From 9ea9ccfcc6f4a96e5769f5da614c617034da99ca Mon Sep 17 00:00:00 2001 From: christos Date: Fri, 25 Nov 2005 19:15:08 +0000 Subject: [PATCH] Adjust to the new openssl-0.9.8a. Notable changes: - no more fips - new algorithms Bump version to 3.0 --- lib/libcrypto/Makefile | 11 +++++++---- lib/libcrypto/arch/i386/bn.inc | 4 ++-- lib/libcrypto/arch/i386/sha.inc | 4 ++-- lib/libcrypto/arch/vax/bn.inc | 4 ++-- lib/libcrypto/asn1.inc | 5 +++-- lib/libcrypto/bn.inc | 4 ++-- lib/libcrypto/ec.inc | 7 ++++--- lib/libcrypto/ecdh.inc | 12 ++++++++++++ lib/libcrypto/ecdsa.inc | 13 +++++++++++++ lib/libcrypto/engine.inc | 20 ++++++++++++++------ lib/libcrypto/evp.inc | 4 ++-- lib/libcrypto/rsa.inc | 4 ++-- lib/libcrypto/sha.inc | 4 ++-- lib/libcrypto/shlib_version | 6 +++--- lib/libcrypto/srcs.inc | 7 ++++--- lib/libcrypto/store.inc | 12 ++++++++++++ lib/libcrypto/x509.inc | 4 ++-- lib/libcrypto/x509v3.inc | 5 +++-- 18 files changed, 91 insertions(+), 39 deletions(-) create mode 100644 lib/libcrypto/ecdh.inc create mode 100644 lib/libcrypto/ecdsa.inc create mode 100644 lib/libcrypto/store.inc diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 951e4412d6be..559d17a5ac64 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.41 2005/06/29 14:41:16 simonb Exp $ +# $NetBSD: Makefile,v 1.42 2005/11/25 19:15:08 christos Exp $ # RCSid: # Id: Makefile,v 1.33 1998/11/11 11:53:53 sjg Exp @@ -17,7 +17,7 @@ # USE_SHLIBDIR= yes -USE_FIPS= yes +USE_FIPS= no .include .include @@ -28,6 +28,7 @@ WARNS=0 LIB= crypto CPPFLAGS+= -Dlib${LIB} -I. -I${OPENSSLSRC}/crypto -I${OPENSSLSRC} +CPPFLAGS+= -DENGINESDIR=\"/usr/lib/openssl\" CRYPTODIST= ${NETBSDSRCDIR}/crypto/dist @@ -69,11 +70,11 @@ CLEANFILES+= buildinf.h # directory in the OpenSSL source distribution. INCS+= aes.h asn1.h asn1_mac.h asn1t.h bio.h blowfish.h bn.h \ buffer.h cast.h comp.h conf.h conf_api.h crypto.h des.h \ - dh.h dsa.h dso.h e_os2.h ebcdic.h ec.h engine.h \ + dh.h dsa.h dso.h e_os2.h ebcdic.h ec.h ecdh.h ecdsa.h engine.h \ err.h evp.h hmac.h krb5_asn.h lhash.h md2.h md4.h md5.h \ obj_mac.h objects.h ocsp.h opensslconf.h opensslv.h ossl_typ.h \ pem.h pem2.h pkcs12.h pkcs7.h rand.h rc2.h rc4.h ripemd.h \ - rsa.h safestack.h sha.h stack.h symhacks.h tmdiff.h txt_db.h \ + rsa.h safestack.h sha.h stack.h store.h symhacks.h tmdiff.h txt_db.h \ ui.h ui_compat.h x509.h x509_vfy.h x509v3.h # des_old.h @@ -86,11 +87,13 @@ INCS+= rc5.h # MDC2 - patented, but we install the header anyways INCS+= mdc2.h +.if (${USE_FIPS} != "no") # FIPS # This part is always included, because OpenSSL does not protect # The FIPS include files .PATH: ${OPENSSLSRC}/fips ${OPENSSLSRC}/fips/rand INCS+= fips.h fips_rand.h +.endif .if (${USE_FIPS} != "no") CPPFLAGS+=-DOPENSSL_FIPS diff --git a/lib/libcrypto/arch/i386/bn.inc b/lib/libcrypto/arch/i386/bn.inc index 34411bc793de..8a9b906a0ccb 100644 --- a/lib/libcrypto/arch/i386/bn.inc +++ b/lib/libcrypto/arch/i386/bn.inc @@ -1,4 +1,4 @@ -# $NetBSD: bn.inc,v 1.3 2003/11/04 21:06:32 itojun Exp $ +# $NetBSD: bn.inc,v 1.4 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -13,4 +13,4 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/bn SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm_586.S bn_comba_586.S \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_nist.c bn_gf2m.c diff --git a/lib/libcrypto/arch/i386/sha.inc b/lib/libcrypto/arch/i386/sha.inc index ea4b2fed1650..ac225d1c9368 100644 --- a/lib/libcrypto/arch/i386/sha.inc +++ b/lib/libcrypto/arch/i386/sha.inc @@ -1,4 +1,4 @@ -# $NetBSD: sha.inc,v 1.1 2003/11/13 02:10:00 itojun Exp $ +# $NetBSD: sha.inc,v 1.2 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -10,4 +10,4 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/sha -DSHA1_ASM -SRCS+=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha1_586.S +SRCS+=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha1_586.S sha256.c diff --git a/lib/libcrypto/arch/vax/bn.inc b/lib/libcrypto/arch/vax/bn.inc index 1a901da446d2..21b4c47fc9a0 100644 --- a/lib/libcrypto/arch/vax/bn.inc +++ b/lib/libcrypto/arch/vax/bn.inc @@ -1,4 +1,4 @@ -# $NetBSD: bn.inc,v 1.1 2003/11/03 10:22:28 ragge Exp $ +# $NetBSD: bn.inc,v 1.2 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -15,4 +15,4 @@ SRCS+= bn_asm_vax.S SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_nist.c bn_gf2m.c diff --git a/lib/libcrypto/asn1.inc b/lib/libcrypto/asn1.inc index 0e510f54a5e8..f8266ff577ea 100644 --- a/lib/libcrypto/asn1.inc +++ b/lib/libcrypto/asn1.inc @@ -1,4 +1,4 @@ -# $NetBSD: asn1.inc,v 1.5 2003/07/24 14:16:31 itojun Exp $ +# $NetBSD: asn1.inc,v 1.6 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -20,4 +20,5 @@ SRCS+= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ f_int.c f_string.c n_pkey.c \ f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ - evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c + evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c \ + asn1_gen.c diff --git a/lib/libcrypto/bn.inc b/lib/libcrypto/bn.inc index 17f50b714853..ad8b9c4342cd 100644 --- a/lib/libcrypto/bn.inc +++ b/lib/libcrypto/bn.inc @@ -1,4 +1,4 @@ -# $NetBSD: bn.inc,v 1.4 2003/07/24 14:16:31 itojun Exp $ +# $NetBSD: bn.inc,v 1.5 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -12,4 +12,4 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/bn SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_nist.c bn_gf2m.c diff --git a/lib/libcrypto/ec.inc b/lib/libcrypto/ec.inc index cce0cee41a61..b5d401c43dd2 100644 --- a/lib/libcrypto/ec.inc +++ b/lib/libcrypto/ec.inc @@ -1,4 +1,4 @@ -# $NetBSD: ec.inc,v 1.1 2003/07/24 14:16:32 itojun Exp $ +# $NetBSD: ec.inc,v 1.2 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -9,5 +9,6 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/ec -SRCS+= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_err.c +SRCS+= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ + ec_err.c ec_asn1.c ec_key.c ec_print.c ec_curve.c ec2_smpl.c \ + ec2_mult.c ec_check.c diff --git a/lib/libcrypto/ecdh.inc b/lib/libcrypto/ecdh.inc new file mode 100644 index 000000000000..80b8d58a3d3e --- /dev/null +++ b/lib/libcrypto/ecdh.inc @@ -0,0 +1,12 @@ +# $NetBSD: ecdh.inc,v 1.1 2005/11/25 19:15:08 christos Exp $ +# +# @(#) Copyright (c) 1995 Simon J. Gerraty +# +# SRCS extracted from /home/current/src/lib/libcrypto/../../crypto/dist/openssl/crypto/ec/Makefile.ssl +# + +.PATH: ${OPENSSLSRC}/crypto/ecdh + +CPPFLAGS+= -I${OPENSSLSRC}/crypto/ecdh + +SRCS+= ech_err.c ech_key.c ech_lib.c ech_ossl.c diff --git a/lib/libcrypto/ecdsa.inc b/lib/libcrypto/ecdsa.inc new file mode 100644 index 000000000000..fa279a071558 --- /dev/null +++ b/lib/libcrypto/ecdsa.inc @@ -0,0 +1,13 @@ +# $NetBSD: ecdsa.inc,v 1.1 2005/11/25 19:15:08 christos Exp $ +# +# @(#) Copyright (c) 1995 Simon J. Gerraty +# +# SRCS extracted from /home/current/src/lib/libcrypto/../../crypto/dist/openssl/crypto/ec/Makefile.ssl +# + +.PATH: ${OPENSSLSRC}/crypto/ecdsa + +CPPFLAGS+= -I${OPENSSLSRC}/crypto/ecdsa + +SRCS+= ecs_asn1.c ecs_err.c ecs_lib.c ecs_locl.h ecs_ossl.c ecs_sign.c \ + ecs_vrf.c diff --git a/lib/libcrypto/engine.inc b/lib/libcrypto/engine.inc index 447669499a15..893c9bbf9193 100644 --- a/lib/libcrypto/engine.inc +++ b/lib/libcrypto/engine.inc @@ -1,17 +1,25 @@ -# $NetBSD: engine.inc,v 1.1 2003/07/24 14:16:32 itojun Exp $ +# $NetBSD: engine.inc,v 1.2 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # # SRCS extracted from /home/current/src/lib/libcrypto/../../crypto/dist/openssl/crypto/engine/Makefile.ssl # -.PATH: ${OPENSSLSRC}/crypto/engine +.PATH: ${OPENSSLSRC}/crypto/engine ${OPENSSLSRC}/engines -CPPFLAGS+= -I${OPENSSLSRC}/crypto/engine +CPPFLAGS+= -I${OPENSSLSRC}/crypto/engine -I${OPENSSLSRC}/engines SRCS+= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ eng_table.c eng_pkey.c eng_fat.c eng_all.c \ tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \ - eng_openssl.c eng_dyn.c eng_cnf.c \ - hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \ - hw_cryptodev.c hw_aep.c hw_sureware.c hw_4758_cca.c + eng_openssl.c eng_dyn.c eng_cnf.c eng_padlock.c \ + eng_cryptodev.c tb_store.c tb_ecdsa.c tb_ecdh.c \ + e_4758cca.c e_4758cca_err.c \ + e_aep.c e_aep_err.c \ + e_atalla.c e_atalla_err.c \ + e_chil.c e_chil_err.c \ + e_cswift.c e_cswift_err.c \ + e_gmp.c e_gmp_err.c \ + e_nuron.c e_nuron_err.c \ + e_sureware.c e_sureware_err.c \ + e_ubsec.c e_ubsec_err.c diff --git a/lib/libcrypto/evp.inc b/lib/libcrypto/evp.inc index 02dce24f96a1..e09134d010fe 100644 --- a/lib/libcrypto/evp.inc +++ b/lib/libcrypto/evp.inc @@ -1,4 +1,4 @@ -# $NetBSD: evp.inc,v 1.5 2003/07/24 14:16:32 itojun Exp $ +# $NetBSD: evp.inc,v 1.6 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -18,4 +18,4 @@ SRCS+= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \ - evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c + evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c m_ecdsa.c diff --git a/lib/libcrypto/rsa.inc b/lib/libcrypto/rsa.inc index 537237250b25..b902d2f7a304 100644 --- a/lib/libcrypto/rsa.inc +++ b/lib/libcrypto/rsa.inc @@ -1,4 +1,4 @@ -# $NetBSD: rsa.inc,v 1.4 2003/07/24 14:16:33 itojun Exp $ +# $NetBSD: rsa.inc,v 1.5 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -11,4 +11,4 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/rsa SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_asn1.c + rsa_asn1.c rsa_x931.c diff --git a/lib/libcrypto/sha.inc b/lib/libcrypto/sha.inc index a4cb23979005..daea2259e7e7 100644 --- a/lib/libcrypto/sha.inc +++ b/lib/libcrypto/sha.inc @@ -1,4 +1,4 @@ -# $NetBSD: sha.inc,v 1.5 2003/11/13 02:10:00 itojun Exp $ +# $NetBSD: sha.inc,v 1.6 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -9,4 +9,4 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/sha -SRCS+=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c +SRCS+=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c diff --git a/lib/libcrypto/shlib_version b/lib/libcrypto/shlib_version index 509c378fc2cc..8a15a376ebcf 100644 --- a/lib/libcrypto/shlib_version +++ b/lib/libcrypto/shlib_version @@ -1,8 +1,8 @@ -# $NetBSD: shlib_version,v 1.9 2005/03/26 02:22:01 christos Exp $ +# $NetBSD: shlib_version,v 1.10 2005/11/25 19:15:08 christos Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # # Also remember to update lib/libdes/shlib_version when changing # (since it just installs a symbolic link to libcrypto) # -major=2 -minor=2 +major=3 +minor=0 diff --git a/lib/libcrypto/srcs.inc b/lib/libcrypto/srcs.inc index 17854d5024fb..76e1b9e3bfe0 100644 --- a/lib/libcrypto/srcs.inc +++ b/lib/libcrypto/srcs.inc @@ -1,12 +1,13 @@ -# $NetBSD: srcs.inc,v 1.11 2003/07/24 14:16:33 itojun Exp $ +# $NetBSD: srcs.inc,v 1.12 2005/11/25 19:15:08 christos Exp $ CRYPTOINCS= \ aes.inc asn1.inc bf.inc bio.inc bn.inc buffer.inc cast.inc \ comp.inc conf.inc crypto.inc des.inc dh.inc dsa.inc dso.inc \ - ec.inc engine.inc err.inc evp.inc hmac.inc krb5.inc lhash.inc \ + ec.inc ecdh.inc ecdsa.inc engine.inc err.inc evp.inc hmac.inc \ + krb5.inc lhash.inc \ md2.inc md4.inc md5.inc objects.inc ocsp.inc pem.inc \ pkcs12.inc pkcs7.inc rand.inc rc2.inc rc4.inc ripemd.inc \ - rsa.inc sha.inc stack.inc txt_db.inc ui.inc x509.inc \ + rsa.inc sha.inc stack.inc store.inc txt_db.inc ui.inc x509.inc \ x509v3.inc # patented algorithms - see ../libcrypto_* diff --git a/lib/libcrypto/store.inc b/lib/libcrypto/store.inc new file mode 100644 index 000000000000..f19ca01eb129 --- /dev/null +++ b/lib/libcrypto/store.inc @@ -0,0 +1,12 @@ +# $NetBSD: store.inc,v 1.1 2005/11/25 19:15:08 christos Exp $ +# +# @(#) Copyright (c) 1995 Simon J. Gerraty +# +# SRCS extracted from /home/current/src/lib/libcrypto/../../crypto/dist/openssl/crypto/ec/Makefile.ssl +# + +.PATH: ${OPENSSLSRC}/crypto/store + +CPPFLAGS+= -I${OPENSSLSRC}/crypto/store + +SRCS+= str_err.c str_lib.c str_locl.h str_mem.c str_meth.c diff --git a/lib/libcrypto/x509.inc b/lib/libcrypto/x509.inc index 5ca505c7bd35..ed9f2b464ecf 100644 --- a/lib/libcrypto/x509.inc +++ b/lib/libcrypto/x509.inc @@ -1,4 +1,4 @@ -# $NetBSD: x509.inc,v 1.4 2003/07/24 14:16:33 itojun Exp $ +# $NetBSD: x509.inc,v 1.5 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -14,4 +14,4 @@ SRCS+= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ x509_set.c x509cset.c x509rset.c x509_err.c \ x509name.c x509_v3.c x509_ext.c x509_att.c \ x509type.c x509_lu.c x_all.c x509_txt.c \ - x509_trs.c by_file.c by_dir.c + x509_trs.c x509_vpm.c by_file.c by_dir.c diff --git a/lib/libcrypto/x509v3.inc b/lib/libcrypto/x509v3.inc index bc91d2842e49..a366b442e28d 100644 --- a/lib/libcrypto/x509v3.inc +++ b/lib/libcrypto/x509v3.inc @@ -1,4 +1,4 @@ -# $NetBSD: x509v3.inc,v 1.6 2005/04/23 20:32:17 christos Exp $ +# $NetBSD: x509v3.inc,v 1.7 2005/11/25 19:15:08 christos Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -12,4 +12,5 @@ CPPFLAGS+= -I${OPENSSLSRC}/crypto/x509v3 SRCS+= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \ v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \ v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_pci.c v3_pcia.c \ -v3_purp.c v3_info.c v3_ocsp.c v3_akeya.c +v3_purp.c v3_info.c v3_ocsp.c v3_akeya.c pcy_tree.c v3_pmaps.c pcy_data.c \ +v3_pcons.c pcy_lib.c pcy_node.c pcy_cache.c pcy_map.c v3_ncons.c