summaryrefslogtreecommitdiff
path: root/lib/libcrypto/util
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libcrypto/util')
-rw-r--r--lib/libcrypto/util/cygwin.sh12
-rw-r--r--lib/libcrypto/util/libeay.num217
-rw-r--r--lib/libcrypto/util/mk1mf.pl85
-rw-r--r--lib/libcrypto/util/mkdef.pl40
-rw-r--r--lib/libcrypto/util/mkfiles.pl2
-rw-r--r--lib/libcrypto/util/pl/VC-32.pl79
-rw-r--r--lib/libcrypto/util/ssleay.num61
7 files changed, 419 insertions, 77 deletions
diff --git a/lib/libcrypto/util/cygwin.sh b/lib/libcrypto/util/cygwin.sh
index d6228521e66..cfdb04d2a48 100644
--- a/lib/libcrypto/util/cygwin.sh
+++ b/lib/libcrypto/util/cygwin.sh
@@ -11,6 +11,7 @@ CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5"
INSTALL_PREFIX=/tmp/install/INSTALL
VERSION=
+SHLIB_VERSION_NUMBER=
SUBVERSION=$1
function cleanup()
@@ -28,6 +29,13 @@ function get_openssl_version()
echo " Check value of variable VERSION in Makefile."
exit 1
fi
+ eval `grep '^SHLIB_VERSION_NUMBER=' Makefile`
+ if [ -z "${SHLIB_VERSION_NUMBER}" ]
+ then
+ echo "Error: Couldn't retrieve OpenSSL shared lib version from Makefile."
+ echo " Check value of variable SHLIB_VERSION_NUMBER in Makefile."
+ exit 1
+ fi
}
function base_install()
@@ -124,7 +132,7 @@ strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so
chmod u-w usr/lib/engines/*.so
# Runtime package
-tar cjf libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
+tar cjf libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
usr/bin/cyg*dll
# Base package
find etc usr/bin/openssl.exe usr/bin/c_rehash usr/lib/engines usr/share/doc \
@@ -139,7 +147,7 @@ tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -
ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2
-ls -l libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
cleanup
diff --git a/lib/libcrypto/util/libeay.num b/lib/libcrypto/util/libeay.num
index 1467ab62433..93f80ba0c64 100644
--- a/lib/libcrypto/util/libeay.num
+++ b/lib/libcrypto/util/libeay.num
@@ -1050,7 +1050,7 @@ ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION:
ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION:
ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION:
ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION:
-ERR_add_error_data 1081 EXIST::FUNCTION:BIO
+ERR_add_error_data 1081 EXIST::FUNCTION:
ERR_set_error_data 1082 EXIST::FUNCTION:
EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION:
EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION:
@@ -2808,7 +2808,7 @@ FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
FIPS_selftest_des 3250 NOEXIST::FUNCTION:
EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
-FIPS_mode_set 3253 NOEXIST::FUNCTION:
+FIPS_mode_set 3253 EXIST::FUNCTION:
FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
FIPS_allow_md5 3256 NOEXIST::FUNCTION:
@@ -2838,23 +2838,23 @@ AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
FIPS_rand_check 3281 NOEXIST::FUNCTION:
FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
-FIPS_mode 3283 NOEXIST::FUNCTION:
+FIPS_mode 3283 EXIST::FUNCTION:
FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
sk_is_sorted 3285 EXIST::FUNCTION:
X509_check_ca 3286 EXIST::FUNCTION:
-private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION:
+private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC
-private_SHA_Init 3289 NOEXIST::FUNCTION:
-private_CAST_set_key 3290 NOEXIST::FUNCTION:
-private_RIPEMD160_Init 3291 NOEXIST::FUNCTION:
+private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
+private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
+private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
private_RC5_32_set_key 3292 NOEXIST::FUNCTION:
-private_MD5_Init 3293 NOEXIST::FUNCTION:
-private_RC4_set_key 3294 NOEXIST::FUNCTION:
-private_MDC2_Init 3295 NOEXIST::FUNCTION:
-private_RC2_set_key 3296 NOEXIST::FUNCTION:
-private_MD4_Init 3297 NOEXIST::FUNCTION:
-private_BF_set_key 3298 NOEXIST::FUNCTION:
-private_MD2_Init 3299 NOEXIST::FUNCTION:
+private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
+private_RC4_set_key 3294 EXIST::FUNCTION:RC4
+private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
+private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
+private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
+private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF
+private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2
d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION:
PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
-BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION:
+BN_X931_generate_Xpq 3325 EXIST::FUNCTION:
RSA_X931_generate_key 3326 NOEXIST::FUNCTION:
BN_X931_derive_prime 3327 NOEXIST::FUNCTION:
BN_X931_generate_prime 3328 NOEXIST::FUNCTION:
@@ -2906,7 +2906,7 @@ STORE_parse_attrs_start 3343 NOEXIST::FUNCTION:
POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION:
EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION:
BN_nist_mod_192 3346 EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC
+EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M
STORE_set_method 3348 NOEXIST::FUNCTION:
GENERAL_SUBTREE_free 3349 EXIST::FUNCTION:
NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -2921,14 +2921,14 @@ SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC
BN_get0_nist_prime_192 3358 EXIST::FUNCTION:
STORE_modify_certificate 3359 NOEXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC
-BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M
+BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M
STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION:
X509_keyid_get0 3363 EXIST::FUNCTION:
ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
pitem_new 3365 EXIST::FUNCTION:
-BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M
STORE_list_public_key_endp 3367 NOEXIST::FUNCTION:
o2i_ECPublicKey 3368 EXIST::FUNCTION:EC
EC_KEY_copy 3369 EXIST::FUNCTION:EC
@@ -2945,7 +2945,7 @@ X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION:
EC_POINT_point2bn 3379 EXIST::FUNCTION:EC
STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION:
X509_policy_tree_get0_policies 3381 EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC
+EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M
STORE_destroy_method 3383 NOEXIST::FUNCTION:
ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE
EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC
@@ -2961,7 +2961,7 @@ ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE
pqueue_iterator 3394 EXIST::FUNCTION:
ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA
OPENSSL_DIR_end 3396 EXIST::FUNCTION:
-BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:
+BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M
EC_POINT_bn2point 3398 EXIST::FUNCTION:EC
X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION:
EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC
@@ -2974,7 +2974,7 @@ EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC
STORE_method_set_store_function 3406 NOEXIST::FUNCTION:
STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION:
PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M
EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION:
BN_BLINDING_set_flags 3411 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION:
@@ -2982,10 +2982,10 @@ X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION:
X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION:
STORE_get_number 3415 NOEXIST::FUNCTION:
ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M
EC_KEY_up_ref 3418 EXIST::FUNCTION:EC
POLICY_MAPPING_free 3419 EXIST::FUNCTION:
-BN_GF2m_mod_div 3420 EXIST::FUNCTION:
+BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M
X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION:
EC_KEY_free 3422 EXIST::FUNCTION:EC
STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION:
@@ -2999,7 +2999,7 @@ STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION:
pqueue_print 3428 EXIST::FUNCTION:
EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC
EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr 3431 EXIST::FUNCTION:
+BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M
PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION:
EVP_PKEY_cmp 3433 EXIST::FUNCTION:
X509_policy_level_node_count 3434 EXIST::FUNCTION:
@@ -3020,7 +3020,7 @@ X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION:
X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION:
STORE_list_crl_end 3449 NOEXIST::FUNCTION:
EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M
i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC
ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API
pqueue_find 3454 EXIST::FUNCTION:
@@ -3037,7 +3037,7 @@ PKCS12_add_safes 3464 EXIST::FUNCTION:
BN_BLINDING_convert_ex 3465 EXIST::FUNCTION:
X509_policy_tree_free 3466 EXIST::FUNCTION:
OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION:
-BN_GF2m_poly2arr 3468 EXIST::FUNCTION:
+BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M
STORE_ctrl 3469 NOEXIST::FUNCTION:
STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION:
BN_get0_nist_prime_224 3471 EXIST::FUNCTION:
@@ -3061,7 +3061,7 @@ STORE_method_set_delete_function 3486 NOEXIST::FUNCTION:
STORE_list_certificate_next 3487 NOEXIST::FUNCTION:
ASN1_generate_nconf 3488 EXIST::FUNCTION:
BUF_memdup 3489 EXIST::FUNCTION:
-BN_GF2m_mod_mul 3490 EXIST::FUNCTION:
+BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M
STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION:
STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION:
STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION:
@@ -3072,7 +3072,7 @@ STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION:
STORE_get_private_key 3497 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION:
STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC
+EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M
STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION:
STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION:
STORE_store_number 3502 NOEXIST::FUNCTION:
@@ -3088,7 +3088,7 @@ BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API
EC_KEY_set_group 3512 EXIST::FUNCTION:EC
BUF_strndup 3513 EXIST::FUNCTION:
STORE_list_certificate_start 3514 NOEXIST::FUNCTION:
-BN_GF2m_mod 3515 EXIST::FUNCTION:
+BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M
X509_REQ_check_private_key 3516 EXIST::FUNCTION:
EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC
ERR_load_STORE_strings 3518 NOEXIST::FUNCTION:
@@ -3117,19 +3117,19 @@ STORE_method_set_get_function 3536 NOEXIST::FUNCTION:
STORE_modify_number 3537 NOEXIST::FUNCTION:
STORE_method_get_store_function 3538 NOEXIST::FUNCTION:
STORE_store_private_key 3539 NOEXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M
RSA_setup_blinding 3541 EXIST::FUNCTION:RSA
BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM
STORE_Memory 3543 NOEXIST::FUNCTION:
sk_find_ex 3544 EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC
+EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M
ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE
POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION:
-BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M
ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH
EC_KEY_generate_key 3550 EXIST::FUNCTION:EC
SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly 3552 EXIST::FUNCTION:
+BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M
STORE_method_get_get_function 3553 NOEXIST::FUNCTION:
STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION:
STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION:
@@ -3154,7 +3154,7 @@ EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC
ASN1_generate_v3 3571 EXIST::FUNCTION:
STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION:
X509_policy_tree_level_count 3573 EXIST::FUNCTION:
-BN_GF2m_add 3574 EXIST::FUNCTION:
+BN_GF2m_add 3574 EXIST::FUNCTION:EC2M
EC_KEY_get0_group 3575 EXIST::FUNCTION:EC
STORE_generate_crl 3576 NOEXIST::FUNCTION:
STORE_store_public_key 3577 NOEXIST::FUNCTION:
@@ -3179,8 +3179,8 @@ STORE_store_certificate 3593 NOEXIST::FUNCTION:
OBJ_bsearch_ex 3594 NOEXIST::FUNCTION:
X509_STORE_CTX_set_default 3595 EXIST::FUNCTION:
STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION:
-BN_GF2m_mod_inv 3597 EXIST::FUNCTION:
-BN_GF2m_mod_exp 3598 EXIST::FUNCTION:
+BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M
+BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M
STORE_modify_public_key 3599 NOEXIST::FUNCTION:
STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION:
STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION:
@@ -3188,7 +3188,7 @@ EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC
STORE_store_arbitrary 3602 NOEXIST::FUNCTION:
STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION:
STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION:
-BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:
+BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M
ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE
STORE_create_method 3606 NOEXIST::FUNCTION:
ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC
@@ -3211,8 +3211,8 @@ EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC
ASN1_const_check_infinite_end 3623 EXIST::FUNCTION:
EVP_PKEY_delete_attr 3624 EXIST::FUNCTION:
ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC
+EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_cmp 3627 EXIST::FUNCTION:EC
STORE_revoke_certificate 3628 NOEXIST::FUNCTION:
BN_get0_nist_prime_256 3629 EXIST::FUNCTION:
@@ -3241,7 +3241,7 @@ POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
STORE_get_ex_new_index 3650 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION:
X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M
SHA256 3654 EXIST::FUNCTION:SHA,SHA256
i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API
X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION:
@@ -3249,8 +3249,8 @@ X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION:
OPENSSL_DIR_read 3657 EXIST::FUNCTION:
ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE
X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC
+EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_dup 3661 EXIST::FUNCTION:EC
ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE
EC_KEY_new 3663 EXIST::FUNCTION:EC
@@ -3332,7 +3332,7 @@ STORE_list_certificate_end 3734 NOEXIST::FUNCTION:
STORE_get_crl 3735 NOEXIST::FUNCTION:
X509_POLICY_NODE_print 3736 EXIST::FUNCTION:
SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC
+EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M
ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA
SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
PKCS7_set_digest 3741 EXIST::FUNCTION:
@@ -3364,7 +3364,7 @@ BIO_dump_cb 3764 EXIST::FUNCTION:
SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256
pqueue_insert 3766 EXIST::FUNCTION:
pitem_free 3767 EXIST::FUNCTION:
-BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M
ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE
BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED
get_rfc3526_prime_8192 3771 EXIST::FUNCTION:
@@ -3670,7 +3670,7 @@ int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION:
int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION:
FIPS_rng_stick 4058 NOEXIST::FUNCTION:
EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
-BN_X931_generate_prime_ex 4060 NOEXIST::FUNCTION:
+BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
FIPS_selftest_check 4061 NOEXIST::FUNCTION:
FIPS_rand_set_dt 4062 NOEXIST::FUNCTION:
CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION:
@@ -3695,14 +3695,14 @@ FIPS_rand_test_mode 4081 NOEXIST::FUNCTION:
FIPS_rand_reset 4082 NOEXIST::FUNCTION:
FIPS_dsa_new 4083 NOEXIST::FUNCTION:
int_RAND_set_callbacks 4084 NOEXIST::FUNCTION:
-BN_X931_derive_prime_ex 4085 NOEXIST::FUNCTION:
+BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
int_ERR_lib_init 4086 NOEXIST::FUNCTION:
int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION:
FIPS_rsa_free 4088 NOEXIST::FUNCTION:
FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION:
CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION:
-OPENSSL_init 4091 NOEXIST::FUNCTION:
-private_Camellia_set_key 4092 NOEXIST::FUNCTION:
+OPENSSL_init 4091 EXIST::FUNCTION:
+private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
CRYPTO_strdup 4093 EXIST::FUNCTION:
JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
@@ -4194,4 +4194,119 @@ OPENSSL_memcmp 4565 EXIST::FUNCTION:
OPENSSL_strncasecmp 4566 EXIST::FUNCTION:
OPENSSL_gmtime 4567 EXIST::FUNCTION:
OPENSSL_gmtime_adj 4568 EXIST::FUNCTION:
-ENGINE_load_aesni 4569 EXIST::FUNCTION:ENGINE
+SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP
+SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP
+SRP_create_verifier 4571 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP
+SRP_Calc_u 4573 EXIST::FUNCTION:SRP
+SRP_VBASE_free 4574 EXIST::FUNCTION:SRP
+SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP
+SRP_get_default_gN 4576 EXIST::FUNCTION:SRP
+SRP_Calc_x 4577 EXIST::FUNCTION:SRP
+SRP_Calc_B 4578 EXIST::FUNCTION:SRP
+SRP_VBASE_new 4579 EXIST::FUNCTION:SRP
+SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP
+SRP_Calc_A 4581 EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP
+SRP_VBASE_init 4583 EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP
+EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC
+EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC
+EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES
+EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION:
+EVP_PKEY_meth_copy 4588 EXIST::FUNCTION:
+ERR_add_error_vdata 4589 EXIST::FUNCTION:
+EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES
+EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES
+EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_KEY_get_flags 4593 EXIST::FUNCTION:EC
+RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA
+EVP_aes_128_xts 4595 EXIST::FUNCTION:AES
+private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES
+private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
+EVP_aes_256_xts 4599 EXIST::FUNCTION:AES
+private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES
+EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC
+EC_KEY_set_flags 4603 EXIST::FUNCTION:EC
+private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES
+EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES
+private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES
+RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA
+private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
+EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES
+private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED
+EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES
+X509_ALGOR_set_md 4612 EXIST::FUNCTION:
+private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION:
+EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES
+private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES
+CMAC_CTX_copy 4618 EXIST::FUNCTION:
+CMAC_CTX_free 4619 EXIST::FUNCTION:
+CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION:
+CMAC_CTX_cleanup 4621 EXIST::FUNCTION:
+CMAC_Init 4622 EXIST::FUNCTION:
+CMAC_Update 4623 EXIST::FUNCTION:
+CMAC_resume 4624 EXIST::FUNCTION:
+CMAC_CTX_new 4625 EXIST::FUNCTION:
+CMAC_Final 4626 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION:
+CRYPTO_gcm128_release 4628 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION:
+CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION:
+EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4
+CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION:
+CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION:
+EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1
+CRYPTO_gcm128_tag 4638 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION:
+ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE
+CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION:
+CRYPTO_gcm128_aad 4643 EXIST::FUNCTION:
+CRYPTO_ccm128_init 4644 EXIST::FUNCTION:
+CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION:
+CRYPTO_gcm128_new 4646 EXIST::FUNCTION:
+CRYPTO_ccm128_tag 4647 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION:
+CRYPTO_ccm128_aad 4649 EXIST::FUNCTION:
+CRYPTO_gcm128_init 4650 EXIST::FUNCTION:
+CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION:
+ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE
+CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION:
+CRYPTO_gcm128_finish 4655 EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1
+PKCS5_pbkdf2_set 4657 EXIST::FUNCTION:
+CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS
+RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION:
+X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP
+RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA
+X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP
+X509_signature_dump 4665 EXIST::FUNCTION:EVP
+d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA
+X509_sign_ctx 4669 EXIST::FUNCTION:EVP
+i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA
+ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP
+EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+OPENSSL_stderr 4674 EXIST::FUNCTION:
+OPENSSL_cpuid_setup 4675 EXIST::FUNCTION:
+OPENSSL_showfatal 4676 EXIST::FUNCTION:
+BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP
+BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP
+BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP
diff --git a/lib/libcrypto/util/mk1mf.pl b/lib/libcrypto/util/mk1mf.pl
index 1dcef2b8a24..458f830401e 100644
--- a/lib/libcrypto/util/mk1mf.pl
+++ b/lib/libcrypto/util/mk1mf.pl
@@ -18,6 +18,8 @@ local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
local $zlib_lib = "";
local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
+my $ex_l_libs = "";
+
# Options to import from top level Makefile
my %mf_import = (
@@ -40,7 +42,9 @@ my %mf_import = (
SHA1_ASM_OBJ => \$mf_sha_asm,
RMD160_ASM_OBJ => \$mf_rmd_asm,
WP_ASM_OBJ => \$mf_wp_asm,
- CMLL_ENC => \$mf_cm_asm
+ CMLL_ENC => \$mf_cm_asm,
+ BASEADDR => \$baseaddr,
+ FIPSDIR => \$fipsdir,
);
@@ -104,6 +108,7 @@ and [options] can be one of
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
+ no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
@@ -228,6 +233,8 @@ else
$cflags.=' -DTERMIO';
}
+$fipsdir =~ s/\//${o}/g;
+
$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
@@ -261,6 +268,7 @@ $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
@@ -270,7 +278,9 @@ $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
+$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
@@ -404,6 +414,11 @@ else
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+ if ($fips)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ }
}
$defs= <<"EOF";
@@ -465,6 +480,18 @@ MKLIB=$bin_dir$mklib
MLFLAGS=$mlflags
ASM=$bin_dir$asm
+# FIPS validated module and support file locations
+
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
+E_PREMAIN_DSO=fips_premain_dso
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
+
######################################################
# You should not need to touch anything below this point
######################################################
@@ -497,7 +524,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
######################################################
# Don't touch anything below this point
@@ -513,7 +540,7 @@ LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
banner:
$banner
@@ -629,6 +656,16 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+# Special case rule for fips_premain_dso
+
+if ($fips)
+ {
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+ "\$(FIPS_PREMAIN_SRC)",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", "");
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+ }
+
foreach (values %lib_nam)
{
$lib_obj=$lib_obj{$_};
@@ -677,7 +714,28 @@ foreach (split(/\s+/,$engines))
$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+if ($fips)
+ {
+ if ($shlib)
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(O_CRYPTO)", "$crypto",
+ $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+ "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ }
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+ "\$(SO_CRYPTO)");
+ }
foreach (split(" ",$otherlibs))
{
@@ -687,7 +745,7 @@ foreach (split(" ",$otherlibs))
}
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
print $defs;
@@ -781,6 +839,8 @@ sub var_add
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+ @a=grep(!/(srp)/,@a) if $no_srp;
+
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@@ -939,14 +999,15 @@ sub Sasm_compile_target
sub cc_compile_target
{
- local($target,$source,$ex_flags)=@_;
+ local($target,$source,$ex_flags, $srcd)=@_;
local($ret);
$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
- $ret ="$target: \$(SRC_D)$o$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $srcd = "\$(SRC_D)$o" unless defined $srcd;
+ $ret ="$target: $srcd$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n";
return($ret);
}
@@ -1056,8 +1117,11 @@ sub read_options
"no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
+ "no-srp" => \$no_srp,
"no-cms" => \$no_cms,
+ "no-ec2m" => \$no_ec2m,
"no-jpake" => \$no_jpake,
+ "no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
@@ -1067,11 +1131,12 @@ sub read_options
"no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
+ "no-rsax" => 0,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed],
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
@@ -1079,6 +1144,7 @@ sub read_options
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
+ "no-sctp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
@@ -1086,6 +1152,7 @@ sub read_options
"no-store" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
+ "fips" => \$fips
);
if (exists $valid_options{$_})
diff --git a/lib/libcrypto/util/mkdef.pl b/lib/libcrypto/util/mkdef.pl
index ab473290974..9a8c7b87d1a 100644
--- a/lib/libcrypto/util/mkdef.pl
+++ b/lib/libcrypto/util/mkdef.pl
@@ -79,13 +79,15 @@ my $OS2=0;
my $safe_stack_def = 0;
my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB" );
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
- "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA",
+ "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
"HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+ # EC_NISTP_64_GCC_128
+ "EC_NISTP_64_GCC_128",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
@@ -98,7 +100,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# RFC3779
"RFC3779",
# TLS
- "TLSEXT", "PSK",
+ "TLSEXT", "PSK", "SRP", "HEARTBEATS",
# CMS
"CMS",
# CryptoAPI Engine
@@ -107,8 +109,14 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"SSL2",
# JPAKE
"JPAKE",
+ # NEXTPROTONEG
+ "NEXTPROTONEG",
# Deprecated functions
- "DEPRECATED" );
+ "DEPRECATED",
+ # Hide SSL internals
+ "SSL_INTERN",
+ # SCTP
+ "SCTP");
my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -127,7 +135,10 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_ssl2;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
+my $no_nextprotoneg; my $no_sctp;
+
+my $fips;
my $zlib;
@@ -151,6 +162,7 @@ foreach (@ARGV, split(/ /, $options))
}
$VMS=1 if $_ eq "VMS";
$OS2=1 if $_ eq "OS2";
+ $fips=1 if /^fips/;
if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
|| $_ eq "enable-zlib-dynamic") {
$zlib = 1;
@@ -215,9 +227,14 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
+ elsif (/^no-ec2m$/) { $no_ec2m=1; }
+ elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
+ elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
elsif (/^no-ssl2$/) { $no_ssl2=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
+ elsif (/^no-srp$/) { $no_srp=1; }
+ elsif (/^no-sctp$/) { $no_sctp=1; }
}
@@ -254,8 +271,10 @@ $max_crypto = $max_num;
my $ssl="ssl/ssl.h";
$ssl.=" ssl/kssl.h";
$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
$crypto.=" crypto/o_dir.h";
$crypto.=" crypto/o_str.h";
$crypto.=" crypto/o_time.h";
@@ -285,6 +304,7 @@ $crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
@@ -319,6 +339,7 @@ $crypto.=" crypto/pqueue/pqueue.h";
$crypto.=" crypto/cms/cms.h";
$crypto.=" crypto/jpake/jpake.h";
$crypto.=" crypto/modes/modes.h";
+$crypto.=" crypto/srp/srp.h";
my $symhacks="crypto/symhacks.h";
@@ -1126,6 +1147,9 @@ sub is_valid
if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
return 1;
}
+ if ($keyword eq "OPENSSL_FIPS" && $fips) {
+ return 1;
+ }
if ($keyword eq "ZLIB" && $zlib) { return 1; }
return 0;
} else {
@@ -1172,9 +1196,15 @@ sub is_valid
if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
if ($keyword eq "PSK" && $no_psk) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
+ if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+ if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+ if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+ { return 0; }
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+ if ($keyword eq "SRP" && $no_srp) { return 0; }
+ if ($keyword eq "SCTP" && $no_sctp) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true
diff --git a/lib/libcrypto/util/mkfiles.pl b/lib/libcrypto/util/mkfiles.pl
index 6d158314509..7d9a9d5e5c9 100644
--- a/lib/libcrypto/util/mkfiles.pl
+++ b/lib/libcrypto/util/mkfiles.pl
@@ -15,6 +15,7 @@ my @dirs = (
"crypto/sha",
"crypto/mdc2",
"crypto/hmac",
+"crypto/cmac",
"crypto/ripemd",
"crypto/des",
"crypto/rc2",
@@ -62,6 +63,7 @@ my @dirs = (
"crypto/pqueue",
"crypto/whrlpool",
"crypto/ts",
+"crypto/srp",
"ssl",
"apps",
"engines",
diff --git a/lib/libcrypto/util/pl/VC-32.pl b/lib/libcrypto/util/pl/VC-32.pl
index 5f25fc41bfa..c503bd52b9f 100644
--- a/lib/libcrypto/util/pl/VC-32.pl
+++ b/lib/libcrypto/util/pl/VC-32.pl
@@ -6,6 +6,16 @@
$ssl= "ssleay32";
$crypto="libeay32";
+if ($fips && !$shlib)
+ {
+ $crypto="libeayfips32";
+ $crypto_compat = "libeaycompat32.lib";
+ }
+else
+ {
+ $crypto="libeay32";
+ }
+
$o='\\';
$cp='$(PERL) util/copy.pl';
$mkdir='$(PERL) util/mkdir-p.pl';
@@ -33,7 +43,7 @@ if ($FLAVOR =~ /WIN64/)
# considered safe to ignore.
#
$base_cflags= " $mf_cflag";
- my $f = $shlib?' /MD':' /MT';
+ my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
$opt_cflags=$f.' /Ox';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
@@ -114,7 +124,7 @@ elsif ($FLAVOR =~ /CE/)
else # Win32
{
$base_cflags= " $mf_cflag";
- my $f = $shlib?' /MD':' /MT';
+ my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
$opt_cflags=$f.' /Ox /O2 /Ob2';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
@@ -266,10 +276,19 @@ elsif ($shlib && $FLAVOR =~ /CE/)
sub do_lib_rule
{
- local($objs,$target,$name,$shlib)=@_;
+ my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
local($ret);
$taget =~ s/\//$o/g if $o ne '/';
+ my $base_arg;
+ if ($base_addr ne "")
+ {
+ $base_arg= " /base:$base_addr";
+ }
+ else
+ {
+ $base_arg = "";
+ }
if ($name ne "")
{
$name =~ tr/a-z/A-Z/;
@@ -277,17 +296,37 @@ sub do_lib_rule
}
# $target="\$(LIB_D)$o$target";
- $ret.="$target: $objs\n";
+# $ret.="$target: $objs\n";
if (!$shlib)
{
# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="$target: $objs\n";
$ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
}
else
{
local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
- $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+
+ if ($fips && $target =~ /O_CRYPTO/)
+ {
+ $ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
+ $ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target ";
+ $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
+ $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
+ }
+ else
+ {
+ $ret.="$target: $objs";
+ $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+ }
$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
}
$ret.="\n";
@@ -296,15 +335,35 @@ sub do_lib_rule
sub do_link_rule
{
- local($target,$files,$dep_libs,$libs)=@_;
+ my($target,$files,$dep_libs,$libs,$standalone)=@_;
local($ret,$_);
-
$file =~ s/\//$o/g if $o ne '/';
$n=&bname($targer);
$ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
- $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n";
- $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
+ if ($standalone == 1)
+ {
+ $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
+ $ret.= "\$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild);
+ $ret.="$files $libs\n<<\n";
+ }
+ elsif ($standalone == 2)
+ {
+ $ret.="\tSET FIPS_LINK=\$(LINK)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
+ }
+ else
+ {
+ $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
+ }
+ $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
return($ret);
}
diff --git a/lib/libcrypto/util/ssleay.num b/lib/libcrypto/util/ssleay.num
index 15a58e7b13f..37655bc40a8 100644
--- a/lib/libcrypto/util/ssleay.num
+++ b/lib/libcrypto/util/ssleay.num
@@ -259,3 +259,64 @@ SSL_set_session_secret_cb 307 EXIST::FUNCTION:
SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
SSL_set1_param 309 EXIST::FUNCTION:
SSL_CTX_set1_param 310 EXIST::FUNCTION:
+SSL_tls1_key_exporter 311 NOEXIST::FUNCTION:
+SSL_renegotiate_abbreviated 312 EXIST::FUNCTION:
+TLSv1_1_method 313 EXIST::FUNCTION:
+TLSv1_1_client_method 314 EXIST::FUNCTION:
+TLSv1_1_server_method 315 EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_g 317 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP
+SSL_get_srp_N 322 EXIST::FUNCTION:SRP
+SSL_get_srp_username 323 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP
+SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP
+SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP
+SRP_Calc_A_param 332 EXIST::FUNCTION:SRP
+SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP
+SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP
+SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP
+SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP
+SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION:
+SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP
+SSL_set_debug 339 EXIST::FUNCTION:
+SSL_SESSION_get0_peer 340 EXIST::FUNCTION:
+TLSv1_2_client_method 341 EXIST::FUNCTION:
+SSL_SESSION_set1_id_context 342 EXIST::FUNCTION:
+TLSv1_2_server_method 343 EXIST::FUNCTION:
+SSL_cache_hit 344 EXIST::FUNCTION:
+SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5
+SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5
+SSL_SESSION_get0_id 347 NOEXIST::FUNCTION:
+SSL_set_state 348 EXIST::FUNCTION:
+SSL_CIPHER_get_id 349 EXIST::FUNCTION:
+TLSv1_2_method 350 EXIST::FUNCTION:
+SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION:
+kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5
+SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT
+SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION:
+SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:
+SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:
+SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_srtp_profiles 360 EXIST::FUNCTION:
+SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_SESSION_get_compress_id 362 EXIST::FUNCTION: