diff options
Diffstat (limited to 'lib/libcrypto/util')
-rw-r--r-- | lib/libcrypto/util/cygwin.sh | 12 | ||||
-rw-r--r-- | lib/libcrypto/util/libeay.num | 217 | ||||
-rw-r--r-- | lib/libcrypto/util/mk1mf.pl | 85 | ||||
-rw-r--r-- | lib/libcrypto/util/mkdef.pl | 40 | ||||
-rw-r--r-- | lib/libcrypto/util/mkfiles.pl | 2 | ||||
-rw-r--r-- | lib/libcrypto/util/pl/VC-32.pl | 79 | ||||
-rw-r--r-- | lib/libcrypto/util/ssleay.num | 61 |
7 files changed, 419 insertions, 77 deletions
diff --git a/lib/libcrypto/util/cygwin.sh b/lib/libcrypto/util/cygwin.sh index d6228521e66..cfdb04d2a48 100644 --- a/lib/libcrypto/util/cygwin.sh +++ b/lib/libcrypto/util/cygwin.sh @@ -11,6 +11,7 @@ CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5" INSTALL_PREFIX=/tmp/install/INSTALL VERSION= +SHLIB_VERSION_NUMBER= SUBVERSION=$1 function cleanup() @@ -28,6 +29,13 @@ function get_openssl_version() echo " Check value of variable VERSION in Makefile." exit 1 fi + eval `grep '^SHLIB_VERSION_NUMBER=' Makefile` + if [ -z "${SHLIB_VERSION_NUMBER}" ] + then + echo "Error: Couldn't retrieve OpenSSL shared lib version from Makefile." + echo " Check value of variable SHLIB_VERSION_NUMBER in Makefile." + exit 1 + fi } function base_install() @@ -124,7 +132,7 @@ strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so chmod u-w usr/lib/engines/*.so # Runtime package -tar cjf libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \ +tar cjf libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \ usr/bin/cyg*dll # Base package find etc usr/bin/openssl.exe usr/bin/c_rehash usr/lib/engines usr/share/doc \ @@ -139,7 +147,7 @@ tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 - ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2 ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -ls -l libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 +ls -l libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 cleanup diff --git a/lib/libcrypto/util/libeay.num b/lib/libcrypto/util/libeay.num index 1467ab62433..93f80ba0c64 100644 --- a/lib/libcrypto/util/libeay.num +++ b/lib/libcrypto/util/libeay.num @@ -1050,7 +1050,7 @@ ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION: ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION: ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION: ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION: -ERR_add_error_data 1081 EXIST::FUNCTION:BIO +ERR_add_error_data 1081 EXIST::FUNCTION: ERR_set_error_data 1082 EXIST::FUNCTION: EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION: EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION: @@ -2808,7 +2808,7 @@ FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: FIPS_selftest_des 3250 NOEXIST::FUNCTION: EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES -FIPS_mode_set 3253 NOEXIST::FUNCTION: +FIPS_mode_set 3253 EXIST::FUNCTION: FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES FIPS_allow_md5 3256 NOEXIST::FUNCTION: @@ -2838,23 +2838,23 @@ AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES FIPS_rand_check 3281 NOEXIST::FUNCTION: FIPS_md5_allowed 3282 NOEXIST::FUNCTION: -FIPS_mode 3283 NOEXIST::FUNCTION: +FIPS_mode 3283 EXIST::FUNCTION: FIPS_selftest_failed 3284 NOEXIST::FUNCTION: sk_is_sorted 3285 EXIST::FUNCTION: X509_check_ca 3286 EXIST::FUNCTION: -private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: +private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC -private_SHA_Init 3289 NOEXIST::FUNCTION: -private_CAST_set_key 3290 NOEXIST::FUNCTION: -private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: +private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0 +private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST +private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD private_RC5_32_set_key 3292 NOEXIST::FUNCTION: -private_MD5_Init 3293 NOEXIST::FUNCTION: -private_RC4_set_key 3294 NOEXIST::FUNCTION: -private_MDC2_Init 3295 NOEXIST::FUNCTION: -private_RC2_set_key 3296 NOEXIST::FUNCTION: -private_MD4_Init 3297 NOEXIST::FUNCTION: -private_BF_set_key 3298 NOEXIST::FUNCTION: -private_MD2_Init 3299 NOEXIST::FUNCTION: +private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5 +private_RC4_set_key 3294 EXIST::FUNCTION:RC4 +private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2 +private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2 +private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4 +private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF +private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2 d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: @@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA PKCS1_MGF1 3324 EXIST::FUNCTION:RSA -BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: +BN_X931_generate_Xpq 3325 EXIST::FUNCTION: RSA_X931_generate_key 3326 NOEXIST::FUNCTION: BN_X931_derive_prime 3327 NOEXIST::FUNCTION: BN_X931_generate_prime 3328 NOEXIST::FUNCTION: @@ -2906,7 +2906,7 @@ STORE_parse_attrs_start 3343 NOEXIST::FUNCTION: POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION: EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION: BN_nist_mod_192 3346 EXIST::FUNCTION: -EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC +EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M STORE_set_method 3348 NOEXIST::FUNCTION: GENERAL_SUBTREE_free 3349 EXIST::FUNCTION: NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: @@ -2921,14 +2921,14 @@ SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC BN_get0_nist_prime_192 3358 EXIST::FUNCTION: STORE_modify_certificate 3359 NOEXIST::FUNCTION: -EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC -BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION: +EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M +EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M +BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION: X509_keyid_get0 3363 EXIST::FUNCTION: ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE pitem_new 3365 EXIST::FUNCTION: -BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M STORE_list_public_key_endp 3367 NOEXIST::FUNCTION: o2i_ECPublicKey 3368 EXIST::FUNCTION:EC EC_KEY_copy 3369 EXIST::FUNCTION:EC @@ -2945,7 +2945,7 @@ X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION: EC_POINT_point2bn 3379 EXIST::FUNCTION:EC STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION: X509_policy_tree_get0_policies 3381 EXIST::FUNCTION: -EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC +EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M STORE_destroy_method 3383 NOEXIST::FUNCTION: ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC @@ -2961,7 +2961,7 @@ ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE pqueue_iterator 3394 EXIST::FUNCTION: ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA OPENSSL_DIR_end 3396 EXIST::FUNCTION: -BN_GF2m_mod_sqr 3397 EXIST::FUNCTION: +BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M EC_POINT_bn2point 3398 EXIST::FUNCTION:EC X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION: EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC @@ -2974,7 +2974,7 @@ EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC STORE_method_set_store_function 3406 NOEXIST::FUNCTION: STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION: PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC -EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC +EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION: BN_BLINDING_set_flags 3411 EXIST::FUNCTION: X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION: @@ -2982,10 +2982,10 @@ X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION: X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION: STORE_get_number 3415 NOEXIST::FUNCTION: ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA -BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M EC_KEY_up_ref 3418 EXIST::FUNCTION:EC POLICY_MAPPING_free 3419 EXIST::FUNCTION: -BN_GF2m_mod_div 3420 EXIST::FUNCTION: +BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION: EC_KEY_free 3422 EXIST::FUNCTION:EC STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION: @@ -2999,7 +2999,7 @@ STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION: pqueue_print 3428 EXIST::FUNCTION: EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API -BN_GF2m_mod_arr 3431 EXIST::FUNCTION: +BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION: EVP_PKEY_cmp 3433 EXIST::FUNCTION: X509_policy_level_node_count 3434 EXIST::FUNCTION: @@ -3020,7 +3020,7 @@ X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION: X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION: STORE_list_crl_end 3449 NOEXIST::FUNCTION: EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC -BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION: +BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API pqueue_find 3454 EXIST::FUNCTION: @@ -3037,7 +3037,7 @@ PKCS12_add_safes 3464 EXIST::FUNCTION: BN_BLINDING_convert_ex 3465 EXIST::FUNCTION: X509_policy_tree_free 3466 EXIST::FUNCTION: OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION: -BN_GF2m_poly2arr 3468 EXIST::FUNCTION: +BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M STORE_ctrl 3469 NOEXIST::FUNCTION: STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION: BN_get0_nist_prime_224 3471 EXIST::FUNCTION: @@ -3061,7 +3061,7 @@ STORE_method_set_delete_function 3486 NOEXIST::FUNCTION: STORE_list_certificate_next 3487 NOEXIST::FUNCTION: ASN1_generate_nconf 3488 EXIST::FUNCTION: BUF_memdup 3489 EXIST::FUNCTION: -BN_GF2m_mod_mul 3490 EXIST::FUNCTION: +BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION: STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION: STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION: @@ -3072,7 +3072,7 @@ STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION: STORE_get_private_key 3497 NOEXIST::FUNCTION: EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION: STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION: -EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC +EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION: STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION: STORE_store_number 3502 NOEXIST::FUNCTION: @@ -3088,7 +3088,7 @@ BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API EC_KEY_set_group 3512 EXIST::FUNCTION:EC BUF_strndup 3513 EXIST::FUNCTION: STORE_list_certificate_start 3514 NOEXIST::FUNCTION: -BN_GF2m_mod 3515 EXIST::FUNCTION: +BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M X509_REQ_check_private_key 3516 EXIST::FUNCTION: EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC ERR_load_STORE_strings 3518 NOEXIST::FUNCTION: @@ -3117,19 +3117,19 @@ STORE_method_set_get_function 3536 NOEXIST::FUNCTION: STORE_modify_number 3537 NOEXIST::FUNCTION: STORE_method_get_store_function 3538 NOEXIST::FUNCTION: STORE_store_private_key 3539 NOEXIST::FUNCTION: -BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M RSA_setup_blinding 3541 EXIST::FUNCTION:RSA BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM STORE_Memory 3543 NOEXIST::FUNCTION: sk_find_ex 3544 EXIST::FUNCTION: -EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC +EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION: -BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION: +BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH EC_KEY_generate_key 3550 EXIST::FUNCTION:EC SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 -BN_GF2m_arr2poly 3552 EXIST::FUNCTION: +BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M STORE_method_get_get_function 3553 NOEXIST::FUNCTION: STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION: STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION: @@ -3154,7 +3154,7 @@ EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC ASN1_generate_v3 3571 EXIST::FUNCTION: STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION: X509_policy_tree_level_count 3573 EXIST::FUNCTION: -BN_GF2m_add 3574 EXIST::FUNCTION: +BN_GF2m_add 3574 EXIST::FUNCTION:EC2M EC_KEY_get0_group 3575 EXIST::FUNCTION:EC STORE_generate_crl 3576 NOEXIST::FUNCTION: STORE_store_public_key 3577 NOEXIST::FUNCTION: @@ -3179,8 +3179,8 @@ STORE_store_certificate 3593 NOEXIST::FUNCTION: OBJ_bsearch_ex 3594 NOEXIST::FUNCTION: X509_STORE_CTX_set_default 3595 EXIST::FUNCTION: STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION: -BN_GF2m_mod_inv 3597 EXIST::FUNCTION: -BN_GF2m_mod_exp 3598 EXIST::FUNCTION: +BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M +BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M STORE_modify_public_key 3599 NOEXIST::FUNCTION: STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION: STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION: @@ -3188,7 +3188,7 @@ EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC STORE_store_arbitrary 3602 NOEXIST::FUNCTION: STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION: STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION: -BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION: +BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE STORE_create_method 3606 NOEXIST::FUNCTION: ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC @@ -3211,8 +3211,8 @@ EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC ASN1_const_check_infinite_end 3623 EXIST::FUNCTION: EVP_PKEY_delete_attr 3624 EXIST::FUNCTION: ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA -EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC +EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M +EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M EC_GROUP_cmp 3627 EXIST::FUNCTION:EC STORE_revoke_certificate 3628 NOEXIST::FUNCTION: BN_get0_nist_prime_256 3629 EXIST::FUNCTION: @@ -3241,7 +3241,7 @@ POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI STORE_get_ex_new_index 3650 NOEXIST::FUNCTION: EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION: X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION: -BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M SHA256 3654 EXIST::FUNCTION:SHA,SHA256 i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION: @@ -3249,8 +3249,8 @@ X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION: OPENSSL_DIR_read 3657 EXIST::FUNCTION: ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION: -EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC -EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC +EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M +EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M EC_GROUP_dup 3661 EXIST::FUNCTION:EC ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE EC_KEY_new 3663 EXIST::FUNCTION:EC @@ -3332,7 +3332,7 @@ STORE_list_certificate_end 3734 NOEXIST::FUNCTION: STORE_get_crl 3735 NOEXIST::FUNCTION: X509_POLICY_NODE_print 3736 EXIST::FUNCTION: SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 -EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC +EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512 PKCS7_set_digest 3741 EXIST::FUNCTION: @@ -3364,7 +3364,7 @@ BIO_dump_cb 3764 EXIST::FUNCTION: SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256 pqueue_insert 3766 EXIST::FUNCTION: pitem_free 3767 EXIST::FUNCTION: -BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: +BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED get_rfc3526_prime_8192 3771 EXIST::FUNCTION: @@ -3670,7 +3670,7 @@ int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION: int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION: FIPS_rng_stick 4058 NOEXIST::FUNCTION: EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION: -BN_X931_generate_prime_ex 4060 NOEXIST::FUNCTION: +BN_X931_generate_prime_ex 4060 EXIST::FUNCTION: FIPS_selftest_check 4061 NOEXIST::FUNCTION: FIPS_rand_set_dt 4062 NOEXIST::FUNCTION: CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION: @@ -3695,14 +3695,14 @@ FIPS_rand_test_mode 4081 NOEXIST::FUNCTION: FIPS_rand_reset 4082 NOEXIST::FUNCTION: FIPS_dsa_new 4083 NOEXIST::FUNCTION: int_RAND_set_callbacks 4084 NOEXIST::FUNCTION: -BN_X931_derive_prime_ex 4085 NOEXIST::FUNCTION: +BN_X931_derive_prime_ex 4085 EXIST::FUNCTION: int_ERR_lib_init 4086 NOEXIST::FUNCTION: int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION: FIPS_rsa_free 4088 NOEXIST::FUNCTION: FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION: CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION: -OPENSSL_init 4091 NOEXIST::FUNCTION: -private_Camellia_set_key 4092 NOEXIST::FUNCTION: +OPENSSL_init 4091 EXIST::FUNCTION: +private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA CRYPTO_strdup 4093 EXIST::FUNCTION: JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE @@ -4194,4 +4194,119 @@ OPENSSL_memcmp 4565 EXIST::FUNCTION: OPENSSL_strncasecmp 4566 EXIST::FUNCTION: OPENSSL_gmtime 4567 EXIST::FUNCTION: OPENSSL_gmtime_adj 4568 EXIST::FUNCTION: -ENGINE_load_aesni 4569 EXIST::FUNCTION:ENGINE +SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP +SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP +SRP_create_verifier 4571 EXIST::FUNCTION:SRP +SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP +SRP_Calc_u 4573 EXIST::FUNCTION:SRP +SRP_VBASE_free 4574 EXIST::FUNCTION:SRP +SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP +SRP_get_default_gN 4576 EXIST::FUNCTION:SRP +SRP_Calc_x 4577 EXIST::FUNCTION:SRP +SRP_Calc_B 4578 EXIST::FUNCTION:SRP +SRP_VBASE_new 4579 EXIST::FUNCTION:SRP +SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP +SRP_Calc_A 4581 EXIST::FUNCTION:SRP +SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP +SRP_VBASE_init 4583 EXIST::FUNCTION:SRP +SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP +EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC +EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC +EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES +EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION: +EVP_PKEY_meth_copy 4588 EXIST::FUNCTION: +ERR_add_error_vdata 4589 EXIST::FUNCTION: +EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES +EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES +EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +EC_KEY_get_flags 4593 EXIST::FUNCTION:EC +RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA +EVP_aes_128_xts 4595 EXIST::FUNCTION:AES +private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 +private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES +private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL +EVP_aes_256_xts 4599 EXIST::FUNCTION:AES +private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 +EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES +EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC +EC_KEY_set_flags 4603 EXIST::FUNCTION:EC +private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES +EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES +private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES +RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA +private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1 +EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES +private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED +EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES +X509_ALGOR_set_md 4612 EXIST::FUNCTION: +private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256 +RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION: +EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES +private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512 +EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES +CMAC_CTX_copy 4618 EXIST::FUNCTION: +CMAC_CTX_free 4619 EXIST::FUNCTION: +CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION: +CMAC_CTX_cleanup 4621 EXIST::FUNCTION: +CMAC_Init 4622 EXIST::FUNCTION: +CMAC_Update 4623 EXIST::FUNCTION: +CMAC_resume 4624 EXIST::FUNCTION: +CMAC_CTX_new 4625 EXIST::FUNCTION: +CMAC_Final 4626 EXIST::FUNCTION: +CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION: +CRYPTO_gcm128_release 4628 EXIST::FUNCTION: +CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION: +CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION: +CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION: +CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION: +EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4 +CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION: +CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION: +CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION: +EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1 +CRYPTO_gcm128_tag 4638 EXIST::FUNCTION: +CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION: +ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE +CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION: +CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION: +CRYPTO_gcm128_aad 4643 EXIST::FUNCTION: +CRYPTO_ccm128_init 4644 EXIST::FUNCTION: +CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION: +CRYPTO_gcm128_new 4646 EXIST::FUNCTION: +CRYPTO_ccm128_tag 4647 EXIST::FUNCTION: +CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION: +CRYPTO_ccm128_aad 4649 EXIST::FUNCTION: +CRYPTO_gcm128_init 4650 EXIST::FUNCTION: +CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION: +ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE +CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION: +CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION: +CRYPTO_gcm128_finish 4655 EXIST::FUNCTION: +EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1 +PKCS5_pbkdf2_set 4657 EXIST::FUNCTION: +CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS +CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS +CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS +RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION: +X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP +RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA +X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP +X509_signature_dump 4665 EXIST::FUNCTION:EVP +d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA +RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA +X509_sign_ctx 4669 EXIST::FUNCTION:EVP +i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA +ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP +EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +OPENSSL_stderr 4674 EXIST::FUNCTION: +OPENSSL_cpuid_setup 4675 EXIST::FUNCTION: +OPENSSL_showfatal 4676 EXIST::FUNCTION: +BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP +BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP +BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP +BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP +BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP +BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP diff --git a/lib/libcrypto/util/mk1mf.pl b/lib/libcrypto/util/mk1mf.pl index 1dcef2b8a24..458f830401e 100644 --- a/lib/libcrypto/util/mk1mf.pl +++ b/lib/libcrypto/util/mk1mf.pl @@ -18,6 +18,8 @@ local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic local $zlib_lib = ""; local $perl_asm = 0; # 1 to autobuild asm files from perl scripts +my $ex_l_libs = ""; + # Options to import from top level Makefile my %mf_import = ( @@ -40,7 +42,9 @@ my %mf_import = ( SHA1_ASM_OBJ => \$mf_sha_asm, RMD160_ASM_OBJ => \$mf_rmd_asm, WP_ASM_OBJ => \$mf_wp_asm, - CMLL_ENC => \$mf_cm_asm + CMLL_ENC => \$mf_cm_asm, + BASEADDR => \$baseaddr, + FIPSDIR => \$fipsdir, ); @@ -104,6 +108,7 @@ and [options] can be one of just-ssl - remove all non-ssl keys/digest no-asm - No x86 asm no-krb5 - No KRB5 + no-srp - No SRP no-ec - No EC no-ecdsa - No ECDSA no-ecdh - No ECDH @@ -228,6 +233,8 @@ else $cflags.=' -DTERMIO'; } +$fipsdir =~ s/\//${o}/g; + $out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":""); $tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":""); $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def; @@ -261,6 +268,7 @@ $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; +$cflags.=" -DOPENSSL_NO_SRP" if $no_srp; $cflags.=" -DOPENSSL_NO_CMS" if $no_cms; $cflags.=" -DOPENSSL_NO_ERR" if $no_err; $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; @@ -270,7 +278,9 @@ $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; $cflags.=" -DOPENSSL_NO_GOST" if $no_gost; $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; $cflags.=" -DOPENSSL_NO_HW" if $no_hw; +$cflags.=" -DOPENSSL_FIPS" if $fips; $cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; +$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m; $cflags.= " -DZLIB" if $zlib_opt; $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; @@ -404,6 +414,11 @@ else \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" EOF $ex_libs .= " $zlib_lib" if $zlib_opt == 1; + if ($fips) + { + $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; + $ex_l_libs .= " \$(O_FIPSCANISTER)"; + } } $defs= <<"EOF"; @@ -465,6 +480,18 @@ MKLIB=$bin_dir$mklib MLFLAGS=$mlflags ASM=$bin_dir$asm +# FIPS validated module and support file locations + +FIPSDIR=$fipsdir +BASEADDR=$baseaddr +FIPSLIB_D=\$(FIPSDIR)${o}lib +FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c +O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib +FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep} +E_PREMAIN_DSO=fips_premain_dso +PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep +FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl + ###################################################### # You should not need to touch anything below this point ###################################################### @@ -497,7 +524,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp -L_LIBS= \$(L_SSL) \$(L_CRYPTO) +L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs ###################################################### # Don't touch anything below this point @@ -513,7 +540,7 @@ LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) EOF $rules=<<"EOF"; -all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe +all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets banner: $banner @@ -629,6 +656,16 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); +# Special case rule for fips_premain_dso + +if ($fips) + { + $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", + "\$(FIPS_PREMAIN_SRC)", + "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", ""); + $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); + } + foreach (values %lib_nam) { $lib_obj=$lib_obj{$_}; @@ -677,7 +714,28 @@ foreach (split(/\s+/,$engines)) $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); -$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); + +if ($fips) + { + if ($shlib) + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", + "\$(O_CRYPTO)", "$crypto", + $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); + } + else + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ)", + "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); + $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", + "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); + } + } + else + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, + "\$(SO_CRYPTO)"); + } foreach (split(" ",$otherlibs)) { @@ -687,7 +745,7 @@ foreach (split(" ",$otherlibs)) } -$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); +$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0); print $defs; @@ -781,6 +839,8 @@ sub var_add @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; @a=grep(!/_mdc2$/,@a) if $no_mdc2; + @a=grep(!/(srp)/,@a) if $no_srp; + @a=grep(!/^engine$/,@a) if $no_engine; @a=grep(!/^hw$/,@a) if $no_hw; @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; @@ -939,14 +999,15 @@ sub Sasm_compile_target sub cc_compile_target { - local($target,$source,$ex_flags)=@_; + local($target,$source,$ex_flags, $srcd)=@_; local($ret); $ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/); $target =~ s/\//$o/g if $o ne "/"; $source =~ s/\//$o/g if $o ne "/"; - $ret ="$target: \$(SRC_D)$o$source\n\t"; - $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n"; + $srcd = "\$(SRC_D)$o" unless defined $srcd; + $ret ="$target: $srcd$source\n\t"; + $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n"; return($ret); } @@ -1056,8 +1117,11 @@ sub read_options "no-ssl2" => \$no_ssl2, "no-ssl3" => \$no_ssl3, "no-tlsext" => \$no_tlsext, + "no-srp" => \$no_srp, "no-cms" => \$no_cms, + "no-ec2m" => \$no_ec2m, "no-jpake" => \$no_jpake, + "no-ec_nistp_64_gcc_128" => 0, "no-err" => \$no_err, "no-sock" => \$no_sock, "no-krb5" => \$no_krb5, @@ -1067,11 +1131,12 @@ sub read_options "no-gost" => \$no_gost, "no-engine" => \$no_engine, "no-hw" => \$no_hw, + "no-rsax" => 0, "just-ssl" => [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5, - \$no_aes, \$no_camellia, \$no_seed], + \$no_aes, \$no_camellia, \$no_seed, \$no_srp], "rsaref" => 0, "gcc" => \$gcc, "debug" => \$debug, @@ -1079,6 +1144,7 @@ sub read_options "shlib" => \$shlib, "dll" => \$shlib, "shared" => 0, + "no-sctp" => 0, "no-gmp" => 0, "no-rfc3779" => 0, "no-montasm" => 0, @@ -1086,6 +1152,7 @@ sub read_options "no-store" => 0, "no-zlib" => 0, "no-zlib-dynamic" => 0, + "fips" => \$fips ); if (exists $valid_options{$_}) diff --git a/lib/libcrypto/util/mkdef.pl b/lib/libcrypto/util/mkdef.pl index ab473290974..9a8c7b87d1a 100644 --- a/lib/libcrypto/util/mkdef.pl +++ b/lib/libcrypto/util/mkdef.pl @@ -79,13 +79,15 @@ my $OS2=0; my $safe_stack_def = 0; my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", - "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); + "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" ); my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "SHA256", "SHA512", "RIPEMD", - "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", + "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M", "HMAC", "AES", "CAMELLIA", "SEED", "GOST", + # EC_NISTP_64_GCC_128 + "EC_NISTP_64_GCC_128", # Envelope "algorithms" "EVP", "X509", "ASN1_TYPEDEFS", # Helper "algorithms" @@ -98,7 +100,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", # RFC3779 "RFC3779", # TLS - "TLSEXT", "PSK", + "TLSEXT", "PSK", "SRP", "HEARTBEATS", # CMS "CMS", # CryptoAPI Engine @@ -107,8 +109,14 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "SSL2", # JPAKE "JPAKE", + # NEXTPROTONEG + "NEXTPROTONEG", # Deprecated functions - "DEPRECATED" ); + "DEPRECATED", + # Hide SSL internals + "SSL_INTERN", + # SCTP + "SCTP"); my $options=""; open(IN,"<Makefile") || die "unable to open Makefile!\n"; @@ -127,7 +135,10 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated; my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng; -my $no_jpake; my $no_ssl2; +my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; +my $no_nextprotoneg; my $no_sctp; + +my $fips; my $zlib; @@ -151,6 +162,7 @@ foreach (@ARGV, split(/ /, $options)) } $VMS=1 if $_ eq "VMS"; $OS2=1 if $_ eq "OS2"; + $fips=1 if /^fips/; if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic" || $_ eq "enable-zlib-dynamic") { $zlib = 1; @@ -215,9 +227,14 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-rfc3779$/) { $no_rfc3779=1; } elsif (/^no-tlsext$/) { $no_tlsext=1; } elsif (/^no-cms$/) { $no_cms=1; } + elsif (/^no-ec2m$/) { $no_ec2m=1; } + elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; } + elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; } elsif (/^no-ssl2$/) { $no_ssl2=1; } elsif (/^no-capieng$/) { $no_capieng=1; } elsif (/^no-jpake$/) { $no_jpake=1; } + elsif (/^no-srp$/) { $no_srp=1; } + elsif (/^no-sctp$/) { $no_sctp=1; } } @@ -254,8 +271,10 @@ $max_crypto = $max_num; my $ssl="ssl/ssl.h"; $ssl.=" ssl/kssl.h"; $ssl.=" ssl/tls1.h"; +$ssl.=" ssl/srtp.h"; my $crypto ="crypto/crypto.h"; +$crypto.=" crypto/cryptlib.h"; $crypto.=" crypto/o_dir.h"; $crypto.=" crypto/o_str.h"; $crypto.=" crypto/o_time.h"; @@ -285,6 +304,7 @@ $crypto.=" crypto/ec/ec.h" ; # unless $no_ec; $crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa; $crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh; $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac; +$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac; $crypto.=" crypto/engine/engine.h"; # unless $no_engine; $crypto.=" crypto/stack/stack.h" ; # unless $no_stack; @@ -319,6 +339,7 @@ $crypto.=" crypto/pqueue/pqueue.h"; $crypto.=" crypto/cms/cms.h"; $crypto.=" crypto/jpake/jpake.h"; $crypto.=" crypto/modes/modes.h"; +$crypto.=" crypto/srp/srp.h"; my $symhacks="crypto/symhacks.h"; @@ -1126,6 +1147,9 @@ sub is_valid if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { return 1; } + if ($keyword eq "OPENSSL_FIPS" && $fips) { + return 1; + } if ($keyword eq "ZLIB" && $zlib) { return 1; } return 0; } else { @@ -1172,9 +1196,15 @@ sub is_valid if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } if ($keyword eq "PSK" && $no_psk) { return 0; } if ($keyword eq "CMS" && $no_cms) { return 0; } + if ($keyword eq "EC2M" && $no_ec2m) { return 0; } + if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; } + if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc) + { return 0; } if ($keyword eq "SSL2" && $no_ssl2) { return 0; } if ($keyword eq "CAPIENG" && $no_capieng) { return 0; } if ($keyword eq "JPAKE" && $no_jpake) { return 0; } + if ($keyword eq "SRP" && $no_srp) { return 0; } + if ($keyword eq "SCTP" && $no_sctp) { return 0; } if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } # Nothing recognise as true diff --git a/lib/libcrypto/util/mkfiles.pl b/lib/libcrypto/util/mkfiles.pl index 6d158314509..7d9a9d5e5c9 100644 --- a/lib/libcrypto/util/mkfiles.pl +++ b/lib/libcrypto/util/mkfiles.pl @@ -15,6 +15,7 @@ my @dirs = ( "crypto/sha", "crypto/mdc2", "crypto/hmac", +"crypto/cmac", "crypto/ripemd", "crypto/des", "crypto/rc2", @@ -62,6 +63,7 @@ my @dirs = ( "crypto/pqueue", "crypto/whrlpool", "crypto/ts", +"crypto/srp", "ssl", "apps", "engines", diff --git a/lib/libcrypto/util/pl/VC-32.pl b/lib/libcrypto/util/pl/VC-32.pl index 5f25fc41bfa..c503bd52b9f 100644 --- a/lib/libcrypto/util/pl/VC-32.pl +++ b/lib/libcrypto/util/pl/VC-32.pl @@ -6,6 +6,16 @@ $ssl= "ssleay32"; $crypto="libeay32"; +if ($fips && !$shlib) + { + $crypto="libeayfips32"; + $crypto_compat = "libeaycompat32.lib"; + } +else + { + $crypto="libeay32"; + } + $o='\\'; $cp='$(PERL) util/copy.pl'; $mkdir='$(PERL) util/mkdir-p.pl'; @@ -33,7 +43,7 @@ if ($FLAVOR =~ /WIN64/) # considered safe to ignore. # $base_cflags= " $mf_cflag"; - my $f = $shlib?' /MD':' /MT'; + my $f = $shlib || $fips ?' /MD':' /MT'; $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib $opt_cflags=$f.' /Ox'; $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; @@ -114,7 +124,7 @@ elsif ($FLAVOR =~ /CE/) else # Win32 { $base_cflags= " $mf_cflag"; - my $f = $shlib?' /MD':' /MT'; + my $f = $shlib || $fips ?' /MD':' /MT'; $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib $opt_cflags=$f.' /Ox /O2 /Ob2'; $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; @@ -266,10 +276,19 @@ elsif ($shlib && $FLAVOR =~ /CE/) sub do_lib_rule { - local($objs,$target,$name,$shlib)=@_; + my($objs,$target,$name,$shlib,$ign,$base_addr) = @_; local($ret); $taget =~ s/\//$o/g if $o ne '/'; + my $base_arg; + if ($base_addr ne "") + { + $base_arg= " /base:$base_addr"; + } + else + { + $base_arg = ""; + } if ($name ne "") { $name =~ tr/a-z/A-Z/; @@ -277,17 +296,37 @@ sub do_lib_rule } # $target="\$(LIB_D)$o$target"; - $ret.="$target: $objs\n"; +# $ret.="$target: $objs\n"; if (!$shlib) { # $ret.="\t\$(RM) \$(O_$Name)\n"; + $ret.="$target: $objs\n"; $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n"; } else { local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; - $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n"; + + if ($fips && $target =~ /O_CRYPTO/) + { + $ret.="$target: $objs \$(PREMAIN_DSO_EXE)"; + $ret.="\n\tSET FIPS_LINK=\$(LINK)\n"; + $ret.="\tSET FIPS_CC=\$(CC)\n"; + $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; + $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n"; + $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; + $ret.="\tSET FIPS_TARGET=$target\n"; + $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; + $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target "; + $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) "; + $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n"; + } + else + { + $ret.="$target: $objs"; + $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n"; + } $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; } $ret.="\n"; @@ -296,15 +335,35 @@ sub do_lib_rule sub do_link_rule { - local($target,$files,$dep_libs,$libs)=@_; + my($target,$files,$dep_libs,$libs,$standalone)=@_; local($ret,$_); - $file =~ s/\//$o/g if $o ne '/'; $n=&bname($targer); $ret.="$target: $files $dep_libs\n"; - $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; - $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; - $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; + if ($standalone == 1) + { + $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; + $ret.= "\$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild); + $ret.="$files $libs\n<<\n"; + } + elsif ($standalone == 2) + { + $ret.="\tSET FIPS_LINK=\$(LINK)\n"; + $ret.="\tSET FIPS_CC=\$(CC)\n"; + $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; + $ret.="\tSET PREMAIN_DSO_EXE=\n"; + $ret.="\tSET FIPS_TARGET=$target\n"; + $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; + $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; + $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n"; + $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n"; + } + else + { + $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; + $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n"; + } + $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; return($ret); } diff --git a/lib/libcrypto/util/ssleay.num b/lib/libcrypto/util/ssleay.num index 15a58e7b13f..37655bc40a8 100644 --- a/lib/libcrypto/util/ssleay.num +++ b/lib/libcrypto/util/ssleay.num @@ -259,3 +259,64 @@ SSL_set_session_secret_cb 307 EXIST::FUNCTION: SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION: SSL_set1_param 309 EXIST::FUNCTION: SSL_CTX_set1_param 310 EXIST::FUNCTION: +SSL_tls1_key_exporter 311 NOEXIST::FUNCTION: +SSL_renegotiate_abbreviated 312 EXIST::FUNCTION: +TLSv1_1_method 313 EXIST::FUNCTION: +TLSv1_1_client_method 314 EXIST::FUNCTION: +TLSv1_1_server_method 315 EXIST::FUNCTION: +SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP +SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP +SSL_get_srp_g 317 EXIST::FUNCTION:SRP +SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP +SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP +SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP +SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP +SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP +SSL_get_srp_N 322 EXIST::FUNCTION:SRP +SSL_get_srp_username 323 EXIST::FUNCTION:SRP +SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP +SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP +SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP +SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP +SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION: +SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION: +SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP +SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP +SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP +SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP +SRP_Calc_A_param 332 EXIST::FUNCTION:SRP +SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP +SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP +SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP +SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP +SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP +SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP +SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP +SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION: +SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP +SSL_set_debug 339 EXIST::FUNCTION: +SSL_SESSION_get0_peer 340 EXIST::FUNCTION: +TLSv1_2_client_method 341 EXIST::FUNCTION: +SSL_SESSION_set1_id_context 342 EXIST::FUNCTION: +TLSv1_2_server_method 343 EXIST::FUNCTION: +SSL_cache_hit 344 EXIST::FUNCTION: +SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5 +SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5 +SSL_SESSION_get0_id 347 NOEXIST::FUNCTION: +SSL_set_state 348 EXIST::FUNCTION: +SSL_CIPHER_get_id 349 EXIST::FUNCTION: +TLSv1_2_method 350 EXIST::FUNCTION: +SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION: +kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5 +SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT +SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION: +SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG +SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG +SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG +SSL_get_selected_srtp_profile 357 EXIST::FUNCTION: +SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION: +SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG +SSL_get_srtp_profiles 360 EXIST::FUNCTION: +SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG +SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG +SSL_SESSION_get_compress_id 362 EXIST::FUNCTION: |