ THEN
$!
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ CA -policy policy_anything -out newcert.pem -infiles newreq.pem
$ RET=$STATUS
$ type newcert.pem
@ -165,9 +175,9 @@ $ IF (prog_opt .EQS. "-signcert")
$ THEN
$!
$ echo "Cert passphrase will be requested twice - bug?"
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ CA -policy policy_anything -out newcert.pem -infiles tmp.pem
y
y
@ -182,17 +192,17 @@ $!
$ i = i + 1
$ IF (p'i' .EQS. "")
$ THEN
$ DEFINE/USER SYS$INPUT '__INPUT'
$ VERIFY "-CAfile" 'CATOP''CACERT' newcert.pem
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ VERIFY "-CAfile" 'CACERT' newcert.pem
$ ELSE
$ j = i
$ verify_opt_loop:
$ IF j .GT. 8 THEN GOTO verify_opt_loop_end
$ IF p'j' .NES. ""
$ THEN
$ DEFINE/USER SYS$INPUT '__INPUT'
$ DEFINE /USER_MODE SYS$INPUT '__INPUT'
$ __tmp = p'j'
$ VERIFY "-CAfile" 'CATOP''CACERT' '__tmp'
$ VERIFY "-CAfile" 'CACERT' '__tmp'
$ tmp=$STATUS
$ IF tmp .NE. 0 THEN RET=tmp
$ ENDIF
@ -208,8 +218,8 @@ $ IF (prog_opt .NES. "")
$ THEN
$!
$ echo "Unknown argument ''prog_opt'"
$
$ EXIT 3
$ RET = 3
$ goto clean_up
$ ENDIF
$
$opt_loop_continue:
@ -217,4 +227,10 @@ $ i = i + 1
$ GOTO opt_loop
$
$opt_loop_end:
$!
$clean_up:
$!
$ if f$trnlnm( "CATOP", "LNM$PROCESS") .nes. "" then -
deassign /process CATOP
$!
$ EXIT 'RET'

92
crypto/external/bsd/openssl/dist/apps/Makefile vendored
View File

@ -39,7 +39,7 @@ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
ca crl rsa rsautl dsa dsaparam ec ecparam \
x509 genrsa gendsa genpkey s_server s_client speed \
s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts
pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
PROGS= $(PROGRAM).c
@ -56,7 +56,7 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o
spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
@ -64,7 +64,7 @@ E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.
x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c
spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
SRC=$(E_SRC)
@ -153,6 +153,8 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
$(RM) $(EXE)
shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
elif [ -n "$(FIPSCANLIB)" ]; then \
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)bin/fipsld; export CC FIPSLD_CC; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
@ -812,13 +814,13 @@ s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s_client.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h
s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
s_client.o: s_apps.h s_client.c timeouts.h
s_client.o: ../include/openssl/sha.h ../include/openssl/srp.h
s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s_client.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_client.o: ../include/openssl/x509v3.h apps.h s_apps.h s_client.c timeouts.h
s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
@ -836,33 +838,34 @@ s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h
s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
s_server.o: s_apps.h s_server.c timeouts.h
s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
s_socket.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s_socket.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
s_socket.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s_socket.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_socket.o: ../include/openssl/x509v3.h apps.h s_apps.h s_socket.c
s_server.o: ../include/openssl/srp.h ../include/openssl/ssl.h
s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_server.o: ../include/openssl/x509v3.h apps.h s_apps.h s_server.c timeouts.h
s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
s_socket.o: ../include/openssl/comp.h ../include/openssl/conf.h
s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h
s_socket.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s_socket.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s_socket.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s_socket.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
s_socket.o: s_apps.h s_socket.c
s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@ -963,6 +966,21 @@ spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
spkac.o: spkac.c
srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
srp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
srp.o: ../include/openssl/engine.h ../include/openssl/err.h
srp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
srp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
srp.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
srp.o: ../include/openssl/sha.h ../include/openssl/srp.h
srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
srp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
srp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h srp.c
ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h

27
crypto/external/bsd/openssl/dist/apps/apps.c vendored
View File

@ -257,6 +257,8 @@ int args_from_file(char *file, int *argc, char **argv[])
int str2fmt(char *s)
{
if (s == NULL)
return FORMAT_UNDEF;
if ((*s == 'D') || (*s == 'd'))
return(FORMAT_ASN1);
else if ((*s == 'T') || (*s == 't'))
@ -377,13 +379,12 @@ void program_name(char *in, char *out, int size)
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
{
int num,len,i;
int num,i;
char *p;
*argc=0;
*argv=NULL;
len=strlen(buf);
i=0;
if (arg->count == 0)
{
@ -797,7 +798,9 @@ X509 *load_cert(BIO *err, const char *file, int format,
if (file == NULL)
{
#ifdef _IONBF
# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
#endif
BIO_set_fp(cert,stdin,BIO_NOCLOSE);
}
@ -875,10 +878,17 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
if (format == FORMAT_ENGINE)
{
if (!e)
BIO_printf(bio_err,"no engine specified\n");
BIO_printf(err,"no engine specified\n");
else
{
pkey = ENGINE_load_private_key(e, file,
ui_method, &cb_data);
if (!pkey)
{
BIO_printf(err,"cannot load %s from engine\n",key_descrip);
ERR_print_errors(err);
}
}
goto end;
}
#endif
@ -891,7 +901,9 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
if (file == NULL && maybe_stdin)
{
#ifdef _IONBF
# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
#endif
BIO_set_fp(key,stdin,BIO_NOCLOSE);
}
@ -923,7 +935,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
&pkey, NULL, NULL))
goto end;
}
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
else if (format == FORMAT_MSBLOB)
pkey = b2i_PrivateKey_bio(key);
else if (format == FORMAT_PVK)
@ -937,8 +949,11 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
}
end:
if (key != NULL) BIO_free(key);
if (pkey == NULL)
if (pkey == NULL)
{
BIO_printf(err,"unable to load %s\n", key_descrip);
ERR_print_errors(err);
}
return(pkey);
}
@ -977,7 +992,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
if (file == NULL && maybe_stdin)
{
#ifdef _IONBF
# ifndef OPENSSL_NO_SETVBUF_IONBF
setvbuf(stdin, NULL, _IONBF, 0);
# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
#endif
BIO_set_fp(key,stdin,BIO_NOCLOSE);
}

3
crypto/external/bsd/openssl/dist/apps/apps.h vendored
View File

@ -357,4 +357,7 @@ int raw_write_stdout(const void *,int);
#define TM_START 0
#define TM_STOP 1
double app_tminterval (int stop,int usertime);
#define OPENSSL_NO_SSL_INTERN
#endif

1
crypto/external/bsd/openssl/dist/apps/asn1pars.c vendored
View File

@ -408,6 +408,7 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
atyp = ASN1_generate_nconf(genstr, cnf);
NCONF_free(cnf);
cnf = NULL;
if (!atyp)
return -1;

2
crypto/external/bsd/openssl/dist/apps/ciphers.c vendored
View File

@ -196,7 +196,7 @@ int MAIN(int argc, char **argv)
if (Verbose)
{
unsigned long id = c->id;
unsigned long id = SSL_CIPHER_get_id(c);
int id0 = (int)(id >> 24);
int id1 = (int)((id >> 16) & 0xffL);
int id2 = (int)((id >> 8) & 0xffL);

35
crypto/external/bsd/openssl/dist/apps/cms.c vendored
View File

@ -136,7 +136,6 @@ int MAIN(int argc, char **argv)
char *engine=NULL;
#endif
unsigned char *secret_key = NULL, *secret_keyid = NULL;
unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
size_t secret_keylen = 0, secret_keyidlen = 0;
ASN1_OBJECT *econtent_type = NULL;
@ -327,13 +326,6 @@ int MAIN(int argc, char **argv)
}
secret_keyidlen = (size_t)ltmp;
}
else if (!strcmp(*args,"-pwri_password"))
{
if (!args[1])
goto argerr;
args++;
pwri_pass = (unsigned char *)*args;
}
else if (!strcmp(*args,"-econtent_type"))
{
if (!args[1])
@ -567,7 +559,7 @@ int MAIN(int argc, char **argv)
else if (operation == SMIME_DECRYPT)
{
if (!recipfile && !keyfile && !secret_key && !pwri_pass)
if (!recipfile && !keyfile && !secret_key)
{
BIO_printf(bio_err, "No recipient certificate or key specified\n");
badarg = 1;
@ -575,7 +567,7 @@ int MAIN(int argc, char **argv)
}
else if (operation == SMIME_ENCRYPT)
{
if (!*args && !secret_key && !pwri_pass)
if (!*args && !secret_key)
{
BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
badarg = 1;
@ -925,17 +917,6 @@ int MAIN(int argc, char **argv)
secret_key = NULL;
secret_keyid = NULL;
}
if (pwri_pass)
{
pwri_tmp = (unsigned char *)BUF_strdup((char *)pwri_pass);
if (!pwri_tmp)
goto end;
if (!CMS_add0_recipient_password(cms,
-1, NID_undef, NID_undef,
pwri_tmp, -1, NULL))
goto end;
pwri_tmp = NULL;
}
if (!(flags & CMS_STREAM))
{
if (!CMS_final(cms, in, NULL, flags))
@ -1062,16 +1043,6 @@ int MAIN(int argc, char **argv)
}
}
if (pwri_pass)
{
if (!CMS_decrypt_set1_password(cms, pwri_pass, -1))
{
BIO_puts(bio_err,
"Error decrypting CMS using password\n");
goto end;
}
}
if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags))
{
BIO_printf(bio_err, "Error decrypting CMS structure\n");
@ -1196,8 +1167,6 @@ end:
OPENSSL_free(secret_key);
if (secret_keyid)
OPENSSL_free(secret_keyid);
if (pwri_tmp)
OPENSSL_free(pwri_tmp);
if (econtent_type)
ASN1_OBJECT_free(econtent_type);
if (rr)

6
crypto/external/bsd/openssl/dist/apps/demoSRP/srp_verifier.txt vendored Normal file
View File

@ -0,0 +1,6 @@
# This is a file that will be filled by the openssl srp routine.
# You can initialize the file with additional groups, these are
# records starting with a I followed by the g and N values and the id.
# The exact values ... you have to dig this out from the source of srp.c
# or srp_vfy.c
# The last value of an I is used as the default group for new users.

1
crypto/external/bsd/openssl/dist/apps/demoSRP/srp_verifier.txt.attr vendored Normal file
View File

@ -0,0 +1 @@
unique_subject = yes

2
crypto/external/bsd/openssl/dist/apps/dgst.c vendored
View File

@ -155,7 +155,7 @@ int MAIN(int argc, char **argv)
if ((*argv)[0] != '-') break;
if (strcmp(*argv,"-c") == 0)
separator=1;
if (strcmp(*argv,"-r") == 0)
else if (strcmp(*argv,"-r") == 0)
separator=2;
else if (strcmp(*argv,"-rand") == 0)
{

5
crypto/external/bsd/openssl/dist/apps/dh.c vendored
View File

@ -88,9 +88,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@ -189,7 +186,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());

5
crypto/external/bsd/openssl/dist/apps/dhparam.c vendored
View File

@ -149,9 +149,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@ -270,7 +267,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (g && !num)

2
crypto/external/bsd/openssl/dist/apps/dsa.c vendored
View File

@ -334,7 +334,7 @@ bad:
i=PEM_write_bio_DSA_PUBKEY(out,dsa);
else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
NULL,0,NULL, passout);
#ifndef OPENSSL_NO_RSA
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();

9
crypto/external/bsd/openssl/dist/apps/dsaparam.c vendored
View File

@ -111,9 +111,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@ -278,7 +275,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
@ -357,12 +354,10 @@ bad:
if (C)
{
unsigned char *data;
int l,len,bits_p,bits_q,bits_g;
int l,len,bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
bits_q=BN_num_bits(dsa->q);
bits_g=BN_num_bits(dsa->g);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{

5
crypto/external/bsd/openssl/dist/apps/ec.c vendored
View File

@ -85,9 +85,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret = 1;
EC_KEY *eckey = NULL;
const EC_GROUP *group;
@ -254,7 +251,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))

5
crypto/external/bsd/openssl/dist/apps/ecparam.c vendored
View File

@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@ -340,7 +337,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (list_curves)

9
crypto/external/bsd/openssl/dist/apps/enc.c vendored
View File

@ -101,9 +101,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@ -328,7 +325,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
@ -396,8 +393,10 @@ bad:
if (inf == NULL)
{
#ifndef OPENSSL_NO_SETVBUF_IONBF
if (bufsize != NULL)
setvbuf(stdin, (char *)NULL, _IONBF, 0);
#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
BIO_set_fp(in,stdin,BIO_NOCLOSE);
}
else
@ -450,8 +449,10 @@ bad:
if (outf == NULL)
{
BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifndef OPENSSL_NO_SETVBUF_IONBF
if (bufsize != NULL)
setvbuf(stdout, (char *)NULL, _IONBF, 0);
#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());

5
crypto/external/bsd/openssl/dist/apps/gendh.c vendored
View File

@ -89,9 +89,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
@ -163,7 +160,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());

5
crypto/external/bsd/openssl/dist/apps/gendsa.c vendored
View File

@ -78,9 +78,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@ -206,7 +203,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {

5
crypto/external/bsd/openssl/dist/apps/genrsa.c vendored
View File

@ -265,8 +265,11 @@ bad:
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
#ifdef OPENSSL_NO_ENGINE
rsa = RSA_new();
#else
rsa = RSA_new_method(e);
#endif
if (!rsa)
goto err;

107
crypto/external/bsd/openssl/dist/apps/install-apps.com vendored Executable file
View File

@ -0,0 +1,107 @@
$! INSTALL.COM -- Installs the files in a given directory tree
$!
$! Author: Richard Levitte <richard@levitte.org>
$! Time of creation: 22-MAY-1998 10:13
$!
$! P1 root of the directory tree
$! P2 "64" for 64-bit pointers.
$!
$!
$! Announce/identify.
$!
$ proc = f$environment( "procedure")
$ write sys$output "@@@ "+ -
f$parse( proc, , , "name")+ f$parse( proc, , , "type")
$!
$ on error then goto tidy
$ on control_c then goto tidy
$!
$ if (p1 .eqs. "")
$ then
$ write sys$output "First argument missing."
$ write sys$output -
"It should be the directory where you want things installed."
$ exit
$ endif
$!
$ if (f$getsyi("cpu") .lt. 128)
$ then
$ arch = "VAX"
$ else
$ arch = f$edit( f$getsyi( "arch_name"), "upcase")
$ if (arch .eqs. "") then arch = "UNK"
$ endif
$!
$ archd = arch
$!
$ if (p2 .nes. "")
$ then
$ if (p2 .eqs. "64")
$ then
$ archd = arch+ "_64"
$ else
$ if (p2 .nes. "32")
$ then
$ write sys$output "Second argument invalid."
$ write sys$output "It should be "32", "64", or nothing."
$ exit
$ endif
$ endif
$ endif
$!
$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
$ root_dev = f$parse(root,,,"device","syntax_only")
$ root_dir = f$parse(root,,,"directory","syntax_only") - -
"[000000." - "][" - "[" - "]"
$ root = root_dev + "[" + root_dir
$!
$ define /nolog wrk_sslroot 'root'.] /trans=conc
$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
$!
$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
create /directory /log wrk_sslroot:[000000]
$ if f$parse("wrk_sslxexe:") .eqs. "" then -
create /directory /log wrk_sslxexe:
$!
$ exe := openssl
$!
$ exe_dir := [-.'archd'.exe.apps]
$!
$! Executables.
$!
$ i = 0
$ loop_exe:
$ e = f$edit(f$element( i, ",", exe), "trim")
$ i = i + 1
$ if e .eqs. "," then goto loop_exe_end
$ set noon
$ file = exe_dir+ e+ ".exe"
$ if f$search( file) .nes. ""
$ then
$ copy /protection = w:re 'file' wrk_sslxexe: /log
$ endif
$ set on
$ goto loop_exe
$ loop_exe_end:
$!
$! Miscellaneous.
$!
$ set noon
$ copy /protection = w:re ca.com wrk_sslxexe:ca.com /log
$ copy /protection = w:re openssl-vms.cnf wrk_sslroot:[000000]openssl.cnf /log
$ set on
$!
$ tidy:
$!
$ call deass wrk_sslroot
$ call deass wrk_sslxexe
$!
$ exit
$!
$ deass: subroutine
$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
$ then
$ deassign /process 'p1'
$ endif
$ endsubroutine
$!

355
crypto/external/bsd/openssl/dist/apps/makeapps.com vendored
View File

@ -6,6 +6,7 @@ $! A-Com Computing, Inc.
$! byer@mail.all-net.net
$!
$! Changes by Richard Levitte <richard@levitte.org>
$! Zoltan Arpadffy <zoli@polarhome.com>
$!
$! This command files compiles and creates all the various different
$! "application" programs for the different types of encryption for OpenSSL.
@ -24,7 +25,7 @@ $! VAXC For VAX C.
$! DECC For DEC C.
$! GNUC For GNU C.
$!
$! If you don't speficy a compiler, it will try to determine which
$! If you don't specify a compiler, it will try to determine which
$! "C" compiler to use.
$!
$! P3, if defined, sets a TCP/IP library to use, through one of the following
@ -38,11 +39,35 @@ $! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
$! P5, if defined, sets a choice of programs to compile.
$!
$! P6, if defined, specifies the C pointer size. Ignored on VAX.
$! ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
$! Supported values are:
$!
$! "" Compile with default (/NOPOINTER_SIZE)
$! 32 Compile with /POINTER_SIZE=32 (SHORT)
$! 64 Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
$! (Automatically select ARGV if compiler supports it.)
$! 64= Compile with /POINTER_SIZE=64 (LONG).
$! 64=ARGV Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
$!
$! P7, if defined, specifies a directory where ZLIB files (zlib.h,
$! libz.olb) may be found. Optionally, a non-default object library
$! name may be included ("dev:[dir]libz_64.olb", for example).
$!
$!
$! Announce/identify.
$!
$ proc = f$environment( "procedure")
$ write sys$output "@@@ "+ -
f$parse( proc, , , "name")+ f$parse( proc, , , "type")
$!
$ on control_c then goto exit
$!
$! Define A TCP/IP Library That We Will Need To Link To.
$! (That Is, If We Need To Link To One.)
$!
$ TCPIP_LIB = ""
$ ZLIB_LIB = ""
$!
$! Check What Architecture We Are Using.
$!
@ -51,7 +76,7 @@ $ THEN
$!
$! The Architecture Is VAX.
$!
$ ARCH := VAX
$ ARCH = "VAX"
$!
$! Else...
$!
@ -66,37 +91,53 @@ $! End The Architecture Check.
$!
$ ENDIF
$!
$ ARCHD = ARCH
$ LIB32 = "32"
$ OPT_FILE = ""
$ POINTER_SIZE = ""
$!
$! Define what programs should be compiled
$!
$ PROGRAMS := OPENSSL
$!
$! Define The CRYPTO Library.
$!
$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
$!
$! Define The SSL Library.
$!
$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB
$!
$! Define The OBJ Directory.
$!
$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.APPS]
$!
$! Define The EXE Directory.
$!
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.APPS]
$!
$! Check To Make Sure We Have Valid Command Line Parameters.
$!
$ GOSUB CHECK_OPTIONS
$!
$! Define The CRYPTO Library.
$!
$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
$!
$! Define The SSL Library.
$!
$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
$!
$! Define The OBJ and EXE Directories.
$!
$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.APPS]
$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.APPS]
$!
$! Specify the destination directory in any /MAP option.
$!
$ if (LINKMAP .eqs. "MAP")
$ then
$ LINKMAP = LINKMAP+ "=''EXE_DIR'"
$ endif
$!
$! Add the location prefix to the linker options file name.
$!
$ if (OPT_FILE .nes. "")
$ then
$ OPT_FILE = EXE_DIR+ OPT_FILE
$ endif
$!
$! Initialise logical names and such
$!
$ GOSUB INITIALISE
$!
$! Tell The User What Kind of Machine We Run On.
$!
$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
$!
$! Check To See If The OBJ Directory Exists.
$!
@ -143,14 +184,17 @@ $ LIB_OPENSSL = "VERIFY,ASN1PARS,REQ,DGST,DH,DHPARAM,ENC,PASSWD,GENDH,ERRSTR,"+-
"X509,GENRSA,GENDSA,GENPKEY,S_SERVER,S_CLIENT,SPEED,"+-
"S_TIME,APPS,S_CB,S_SOCKET,APP_RAND,VERSION,SESS_ID,"+-
"CIPHERS,NSEQ,PKCS12,PKCS8,PKEY,PKEYPARAM,PKEYUTL,"+ -
"SPKAC,SMIME,CMS,RAND,ENGINE,OCSP,PRIME,TS"
"SPKAC,SMIME,CMS,RAND,ENGINE,OCSP,PRIME,TS,SRP"
$!
$ LIB_OPENSSL = LIB_OPENSSL+ ",VMS_DECC_INIT"
$!
$ TCPIP_PROGRAMS = ",,"
$ IF COMPILER .EQS. "VAXC" THEN -
TCPIP_PROGRAMS = ",OPENSSL,"
$!
$! Setup exceptional compilations
$!
$ COMPILEWITH_CC2 = ",S_SERVER,S_CLIENT,"
$ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT,"
$!
$ PHASE := LIB
$!
@ -168,6 +212,10 @@ $! Make The Application File Name
$!
$ CURRENT_APP = F$EDIT(F$ELEMENT(APP_COUNTER,",",PROGRAMS),"TRIM")
$!
$! Create The Executable File Name.
$!
$ EXE_FILE = EXE_DIR + CURRENT_APP + ".EXE"
$!
$! Check To See If We Are At The End Of The File List.
$!
$ IF (CURRENT_APP.EQS.",")
@ -197,7 +245,7 @@ $ LIB_COUNTER = -1
$!
$! Create a .OPT file for the object files
$!
$ OPEN/WRITE OBJECTS 'EXE_DIR''CURRENT_APP'.OPT
$ OPEN /WRITE OBJECTS 'EXE_DIR''CURRENT_APP'.OPT
$!
$! Top Of The File Loop.
$!
@ -231,10 +279,6 @@ $!
$! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
$!
$! Create The Executable File Name.
$!
$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
$ ON WARNING THEN GOTO NEXT_LIB
$!
$! Check To See If The File We Want To Compile Actually Exists.
@ -288,34 +332,18 @@ $ GOTO NEXT_APP
$ ENDIF
$!
$! Link The Program.
$! Check To See If We Are To Link With A Specific TCP/IP Library.
$!
$ ON WARNING THEN GOTO NEXT_APP
$!
$ IF (TCPIP_LIB.NES."")
$ THEN
$!
$! Don't Link With The RSAREF Routines And TCP/IP Library.
$!
$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
'EXE_DIR''CURRENT_APP'.OPT/OPTION, -
'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
'TCPIP_LIB','OPT_FILE'/OPTION
$!
$! Else...
$!
$ ELSE
$!
$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
$!
$ LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
'EXE_DIR''CURRENT_APP'.OPT/OPTION, -
'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
'OPT_FILE'/OPTION
$!
$! End The TCP/IP Library Check.
$!
$ ENDIF
$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXE='EXE_FILE' -
'EXE_DIR''CURRENT_APP'.OPT /OPTIONS, -
'SSL_LIB' /LIBRARY, -
'CRYPTO_LIB' /LIBRARY -
'TCPIP_LIB' -
'ZLIB_LIB' -
,'OPT_FILE' /OPTIONS
$!
$! Go Back And Do It Again.
$!
@ -350,7 +378,7 @@ $!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Agianst
! Default System Options File To Link Against
! The Sharable VAX C Runtime Library.
!
SYS$SHARE:VAXCRTL.EXE/SHARE
@ -379,7 +407,7 @@ $!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Agianst
! Default System Options File To Link Against
! The Sharable C Runtime Library.
!
GNU_CC:[000000]GCCLIB/LIBRARY
@ -414,7 +442,7 @@ $!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Agianst
! Default System Options File To Link Against
! The Sharable DEC C Runtime Library.
!
SYS$SHARE:DECC$SHR.EXE/SHARE
@ -429,7 +457,7 @@ $!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File For non-VAX To Link Agianst
! Default System Options File For non-VAX To Link Against
! The Sharable C Runtime Library.
!
SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
@ -513,14 +541,15 @@ $!
$ IF (P1.EQS."NODEBUG")
$ THEN
$!
$! P1 Is NODEBUG, So Compile Without Debugger Information.
$! P1 Is NODEBUG, So Compile Without Debugger Information.
$!
$ DEBUGGER = "NODEBUG"
$ TRACEBACK = "NOTRACEBACK"
$ GCC_OPTIMIZE = "OPTIMIZE"
$ CC_OPTIMIZE = "OPTIMIZE"
$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$ DEBUGGER = "NODEBUG"
$ LINKMAP = "NOMAP"
$ TRACEBACK = "NOTRACEBACK"
$ GCC_OPTIMIZE = "OPTIMIZE"
$ CC_OPTIMIZE = "OPTIMIZE"
$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$!
$! Else...
$!
@ -534,6 +563,7 @@ $!
$! Compile With Debugger Information.
$!
$ DEBUGGER = "DEBUG"
$ LINKMAP = "MAP"
$ TRACEBACK = "TRACEBACK"
$ GCC_OPTIMIZE = "NOOPTIMIZE"
$ CC_OPTIMIZE = "NOOPTIMIZE"
@ -541,7 +571,7 @@ $ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
$ ELSE
$!
$! Tell The User Entered An Invalid Option..
$! Tell The User Entered An Invalid Option.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
@ -554,7 +584,7 @@ $! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$! End The Valid Argument Check.
$!
$ ENDIF
$!
@ -562,6 +592,87 @@ $! End The P1 Check.
$!
$ ENDIF
$!
$! Check P6 (POINTER_SIZE).
$!
$ IF (P6 .NES. "") .AND. (ARCH .NES. "VAX")
$ THEN
$!
$ IF (P6 .EQS. "32")
$ THEN
$ POINTER_SIZE = " /POINTER_SIZE=32"
$ ELSE
$ POINTER_SIZE = F$EDIT( P6, "COLLAPSE, UPCASE")
$ IF ((POINTER_SIZE .EQS. "64") .OR. -
(POINTER_SIZE .EQS. "64=") .OR. -
(POINTER_SIZE .EQS. "64=ARGV"))
$ THEN
$ ARCHD = ARCH+ "_64"
$ LIB32 = ""
$ IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
$ THEN
$! Explicit user choice: "64" or "64=ARGV".
$ IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
$ ELSE
$ SET NOON
$ DEFINE /USER_MODE SYS$OUTPUT NL:
$ DEFINE /USER_MODE SYS$ERROR NL:
$ CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
$ IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
$ THEN
$ ! If we got here, it means DCL complained like this:
$ ! %DCL-W-NOVALU, value not allowed - remove value specification
$ ! \64=\
$ !
$ ! If the compiler was run, logicals defined in /USER would
$ ! have been deassigned automatically. However, when DCL
$ ! complains, they aren't, so we do it here (it might be
$ ! unnecessary, but just in case there will be another error
$ ! message further on that we don't want to miss)
$ DEASSIGN /USER_MODE SYS$ERROR
$ DEASSIGN /USER_MODE SYS$OUTPUT
$ ELSE
$ POINTER_SIZE = POINTER_SIZE + "=ARGV"
$ ENDIF
$ SET ON
$ ENDIF
$ POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
$!
$ ELSE
$!
$! Tell The User Entered An Invalid Option.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ", P6, -
" Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT -
" """" : Compile with default (short) pointers."
$ WRITE SYS$OUTPUT -
" 32 : Compile with 32-bit (short) pointers."
$ WRITE SYS$OUTPUT -
" 64 : Compile with 64-bit (long) pointers (auto ARGV)."
$ WRITE SYS$OUTPUT -
" 64= : Compile with 64-bit (long) pointers (no ARGV)."
$ WRITE SYS$OUTPUT -
" 64=ARGV : Compile with 64-bit (long) pointers (ARGV)."
$ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
$ EXIT
$!
$ ENDIF
$!
$ ENDIF
$!
$! End The P6 (POINTER_SIZE) Check.
$!
$ ENDIF
$!
$! Set basic C compiler /INCLUDE directories.
$!
$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
$!
$! Check To See If P2 Is Blank.
$!
$ IF (P2.EQS."")
@ -662,11 +773,64 @@ $ CCDEFS = "MONOLITH"
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
$ CCDISABLEWARNINGS = "" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
$!
$! Check To See If The User Entered A Valid Paramter.
$! Check To See If We Have A ZLIB Option.
$!
$ ZLIB = P7
$ IF (ZLIB .NES. "")
$ THEN
$!
$! Check for expected ZLIB files.
$!
$ err = 0
$ file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
$ if (f$search( file1) .eqs. "")
$ then
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
$ WRITE SYS$OUTPUT " Can't find header: ''file1'"
$ err = 1
$ endif
$ file1 = f$parse( "A.;", ZLIB)- "A.;"
$!
$ file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
$ if (f$search( file2) .eqs. "")
$ then
$ if (err .eq. 0)
$ then
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
$ endif
$ WRITE SYS$OUTPUT " Can't find library: ''file2'"
$ WRITE SYS$OUTPUT ""
$ err = err+ 2
$ endif
$ if (err .eq. 1)
$ then
$ WRITE SYS$OUTPUT ""
$ endif
$!
$ if (err .ne. 0)
$ then
$ EXIT
$ endif
$!
$ CCDEFS = """ZLIB=1"", "+ CCDEFS
$ CC_INCLUDES = CC_INCLUDES+ ", "+ file1
$ ZLIB_LIB = ", ''file2' /library"
$!
$! Print info
$!
$ WRITE SYS$OUTPUT "ZLIB library spec: ", file2
$!
$! End The ZLIB Check.
$!
$ ENDIF
$!
$! Check To See If The User Entered A Valid Parameter.
$!
$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
$ THEN
@ -689,13 +853,13 @@ $!
$ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC/DECC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
"/NOLIST/PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$ CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
"''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
" /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
$ OPT_FILE = "VAX_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
@ -723,7 +887,7 @@ $ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
"/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
$! Define <sys> As SYS$COMMON:[SYSLIB]
@ -732,7 +896,7 @@ $ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
$ OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
@ -755,11 +919,11 @@ $! Use GNU C...
$!
$ IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
$ CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
"/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
$ OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
@ -769,7 +933,7 @@ $! Set up default defines
$!
$ CCDEFS = """FLAT_INC=1""," + CCDEFS
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@ -801,7 +965,7 @@ $ THEN
$!
$! Set the library to use SOCKETSHR
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
$ TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
$!
$! Done with SOCKETSHR
$!
@ -827,13 +991,13 @@ $ THEN
$!
$! Set the library to use UCX.
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
$ THEN
$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
$ TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
$ ELSE
$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
$ ENDIF
$!
$! Done with UCX
@ -847,7 +1011,7 @@ $ THEN
$!
$! Set the library to use TCPIP.
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
$ TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
$!
$! Done with TCPIP
$!
@ -872,9 +1036,9 @@ $ CCDEFS = CCDEFS + ",TCPIP_TYPE_''P3'"
$!
$! Print info
$!
$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
$!
$! Else The User Entered An Invalid Arguement.
$! Else The User Entered An Invalid Argument.
$!
$ ELSE
$!
@ -902,13 +1066,13 @@ $ IF COMPILER .EQS. "DECC"
$ THEN
$ IF CCDISABLEWARNINGS .NES. ""
$ THEN
$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
$ ELSE
$ CCDISABLEWARNINGS = ""
$ ENDIF
$ CC2 = CC + "/DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$ CC2 = CC + " /DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
$!
@ -974,7 +1138,7 @@ $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
$!
$! Set up the logical name OPENSSL to point at the include directory
$!
$ DEFINE OPENSSL/NOLOG '__INCLUDE'
$ DEFINE OPENSSL /NOLOG '__INCLUDE'
$!
$! Done
$!
@ -982,15 +1146,24 @@ $ RETURN
$!
$ CLEANUP:
$!
$! Restore the logical name OPENSSL if it had a value
$! Restore the saved logical name OPENSSL, if it had a value.
$!
$ IF __SAVE_OPENSSL .EQS. ""
$ THEN
$ DEASSIGN OPENSSL
$ ELSE
$ DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
$ ENDIF
$ if (f$type( __SAVE_OPENSSL) .nes. "")
$ then
$ IF __SAVE_OPENSSL .EQS. ""
$ THEN
$ DEASSIGN OPENSSL
$ ELSE
$ DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
$ ENDIF
$ endif
$!
$! Close any open files.
$!
$ if (f$trnlnm( "objects", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
close objects
$!
$! Done
$!
$ RETURN
$!

80
crypto/external/bsd/openssl/dist/apps/openssl.c vendored
View File

@ -129,6 +129,9 @@
#include "progs.h"
#include "s_apps.h"
#include <openssl/err.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
* base prototypes (we cast each variable inside the function to the required
@ -212,8 +215,13 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
}
}
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
# define ARGV _Argv
#else
# define ARGV Argv
#endif
int main(int Argc, char *Argv[])
int main(int Argc, char *ARGV[])
{
ARGS arg;
#define PROG_NAME_SIZE 39
@ -227,7 +235,55 @@ int main(int Argc, char *Argv[])
char **argv,*p;
LHASH_OF(FUNCTION) *prog=NULL;
long errline;
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems. (See ARGV,
* above.)
* Problem 1: Compaq/HP C before V7.3 always used 32-bit
* pointers for argv[].
* Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
* everywhere else, we always allocate and use a 64-bit
* duplicate of argv[].
* Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
* to NULL-terminate a 64-bit argv[]. (As this was written, the
* compiler ECO was available only on IA64.)
* Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
* 64-bit argv[argc] for NULL, and, if necessary, use a
* (properly) NULL-terminated (64-bit) duplicate of argv[].
* The same code is used in either case to duplicate argv[].
* Some of these decisions could be handled in preprocessing,
* but the code tends to get even uglier, and the penalty for
* deciding at compile- or run-time is tiny.
*/
char **Argv = NULL;
int free_Argv = 0;
if ((sizeof( _Argv) < 8) /* 32-bit argv[]. */
# if !defined( VMS_TRUST_ARGV)
|| (_Argv[ Argc] != NULL) /* Untrusted argv[argc] not NULL. */
# endif
)
{
int i;
Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
if (Argv == NULL)
{ ret = -1; goto end; }
for(i = 0; i < Argc; i++)
Argv[i] = _Argv[i];
Argv[ Argc] = NULL; /* Certain NULL termination. */
free_Argv = 1;
}
else
{
/* Use the known-good 32-bit argv[] (which needs the
* type cast to satisfy the compiler), or the trusted or
* tested-good 64-bit argv[] as-is. */
Argv = (char **)_Argv;
}
#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
arg.data=NULL;
arg.count=0;
@ -257,6 +313,19 @@ int main(int Argc, char *Argv[])
CRYPTO_set_locking_callback(lock_dbg_cb);
}
if(getenv("OPENSSL_FIPS")) {
#ifdef OPENSSL_FIPS
if (!FIPS_mode_set(1)) {
ERR_load_crypto_strings();
ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
EXIT(1);
}
#else
fprintf(stderr, "FIPS mode not supported.\n");
EXIT(1);
#endif
}
apps_startup();
/* Lets load up our environment a little */
@ -373,6 +442,13 @@ end:
BIO_free(bio_err);
bio_err=NULL;
}
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
/* Free any duplicate Argv[] storage. */
if (free_Argv)
{
OPENSSL_free(Argv);
}
#endif
OPENSSL_EXIT(ret);
}

2
crypto/external/bsd/openssl/dist/apps/pkcs12.c vendored
View File

@ -647,7 +647,7 @@ int MAIN(int argc, char **argv)
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if ((options & INFO) && p12->mac) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) {
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("verify MAC");

5
crypto/external/bsd/openssl/dist/apps/pkcs7.c vendored
View File

@ -82,9 +82,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@ -182,7 +179,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());

4
crypto/external/bsd/openssl/dist/apps/pkcs8.c vendored
View File

@ -403,6 +403,10 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
break;
case PKCS8_NEG_PRIVKEY:
BIO_printf(bio_err, "DSA private key value is negative\n");
break;
default:
BIO_printf(bio_err, "Unknown broken type\n");
break;

3
crypto/external/bsd/openssl/dist/apps/pkeyparam.c vendored
View File

@ -74,7 +74,6 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey=NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
char *engine=NULL;
#endif
int ret = 1;
@ -141,7 +140,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
if (infile)

12
crypto/external/bsd/openssl/dist/apps/pkeyutl.c vendored
View File

@ -119,17 +119,17 @@ int MAIN(int argc, char **argv)
if (!strcmp(*argv,"-in"))
{
if (--argc < 1) badarg = 1;
infile= *(++argv);
else infile= *(++argv);
}
else if (!strcmp(*argv,"-out"))
{
if (--argc < 1) badarg = 1;
outfile= *(++argv);
else outfile= *(++argv);
}
else if (!strcmp(*argv,"-sigfile"))
{
if (--argc < 1) badarg = 1;
sigfile= *(++argv);
else sigfile= *(++argv);
}
else if(!strcmp(*argv, "-inkey"))
{
@ -159,17 +159,17 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*argv,"-passin"))
{
if (--argc < 1) badarg = 1;
passargin= *(++argv);
else passargin= *(++argv);
}
else if (strcmp(*argv,"-peerform") == 0)
{
if (--argc < 1) badarg = 1;
peerform=str2fmt(*(++argv));
else peerform=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
else keyform=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if(!strcmp(*argv, "-engine"))

34
crypto/external/bsd/openssl/dist/apps/privkey.pem vendored
View File

@ -1,16 +1,18 @@
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMo7DFNMqywUA1O/
qvWqCOm6rGrUAcR+dKsSXw6y2qiKO7APDDyotc0b4Mxwqjga98npex2RBIwUoCGJ
iEmMXo/a8RbXVUZ+ZwcAX7PC+XeXVC5qoajaBBkd2MvYmib/2PqnNrgvhHsUL5dO
xhC7cRqxLM/g45k3Yyw+nGa+WkTdAgMBAAECgYBMBT5w4dVG0I8foGFnz+9hzWab
Ee9IKjE5TcKmB93ilXQyjrWO5+zPmbc7ou6aAKk9IaPCTY1kCyzW7pho7Xdt+RFq
TgVXGZZfqtixO7f2/5oqZAkd00eOn9ZrhBpVMu4yXbbDvhDyFe4/oy0HGDjRUhxa
Lf6ZlBuTherxm4eFkQJBAPBQwRs9UtqaMAQlagA9pV5UsQjV1WT4IxDURMPfXgCd
ETNkB6pP0SmxQm5xhv9N2HY1UtoWpug9s0OU5IJB15sCQQDXbfbjiujNbuOxCFNw
68JZaCFVdNovyOWORkpenQLNEjVkmTCS9OayK09ADEYtsdpUGKeF+2EYBNkFr5px
CajnAkBMYI4PNz1HBuwt1SpMa0tMoMQnV7bbwVV7usskKbC5pzHZUHhzM6z5gEHp
0iEisT4Ty7zKXZqsgzefSgoaMAzzAkEAoCIaUhtwXzwdPfvNYnOs3J6doJMimECB
+lbfcyLM8TimvadtRt+KGEg/OYGmLNM2UiqdY+duzdbUpvhYGcwvYwJAQvaoi9z2
CkiwSs/PFrLaNlfLJmXRsUBzmiWYoh6+IQJJorEXz7ewI72ee9RBO4s746cgUFwH
Ri+qO+HhZFUBqQ==
-----END PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
-----END RSA PRIVATE KEY-----

4
crypto/external/bsd/openssl/dist/apps/progs.h vendored
View File

@ -44,6 +44,7 @@ extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
extern int engine_main(int argc,char *argv[]);
extern int ocsp_main(int argc,char *argv[]);
extern int srp_main(int argc,char *argv[]);
extern int prime_main(int argc,char *argv[]);
extern int ts_main(int argc,char *argv[]);
@ -144,6 +145,9 @@ FUNCTION functions[] = {
#endif
#ifndef OPENSSL_NO_OCSP
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#endif
#ifndef OPENSSL_NO_SRP
{FUNC_TYPE_GENERAL,"srp",srp_main},
#endif
{FUNC_TYPE_GENERAL,"prime",prime_main},
{FUNC_TYPE_GENERAL,"ts",ts_main},

5
crypto/external/bsd/openssl/dist/apps/rand.c vendored
View File

@ -77,9 +77,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));

6
crypto/external/bsd/openssl/dist/apps/req.c vendored
View File

@ -1336,11 +1336,17 @@ start2: for (;;)
BIO_snprintf(buf,sizeof buf,"%s_min",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
{
ERR_clear_error();
n_min = -1;
}
BIO_snprintf(buf,sizeof buf,"%s_max",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
{
ERR_clear_error();
n_max = -1;
}
if (!add_attribute_object(req,
v->value,def,value,nid,n_min,n_max, chtype))

2
crypto/external/bsd/openssl/dist/apps/rsa.c vendored
View File

@ -409,7 +409,7 @@ bad:
}
else i=PEM_write_bio_RSAPrivateKey(out,rsa,
enc,NULL,0,NULL,passout);
#ifndef OPENSSL_NO_DSA
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();

60
crypto/external/bsd/openssl/dist/apps/s_cb.c vendored
View File

@ -673,6 +673,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
extname = "renegotiate";
break;
case TLSEXT_TYPE_signature_algorithms:
extname = "signature algorithms";
break;
#ifdef TLSEXT_TYPE_opaque_prf_input
case TLSEXT_TYPE_opaque_prf_input:
extname = "opaque PRF input";
@ -696,15 +700,13 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
{
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
unsigned int length, resultlength;
#if OPENSSL_USE_IPV6
union {
struct sockaddr_storage ss;
struct sockaddr_in6 s6;
struct sockaddr sa;
struct sockaddr_in s4;
} peer;
#else
struct sockaddr_in peer;
#if OPENSSL_USE_IPV6
struct sockaddr_in6 s6;
#endif
} peer;
/* Initialize a random secret */
if (!cookie_initialized)
@ -721,26 +723,23 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
/* Create buffer with peer's address and port */
#if OPENSSL_USE_IPV6
length = 0;
switch (peer.ss.ss_family)
switch (peer.sa.sa_family)
{
case AF_INET:
length += sizeof(struct in_addr);
length += sizeof(peer.s4.sin_port);
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
length += sizeof(struct in6_addr);
length += sizeof(peer.s6.sin6_port);
break;
#endif
default:
OPENSSL_assert(0);
break;
}
#else
length = sizeof(peer.sin_addr);
length += sizeof(peer.sin_port);
#endif
buffer = OPENSSL_malloc(length);
if (buffer == NULL)
@ -749,8 +748,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
return 0;
}
#if OPENSSL_USE_IPV6
switch (peer.ss.ss_family)
switch (peer.sa.sa_family)
{
case AF_INET:
memcpy(buffer,
@ -760,6 +758,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
&peer.s4.sin_addr,
sizeof(struct in_addr));
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
memcpy(buffer,
&peer.s6.sin6_port,
@ -768,14 +767,11 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
&peer.s6.sin6_addr,
sizeof(struct in6_addr));
break;
#endif
default:
OPENSSL_assert(0);
break;
}
#else
memcpy(buffer, &peer.sin_port, sizeof(peer.sin_port));
memcpy(buffer + sizeof(peer.sin_port), &peer.sin_addr, sizeof(peer.sin_addr));
#endif
/* Calculate HMAC of buffer using the secret */
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
@ -792,15 +788,13 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
{
unsigned char *buffer, result[EVP_MAX_MD_SIZE];
unsigned int length, resultlength;
#if OPENSSL_USE_IPV6
union {
struct sockaddr_storage ss;
struct sockaddr_in6 s6;
struct sockaddr sa;
struct sockaddr_in s4;
} peer;
#else
struct sockaddr_in peer;
#if OPENSSL_USE_IPV6
struct sockaddr_in6 s6;
#endif
} peer;
/* If secret isn't initialized yet, the cookie can't be valid */
if (!cookie_initialized)
@ -810,26 +804,23 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
/* Create buffer with peer's address and port */
#if OPENSSL_USE_IPV6
length = 0;
switch (peer.ss.ss_family)
switch (peer.sa.sa_family)
{
case AF_INET:
length += sizeof(struct in_addr);
length += sizeof(peer.s4.sin_port);
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
length += sizeof(struct in6_addr);
length += sizeof(peer.s6.sin6_port);
break;
#endif
default:
OPENSSL_assert(0);
break;
}
#else
length = sizeof(peer.sin_addr);
length += sizeof(peer.sin_port);
#endif
buffer = OPENSSL_malloc(length);
if (buffer == NULL)
@ -838,8 +829,7 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
return 0;
}
#if OPENSSL_USE_IPV6
switch (peer.ss.ss_family)
switch (peer.sa.sa_family)
{
case AF_INET:
memcpy(buffer,
@ -849,6 +839,7 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
&peer.s4.sin_addr,
sizeof(struct in_addr));
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
memcpy(buffer,
&peer.s6.sin6_port,
@ -857,14 +848,11 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
&peer.s6.sin6_addr,
sizeof(struct in6_addr));
break;
#endif
default:
OPENSSL_assert(0);
break;
}
#else
memcpy(buffer, &peer.sin_port, sizeof(peer.sin_port));
memcpy(buffer + sizeof(peer.sin_port), &peer.sin_addr, sizeof(peer.sin_addr));
#endif
/* Calculate HMAC of buffer using the secret */
HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,

217
crypto/external/bsd/openssl/dist/apps/s_client.c vendored
View File

@ -163,6 +163,9 @@ typedef unsigned int u_int;
#include <openssl/rand.h>
#include <openssl/ocsp.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
#endif
#include "s_apps.h"
#include "timeouts.h"
@ -315,14 +318,22 @@ static void sc_usage(void)
# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
#ifndef OPENSSL_NO_SRP
BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n");
BIO_printf(bio_err," -srppass arg - password for 'user'\n");
BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n");
BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n");
BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
#endif
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n");
BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n");
BIO_printf(bio_err," -tls1 - just use TLSv1\n");
BIO_printf(bio_err," -dtls1 - just use DTLSv1\n");
BIO_printf(bio_err," -mtu - set the link layer MTU\n");
BIO_printf(bio_err," -no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n");
BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n");
@ -367,6 +378,112 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
return SSL_TLSEXT_ERR_OK;
}
#ifndef OPENSSL_NO_SRP
/* This is a context that we pass to all callbacks */
typedef struct srp_arg_st
{
char *srppassin;
char *srplogin;
int msg; /* copy from c_msg */
int debug; /* copy from c_debug */
int amp; /* allow more groups */
int strength /* minimal size for N */ ;
} SRP_ARG;
#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
static int SRP_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
{
BN_CTX *bn_ctx = BN_CTX_new();
BIGNUM *p = BN_new();
BIGNUM *r = BN_new();
int ret =
g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
p != NULL && BN_rshift1(p, N) &&
/* p = (N-1)/2 */
BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
r != NULL &&
/* verify g^((N-1)/2) == -1 (mod N) */
BN_mod_exp(r, g, p, N, bn_ctx) &&
BN_add_word(r, 1) &&
BN_cmp(r, N) == 0;
if(r)
BN_free(r);
if(p)
BN_free(p);
if(bn_ctx)
BN_CTX_free(bn_ctx);
return ret;
}
static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
BIGNUM *N = NULL, *g = NULL;
if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
return 0;
if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1)
{
BIO_printf(bio_err, "SRP parameters:\n");
BIO_printf(bio_err,"\tN="); BN_print(bio_err,N);
BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g);
BIO_printf(bio_err,"\n");
}
if (SRP_check_known_gN_param(g,N))
return 1;
if (srp_arg->amp == 1)
{
if (srp_arg->debug)
BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n");
/* The srp_moregroups must be used with caution, testing primes costs time.
Implementors should rather add the value to the known ones.
The minimal size has already been tested.
*/
if (BN_num_bits(g) <= BN_BITS && SRP_Verify_N_and_g(N,g))
return 1;
}
BIO_printf(bio_err, "SRP param N and g rejected.\n");
return 0;
}
#define PWD_STRLEN 1024
static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1);
PW_CB_DATA cb_tmp;
int l;
cb_tmp.password = (char *)srp_arg->srppassin;
cb_tmp.prompt_info = "SRP user";
if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0)
{
BIO_printf (bio_err, "Can't read Password\n");
OPENSSL_free(pass);
return NULL;
}
*(pass+l)= '\0';
return pass;
}
static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
return BUF_strdup(srp_arg->srplogin);
}
#endif
#endif
enum
@ -385,6 +502,9 @@ int MAIN(int argc, char **argv)
{
unsigned int off=0, clr=0;
SSL *con=NULL;
#ifndef OPENSSL_NO_KRB5
KSSL_CTX *kctx;
#endif
int s,k,width,state=0;
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
int cbuf_len,cbuf_off;
@ -440,6 +560,11 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
#ifndef OPENSSL_NO_SRP
char * srppass = NULL;
int srp_lateuser = 0;
SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
@ -589,6 +714,37 @@ int MAIN(int argc, char **argv)
}
}
#endif
#ifndef OPENSSL_NO_SRP
else if (strcmp(*argv,"-srpuser") == 0)
{
if (--argc < 1) goto bad;
srp_arg.srplogin= *(++argv);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srppass") == 0)
{
if (--argc < 1) goto bad;
srppass= *(++argv);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_strength") == 0)
{
if (--argc < 1) goto bad;
srp_arg.strength=atoi(*(++argv));
BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_lateuser") == 0)
{
srp_lateuser= 1;
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_moregroups") == 0)
{
srp_arg.amp=1;
meth=TLSv1_client_method();
}
#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
meth=SSLv2_client_method();
@ -598,6 +754,8 @@ int MAIN(int argc, char **argv)
meth=SSLv3_client_method();
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv,"-tls1_2") == 0)
meth=TLSv1_2_client_method();
else if (strcmp(*argv,"-tls1_1") == 0)
meth=TLSv1_1_client_method();
else if (strcmp(*argv,"-tls1") == 0)
@ -648,6 +806,8 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
CAfile= *(++argv);
}
else if (strcmp(*argv,"-no_tls1_2") == 0)
off|=SSL_OP_NO_TLSv1_2;
else if (strcmp(*argv,"-no_tls1_1") == 0)
off|=SSL_OP_NO_TLSv1_1;
else if (strcmp(*argv,"-no_tls1") == 0)
@ -840,6 +1000,14 @@ bad:
}
}
#ifndef OPENSSL_NO_SRP
if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL))
{
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
#endif
ctx=SSL_CTX_new(meth);
if (ctx == NULL)
{
@ -876,6 +1044,9 @@ bad:
SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
}
#endif
/* HACK while TLS v1.2 is disabled by default */
if (!(off & SSL_OP_NO_TLSv1_2))
SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_2);
if (bugs)
SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
else
@ -919,6 +1090,26 @@ bad:
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
#ifndef OPENSSL_NO_SRP
if (srp_arg.srplogin)
{
if (srp_lateuser)
SSL_CTX_set_srp_missing_srp_username_callback(ctx,missing_srp_username_callback);
else if (!SSL_CTX_set_srp_username(ctx, srp_arg.srplogin))
{
BIO_printf(bio_err,"Unable to set SRP username\n");
goto end;
}
srp_arg.msg = c_msg;
srp_arg.debug = c_debug ;
SSL_CTX_set_srp_cb_arg(ctx,&srp_arg);
SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
if (c_msg || c_debug || srp_arg.amp == 0)
SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb);
}
#endif
#endif
con=SSL_new(ctx);
@ -957,9 +1148,10 @@ bad:
}
#endif
#ifndef OPENSSL_NO_KRB5
if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL)
if (con && (kctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host);
SSL_set0_kssl_ctx(con, kctx);
kssl_ctx_setstring(kctx, KSSL_SERVER, host);
}
#endif /* OPENSSL_NO_KRB5 */
/* SSL_set_cipher_list(con,"RC4-MD5"); */
@ -991,7 +1183,7 @@ re_start:
}
}
#endif
if (c_Pause & 0x01) con->debug=1;
if (c_Pause & 0x01) SSL_set_debug(con, 1);
if ( SSL_version(con) == DTLS1_VERSION)
{
@ -1040,7 +1232,7 @@ re_start:
if (c_debug)
{
con->debug=1;
SSL_set_debug(con, 1);
BIO_set_callback(sbio,bio_dump_callback);
BIO_set_callback_arg(sbio,(char *)bio_c_out);
}
@ -1725,7 +1917,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
BIO_number_read(SSL_get_rbio(s)),
BIO_number_written(SSL_get_wbio(s)));
}
BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, "));
c=SSL_get_current_cipher(s);
BIO_printf(bio,"%s, Cipher is %s\n",
SSL_CIPHER_get_version(c),
@ -1747,6 +1939,19 @@ static void print_stuff(BIO *bio, SSL *s, int full)
BIO_printf(bio,"Expansion: %s\n",
expansion ? SSL_COMP_get_name(expansion) : "NONE");
#endif
#ifdef SSL_DEBUG
{
/* Print out local port of connection: useful for debugging */
int sock;
struct sockaddr_in ladd;
socklen_t ladd_size = sizeof(ladd);
sock = SSL_get_fd(s);
getsockname(sock, (struct sockaddr *)&ladd, &ladd_size);
BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port));
}
#endif
SSL_SESSION_print(bio,SSL_get_session(s));
BIO_printf(bio,"---\n");
if (peer != NULL)

145
crypto/external/bsd/openssl/dist/apps/s_server.c vendored
View File

@ -186,6 +186,9 @@ typedef unsigned int u_int;
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
#endif
#include "s_apps.h"
#include "timeouts.h"
@ -369,6 +372,40 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
}
#endif
#ifndef OPENSSL_NO_SRP
/* This is a context that we pass to callbacks */
typedef struct srpsrvparm_st
{
int verbose;
char *login;
SRP_VBASE *vb;
} srpsrvparm;
static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
{
srpsrvparm *p = (srpsrvparm *) arg;
SRP_user_pwd *user;
p->login = BUF_strdup(SSL_get_srp_username(s));
BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
user = SRP_VBASE_get_by_user(p->vb, p->login);
if (user == NULL)
{
BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
return SSL3_AL_FATAL;
}
if (SSL_set_srp_server_param(s, user->N, user->g, user->s, user->v,
user->info) < 0)
{
*ad = SSL_AD_INTERNAL_ERROR;
return SSL3_AL_FATAL;
}
return SSL_ERROR_NONE;
}
#endif
#ifdef MONOLITH
static void s_server_init(void)
{
@ -455,10 +492,15 @@ static void sv_usage(void)
# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
#ifndef OPENSSL_NO_SRP
BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n");
BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
#endif
BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
BIO_printf(bio_err," -tls1_1 - Just talk TLSv1_1\n");
BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n");
BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n");
BIO_printf(bio_err," -tls1 - Just talk TLSv1\n");
BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n");
BIO_printf(bio_err," -timeout - Enable timeouts\n");
@ -468,6 +510,7 @@ static void sv_usage(void)
BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n");
BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n");
BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n");
BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n");
#ifndef OPENSSL_NO_DH
BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n");
#endif
@ -874,12 +917,21 @@ int MAIN(int argc, char *argv[])
/* by default do not send a PSK identity hint */
static char *psk_identity_hint=NULL;
#endif
#ifndef OPENSSL_NO_SRP
char *srpuserseed = NULL;
char *srp_verifier_file = NULL;
srpsrvparm p;
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_server_method();
#elif !defined(OPENSSL_NO_SSL3)
meth=SSLv3_server_method();
#elif !defined(OPENSSL_NO_SSL2)
meth=SSLv2_server_method();
#elif !defined(OPENSSL_NO_TLS1)
meth=TLSv1_server_method();
#else
/* #error no SSL version enabled */
#endif
local_argc=argc;
@ -1111,6 +1163,20 @@ int MAIN(int argc, char *argv[])
goto bad;
}
}
#endif
#ifndef OPENSSL_NO_SRP
else if (strcmp(*argv, "-srpvfile") == 0)
{
if (--argc < 1) goto bad;
srp_verifier_file = *(++argv);
meth=TLSv1_server_method();
}
else if (strcmp(*argv, "-srpuserseed") == 0)
{
if (--argc < 1) goto bad;
srpuserseed = *(++argv);
meth=TLSv1_server_method();
}
#endif
else if (strcmp(*argv,"-www") == 0)
{ www=1; }
@ -1122,10 +1188,12 @@ int MAIN(int argc, char *argv[])
{ off|=SSL_OP_NO_SSLv2; }
else if (strcmp(*argv,"-no_ssl3") == 0)
{ off|=SSL_OP_NO_SSLv3; }
else if (strcmp(*argv,"-no_tls1_1") == 0)
{ off|=SSL_OP_NO_TLSv1_1; }
else if (strcmp(*argv,"-no_tls1") == 0)
{ off|=SSL_OP_NO_TLSv1; }
else if (strcmp(*argv,"-no_tls1_1") == 0)
{ off|=SSL_OP_NO_TLSv1_1; }
else if (strcmp(*argv,"-no_tls1_2") == 0)
{ off|=SSL_OP_NO_TLSv1_2; }
else if (strcmp(*argv,"-no_comp") == 0)
{ off|=SSL_OP_NO_COMPRESSION; }
#ifndef OPENSSL_NO_TLSEXT
@ -1141,10 +1209,12 @@ int MAIN(int argc, char *argv[])
{ meth=SSLv3_server_method(); }
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv,"-tls1_1") == 0)
{ meth=TLSv1_1_server_method(); }
else if (strcmp(*argv,"-tls1") == 0)
{ meth=TLSv1_server_method(); }
else if (strcmp(*argv,"-tls1_1") == 0)
{ meth=TLSv1_1_server_method(); }
else if (strcmp(*argv,"-tls1_2") == 0)
{ meth=TLSv1_2_server_method(); }
#endif
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv,"-dtls1") == 0)
@ -1393,6 +1463,9 @@ bad:
SSL_CTX_set_quiet_shutdown(ctx,1);
if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
/* HACK while TLS v1.2 is disabled by default */
if (!(off & SSL_OP_NO_TLSv1_2))
SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_2);
SSL_CTX_set_options(ctx,off);
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
@ -1690,6 +1763,23 @@ bad:
}
#endif
#ifndef OPENSSL_NO_SRP
if (srp_verifier_file != NULL)
{
p.vb = SRP_VBASE_new(srpuserseed);
if ((ret = SRP_VBASE_init(p.vb, srp_verifier_file)) != SRP_NO_ERROR)
{
BIO_printf(bio_err,
"Cannot initialize SRP verifier file \"%s\":ret=%d\n",
srp_verifier_file, ret);
goto end;
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback);
SSL_CTX_set_srp_cb_arg(ctx, &p);
SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
}
else
#endif
if (CAfile != NULL)
{
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
@ -1771,6 +1861,9 @@ static int sv_body(char *hostname, int s, unsigned char *context)
unsigned long l;
SSL *con=NULL;
BIO *sbio;
#ifndef OPENSSL_NO_KRB5
KSSL_CTX *kctx;
#endif
struct timeval timeout;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
@ -1811,12 +1904,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
}
#endif
#ifndef OPENSSL_NO_KRB5
if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
if ((kctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE,
KRB5SVC);
kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB,
KRB5KEYTAB);
SSL_set0_kssl_ctx(con, kctx);
kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if(context)
@ -1879,7 +1971,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
if (s_debug)
{
con->debug=1;
SSL_set_debug(con, 1);
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
}
@ -2165,6 +2257,9 @@ static int init_ssl_connection(SSL *con)
X509 *peer;
long verify_error;
MS_STATIC char buf[BUFSIZ];
#ifndef OPENSSL_NO_KRB5
char *client_princ;
#endif
if ((i=SSL_accept(con)) <= 0)
{
@ -2204,15 +2299,16 @@ static int init_ssl_connection(SSL *con)
BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n");
if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
TLS1_FLAGS_TLS_PADDING_BUG)
BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");
#ifndef OPENSSL_NO_KRB5
if (con->kssl_ctx->client_princ != NULL)
client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
if (client_princ != NULL)
{
BIO_printf(bio_s_out,"Kerberos peer principal is %s\n",
con->kssl_ctx->client_princ);
client_princ);
}
#endif /* OPENSSL_NO_KRB5 */
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
@ -2234,6 +2330,9 @@ err:
return(ret);
}
#endif
#ifndef OPENSSL_NO_KRB5
char *client_princ;
#endif
#if 0
static int load_CA(SSL_CTX *ctx, char *file)
@ -2260,11 +2359,13 @@ static int www_body(char *hostname, int s, unsigned char *context)
{
char *buf=NULL;
int ret=1;
int i,j,k,blank,dot;
int i,j,k,dot;
SSL *con;
const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
long total_bytes;
#ifndef OPENSSL_NO_KRB5
KSSL_CTX *kctx;
#endif
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
@ -2296,10 +2397,10 @@ static int www_body(char *hostname, int s, unsigned char *context)
}
#endif
#ifndef OPENSSL_NO_KRB5
if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
if ((kctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB);
kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
}
#endif /* OPENSSL_NO_KRB5 */
if(context) SSL_set_session_id_context(con, context,
@ -2325,7 +2426,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
if (s_debug)
{
con->debug=1;
SSL_set_debug(con, 1);
BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
}
@ -2335,7 +2436,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
SSL_set_msg_callback_arg(con, bio_s_out);
}
blank=0;
for (;;)
{
if (hack)
@ -2447,7 +2547,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
}
BIO_puts(io,"\n");
}
BIO_printf(io,((con->hit)
BIO_printf(io,(SSL_cache_hit(con)
?"---\nReused, "
:"---\nNew, "));
c=SSL_get_current_cipher(con);
@ -2565,7 +2665,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
total_bytes=0;
for (;;)
{
i=BIO_read(file,buf,bufsize);

13
crypto/external/bsd/openssl/dist/apps/s_socket.c vendored
View File

@ -62,6 +62,12 @@
#include <errno.h>
#include <signal.h>
#ifdef FLAT_INC
#include "e_os2.h"
#else
#include "../e_os2.h"
#endif
/* With IPv6, it looks like Digital has mixed up the proper order of
recursive header file inclusion, resulting in the compiler complaining
that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
@ -321,7 +327,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
{
int ret=0;
struct sockaddr_in server;
int s= -1,i;
int s= -1;
if (!ssl_sock_init()) return(0);
@ -360,7 +366,6 @@ static int init_server_long(int *sock, int port, char *ip, int type)
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
i=0;
*sock=s;
ret=1;
err:
@ -378,7 +383,7 @@ static int init_server(int *sock, int port, int type)
static int do_accept(int acc_sock, int *sock, char **host)
{
int ret,i;
int ret;
struct hostent *h1,*h2;
static struct sockaddr_in from;
int len;
@ -401,6 +406,7 @@ redoit:
if (ret == INVALID_SOCKET)
{
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
int i;
i=WSAGetLastError();
BIO_printf(bio_err,"accept error %d\n",i);
#else
@ -455,7 +461,6 @@ redoit:
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
i=0;
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");

18
crypto/external/bsd/openssl/dist/apps/sess_id.c vendored
View File

@ -90,6 +90,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
SSL_SESSION *x=NULL;
X509 *peer = NULL;
int ret=1,i,num,badops=0;
BIO *out=NULL;
int informat,outformat;
@ -163,16 +164,17 @@ bad:
ERR_load_crypto_strings();
x=load_sess_id(infile,informat);
if (x == NULL) { goto end; }
peer = SSL_SESSION_get0_peer(x);
if(context)
{
x->sid_ctx_length=strlen(context);
if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
size_t ctx_len = strlen(context);
if(ctx_len > SSL_MAX_SID_CTX_LENGTH)
{
BIO_printf(bio_err,"Context too long\n");
goto end;
}
memcpy(x->sid_ctx,context,x->sid_ctx_length);
SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
}
#ifdef undef
@ -231,10 +233,10 @@ bad:
if (cert)
{
if (x->peer == NULL)
if (peer == NULL)
BIO_puts(out,"No certificate present\n");
else
X509_print(out,x->peer);
X509_print(out,peer);
}
}
@ -253,12 +255,12 @@ bad:
goto end;
}
}
else if (!noout && (x->peer != NULL)) /* just print the certificate */
else if (!noout && (peer != NULL)) /* just print the certificate */
{
if (outformat == FORMAT_ASN1)
i=(int)i2d_X509_bio(out,x->peer);
i=(int)i2d_X509_bio(out,peer);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_X509(out,x->peer);
i=PEM_write_bio_X509(out,peer);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
goto end;

759
crypto/external/bsd/openssl/dist/apps/srp.c vendored Normal file
View File

@ -0,0 +1,759 @@
/* apps/srp.c */
/* Written by Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SRP
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/txt_db.h>
#include <openssl/buffer.h>
#include <openssl/srp.h>
#include "apps.h"
#undef PROG
#define PROG srp_main
#define BASE_SECTION "srp"
#define CONFIG_FILE "openssl.cnf"
#define ENV_RANDFILE "RANDFILE"
#define ENV_DATABASE "srpvfile"
#define ENV_DEFAULT_SRP "default_srp"
static char *srp_usage[]={
"usage: srp [args] [user] \n",
"\n",
" -verbose Talk alot while doing things\n",
" -config file A config file\n",
" -name arg The particular srp definition to use\n",
" -srpvfile arg The srp verifier file name\n",
" -add add an user and srp verifier\n",
" -modify modify the srp verifier of an existing user\n",
" -delete delete user from verifier file\n",
" -list list user\n",
" -gn arg g and N values to be used for new verifier\n",
" -userinfo arg additional info to be set for user\n",
" -passin arg input file pass phrase source\n",
" -passout arg output file pass phrase source\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
NULL
};
#ifdef EFENCE
extern int EF_PROTECT_FREE;
extern int EF_PROTECT_BELOW;
extern int EF_ALIGNMENT;
#endif
static CONF *conf=NULL;
static char *section=NULL;
#define VERBOSE if (verbose)
#define VVERBOSE if (verbose>1)
int MAIN(int, char **);
static int get_index(CA_DB *db, char* id, char type)
{
char ** pp;
int i;
if (id == NULL) return -1;
if (type == DB_SRP_INDEX)
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id, pp[DB_srpid]))
return i;
}
else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i;
}
return -1 ;
}
static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s)
{
if (indx >= 0 && verbose)
{
int j;
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, indx);
BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]);
for (j = 0; j < DB_NUMBER; j++)
{
BIO_printf(bio_err," %d = \"%s\"\n", j, pp[j]);
}
}
}
static void print_index(CA_DB *db, BIO *bio, int indexindex, int verbose)
{
print_entry(db, bio, indexindex, verbose, "g N entry") ;
}
static void print_user(CA_DB *db, BIO *bio, int userindex, int verbose)
{
if (verbose > 0)
{
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
if (pp[DB_srptype][0] != 'I')
{
print_entry(db, bio, userindex, verbose, "User entry");
print_entry(db, bio, get_index(db, pp[DB_srpgN], 'I'), verbose, "g N entry");
}
}
}
static int update_index(CA_DB *db, BIO *bio, char **row)
{
char ** irow;
int i;
if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
return 0;
}
for (i=0; i<DB_NUMBER; i++)
{
irow[i]=row[i];
row[i]=NULL;
}
irow[DB_NUMBER]=NULL;
if (!TXT_DB_insert(db->db,irow))
{
BIO_printf(bio,"failed to update srpvfile\n");
BIO_printf(bio,"TXT_DB error number %ld\n",db->db->error);
OPENSSL_free(irow);
return 0;
}
return 1;
}
static void lookup_fail(const char *name, char *tag)
{
BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
}
static char *srp_verify_user(const char *user, const char *srp_verifier,
char *srp_usersalt, const char *g, const char *N,
const char *passin, BIO *bio, int verbose)
{
char password[1024];
PW_CB_DATA cb_tmp;
char *verifier = NULL;
char *gNid = NULL;
cb_tmp.prompt_info = user;
cb_tmp.password = passin;
if (password_callback(password, 1024, 0, &cb_tmp) >0)
{
VERBOSE BIO_printf(bio,"Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,srp_verifier,srp_usersalt, g, N);
BIO_printf(bio, "Pass %s\n", password);
if (!(gNid=SRP_create_verifier(user, password, &srp_usersalt, &verifier, N, g)))
{
BIO_printf(bio, "Internal error validating SRP verifier\n");
}
else
{
if (strcmp(verifier, srp_verifier))
gNid = NULL;
OPENSSL_free(verifier);
}
}
return gNid;
}
static char *srp_create_user(char *user, char **srp_verifier,
char **srp_usersalt, char *g, char *N,
char *passout, BIO *bio, int verbose)
{
char password[1024];
PW_CB_DATA cb_tmp;
char *gNid = NULL;
char *salt = NULL;
cb_tmp.prompt_info = user;
cb_tmp.password = passout;
if (password_callback(password,1024,1,&cb_tmp) >0)
{
VERBOSE BIO_printf(bio,"Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,g,N);
if (!(gNid =SRP_create_verifier(user, password, &salt, srp_verifier, N, g)))
{
BIO_printf(bio,"Internal error creating SRP verifier\n");
}
else
*srp_usersalt = salt;
VVERBOSE BIO_printf(bio,"gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", gNid,salt, *srp_verifier);
}
return gNid;
}
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int add_user = 0;
int list_user= 0;
int delete_user= 0;
int modify_user= 0;
char * user = NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char * gN = NULL;
int gNindex = -1;
char ** gNrow = NULL;
int maxgN = -1;
char * userinfo = NULL;
int badops=0;
int ret=1;
int errors=0;
int verbose=0;
int doupdatedb=0;
char *configfile=NULL;
char *dbfile=NULL;
CA_DB *db=NULL;
char **pp ;
int i;
long errorline = -1;
char *randfile=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *tofree=NULL;
DB_ATTR db_attr;
#ifdef EFENCE
EF_PROTECT_FREE=1;
EF_PROTECT_BELOW=1;
EF_ALIGNMENT=0;
#endif
apps_startup();
conf = NULL;
section = NULL;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
argc--;
argv++;
while (argc >= 1 && badops == 0)
{
if (strcmp(*argv,"-verbose") == 0)
verbose++;
else if (strcmp(*argv,"-config") == 0)
{
if (--argc < 1) goto bad;
configfile= *(++argv);
}
else if (strcmp(*argv,"-name") == 0)
{
if (--argc < 1) goto bad;
section= *(++argv);
}
else if (strcmp(*argv,"-srpvfile") == 0)
{
if (--argc < 1) goto bad;
dbfile= *(++argv);
}
else if (strcmp(*argv,"-add") == 0)
add_user=1;
else if (strcmp(*argv,"-delete") == 0)
delete_user=1;
else if (strcmp(*argv,"-modify") == 0)
modify_user=1;
else if (strcmp(*argv,"-list") == 0)
list_user=1;
else if (strcmp(*argv,"-gn") == 0)
{
if (--argc < 1) goto bad;
gN= *(++argv);
}
else if (strcmp(*argv,"-userinfo") == 0)
{
if (--argc < 1) goto bad;
userinfo= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (**argv == '-')
{
bad:
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
break;
}
else
break;
argc--;
argv++;
}
if (dbfile && configfile)
{
BIO_printf(bio_err,"-dbfile and -configfile cannot be specified together.\n");
badops = 1;
}
if (add_user+delete_user+modify_user+list_user != 1)
{
BIO_printf(bio_err,"Exactly one of the options -add, -delete, -modify -list must be specified.\n");
badops = 1;
}
if (delete_user+modify_user+delete_user== 1 && argc <= 0)
{
BIO_printf(bio_err,"Need at least one user for options -add, -delete, -modify. \n");
badops = 1;
}
if ((passin || passout) && argc != 1 )
{
BIO_printf(bio_err,"-passin, -passout arguments only valid with one user.\n");
badops = 1;
}
if (badops)
{
for (pp=srp_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
goto err;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
BIO_printf(bio_err, "Error getting passwords\n");
goto err;
}
if (!dbfile)
{
/*****************************************************************/
tofree=NULL;
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
if (configfile == NULL)
{
const char *s=X509_get_default_cert_area();
size_t len;
#ifdef OPENSSL_SYS_VMS
len = strlen(s)+sizeof(CONFIG_FILE);
tofree=OPENSSL_malloc(len);
strcpy(tofree,s);
#else
len = strlen(s)+sizeof(CONFIG_FILE)+1;
tofree=OPENSSL_malloc(len);
BUF_strlcpy(tofree,s,len);
BUF_strlcat(tofree,"/",len);
#endif
BUF_strlcat(tofree,CONFIG_FILE,len);
configfile=tofree;
}
VERBOSE BIO_printf(bio_err,"Using configuration from %s\n",configfile);
conf = NCONF_new(NULL);
if (NCONF_load(conf,configfile,&errorline) <= 0)
{
if (errorline <= 0)
BIO_printf(bio_err,"error loading the config file '%s'\n",
configfile);
else
BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
,errorline,configfile);
goto err;
}
if(tofree)
{
OPENSSL_free(tofree);
tofree = NULL;
}
if (!load_config(bio_err, conf))
goto err;
/* Lets get the config section we are using */
if (section == NULL)
{
VERBOSE BIO_printf(bio_err,"trying to read " ENV_DEFAULT_SRP " in \" BASE_SECTION \"\n");
section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_SRP);
if (section == NULL)
{
lookup_fail(BASE_SECTION,ENV_DEFAULT_SRP);
goto err;
}
}
if (randfile == NULL && conf)
randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
VERBOSE BIO_printf(bio_err,"trying to read " ENV_DATABASE " in section \"%s\"\n",section);
if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
{
lookup_fail(section,ENV_DATABASE);
goto err;
}
}
if (randfile == NULL)
ERR_clear_error();
else
app_RAND_load_file(randfile, bio_err, 0);
VERBOSE BIO_printf(bio_err,"Trying to read SRP verifier file \"%s\"\n",dbfile);
db = load_index(dbfile, &db_attr);
if (db == NULL) goto err;
/* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX)
{
maxgN = i;
if (gNindex < 0 && gN != NULL && !strcmp(gN, pp[DB_srpid]))
gNindex = i;
print_index(db, bio_err, i, verbose > 1);
}
}
VERBOSE BIO_printf(bio_err, "Database initialised\n");
if (gNindex >= 0)
{
gNrow = (char **)sk_OPENSSL_PSTRING_value(db->db->data, gNindex);
print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N") ;
}
else if (maxgN > 0 && !SRP_get_default_gN(gN))
{
BIO_printf(bio_err, "No g and N value for index \"%s\"\n", gN);
goto err;
}
else
{
VERBOSE BIO_printf(bio_err, "Database has no g N information.\n");
gNrow = NULL;
}
VVERBOSE BIO_printf(bio_err,"Starting user processing\n");
if (argc > 0)
user = *(argv++) ;
while (list_user || user)
{
int userindex = -1;
if (user)
VVERBOSE BIO_printf(bio_err, "Processing user \"%s\"\n", user);
if ((userindex = get_index(db, user, 'U')) >= 0)
{
print_user(db, bio_err, userindex, (verbose > 0) || list_user);
}
if (list_user)
{
if (user == NULL)
{
BIO_printf(bio_err,"List all users\n");
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
print_user(db,bio_err, i, 1);
}
list_user = 0;
}
else if (userindex < 0)
{
BIO_printf(bio_err, "user \"%s\" does not exist, ignored. t\n",
user);
errors++;
}
}
else if (add_user)
{
if (userindex >= 0)
{
/* reactivation of a new user */
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
BIO_printf(bio_err, "user \"%s\" reactivated.\n", user);
row[DB_srptype][0] = 'V';
doupdatedb = 1;
}
else
{
char *row[DB_NUMBER] ; char *gNid;
row[DB_srpverifier] = NULL;
row[DB_srpsalt] = NULL;
row[DB_srpinfo] = NULL;
if (!(gNid = srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:gN,gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{
BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned .\n", user);
errors++;
goto err;
}
row[DB_srpid] = BUF_strdup(user);
row[DB_srptype] = BUF_strdup("v");
row[DB_srpgN] = BUF_strdup(gNid);
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
(userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))) ||
!update_index(db, bio_err, row))
{
if (row[DB_srpid]) OPENSSL_free(row[DB_srpid]);
if (row[DB_srpgN]) OPENSSL_free(row[DB_srpgN]);
if (row[DB_srpinfo]) OPENSSL_free(row[DB_srpinfo]);
if (row[DB_srptype]) OPENSSL_free(row[DB_srptype]);
if (row[DB_srpverifier]) OPENSSL_free(row[DB_srpverifier]);
if (row[DB_srpsalt]) OPENSSL_free(row[DB_srpsalt]);
goto err;
}
doupdatedb = 1;
}
}
else if (modify_user)
{
if (userindex < 0)
{
BIO_printf(bio_err,"user \"%s\" does not exist, operation ignored.\n",user);
errors++;
}
else
{
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char type = row[DB_srptype][0];
if (type == 'v')
{
BIO_printf(bio_err,"user \"%s\" already updated, operation ignored.\n",user);
errors++;
}
else
{
char *gNid;
if (row[DB_srptype][0] == 'V')
{
int user_gN;
char **irow = NULL;
VERBOSE BIO_printf(bio_err,"Verifying password for user \"%s\"\n",user);
if ( (user_gN = get_index(db, row[DB_srpgN], DB_SRP_INDEX)) >= 0)
irow = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
if (!srp_verify_user(user, row[DB_srpverifier], row[DB_srpsalt], irow ? irow[DB_srpsalt] : row[DB_srpgN], irow ? irow[DB_srpverifier] : NULL, passin, bio_err, verbose))
{
BIO_printf(bio_err, "Invalid password for user \"%s\", operation abandoned.\n", user);
errors++;
goto err;
}
}
VERBOSE BIO_printf(bio_err,"Password for user \"%s\" ok.\n",user);
if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{
BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user);
errors++;
goto err;
}
row[DB_srptype][0] = 'v';
row[DB_srpgN] = BUF_strdup(gNid);
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
(userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
goto err;
doupdatedb = 1;
}
}
}
else if (delete_user)
{
if (userindex < 0)
{
BIO_printf(bio_err, "user \"%s\" does not exist, operation ignored. t\n", user);
errors++;
}
else
{
char **xpp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex);
BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
xpp[DB_srptype][0] = 'R';
doupdatedb = 1;
}
}
if (--argc > 0)
user = *(argv++) ;
else
{
user = NULL;
list_user = 0;
}
}
VERBOSE BIO_printf(bio_err,"User procession done.\n");
if (doupdatedb)
{
/* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == 'v')
{
pp[DB_srptype][0] = 'V';
print_user(db, bio_err, i, verbose);
}
}
VERBOSE BIO_printf(bio_err, "Trying to update srpvfile.\n");
if (!save_index(dbfile, "new", db)) goto err;
VERBOSE BIO_printf(bio_err, "Temporary srpvfile created.\n");
if (!rotate_index(dbfile, "new", "old")) goto err;
VERBOSE BIO_printf(bio_err, "srpvfile updated.\n");
}
ret = (errors != 0);
err:
if (errors != 0)
VERBOSE BIO_printf(bio_err,"User errors %d.\n",errors);
VERBOSE BIO_printf(bio_err,"SRP terminating with code %d.\n",ret);
if(tofree)
OPENSSL_free(tofree);
if (ret) ERR_print_errors(bio_err);
if (randfile) app_RAND_write_file(randfile, bio_err);
if (conf) NCONF_free(conf);
if (db) free_index(db);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
}
#endif

2
crypto/external/bsd/openssl/dist/apps/tsget vendored
View File

@ -1,7 +1,7 @@
#!/usr/bin/perl -w
# Written by Zoltan Glozik <zglozik@stones.com>.
# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
$::version = '$Id: tsget,v 1.1.1.2 2009/12/26 23:30:58 christos Exp $';
$::version = '$Id: tsget,v 1.1.1.3 2011/06/05 14:57:16 spz Exp $';
use strict;
use IO::Handle;

188
crypto/external/bsd/openssl/dist/apps/vms_decc_init.c vendored Executable file
View File

@ -0,0 +1,188 @@
#if defined( __VMS) && !defined( OPENSSL_NO_DECC_INIT) && \
defined( __DECC) && !defined( __VAX) && (__CRTL_VER >= 70301000)
# define USE_DECC_INIT 1
#endif
#ifdef USE_DECC_INIT
/*
* 2010-04-26 SMS.
*
*----------------------------------------------------------------------
*
* decc_init()
*
* On non-VAX systems, uses LIB$INITIALIZE to set a collection of C
* RTL features without using the DECC$* logical name method.
*
*----------------------------------------------------------------------
*/
#include <stdio.h>
#include <stdlib.h>
#include <unixlib.h>
/* Global storage. */
/* Flag to sense if decc_init() was called. */
int decc_init_done = -1;
/* Structure to hold a DECC$* feature name and its desired value. */
typedef struct
{
char *name;
int value;
} decc_feat_t;
/* Array of DECC$* feature names and their desired values.
* Note: DECC$ARGV_PARSE_STYLE is the urgent one.
*/
decc_feat_t decc_feat_array[] =
{
/* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
{ "DECC$ARGV_PARSE_STYLE", 1 },
/* Preserve case for file names on ODS5 disks. */
{ "DECC$EFS_CASE_PRESERVE", 1 },
/* Enable multiple dots (and most characters) in ODS5 file names,
* while preserving VMS-ness of ";version".
*/
{ "DECC$EFS_CHARSET", 1 },
/* List terminator. */
{ (char *)NULL, 0 }
};
/* LIB$INITIALIZE initialization function. */
static void decc_init( void)
{
char *openssl_debug_decc_init;
int verbose = 0;
int feat_index;
int feat_value;
int feat_value_max;
int feat_value_min;
int i;
int sts;
/* Get debug option. */
openssl_debug_decc_init = getenv( "OPENSSL_DEBUG_DECC_INIT");
if (openssl_debug_decc_init != NULL)
{
verbose = strtol( openssl_debug_decc_init, NULL, 10);
if (verbose <= 0)
{
verbose = 1;
}
}
/* Set the global flag to indicate that LIB$INITIALIZE worked. */
decc_init_done = 1;
/* Loop through all items in the decc_feat_array[]. */
for (i = 0; decc_feat_array[ i].name != NULL; i++)
{
/* Get the feature index. */
feat_index = decc$feature_get_index( decc_feat_array[ i].name);
if (feat_index >= 0)
{
/* Valid item. Collect its properties. */
feat_value = decc$feature_get_value( feat_index, 1);
feat_value_min = decc$feature_get_value( feat_index, 2);
feat_value_max = decc$feature_get_value( feat_index, 3);
/* Check the validity of our desired value. */
if ((decc_feat_array[ i].value >= feat_value_min) &&
(decc_feat_array[ i].value <= feat_value_max))
{
/* Valid value. Set it if necessary. */
if (feat_value != decc_feat_array[ i].value)
{
sts = decc$feature_set_value( feat_index,
1,
decc_feat_array[ i].value);
if (verbose > 1)
{
fprintf( stderr, " %s = %d, sts = %d.\n",
decc_feat_array[ i].name,
decc_feat_array[ i].value,
sts);
}
}
}
else
{
/* Invalid DECC feature value. */
fprintf( stderr,
" INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
feat_value,
feat_value_min, decc_feat_array[ i].name, feat_value_max);
}
}
else
{
/* Invalid DECC feature name. */
fprintf( stderr,
" UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[ i].name);
}
}
if (verbose > 0)
{
fprintf( stderr, " DECC_INIT complete.\n");
}
}
/* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */
#pragma nostandard
/* Establish the LIB$INITIALIZE PSECTs, with proper alignment and
* other attributes. Note that "nopic" is significant only on VAX.
*/
#pragma extern_model save
#if __INITIAL_POINTER_SIZE == 64
# define PSECT_ALIGN 3
#else
# define PSECT_ALIGN 2
#endif
#pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
const int spare[ 8] = { 0 };
#pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
void (*const x_decc_init)() = decc_init;
#pragma extern_model restore
/* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
#pragma extern_model save
int LIB$INITIALIZE( void);
#pragma extern_model strict_refdef
int dmy_lib$initialize = (int) LIB$INITIALIZE;
#pragma extern_model restore
#pragma standard
#else /* def USE_DECC_INIT */
/* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
int decc_init_dummy( void);
#endif /* def USE_DECC_INIT */

31
crypto/external/bsd/openssl/dist/apps/x509.c vendored
View File

@ -99,7 +99,13 @@ static const char *x509_usage[]={
" -passin arg - private key password source\n",
" -serial - print serial number value\n",
" -subject_hash - print subject hash value\n",
#ifndef OPENSSL_NO_MD5
" -subject_hash_old - print old-style (MD5) subject hash value\n",
#endif
" -issuer_hash - print issuer hash value\n",
#ifndef OPENSSL_NO_MD5
" -issuer_hash_old - print old-style (MD5) issuer hash value\n",
#endif
" -hash - synonym for -subject_hash\n",
" -subject - print subject DN\n",
" -issuer - print issuer DN\n",
@ -179,6 +185,9 @@ int MAIN(int argc, char **argv)
int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
int next_serial=0;
int subject_hash=0,issuer_hash=0,ocspid=0;
#ifndef OPENSSL_NO_MD5
int subject_hash_old=0,issuer_hash_old=0;
#endif
int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
int ocsp_uri=0;
int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
@ -397,8 +406,16 @@ int MAIN(int argc, char **argv)
else if (strcmp(*argv,"-hash") == 0
|| strcmp(*argv,"-subject_hash") == 0)
subject_hash= ++num;
#ifndef OPENSSL_NO_MD5
else if (strcmp(*argv,"-subject_hash_old") == 0)
subject_hash_old= ++num;
#endif
else if (strcmp(*argv,"-issuer_hash") == 0)
issuer_hash= ++num;
#ifndef OPENSSL_NO_MD5
else if (strcmp(*argv,"-issuer_hash_old") == 0)
issuer_hash_old= ++num;
#endif
else if (strcmp(*argv,"-subject") == 0)
subject= ++num;
else if (strcmp(*argv,"-issuer") == 0)
@ -539,7 +556,6 @@ bad:
if (reqfile)
{
EVP_PKEY *pkey;
X509_CINF *ci;
BIO *in;
if (!sign_flag && !CA_flag)
@ -607,7 +623,6 @@ bad:
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
if ((x=X509_new()) == NULL) goto end;
ci=x->cert_info;
if (sno == NULL)
{
@ -759,10 +774,22 @@ bad:
{
BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
}
#ifndef OPENSSL_NO_MD5
else if (subject_hash_old == i)
{
BIO_printf(STDout,"%08lx\n",X509_subject_name_hash_old(x));
}
#endif
else if (issuer_hash == i)
{
BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));
}
#ifndef OPENSSL_NO_MD5
else if (issuer_hash_old == i)
{
BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash_old(x));
}
#endif
else if (pprint == i)
{
X509_PURPOSE *ptmp;

4
crypto/external/bsd/openssl/dist/config vendored
View File

@ -775,6 +775,10 @@ case "$GUESSOS" in
OBJECT_MODE=${OBJECT_MODE:-32}
if [ "$CC" = "gcc" ]; then
OUT="aix-gcc"
if [ $OBJECT_MODE -eq 64 ]; then
echo 'Your $OBJECT_MODE was found to be set to 64'
OUT="aix64-gcc"
fi
elif [ $OBJECT_MODE -eq 64 ]; then
echo 'Your $OBJECT_MODE was found to be set to 64'
OUT="aix64-cc"

49
crypto/external/bsd/openssl/dist/crypto/LPdir_vms.c vendored
View File

@ -40,22 +40,18 @@
#ifndef LPDIR_H
#include "LPdir.h"
#endif
#include "vms_rms.h"
/* Because some compiler options hide this macor */
/* Some compiler options hide EVMSERR. */
#ifndef EVMSERR
#define EVMSERR 65535 /* error for non-translatable VMS errors */
# define EVMSERR 65535 /* error for non-translatable VMS errors */
#endif
struct LP_dir_context_st
{
unsigned long VMS_context;
#ifdef NAML$C_MAXRSS
char filespec[NAML$C_MAXRSS+1];
char result[NAML$C_MAXRSS+1];
#else
char filespec[256];
char result[256];
#endif
char filespec[ NAMX_MAXRSS+ 1];
char result[ NAMX_MAXRSS+ 1];
struct dsc$descriptor_d filespec_dsc;
struct dsc$descriptor_d result_dsc;
};
@ -66,6 +62,16 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
char *p, *r;
size_t l;
unsigned long flags = 0;
/* Arrange 32-bit pointer to (copied) string storage, if needed. */
#if __INITIAL_POINTER_SIZE == 64
# pragma pointer_size save
# pragma pointer_size 32
char *ctx_filespec_32p;
# pragma pointer_size restore
char ctx_filespec_32[ NAMX_MAXRSS+ 1];
#endif /* __INITIAL_POINTER_SIZE == 64 */
#ifdef NAML$C_MAXRSS
flags |= LIB$M_FIL_LONG_NAMES;
#endif
@ -93,13 +99,7 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
filespeclen += 4; /* "*.*;" */
if (filespeclen >
#ifdef NAML$C_MAXRSS
NAML$C_MAXRSS
#else
255
#endif
)
if (filespeclen > NAMX_MAXRSS)
{
errno = ENAMETOOLONG;
return 0;
@ -115,14 +115,21 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
strcpy((*ctx)->filespec,directory);
strcat((*ctx)->filespec,"*.*;");
/* Arrange 32-bit pointer to (copied) string storage, if needed. */
#if __INITIAL_POINTER_SIZE == 64
# define CTX_FILESPEC ctx_filespec_32p
/* Copy the file name to storage with a 32-bit pointer. */
ctx_filespec_32p = ctx_filespec_32;
strcpy( ctx_filespec_32p, (*ctx)->filespec);
#else /* __INITIAL_POINTER_SIZE == 64 */
# define CTX_FILESPEC (*ctx)->filespec
#endif /* __INITIAL_POINTER_SIZE == 64 [else] */
(*ctx)->filespec_dsc.dsc$w_length = filespeclen;
(*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
(*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
(*ctx)->filespec_dsc.dsc$a_pointer = (*ctx)->filespec;
(*ctx)->result_dsc.dsc$w_length = 0;
(*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
(*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
(*ctx)->result_dsc.dsc$a_pointer = 0;
(*ctx)->filespec_dsc.dsc$a_pointer = CTX_FILESPEC;
}
(*ctx)->result_dsc.dsc$w_length = 0;

9
crypto/external/bsd/openssl/dist/crypto/Makefile vendored
View File

@ -34,8 +34,8 @@ GENERAL=Makefile README crypto-lib.com install.com
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c
LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o $(CPUID_OBJ)
SRC= $(LIBSRC)
@ -74,7 +74,9 @@ x86_64cpuid.s: x86_64cpuid.pl
$(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
ia64cpuid.s: ia64cpuid.S
$(CC) $(CFLAGS) -E ia64cpuid.S > $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
alphacpuid.s: alphacpuid.pl
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
testapps:
[ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \
@ -100,6 +102,7 @@ lib: $(LIB)
@touch lib
$(LIB): $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
[ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
shared: buildinf.h lib subdirs

4
crypto/external/bsd/openssl/dist/crypto/aes/Makefile vendored
View File

@ -50,13 +50,9 @@ aes-ia64.s: asm/aes-ia64.S
aes-586.s: asm/aes-586.pl ../perlasm/x86asm.pl
$(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
aesni-x86.s: asm/aesni-x86.pl ../perlasm/x86asm.pl
$(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
aes-x86_64.s: asm/aes-x86_64.pl
$(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
aesni-x86_64.s: asm/aesni-x86_64.pl
$(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
aes-sparcv9.s: asm/aes-sparcv9.pl
$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@

12
crypto/external/bsd/openssl/dist/crypto/aes/aes_wrap.c vendored
View File

@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
A[6] ^= (unsigned char)((t & 0xff) >> 8);
A[5] ^= (unsigned char)((t & 0xff) >> 16);
A[4] ^= (unsigned char)((t & 0xff) >> 24);
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(R, B + 8, 8);
}
@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
A[6] ^= (unsigned char)((t & 0xff) >> 8);
A[5] ^= (unsigned char)((t & 0xff) >> 16);
A[4] ^= (unsigned char)((t & 0xff) >> 24);
A[6] ^= (unsigned char)((t >> 8) & 0xff);
A[5] ^= (unsigned char)((t >> 16) & 0xff);
A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(B + 8, R, 8);
AES_decrypt(B, B, key);

398
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-armv4.pl vendored
View File

@ -16,12 +16,20 @@
# allows to merge logical or arithmetic operation with shift or rotate
# in one instruction and emit combined result every cycle. The module
# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
# key.
# key [on single-issue Xscale PXA250 core].
# May 2007.
#
# AES_set_[en|de]crypt_key is added.
# July 2010.
#
# Rescheduling for dual-issue pipeline resulted in 12% improvement on
# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$s0="r0";
$s1="r1";
$s2="r2";
@ -164,24 +172,24 @@ AES_encrypt:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
@ -196,24 +204,24 @@ AES_encrypt:
mov $t3,$s0,lsr#8
strb $t1,[$rounds,#0]
strb $t2,[$rounds,#1]
strb $t3,[$rounds,#2]
strb $s0,[$rounds,#3]
mov $t1,$s1,lsr#24
strb $t3,[$rounds,#2]
mov $t2,$s1,lsr#16
strb $s0,[$rounds,#3]
mov $t3,$s1,lsr#8
strb $t1,[$rounds,#4]
strb $t2,[$rounds,#5]
strb $t3,[$rounds,#6]
strb $s1,[$rounds,#7]
mov $t1,$s2,lsr#24
strb $t3,[$rounds,#6]
mov $t2,$s2,lsr#16
strb $s1,[$rounds,#7]
mov $t3,$s2,lsr#8
strb $t1,[$rounds,#8]
strb $t2,[$rounds,#9]
strb $t3,[$rounds,#10]
strb $s2,[$rounds,#11]
mov $t1,$s3,lsr#24
strb $t3,[$rounds,#10]
mov $t2,$s3,lsr#16
strb $s2,[$rounds,#11]
mov $t3,$s3,lsr#8
strb $t1,[$rounds,#12]
strb $t2,[$rounds,#13]
@ -230,141 +238,137 @@ AES_encrypt:
.align 2
_armv4_AES_encrypt:
str lr,[sp,#-4]! @ push lr
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
ldr $rounds,[$key,#240-16]
ldmia $key!,{$t1-$i1}
eor $s0,$s0,$t1
ldr $rounds,[$key,#240-16]
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
sub $rounds,$rounds,#1
mov lr,#255
.Lenc_loop:
and $i1,lr,$s0
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0,lsr#16
and $i1,lr,$s0
mov $s0,$s0,lsr#24
.Lenc_loop:
ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
and $i1,lr,$s1,lsr#16 @ i0
ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
and $i2,lr,$s1
ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
and $i3,lr,$s1,lsr#8
ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
mov $s1,$s1,lsr#24
ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0]
ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8]
eor $s0,$s0,$i1,ror#8
eor $s1,$s1,$t1,ror#24
eor $t2,$t2,$i2,ror#8
eor $t3,$t3,$i3,ror#8
ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$t2,$i2,ror#8
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$t3,$i3,ror#8
and $i3,lr,$s2
mov $s2,$s2,lsr#24
eor $s1,$s1,$t1,ror#24
ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
mov $s2,$s2,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
eor $s0,$s0,$i1,ror#16
eor $s1,$s1,$i2,ror#8
eor $s2,$s2,$t2,ror#16
eor $t3,$t3,$i3,ror#16
ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
and $i1,lr,$s3 @ i0
eor $s1,$s1,$i2,ror#8
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$t3,$i3,ror#16
and $i3,lr,$s3,lsr#16 @ i2
mov $s3,$s3,lsr#24
eor $s2,$s2,$t2,ror#16
ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
mov $s3,$s3,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
eor $s0,$s0,$i1,ror#24
ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
eor $s1,$s1,$i2,ror#16
ldr $i1,[$key],#16
eor $s2,$s2,$i3,ror#8
ldr $t1,[$key,#-12]
eor $s3,$s3,$t3,ror#8
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
ldr $t2,[$key,#-8]
eor $s0,$s0,$i1
ldr $t3,[$key,#-4]
and $i1,lr,$s0
eor $s1,$s1,$t1
and $i2,lr,$s0,lsr#8
eor $s2,$s2,$t2
and $i3,lr,$s0,lsr#16
eor $s3,$s3,$t3
mov $s0,$s0,lsr#24
subs $rounds,$rounds,#1
bne .Lenc_loop
add $tbl,$tbl,#2
and $i1,lr,$s0
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0,lsr#16
mov $s0,$s0,lsr#24
ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
and $i1,lr,$s1,lsr#16 @ i0
ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
and $i2,lr,$s1
ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
and $i3,lr,$s1,lsr#8
ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
mov $s1,$s1,lsr#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8]
eor $s0,$i1,$s0,lsl#8
eor $s1,$t1,$s1,lsl#24
eor $t2,$i2,$t2,lsl#8
eor $t3,$i3,$t3,lsl#8
ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$i2,$t2,lsl#8
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s2
mov $s2,$s2,lsr#24
eor $s1,$t1,$s1,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
mov $s2,$s2,lsr#24
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
eor $s0,$i1,$s0,lsl#8
eor $s1,$s1,$i2,lsl#16
eor $s2,$t2,$s2,lsl#24
eor $t3,$i3,$t3,lsl#8
ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
and $i1,lr,$s3 @ i0
eor $s1,$s1,$i2,lsl#16
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s3,lsr#16 @ i2
mov $s3,$s3,lsr#24
eor $s2,$t2,$s2,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
mov $s3,$s3,lsr#24
ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
eor $s0,$i1,$s0,lsl#8
ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
ldr $i1,[$key,#0]
eor $s1,$s1,$i2,lsl#8
ldr $t1,[$key,#4]
eor $s2,$s2,$i3,lsl#16
ldr $t2,[$key,#8]
eor $s3,$t3,$s3,lsl#24
ldr $t3,[$key,#12]
ldr lr,[sp],#4 @ pop lr
ldr $t1,[$key,#0]
ldr $t2,[$key,#4]
ldr $t3,[$key,#8]
ldr $i1,[$key,#12]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
eor $s0,$s0,$i1
eor $s1,$s1,$t1
eor $s2,$s2,$t2
eor $s3,$s3,$t3
sub $tbl,$tbl,#2
mov pc,lr @ return
ldr pc,[sp],#4 @ pop and return
.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
.global AES_set_encrypt_key
@ -399,31 +403,31 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
orr $s3,$s3,$t2,lsl#16
orr $s3,$s3,$t3,lsl#24
str $s0,[$key],#16
orr $s3,$s3,$t2,lsl#16
str $s1,[$key,#-12]
orr $s3,$s3,$t3,lsl#24
str $s2,[$key,#-8]
str $s3,[$key,#-4]
@ -437,27 +441,26 @@ AES_set_encrypt_key:
.L128_loop:
and $t2,lr,$s3,lsr#24
and $i1,lr,$s3,lsr#16
and $i2,lr,$s3,lsr#8
and $i3,lr,$s3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$s3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$s3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $t2,$t2,$t1
eor $s0,$s0,$t2 @ rk[4]=rk[0]^...
eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4]
eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
str $s0,[$key],#16
eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
str $s1,[$key,#-12]
eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
str $s2,[$key,#-8]
str $s3,[$key,#-4]
subs $rounds,$rounds,#1
str $s3,[$key,#-4]
bne .L128_loop
sub r2,$key,#176
b .Ldone
@ -468,16 +471,16 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#17]
ldrb $t3,[$rounds,#16]
orr $i2,$i2,$t1,lsl#8
orr $i2,$i2,$t2,lsl#16
orr $i2,$i2,$t3,lsl#24
ldrb $i3,[$rounds,#23]
orr $i2,$i2,$t2,lsl#16
ldrb $t1,[$rounds,#22]
orr $i2,$i2,$t3,lsl#24
ldrb $t2,[$rounds,#21]
ldrb $t3,[$rounds,#20]
orr $i3,$i3,$t1,lsl#8
orr $i3,$i3,$t2,lsl#16
orr $i3,$i3,$t3,lsl#24
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
teq lr,#192
@ -491,27 +494,26 @@ AES_set_encrypt_key:
.L192_loop:
and $t2,lr,$i3,lsr#24
and $i1,lr,$i3,lsr#16
and $i2,lr,$i3,lsr#8
and $i3,lr,$i3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$i3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$i3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $i3,$t2,$t1
eor $s0,$s0,$i3 @ rk[6]=rk[0]^...
eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6]
eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
str $s0,[$key],#24
eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
str $s1,[$key,#-20]
eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
str $s2,[$key,#-16]
str $s3,[$key,#-12]
subs $rounds,$rounds,#1
str $s3,[$key,#-12]
subeq r2,$key,#216
beq .Ldone
@ -529,16 +531,16 @@ AES_set_encrypt_key:
ldrb $t2,[$rounds,#25]
ldrb $t3,[$rounds,#24]
orr $i2,$i2,$t1,lsl#8
orr $i2,$i2,$t2,lsl#16
orr $i2,$i2,$t3,lsl#24
ldrb $i3,[$rounds,#31]
orr $i2,$i2,$t2,lsl#16
ldrb $t1,[$rounds,#30]
orr $i2,$i2,$t3,lsl#24
ldrb $t2,[$rounds,#29]
ldrb $t3,[$rounds,#28]
orr $i3,$i3,$t1,lsl#8
orr $i3,$i3,$t2,lsl#16
orr $i3,$i3,$t3,lsl#24
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
mov $rounds,#14
@ -550,52 +552,51 @@ AES_set_encrypt_key:
.L256_loop:
and $t2,lr,$i3,lsr#24
and $i1,lr,$i3,lsr#16
and $i2,lr,$i3,lsr#8
and $i3,lr,$i3
ldrb $t2,[$tbl,$t2]
and $i2,lr,$i3,lsr#8
ldrb $i1,[$tbl,$i1]
and $i3,lr,$i3
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i1,lsl#24
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$t3],#4 @ rcon[i++]
orr $t2,$t2,$i3,lsl#8
eor $i3,$t2,$t1
eor $s0,$s0,$i3 @ rk[8]=rk[0]^...
eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8]
eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
str $s0,[$key],#32
eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
str $s1,[$key,#-28]
eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
str $s2,[$key,#-24]
str $s3,[$key,#-20]
subs $rounds,$rounds,#1
str $s3,[$key,#-20]
subeq r2,$key,#256
beq .Ldone
and $t2,lr,$s3
and $i1,lr,$s3,lsr#8
and $i2,lr,$s3,lsr#16
and $i3,lr,$s3,lsr#24
ldrb $t2,[$tbl,$t2]
and $i2,lr,$s3,lsr#16
ldrb $i1,[$tbl,$i1]
and $i3,lr,$s3,lsr#24
ldrb $i2,[$tbl,$i2]
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i1,lsl#8
ldrb $i3,[$tbl,$i3]
orr $t2,$t2,$i2,lsl#16
ldr $t1,[$key,#-48]
orr $t2,$t2,$i3,lsl#24
ldr $t1,[$key,#-48]
ldr $i1,[$key,#-44]
ldr $i2,[$key,#-40]
ldr $i3,[$key,#-36]
eor $t1,$t1,$t2 @ rk[12]=rk[4]^...
ldr $i3,[$key,#-36]
eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
str $t1,[$key,#-16]
eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
str $i1,[$key,#-12]
eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
str $i2,[$key,#-8]
str $i3,[$key,#-4]
b .L256_loop
@ -816,24 +817,24 @@ AES_decrypt:
ldrb $t2,[$rounds,#1]
ldrb $t3,[$rounds,#0]
orr $s0,$s0,$t1,lsl#8
orr $s0,$s0,$t2,lsl#16
orr $s0,$s0,$t3,lsl#24
ldrb $s1,[$rounds,#7]
orr $s0,$s0,$t2,lsl#16
ldrb $t1,[$rounds,#6]
orr $s0,$s0,$t3,lsl#24
ldrb $t2,[$rounds,#5]
ldrb $t3,[$rounds,#4]
orr $s1,$s1,$t1,lsl#8
orr $s1,$s1,$t2,lsl#16
orr $s1,$s1,$t3,lsl#24
ldrb $s2,[$rounds,#11]
orr $s1,$s1,$t2,lsl#16
ldrb $t1,[$rounds,#10]
orr $s1,$s1,$t3,lsl#24
ldrb $t2,[$rounds,#9]
ldrb $t3,[$rounds,#8]
orr $s2,$s2,$t1,lsl#8
orr $s2,$s2,$t2,lsl#16
orr $s2,$s2,$t3,lsl#24
ldrb $s3,[$rounds,#15]
orr $s2,$s2,$t2,lsl#16
ldrb $t1,[$rounds,#14]
orr $s2,$s2,$t3,lsl#24
ldrb $t2,[$rounds,#13]
ldrb $t3,[$rounds,#12]
orr $s3,$s3,$t1,lsl#8
@ -848,24 +849,24 @@ AES_decrypt:
mov $t3,$s0,lsr#8
strb $t1,[$rounds,#0]
strb $t2,[$rounds,#1]
strb $t3,[$rounds,#2]
strb $s0,[$rounds,#3]
mov $t1,$s1,lsr#24
strb $t3,[$rounds,#2]
mov $t2,$s1,lsr#16
strb $s0,[$rounds,#3]
mov $t3,$s1,lsr#8
strb $t1,[$rounds,#4]
strb $t2,[$rounds,#5]
strb $t3,[$rounds,#6]
strb $s1,[$rounds,#7]
mov $t1,$s2,lsr#24
strb $t3,[$rounds,#6]
mov $t2,$s2,lsr#16
strb $s1,[$rounds,#7]
mov $t3,$s2,lsr#8
strb $t1,[$rounds,#8]
strb $t2,[$rounds,#9]
strb $t3,[$rounds,#10]
strb $s2,[$rounds,#11]
mov $t1,$s3,lsr#24
strb $t3,[$rounds,#10]
mov $t2,$s3,lsr#16
strb $s2,[$rounds,#11]
mov $t3,$s3,lsr#8
strb $t1,[$rounds,#12]
strb $t2,[$rounds,#13]
@ -882,149 +883,148 @@ AES_decrypt:
.align 2
_armv4_AES_decrypt:
str lr,[sp,#-4]! @ push lr
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
ldr $rounds,[$key,#240-16]
ldmia $key!,{$t1-$i1}
eor $s0,$s0,$t1
ldr $rounds,[$key,#240-16]
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
sub $rounds,$rounds,#1
mov lr,#255
.Ldec_loop:
and $i1,lr,$s0,lsr#16
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0
mov $s0,$s0,lsr#24
.Ldec_loop:
ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
and $i1,lr,$s1 @ i0
ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
and $i2,lr,$s1,lsr#16
ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
and $i3,lr,$s1,lsr#8
ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
mov $s1,$s1,lsr#24
ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16]
ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8]
eor $s0,$s0,$i1,ror#24
eor $s1,$s1,$t1,ror#8
eor $t2,$i2,$t2,ror#8
eor $t3,$i3,$t3,ror#8
ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$i2,$t2,ror#8
and $i2,lr,$s2 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s2,lsr#16
mov $s2,$s2,lsr#24
eor $s1,$s1,$t1,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
mov $s2,$s2,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
eor $s0,$s0,$i1,ror#16
eor $s1,$s1,$i2,ror#24
eor $s2,$s2,$t2,ror#8
eor $t3,$i3,$t3,ror#8
ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
and $i1,lr,$s3,lsr#16 @ i0
eor $s1,$s1,$i2,ror#24
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s3 @ i2
mov $s3,$s3,lsr#24
eor $s2,$s2,$t2,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
mov $s3,$s3,lsr#24
ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
eor $s0,$s0,$i1,ror#8
ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
eor $s1,$s1,$i2,ror#16
eor $s2,$s2,$i3,ror#24
ldr $i1,[$key],#16
eor $s3,$s3,$t3,ror#8
ldr $t1,[$key],#16
ldr $t2,[$key,#-12]
ldr $t3,[$key,#-8]
ldr $i1,[$key,#-4]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
ldr $t1,[$key,#-12]
ldr $t2,[$key,#-8]
eor $s0,$s0,$i1
ldr $t3,[$key,#-4]
and $i1,lr,$s0,lsr#16
eor $s1,$s1,$t1
and $i2,lr,$s0,lsr#8
eor $s2,$s2,$t2
and $i3,lr,$s0
eor $s3,$s3,$t3
mov $s0,$s0,lsr#24
subs $rounds,$rounds,#1
bne .Ldec_loop
add $tbl,$tbl,#1024
ldr $t1,[$tbl,#0] @ prefetch Td4
ldr $t2,[$tbl,#32]
ldr $t3,[$tbl,#64]
ldr $i1,[$tbl,#96]
ldr $i2,[$tbl,#128]
ldr $i3,[$tbl,#160]
ldr $t1,[$tbl,#192]
ldr $t2,[$tbl,#224]
ldr $t2,[$tbl,#0] @ prefetch Td4
ldr $t3,[$tbl,#32]
ldr $t1,[$tbl,#64]
ldr $t2,[$tbl,#96]
ldr $t3,[$tbl,#128]
ldr $t1,[$tbl,#160]
ldr $t2,[$tbl,#192]
ldr $t3,[$tbl,#224]
and $i1,lr,$s0,lsr#16
and $i2,lr,$s0,lsr#8
and $i3,lr,$s0
ldrb $s0,[$tbl,$s0,lsr#24] @ Td4[s0>>24]
ldrb $s0,[$tbl,$s0] @ Td4[s0>>24]
ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
and $i1,lr,$s1 @ i0
ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
and $i2,lr,$s1,lsr#16
ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
and $i3,lr,$s1,lsr#8
ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24]
ldrb $i2,[$tbl,$i2] @ Td4[s1>>16]
ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
eor $s0,$i1,$s0,lsl#24
ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
eor $s1,$t1,$s1,lsl#8
eor $t2,$t2,$i2,lsl#8
eor $t3,$t3,$i3,lsl#8
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$t2,$i2,lsl#8
and $i2,lr,$s2 @ i1
and $i3,lr,$s2,lsr#16
eor $t3,$t3,$i3,lsl#8
ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
and $i3,lr,$s2,lsr#16
ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
eor $s0,$s0,$i1,lsl#8
ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
eor $s1,$i2,$s1,lsl#16
eor $s2,$t2,$s2,lsl#16
eor $t3,$t3,$i3,lsl#16
and $i1,lr,$s3,lsr#16 @ i0
eor $s2,$t2,$s2,lsl#16
and $i2,lr,$s3,lsr#8 @ i1
and $i3,lr,$s3 @ i2
eor $t3,$t3,$i3,lsl#16
ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
and $i3,lr,$s3 @ i2
ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
eor $s0,$s0,$i1,lsl#16
ldr $i1,[$key,#0]
eor $s1,$s1,$i2,lsl#8
ldr $t1,[$key,#4]
eor $s2,$i3,$s2,lsl#8
ldr $t2,[$key,#8]
eor $s3,$t3,$s3,lsl#24
ldr $t3,[$key,#12]
ldr lr,[sp],#4 @ pop lr
ldr $t1,[$key,#0]
ldr $t2,[$key,#4]
ldr $t3,[$key,#8]
ldr $i1,[$key,#12]
eor $s0,$s0,$t1
eor $s1,$s1,$t2
eor $s2,$s2,$t3
eor $s3,$s3,$i1
eor $s0,$s0,$i1
eor $s1,$s1,$t1
eor $s2,$s2,$t2
eor $s3,$s3,$t3
sub $tbl,$tbl,#1024
mov pc,lr @ return
ldr pc,[sp],#4 @ pop and return
.size _armv4_AES_decrypt,.-_armv4_AES_decrypt
.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
print $code;
close STDOUT; # enforce flush

269
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-ppc.pl vendored
View File

@ -16,6 +16,19 @@
# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
# at 1/3 of ppc_AES_decrypt.
# February 2010
#
# Rescheduling instructions to favour Power6 pipeline gives 10%
# performance improvement on the platfrom in question (and marginal
# improvement even on others). It should be noted that Power6 fails
# to process byte in 18 cycles, only in 23, because it fails to issue
# 4 load instructions in two cycles, only in 3. As result non-compact
# block subroutines are 25% slower than one would expect. Compact
# functions scale better, because they have pure computational part,
# which scales perfectly with clock frequency. To be specific
# ppc_AES_encrypt_compact operates at 42 cycles per byte, while
# ppc_AES_decrypt_compact - at 55 (in 64-bit build).
$flavour = shift;
if ($flavour =~ /64/) {
@ -376,7 +389,7 @@ $code.=<<___;
addi $sp,$sp,$FRAME
blr
.align 4
.align 5
Lppc_AES_encrypt:
lwz $acc00,240($key)
lwz $t0,0($key)
@ -397,46 +410,46 @@ Lppc_AES_encrypt:
Lenc_loop:
rlwinm $acc00,$s0,`32-24+3`,21,28
rlwinm $acc01,$s1,`32-24+3`,21,28
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t2,8($key)
lwz $t3,12($key)
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc04,$s1,`32-16+3`,21,28
rlwinm $acc05,$s2,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc06,$s3,`32-16+3`,21,28
rlwinm $acc07,$s0,`32-16+3`,21,28
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0+3`,21,28
rlwinm $acc13,$s0,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0+3`,21,28
rlwinm $acc15,$s2,`0+3`,21,28
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
xor $t1,$t1,$acc01
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
xor $t3,$t3,$acc03
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
@ -452,60 +465,60 @@ Lenc_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
lwz $acc09,`2048+32`($Tbl0)
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lwz $acc08,`2048+128`($Tbl0)
lwz $acc09,`2048+160`($Tbl0)
lwz $acc10,`2048+192`($Tbl0)
lwz $acc11,`2048+224`($Tbl0)
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s1,`32-16`,24,31
rlwinm $acc05,$s2,`32-16`,24,31
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
rlwinm $acc06,$s3,`32-16`,24,31
rlwinm $acc07,$s0,`32-16`,24,31
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
lwz $acc12,`2048+128`($Tbl0)
lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
lwz $acc14,`2048+192`($Tbl0)
lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
rlwinm $acc12,$s3,`0`,24,31
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
rlwinm $acc14,$s1,`0`,24,31
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc08,8,16,23
rlwimi $s1,$acc09,8,16,23
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc10,8,16,23
rlwimi $s3,$acc11,8,16,23
or $s0,$s0,$acc12
@ -542,40 +555,40 @@ Lenc_compact_loop:
rlwinm $acc01,$s1,`32-24`,24,31
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc04,$s1,`32-16`,24,31
rlwinm $acc05,$s2,`32-16`,24,31
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc06,$s3,`32-16`,24,31
rlwinm $acc07,$s0,`32-16`,24,31
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0`,24,31
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0`,24,31
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
@ -725,7 +738,7 @@ Lenc_compact_done:
addi $sp,$sp,$FRAME
blr
.align 4
.align 5
Lppc_AES_decrypt:
lwz $acc00,240($key)
lwz $t0,0($key)
@ -746,46 +759,46 @@ Lppc_AES_decrypt:
Ldec_loop:
rlwinm $acc00,$s0,`32-24+3`,21,28
rlwinm $acc01,$s1,`32-24+3`,21,28
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t2,8($key)
lwz $t3,12($key)
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc04,$s3,`32-16+3`,21,28
rlwinm $acc05,$s0,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc06,$s1,`32-16+3`,21,28
rlwinm $acc07,$s2,`32-16+3`,21,28
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
lwzx $acc00,$Tbl0,$acc00
lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
lwzx $acc02,$Tbl0,$acc02
lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
lwzx $acc04,$Tbl1,$acc04
lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0+3`,21,28
rlwinm $acc13,$s2,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
lwzx $acc06,$Tbl1,$acc06
lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0+3`,21,28
rlwinm $acc15,$s0,`0+3`,21,28
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
lwzx $acc08,$Tbl2,$acc08
lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
xor $t1,$t1,$acc01
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
lwzx $acc10,$Tbl2,$acc10
lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
xor $t3,$t3,$acc03
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
lwzx $acc12,$Tbl3,$acc12
lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
@ -801,56 +814,56 @@ Ldec_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
lwz $acc09,`2048+32`($Tbl0)
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lwz $acc08,`2048+128`($Tbl0)
lwz $acc09,`2048+160`($Tbl0)
lwz $acc10,`2048+192`($Tbl0)
lwz $acc11,`2048+224`($Tbl0)
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t0,0($key)
lwz $t1,4($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc00,$s0,`32-24`,24,31
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s3,`32-16`,24,31
rlwinm $acc05,$s0,`32-16`,24,31
lwz $acc10,`2048+64`($Tbl0)
lwz $acc11,`2048+96`($Tbl0)
lbzx $acc00,$Tbl2,$acc00
lbzx $acc01,$Tbl2,$acc01
lwz $acc12,`2048+128`($Tbl0)
lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc06,$s1,`32-16`,24,31
rlwinm $acc07,$s2,`32-16`,24,31
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
lwz $acc14,`2048+192`($Tbl0)
lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
lbzx $acc02,$Tbl2,$acc02
lbzx $acc03,$Tbl2,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
lbzx $acc04,$Tbl2,$acc04
lbzx $acc05,$Tbl2,$acc05
rlwinm $acc12,$s1,`0`,24,31
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
lbzx $acc06,$Tbl2,$acc06
lbzx $acc07,$Tbl2,$acc07
rlwinm $acc14,$s3,`0`,24,31
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
lbzx $acc08,$Tbl2,$acc08
lbzx $acc09,$Tbl2,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
lbzx $acc10,$Tbl2,$acc10
lbzx $acc11,$Tbl2,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
lbzx $acc12,$Tbl2,$acc12
lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl2,$acc14
lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
@ -897,40 +910,40 @@ Ldec_compact_loop:
rlwinm $acc01,$s1,`32-24`,24,31
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc04,$s3,`32-16`,24,31
rlwinm $acc05,$s0,`32-16`,24,31
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc06,$s1,`32-16`,24,31
rlwinm $acc07,$s2,`32-16`,24,31
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
lbzx $acc00,$Tbl1,$acc00
lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
lbzx $acc02,$Tbl1,$acc02
lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
lbzx $acc04,$Tbl1,$acc04
lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0`,24,31
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
lbzx $acc06,$Tbl1,$acc06
lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0`,24,31
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
lbzx $acc08,$Tbl1,$acc08
lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
rlwinm $s1,$acc01,24,0,7
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
lbzx $acc10,$Tbl1,$acc10
lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23

6
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-s390x.pl vendored
View File

@ -765,6 +765,11 @@ $code.=<<___ if (!$softonly);
srl %r5,6
ar %r5,%r0
larl %r1,OPENSSL_s390xcap_P
lg %r0,0(%r1)
tmhl %r0,0x4000 # check for message-security assist
jz .Lekey_internal
lghi %r0,0 # query capability vector
la %r1,16($sp)
.long 0xb92f0042 # kmc %r4,%r2
@ -1323,6 +1328,7 @@ $code.=<<___;
4: ex $len,0($s1)
j .Lcbc_dec_exit
.size AES_cbc_encrypt,.-AES_cbc_encrypt
.comm OPENSSL_s390xcap_P,8,8
___
}
$code.=<<___;

128
crypto/external/bsd/openssl/dist/crypto/alphacpuid.pl vendored Normal file
View File

@ -0,0 +1,128 @@
#!/usr/bin/env perl
print <<'___';
.text
.set noat
.globl OPENSSL_cpuid_setup
.ent OPENSSL_cpuid_setup
OPENSSL_cpuid_setup:
.frame $30,0,$26
.prologue 0
ret ($26)
.end OPENSSL_cpuid_setup
.globl OPENSSL_wipe_cpu
.ent OPENSSL_wipe_cpu
OPENSSL_wipe_cpu:
.frame $30,0,$26
.prologue 0
clr $1
clr $2
clr $3
clr $4
clr $5
clr $6
clr $7
clr $8
clr $16
clr $17
clr $18
clr $19
clr $20
clr $21
clr $22
clr $23
clr $24
clr $25
clr $27
clr $at
clr $29
fclr $f0
fclr $f1
fclr $f10
fclr $f11
fclr $f12
fclr $f13
fclr $f14
fclr $f15
fclr $f16
fclr $f17
fclr $f18
fclr $f19
fclr $f20
fclr $f21
fclr $f22
fclr $f23
fclr $f24
fclr $f25
fclr $f26
fclr $f27
fclr $f28
fclr $f29
fclr $f30
mov $sp,$0
ret ($26)
.end OPENSSL_wipe_cpu
.globl OPENSSL_atomic_add
.ent OPENSSL_atomic_add
OPENSSL_atomic_add:
.frame $30,0,$26
.prologue 0
1: ldl_l $0,0($16)
addl $0,$17,$1
stl_c $1,0($16)
beq $1,1b
addl $0,$17,$0
ret ($26)
.end OPENSSL_atomic_add
.globl OPENSSL_rdtsc
.ent OPENSSL_rdtsc
OPENSSL_rdtsc:
.frame $30,0,$26
.prologue 0
rpcc $0
ret ($26)
.end OPENSSL_rdtsc
.globl OPENSSL_cleanse
.ent OPENSSL_cleanse
OPENSSL_cleanse:
.frame $30,0,$26
.prologue 0
beq $17,.Ldone
and $16,7,$0
bic $17,7,$at
beq $at,.Little
beq $0,.Laligned
.Little:
ldq_u $1,0($16)
mov $16,$2
.Lalign:
mskbl $1,$16,$1
lda $16,1($16)
subq $17,1,$17
subq $0,1,$0
beq $17,.Lout
bne $0,.Lalign
.Lout: stq_u $1,0($2)
beq $17,.Ldone
bic $17,7,$at
mov $17,$0
beq $at,.Little
.Laligned:
stq $31,0($16)
subq $17,8,$17
lda $16,8($16)
bic $17,7,$at
bne $at,.Laligned
beq $17,.Ldone
mov $17,$0
br .Little
.Ldone: ret ($26)
.end OPENSSL_cleanse
___

3
crypto/external/bsd/openssl/dist/crypto/asn1/a_int.c vendored
View File

@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
{
ASN1_INTEGER *ret=NULL;
const unsigned char *p;
unsigned char *to,*s;
unsigned char *s;
long len;
int inf,tag,xclass;
int i;
@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
i=ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))

6
crypto/external/bsd/openssl/dist/crypto/asn1/a_object.c vendored
View File

@ -290,12 +290,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
const unsigned char *p;
unsigned char *data;
int i;
/* Sanity check OID encoding: can't have 0x80 in subidentifiers, see:
* X.690 8.19.2
/* Sanity check OID encoding: can't have leading 0x80 in
* subidentifiers, see: X.690 8.19.2
*/
for (i = 0, p = *pp + 1; i < len - 1; i++, p++)
{
if (*p == 0x80)
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
return NULL;

17
crypto/external/bsd/openssl/dist/crypto/asn1/a_strex.c vendored
View File

@ -74,6 +74,11 @@
#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_QUOTE | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB)
/* Three IO functions for sending data to memory, a BIO and
* and a FILE pointer.
@ -148,6 +153,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, ch
if(!io_ch(arg, tmphex, 3)) return -1;
return 3;
}
/* If we get this far and do any escaping at all must escape
* the escape character itself: backslash.
*/
if (chtmp == '\\' && flags & ESC_FLAGS) {
if(!io_ch(arg, "\\\\", 2)) return -1;
return 2;
}
if(!io_ch(arg, &chtmp, 1)) return -1;
return 1;
}
@ -292,11 +304,6 @@ static const signed char tag2nbyte[] = {
4, -1, 2 /* 28-30 */
};
#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_QUOTE | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB)
/* This is the main function, print out an
* ASN1_STRING taking note of various escape
* and display options. Returns number of

2
crypto/external/bsd/openssl/dist/crypto/asn1/a_strnid.c vendored
View File

@ -95,7 +95,7 @@ unsigned long ASN1_STRING_get_default_mask(void)
* default: the default value, Printable, T61, BMP.
*/
int ASN1_STRING_set_default_mask_asc(char *p)
int ASN1_STRING_set_default_mask_asc(const char *p)
{
unsigned long mask;
char *end;

6
crypto/external/bsd/openssl/dist/crypto/asn1/ameth_lib.c vendored
View File

@ -69,6 +69,7 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
/* Keep this sorted in type order !! */
static const EVP_PKEY_ASN1_METHOD *standard_methods[] =
@ -90,7 +91,8 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] =
#ifndef OPENSSL_NO_EC
&eckey_asn1_meth,
#endif
&hmac_asn1_meth
&hmac_asn1_meth,
&cmac_asn1_meth
};
typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
@ -172,7 +174,6 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
{
const EVP_PKEY_ASN1_METHOD *t;
ENGINE *e;
for (;;)
{
@ -184,6 +185,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
if (pe)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e;
/* type will contain the final unaliased type */
e = ENGINE_get_pkey_asn1_meth_engine(type);
if (e)

3
crypto/external/bsd/openssl/dist/crypto/asn1/asn1.h vendored
View File

@ -1067,7 +1067,7 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
void ASN1_STRING_set_default_mask(unsigned long mask);
int ASN1_STRING_set_default_mask_asc(char *p);
int ASN1_STRING_set_default_mask_asc(const char *p);
unsigned long ASN1_STRING_get_default_mask(void);
int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
int inform, unsigned long mask);
@ -1266,7 +1266,6 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_PKCS5_PBE2_SET_IV 167
#define ASN1_F_PKCS5_PBE_SET 202
#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
#define ASN1_F_PKCS5_PBKDF2_SET 219
#define ASN1_F_SMIME_READ_ASN1 212
#define ASN1_F_SMIME_TEXT 213
#define ASN1_F_X509_CINF_NEW 168

1
crypto/external/bsd/openssl/dist/crypto/asn1/asn1_err.c vendored
View File

@ -179,7 +179,6 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},

3
crypto/external/bsd/openssl/dist/crypto/asn1/bio_ndef.c vendored
View File

@ -57,9 +57,6 @@
#include <openssl/bio.h>
#include <openssl/err.h>
#ifndef OPENSSL_SYSNAME_NETWARE
#include <memory.h>
#endif
#include <stdio.h>
/* Experimental NDEF ASN1 BIO support routines */

3
crypto/external/bsd/openssl/dist/crypto/asn1/n_pkey.c vendored
View File

@ -247,7 +247,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
int sgckey)
{
RSA *ret=NULL;
const unsigned char *p, *kp;
const unsigned char *p;
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
p = *pp;
@ -270,7 +270,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
goto err;
}
kp = enckey->enckey->digest->data;
if (cb == NULL)
cb=EVP_read_pw_string;
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;

140
crypto/external/bsd/openssl/dist/crypto/asn1/p5_pbev2.c vendored
View File

@ -91,10 +91,12 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *aiv, int prf_nid)
{
X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
int alg_nid, keylen;
int alg_nid;
EVP_CIPHER_CTX ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
PBKDF2PARAM *kdf = NULL;
PBE2PARAM *pbe2 = NULL;
ASN1_OCTET_STRING *osalt = NULL;
ASN1_OBJECT *obj;
alg_nid = EVP_CIPHER_type(cipher);
@ -144,19 +146,55 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
}
EVP_CIPHER_CTX_cleanup(&ctx);
if(!(kdf = PBKDF2PARAM_new())) goto merr;
if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
if (!saltlen) saltlen = PKCS5_SALT_LEN;
if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
osalt->length = saltlen;
if (salt) memcpy (osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
/* Now include salt in kdf structure */
kdf->salt->value.octet_string = osalt;
kdf->salt->type = V_ASN1_OCTET_STRING;
osalt = NULL;
/* If its RC2 then we'd better setup the key length */
if(alg_nid == NID_rc2_cbc)
keylen = EVP_CIPHER_key_length(cipher);
else
keylen = -1;
if(alg_nid == NID_rc2_cbc) {
if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
if(!ASN1_INTEGER_set (kdf->keylength,
EVP_CIPHER_key_length(cipher))) goto merr;
}
/* Setup keyfunc */
/* prf can stay NULL if we are using hmacWithSHA1 */
if (prf_nid != NID_hmacWithSHA1)
{
kdf->prf = X509_ALGOR_new();
if (!kdf->prf)
goto merr;
X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
V_ASN1_NULL, NULL);
}
pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
/* Now setup the PBE2PARAM keyfunc structure */
if (!pbe2->keyfunc)
goto merr;
pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
/* Encode PBKDF2PARAM into parameter of pbe2 */
if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
&pbe2->keyfunc->parameter->value.sequence)) goto merr;
pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
PBKDF2PARAM_free(kdf);
kdf = NULL;
/* Now set up top level AlgorithmIdentifier */
@ -182,6 +220,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
err:
PBE2PARAM_free(pbe2);
/* Note 'scheme' is freed as part of pbe2 */
M_ASN1_OCTET_STRING_free(osalt);
PBKDF2PARAM_free(kdf);
X509_ALGOR_free(kalg);
X509_ALGOR_free(ret);
@ -194,85 +234,3 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
{
return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
}
X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
int prf_nid, int keylen)
{
X509_ALGOR *keyfunc = NULL;
PBKDF2PARAM *kdf = NULL;
ASN1_OCTET_STRING *osalt = NULL;
if(!(kdf = PBKDF2PARAM_new()))
goto merr;
if(!(osalt = M_ASN1_OCTET_STRING_new()))
goto merr;
kdf->salt->value.octet_string = osalt;
kdf->salt->type = V_ASN1_OCTET_STRING;
if (!saltlen)
saltlen = PKCS5_SALT_LEN;
if (!(osalt->data = OPENSSL_malloc (saltlen)))
goto merr;
osalt->length = saltlen;
if (salt)
memcpy (osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0)
goto merr;
if(iter <= 0)
iter = PKCS5_DEFAULT_ITER;
if(!ASN1_INTEGER_set(kdf->iter, iter))
goto merr;
/* If have a key len set it up */
if(keylen > 0)
{
if(!(kdf->keylength = M_ASN1_INTEGER_new()))
goto merr;
if(!ASN1_INTEGER_set (kdf->keylength, keylen))
goto merr;
}
/* prf can stay NULL if we are using hmacWithSHA1 */
if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1)
{
kdf->prf = X509_ALGOR_new();
if (!kdf->prf)
goto merr;
X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
V_ASN1_NULL, NULL);
}
/* Finally setup the keyfunc structure */
keyfunc = X509_ALGOR_new();
if (!keyfunc)
goto merr;
keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
/* Encode PBKDF2PARAM into parameter of pbe2 */
if(!(keyfunc->parameter = ASN1_TYPE_new()))
goto merr;
if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
&keyfunc->parameter->value.sequence))
goto merr;
keyfunc->parameter->type = V_ASN1_SEQUENCE;
PBKDF2PARAM_free(kdf);
return keyfunc;
merr:
ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);
PBKDF2PARAM_free(kdf);
X509_ALGOR_free(keyfunc);
return NULL;
}

3
crypto/external/bsd/openssl/dist/crypto/asn1/t_crl.c vendored
View File

@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
int i, n;
int i;
char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
else BIO_printf(out,"NONE");
BIO_printf(out,"\n");
n=X509_CRL_get_ext_count(x);
X509V3_extensions_print(out, "CRL extensions",
x->crl->extensions, 0, 8);

3
crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c vendored
View File

@ -168,7 +168,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
int i;
int otag;
int ret = 0;
ASN1_VALUE *pchval, **pchptr, *ptmpval;
ASN1_VALUE **pchptr, *ptmpval;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
@ -319,7 +319,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err;
}
/* CHOICE type, try each possibility in turn */
pchval = NULL;
p = *in;
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
{

14
crypto/external/bsd/openssl/dist/crypto/asn1/x_algor.c vendored
View File

@ -128,3 +128,17 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
}
}
/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
{
int param_type;
if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
param_type = V_ASN1_UNDEF;
else
param_type = V_ASN1_NULL;
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
}

4
crypto/external/bsd/openssl/dist/crypto/asn1/x_x509.c vendored
View File

@ -63,7 +63,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
ASN1_SEQUENCE(X509_CINF) = {
ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
@ -74,7 +74,7 @@ ASN1_SEQUENCE(X509_CINF) = {
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
} ASN1_SEQUENCE_END(X509_CINF)
} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */

8
crypto/external/bsd/openssl/dist/crypto/bf/bf_skey.c vendored
View File

@ -58,11 +58,19 @@
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/blowfish.h>
#include "bf_locl.h"
#include "bf_pi.h"
void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
#ifdef OPENSSL_FIPS
{
fips_cipher_abort(BLOWFISH);
private_BF_set_key(key, len, data);
}
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data)
#endif
{
int i;
BF_LONG *p,ri,in[2];

4
crypto/external/bsd/openssl/dist/crypto/bf/blowfish.h vendored
View File

@ -104,7 +104,9 @@ typedef struct bf_key_st
BF_LONG S[4*256];
} BF_KEY;
#ifdef OPENSSL_FIPS
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
#endif
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
void BF_encrypt(BF_LONG *data,const BF_KEY *key);

2
crypto/external/bsd/openssl/dist/crypto/bio/bf_nbio.c vendored
View File

@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
static int nbiof_read(BIO *b, char *out, int outl)
{
NBIO_TEST *nt;
int ret=0;
#if 1
int num;
@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
nt=(NBIO_TEST *)b->ptr;
BIO_clear_retry_flags(b);
#if 1

4
crypto/external/bsd/openssl/dist/crypto/bio/bio_lib.c vendored
View File

@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
int BIO_free(BIO *a)
{
int ret=0,i;
int i;
if (a == NULL) return(0);
@ -133,7 +133,7 @@ int BIO_free(BIO *a)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
ret=a->method->destroy(a);
a->method->destroy(a);
OPENSSL_free(a);
return(1);
}

5
crypto/external/bsd/openssl/dist/crypto/bio/bss_acpt.c vendored
View File

@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
{
BIO *dbio;
int *ip;
long ret=1;
BIO_ACCEPT *data;
@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
dbio=(BIO *)ptr;
/* if (data->param_port) EAY EAY
/* dbio=(BIO *)ptr;
if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)
BIO_set_hostname(dbio,data->param_hostname);

46
crypto/external/bsd/openssl/dist/crypto/bio/bss_dgram.c vendored
View File

@ -335,11 +335,21 @@ static int dgram_write(BIO *b, const char *in, int inl)
if ( data->connected )
ret=writesocket(b->num,in,inl);
else
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
#else
ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
{
int peerlen = sizeof(data->peer);
if (data->peer.sa.sa_family == AF_INET)
peerlen = sizeof(data->peer.sa_in);
#if OPENSSL_USE_IPV6
else if (data->peer.sa.sa_family == AF_INET6)
peerlen = sizeof(data->peer.sa_in6);
#endif
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
#else
ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
#endif
}
BIO_clear_retry_flags(b);
if (ret <= 0)
@ -371,7 +381,13 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
#ifdef OPENSSL_SYS_LINUX
socklen_t addr_len;
struct sockaddr_storage addr;
union {
struct sockaddr sa;
struct sockaddr_in s4;
#if OPENSSL_USE_IPV6
struct sockaddr_in6 s6;
#endif
} addr;
#endif
data = (bio_dgram_data *)b->ptr;
@ -446,15 +462,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
/* (Linux)kernel sets DF bit on outgoing IP packets */
case BIO_CTRL_DGRAM_MTU_DISCOVER:
#ifdef OPENSSL_SYS_LINUX
addr_len = (socklen_t)sizeof(struct sockaddr_storage);
memset((void *)&addr, 0, sizeof(struct sockaddr_storage));
if (getsockname(b->num, (void *)&addr, &addr_len) < 0)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
{
ret = 0;
break;
}
sockopt_len = sizeof(sockopt_val);
switch (addr.ss_family)
switch (addr.sa.sa_family)
{
case AF_INET:
sockopt_val = IP_PMTUDISC_DO;
@ -462,7 +478,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
&sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt");
break;
#if OPENSSL_USE_IPV6
#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER)
case AF_INET6:
sockopt_val = IPV6_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
@ -480,15 +496,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
case BIO_CTRL_DGRAM_QUERY_MTU:
#ifdef OPENSSL_SYS_LINUX
addr_len = (socklen_t)sizeof(struct sockaddr_storage);
memset((void *)&addr, 0, sizeof(struct sockaddr_storage));
if (getsockname(b->num, (void *)&addr, &addr_len) < 0)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
{
ret = 0;
break;
}
sockopt_len = sizeof(sockopt_val);
switch (addr.ss_family)
switch (addr.sa.sa_family)
{
case AF_INET:
if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
@ -505,7 +521,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = data->mtu;
}
break;
#if OPENSSL_USE_IPV6
#if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
case AF_INET6:
if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val,
&sockopt_len)) < 0 || sockopt_val < 0)

13
crypto/external/bsd/openssl/dist/crypto/bio/bss_sock.c vendored
View File

@ -172,15 +172,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
switch (cmd)
{
case BIO_CTRL_RESET:
num=0;
case BIO_C_FILE_SEEK:
ret=0;
break;
case BIO_C_FILE_TELL:
case BIO_CTRL_INFO:
ret=0;
break;
case BIO_C_SET_FD:
sock_free(b);
b->num= *((int *)ptr);
@ -203,10 +194,6 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_SET_CLOSE:
b->shutdown=(int)num;
break;
case BIO_CTRL_PENDING:
case BIO_CTRL_WPENDING:
ret=0;
break;
case BIO_CTRL_DUP:
case BIO_CTRL_FLUSH:
ret=1;

9
crypto/external/bsd/openssl/dist/crypto/bn/Makefile vendored
View File

@ -26,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
bn_depr.c bn_const.c
bn_depr.c bn_const.c bn_x931p.c
LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
bn_depr.o bn_const.o
bn_depr.o bn_const.o bn_x931p.o
SRC= $(LIBSRC)
@ -345,3 +345,8 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c

44
crypto/external/bsd/openssl/dist/crypto/bn/asm/alpha-mont.pl vendored
View File

@ -41,8 +41,12 @@ $j="s4";
$m1="s5";
$code=<<___;
#indef __linux__
#include <asm/regdef.h>
#else
#include <asm.h>
#include <regdef.h>
#endif
.text
@ -53,15 +57,15 @@ $code=<<___;
.align 5
.ent bn_mul_mont
bn_mul_mont:
lda sp,-40(sp)
lda sp,-48(sp)
stq ra,0(sp)
stq s3,8(sp)
stq s4,16(sp)
stq s5,24(sp)
stq fp,32(sp)
mov sp,fp
.mask 0x0400f000,-40
.frame fp,40,ra
.mask 0x0400f000,-48
.frame fp,48,ra
.prologue 0
.align 4
@ -76,7 +80,7 @@ bn_mul_mont:
ldq $aj,8($ap)
subq sp,AT,sp
ldq $bi,0($bp) # bp[0]
mov -4096,AT
lda AT,-4096(zero) # mov -4096,AT
ldq $n0,0($n0)
and sp,AT,sp
@ -106,9 +110,9 @@ bn_mul_mont:
.align 4
.L1st:
.set noreorder
ldq $aj,($aj)
ldq $aj,0($aj)
addl $j,1,$j
ldq $nj,($nj)
ldq $nj,0($nj)
lda $tp,8($tp)
addq $alo,$hi0,$lo0
@ -159,12 +163,12 @@ bn_mul_mont:
.align 4
.Louter:
s8addq $i,$bp,$bi
ldq $hi0,($ap)
ldq $hi0,0($ap)
ldq $aj,8($ap)
ldq $bi,($bi)
ldq $hi1,($np)
ldq $bi,0($bi)
ldq $hi1,0($np)
ldq $nj,8($np)
ldq $tj,(sp)
ldq $tj,0(sp)
mulq $hi0,$bi,$lo0
umulh $hi0,$bi,$hi0
@ -195,10 +199,10 @@ bn_mul_mont:
.set noreorder
ldq $tj,8($tp) #L0
nop #U1
ldq $aj,($aj) #L1
ldq $aj,0($aj) #L1
s8addq $j,$np,$nj #U0
ldq $nj,($nj) #L0
ldq $nj,0($nj) #L0
nop #U1
addq $alo,$hi0,$lo0 #L1
lda $tp,8($tp)
@ -247,7 +251,7 @@ bn_mul_mont:
addq $hi1,v0,$hi1
addq $hi1,$hi0,$lo1
stq $j,($tp)
stq $j,0($tp)
cmpult $lo1,$hi0,$hi1
addq $lo1,$tj,$lo1
cmpult $lo1,$tj,AT
@ -265,8 +269,8 @@ bn_mul_mont:
mov 0,$hi0 # clear borrow bit
.align 4
.Lsub: ldq $lo0,($tp)
ldq $lo1,($np)
.Lsub: ldq $lo0,0($tp)
ldq $lo1,0($np)
lda $tp,8($tp)
lda $np,8($np)
subq $lo0,$lo1,$lo1 # tp[i]-np[i]
@ -274,7 +278,7 @@ bn_mul_mont:
subq $lo1,$hi0,$lo0
cmpult $lo1,$lo0,$hi0
or $hi0,AT,$hi0
stq $lo0,($rp)
stq $lo0,0($rp)
cmpult $tp,$tj,v0
lda $rp,8($rp)
bne v0,.Lsub
@ -288,7 +292,7 @@ bn_mul_mont:
bis $bp,$ap,$ap # ap=borrow?tp:rp
.align 4
.Lcopy: ldq $aj,($ap) # copy or in-place refresh
.Lcopy: ldq $aj,0($ap) # copy or in-place refresh
lda $tp,8($tp)
lda $rp,8($rp)
lda $ap,8($ap)
@ -306,11 +310,11 @@ bn_mul_mont:
ldq s4,16(sp)
ldq s5,24(sp)
ldq fp,32(sp)
lda sp,40(sp)
lda sp,48(sp)
ret (ra)
.end bn_mul_mont
.rdata
.asciiz "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
.ascii "Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
print $code;

1
crypto/external/bsd/openssl/dist/crypto/bn/asm/armv4-mont.pl vendored
View File

@ -193,6 +193,7 @@ bn_mul_mont:
bx lr @ interoperable with Thumb ISA:-)
.size bn_mul_mont,.-bn_mul_mont
.asciz "Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
___
$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4

4
crypto/external/bsd/openssl/dist/crypto/bn/asm/s390x-mont.pl vendored
View File

@ -69,8 +69,8 @@ bn_mul_mont:
cghi $num,16 #
lghi %r2,0 #
blr %r14 # if($num<16) return 0;
cghi $num,128 #
bhr %r14 # if($num>128) return 0;
cghi $num,96 #
bhr %r14 # if($num>96) return 0;
stmg %r3,%r15,24($sp)

86
crypto/external/bsd/openssl/dist/crypto/bn/asm/s390x.S vendored
View File

@ -1,4 +1,4 @@
.ident "s390x.S, version 1.0"
.ident "s390x.S, version 1.1"
// ====================================================================
// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
// project.
@ -24,67 +24,67 @@ bn_mul_add_words:
bler %r14 // if (len<=0) return 0;
stmg %r6,%r10,48(%r15)
lghi %r10,3
lghi %r8,0 // carry = 0
srag %r10,%r4,2 // cnt=len/4
jz .Loop1_madd
nr %r10,%r4 // len%4
sra %r4,2 // cnt=len/4
jz .Loop1_madd // carry is incidentally cleared if branch taken
algr zero,zero // clear carry
.Loop4_madd:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r7,%r8 // +=carry
alcgr %r6,zero
alg %r7,0(%r2,%r1) // +=rp[i]
alcgr %r6,zero
stg %r7,0(%r2,%r1) // rp[i]=
lg %r9,8(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r9,%r6
alcgr %r8,zero
alg %r9,8(%r2,%r1)
alcgr %r8,zero
stg %r9,8(%r2,%r1)
lg %r7,16(%r2,%r3)
mlgr %r6,%r5
algr %r7,%r8
alcgr %r7,%r8
alcgr %r6,zero
alg %r7,16(%r2,%r1)
alcgr %r6,zero
stg %r7,16(%r2,%r1)
lg %r9,24(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r9,%r6
alcgr %r8,zero
alg %r9,24(%r2,%r1)
alcgr %r8,zero
stg %r9,24(%r2,%r1)
la %r2,32(%r2) // i+=4
brct %r10,.Loop4_madd
brct %r4,.Loop4_madd
lghi %r10,3
nr %r4,%r10 // cnt=len%4
jz .Lend_madd
la %r10,1(%r10) // see if len%4 is zero ...
brct %r10,.Loop1_madd // without touching condition code:-)
.Lend_madd:
alcgr %r8,zero // collect carry bit
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
.Loop1_madd:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r7,%r8 // +=carry
alcgr %r6,zero
alg %r7,0(%r2,%r1) // +=rp[i]
alcgr %r6,zero
stg %r7,0(%r2,%r1) // rp[i]=
lgr %r8,%r6
la %r2,8(%r2) // i++
brct %r4,.Loop1_madd
brct %r10,.Loop1_madd
.Lend_madd:
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
j .Lend_madd
.size bn_mul_add_words,.-bn_mul_add_words
// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
@ -99,57 +99,57 @@ bn_mul_words:
bler %r14 // if (len<=0) return 0;
stmg %r6,%r10,48(%r15)
lghi %r10,3
lghi %r8,0 // carry = 0
srag %r10,%r4,2 // cnt=len/4
jz .Loop1_mul
nr %r10,%r4 // len%4
sra %r4,2 // cnt=len/4
jz .Loop1_mul // carry is incidentally cleared if branch taken
algr zero,zero // clear carry
.Loop4_mul:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r6,zero
alcgr %r7,%r8 // +=carry
stg %r7,0(%r2,%r1) // rp[i]=
lg %r9,8(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r8,zero
alcgr %r9,%r6
stg %r9,8(%r2,%r1)
lg %r7,16(%r2,%r3)
mlgr %r6,%r5
algr %r7,%r8
alcgr %r6,zero
alcgr %r7,%r8
stg %r7,16(%r2,%r1)
lg %r9,24(%r2,%r3)
mlgr %r8,%r5
algr %r9,%r6
alcgr %r8,zero
alcgr %r9,%r6
stg %r9,24(%r2,%r1)
la %r2,32(%r2) // i+=4
brct %r10,.Loop4_mul
brct %r4,.Loop4_mul
lghi %r10,3
nr %r4,%r10 // cnt=len%4
jz .Lend_mul
la %r10,1(%r10) // see if len%4 is zero ...
brct %r10,.Loop1_mul // without touching condition code:-)
.Lend_mul:
alcgr %r8,zero // collect carry bit
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
.Loop1_mul:
lg %r7,0(%r2,%r3) // ap[i]
mlgr %r6,%r5 // *=w
algr %r7,%r8 // +=carry
alcgr %r6,zero
alcgr %r7,%r8 // +=carry
stg %r7,0(%r2,%r1) // rp[i]=
lgr %r8,%r6
la %r2,8(%r2) // i++
brct %r4,.Loop1_mul
brct %r10,.Loop1_mul
.Lend_mul:
lgr %r2,%r8
lmg %r6,%r10,48(%r15)
br %r14
j .Lend_mul
.size bn_mul_words,.-bn_mul_words
// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)

1
crypto/external/bsd/openssl/dist/crypto/bn/asm/x86_64-gcc.c vendored
View File

@ -63,6 +63,7 @@
#undef mul
#undef mul_add
#undef sqr
/*
* "m"(a), "+m"(r) is the way to favor DirectPath µ-code;

29
crypto/external/bsd/openssl/dist/crypto/bn/bn.h vendored
View File

@ -253,6 +253,24 @@ extern "C" {
#define BN_HEX_FMT2 "%08X"
#endif
/* 2011-02-22 SMS.
* In various places, a size_t variable or a type cast to size_t was
* used to perform integer-only operations on pointers. This failed on
* VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
* still only 32 bits. What's needed in these cases is an integer type
* with the same size as a pointer, which size_t is not certain to be.
* The only fix here is VMS-specific.
*/
#if defined(OPENSSL_SYS_VMS)
# if __INITIAL_POINTER_SIZE == 64
# define PTR_SIZE_INT long long
# else /* __INITIAL_POINTER_SIZE == 64 */
# define PTR_SIZE_INT int
# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
#else /* defined(OPENSSL_SYS_VMS) */
# define PTR_SIZE_INT size_t
#endif /* defined(OPENSSL_SYS_VMS) [else] */
#define BN_DEFAULT_BITS 1280
#define BN_FLG_MALLOCED 0x01
@ -540,6 +558,17 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
BIGNUM *Xp1, BIGNUM *Xp2,
const BIGNUM *Xp,
const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
BN_MONT_CTX *BN_MONT_CTX_new(void );
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,

2
crypto/external/bsd/openssl/dist/crypto/bn/bn_div.c vendored
View File

@ -102,7 +102,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
/* The next 2 are needed so we can do a dv->d[0]|=1 later
* since BN_lshift1 will only work once there is a value :-) */
BN_zero(dv);
bn_wexpand(dv,1);
if(bn_wexpand(dv,1) == NULL) goto end;
dv->top=1;
if (!BN_lshift(D,D,nm-nd)) goto end;

3
crypto/external/bsd/openssl/dist/crypto/bn/bn_exp2.c vendored
View File

@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
r_is_one = 0;
}
}
BN_from_montgomery(rr,r,mont,ctx);
if (!BN_from_montgomery(rr,r,mont,ctx))
goto err;
ret=1;
err:
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);

Some files were not shown because too many files have changed in this diff Show More