Site Navigation

Date:      Thu, 20 Jul 2023 19:16:16 GMT
From:      Ed Maste <emaste@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 1c42ed54bfe2 - main - libcrypto: add missing symbols to the FIPS provider
Message-ID:  <202307201916.36KJGGWE087158@gitrepo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

The branch main has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=1c42ed54bfe2d3255ab4df4245de4b97c1064e40

commit 1c42ed54bfe2d3255ab4df4245de4b97c1064e40
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2023-07-20 18:16:14 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-07-20 19:05:12 +0000

    libcrypto: add missing symbols to the FIPS provider
    
    The fips.so provider module exposing FIPS-validated algorithms was still
    missing a number of symbols.
    
    PR:             272454
    Reviewed by:    markj
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D41018
---
 secure/lib/libcrypto/modules/fips/Makefile | 73 ++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)

diff --git a/secure/lib/libcrypto/modules/fips/Makefile b/secure/lib/libcrypto/modules/fips/Makefile
index c8b79e3badfd..d41e3bcfe294 100644
--- a/secure/lib/libcrypto/modules/fips/Makefile
+++ b/secure/lib/libcrypto/modules/fips/Makefile
@@ -32,6 +32,28 @@ SRCS+=	ppccpuid.S ppccap.c
 SRCS+=	mem_clr.c
 .endif
 
+# crypto/aes
+SRCS+=	aes_cbc.c aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c
+.if defined(ASM_aarch64)
+SRCS+=	aes_core.c aesv8-armx.S vpaes-armv8.S
+ACFLAGS.aesv8-armx.S=	-march=armv8-a+crypto
+.elif defined(ASM_amd64)
+SRCS+=	aes_core.c aesni-mb-x86_64.S aesni-sha1-x86_64.S aesni-sha256-x86_64.S
+SRCS+=	aesni-x86_64.S vpaes-x86_64.S
+.elif defined(ASM_arm)
+SRCS+=	aes-armv4.S aesv8-armx.S bsaes-armv7.S
+.elif defined(ASM_i386)
+SRCS+=	aes_core.c aesni-x86.S vpaes-x86.S
+.elif defined(ASM_powerpc)
+SRCS+=	aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S
+.elif defined(ASM_powerpc64)
+SRCS+=	aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S
+.elif defined(ASM_powerpc64le)
+SRCS+=	aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S
+.else
+SRCS+=	aes_core.c
+.endif
+
 # crypto/bn
 SRCS+=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \
 	bn_mod.c bn_conv.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
@@ -57,6 +79,20 @@ SRCS+=	bn_ppc.c bn-ppc.S ppc-mont.S
 SRCS+=	bn_asm.c
 .endif
 
+# crypto/buffer
+SRCS+=	buffer.c
+
+# crypto/cmac
+SRCS+=	cmac.c
+
+# crypto/des
+SRCS+=	set_key.c ecb3_enc.c
+.if defined(ASM_i386)
+SRCS+=	crypt586.S des-586.S
+.else
+SRCS+=	des_enc.c fcrypt_b.c
+.endif
+
 # crypto/dh
 SRCS+=	dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c \
 	dh_kdf.c
@@ -109,12 +145,38 @@ SRCS+=	ffc_params.c ffc_params_generate.c ffc_key_generate.c \
 	ffc_params_validate.c ffc_key_validate.c ffc_backend.c \
 	ffc_dh.c
 
+# crypto/hmac
+SRCS+=	hmac.c
+
 # crypto/lhash
 SRCS+=	lhash.c
 
+# crypto/modes
+SRCS+=	cbc128.c ctr128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c
+SRCS+=	wrap128.c
+.if defined(ASM_aarch64)
+SRCS+=	ghashv8-armx.S aes-gcm-armv8_64.S
+ACFLAGS.ghashv8-armx.S=	-march=armv8-a+crypto
+.elif defined(ASM_amd64)
+SRCS+=	aesni-gcm-x86_64.S ghash-x86_64.S
+.elif defined(ASM_arm)
+SRCS+=	ghash-armv4.S ghashv8-armx.S
+.elif defined(ASM_i386)
+SRCS+=	ghash-x86.S
+.elif defined(ASM_powerpc)
+SRCS+=	ghashp8-ppc.S
+.elif defined(ASM_powerpc64)
+SRCS+=	ghashp8-ppc.S
+.elif defined(ASM_powerpc64le)
+SRCS+=	ghashp8-ppc.S
+.endif
+
 # crypto/property
 SRCS+=	property_string.c property_parse.c property_query.c property.c defn_cache.c
 
+# crypto/rand
+SRCS+=	rand_lib.c
+
 # crypto/rsa
 SRCS+=	rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \
 	rsa_none.c rsa_oaep.c rsa_chk.c rsa_pss.c rsa_x931.c rsa_crpt.c \
@@ -143,6 +205,9 @@ SRCS+=	keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p
 SRCS+=	keccak1600.c
 .endif
 
+# crypto/stack
+SRCS+=	stack.c
+
 # common
 SRCS+=	capabilities.c bio_prov.c digest_to_nid.c \
 	securitycheck.c provider_seeding.c
@@ -243,17 +308,25 @@ SRCS+=	record/tls_pad.c s3_cbc.c
 .endif
 
 .PATH:	${LCRYPTO_SRC}/crypto \
+	${LCRYPTO_SRC}/crypto/aes \
 	${LCRYPTO_SRC}/crypto/bio \
 	${LCRYPTO_SRC}/crypto/bn \
+	${LCRYPTO_SRC}/crypto/buffer \
+	${LCRYPTO_SRC}/crypto/cmac \
+	${LCRYPTO_SRC}/crypto/des \
 	${LCRYPTO_SRC}/crypto/dh \
 	${LCRYPTO_SRC}/crypto/dsa \
 	${LCRYPTO_SRC}/crypto/ec \
 	${LCRYPTO_SRC}/crypto/evp \
 	${LCRYPTO_SRC}/crypto/ffc \
+	${LCRYPTO_SRC}/crypto/hmac \
 	${LCRYPTO_SRC}/crypto/lhash \
+	${LCRYPTO_SRC}/crypto/modes \
 	${LCRYPTO_SRC}/crypto/property \
+	${LCRYPTO_SRC}/crypto/rand \
 	${LCRYPTO_SRC}/crypto/rsa \
 	${LCRYPTO_SRC}/crypto/sha \
+	${LCRYPTO_SRC}/crypto/stack \
 	${LCRYPTO_SRC}/providers/fips \
 	${LCRYPTO_SRC}/providers/common/der \
 	${LCRYPTO_SRC}/providers/implementations/asymciphers \

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202307201916.36KJGGWE087158>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact