Date: Tue, 26 Feb 2019 05:59:23 +0000 (UTC) From: "Simon J. Gerraty" <sjg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r344564 - in head: contrib/bearssl contrib/bearssl/tools lib/libbearssl Message-ID: <201902260559.x1Q5xNb1088410@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sjg Date: Tue Feb 26 05:59:22 2019 New Revision: 344564 URL: https://svnweb.freebsd.org/changeset/base/344564 Log: Add libbearssl Disabled by default, used by loader and sbin/veriexec Reviewed by: emaste Sponsored by: Juniper Networks Differential Revision: D16334 Added: head/contrib/bearssl/ - copied from r343285, vendor/bearssl/dist/ head/lib/libbearssl/ head/lib/libbearssl/Makefile (contents, props changed) head/lib/libbearssl/Makefile.depend (contents, props changed) head/lib/libbearssl/Makefile.inc (contents, props changed) head/lib/libbearssl/Makefile.libsa.inc (contents, props changed) Modified: head/contrib/bearssl/tools/brssl.h head/contrib/bearssl/tools/xmem.c Modified: head/contrib/bearssl/tools/brssl.h ============================================================================== --- vendor/bearssl/dist/tools/brssl.h Mon Jan 21 20:58:33 2019 (r343285) +++ head/contrib/bearssl/tools/brssl.h Tue Feb 26 05:59:22 2019 (r344564) @@ -25,10 +25,15 @@ #ifndef BRSSL_H__ #define BRSSL_H__ +#ifndef _STANDALONE #include <stdio.h> #include <stdlib.h> #include <string.h> #include <stdint.h> + +#elif !defined(STAND_H) +#include <stand.h> +#endif #include "bearssl.h" Modified: head/contrib/bearssl/tools/xmem.c ============================================================================== --- vendor/bearssl/dist/tools/xmem.c Mon Jan 21 20:58:33 2019 (r343285) +++ head/contrib/bearssl/tools/xmem.c Tue Feb 26 05:59:22 2019 (r344564) @@ -35,9 +35,13 @@ xmalloc(size_t len) } buf = malloc(len); if (buf == NULL) { +#ifndef _STANDALONE fprintf(stderr, "ERROR: could not allocate %lu byte(s)\n", (unsigned long)len); exit(EXIT_FAILURE); +#else +; +#endif } return buf; } @@ -90,9 +94,13 @@ xpkeydup(const br_x509_pkey *pk) pk2->key.ec.qlen = pk->key.ec.qlen; break; default: +#ifndef _STANDALONE fprintf(stderr, "Unknown public key type: %u\n", (unsigned)pk->key_type); exit(EXIT_FAILURE); +#else +; +#endif } return pk2; } @@ -111,9 +119,13 @@ xfreepkey(br_x509_pkey *pk) xfree(pk->key.ec.q); break; default: +#ifndef _STANDALONE fprintf(stderr, "Unknown public key type: %u\n", (unsigned)pk->key_type); exit(EXIT_FAILURE); +#else +; +#endif } xfree(pk); } Added: head/lib/libbearssl/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libbearssl/Makefile Tue Feb 26 05:59:22 2019 (r344564) @@ -0,0 +1,277 @@ +# $FreeBSD$ + +# This is a reach over build of BearSSL (www.BearSSL.org) + +.include <src.opts.mk> + +LIB= bearssl + +# pick up SRCS used by libsa +.include "Makefile.libsa.inc" + +SRCS+= \ + codec/dec16be.c \ + codec/dec16le.c \ + codec/dec32le.c \ + codec/dec64le.c \ + codec/enc16be.c \ + codec/enc16le.c \ + codec/enc32le.c \ + codec/enc64le.c \ + codec/pemenc.c \ + ec/ec_all_m15.c \ + ec/ec_c25519_i15.c \ + ec/ec_c25519_i31.c \ + ec/ec_c25519_m15.c \ + ec/ec_curve25519.c \ + ec/ec_keygen.c \ + ec/ec_p256_m15.c \ + ec/ec_prime_i15.c \ + ec/ecdsa_default_sign_asn1.c \ + ec/ecdsa_default_sign_raw.c \ + ec/ecdsa_default_vrfy_raw.c \ + ec/ecdsa_i15_bits.c \ + ec/ecdsa_i15_sign_asn1.c \ + ec/ecdsa_i15_sign_raw.c \ + ec/ecdsa_i15_vrfy_asn1.c \ + ec/ecdsa_i15_vrfy_raw.c \ + ec/ecdsa_i31_sign_asn1.c \ + ec/ecdsa_i31_sign_raw.c \ + ec/ecdsa_rta.c \ + hash/dig_oid.c \ + hash/dig_size.c \ + hash/ghash_ctmul.c \ + hash/ghash_ctmul32.c \ + hash/ghash_ctmul64.c \ + hash/ghash_pwr8.c \ + hash/md5.c \ + hash/md5sha1.c \ + + +# this one does not compile for amd64 +# we do not need it +# hash/ghash_pclmul.c \ + +SRCS+= \ + int/i15_add.c \ + int/i15_bitlen.c \ + int/i15_decmod.c \ + int/i15_decode.c \ + int/i15_decred.c \ + int/i15_encode.c \ + int/i15_fmont.c \ + int/i15_iszero.c \ + int/i15_moddiv.c \ + int/i15_modpow.c \ + int/i15_modpow2.c \ + int/i15_montmul.c \ + int/i15_mulacc.c \ + int/i15_muladd.c \ + int/i15_ninv15.c \ + int/i15_reduce.c \ + int/i15_rshift.c \ + int/i15_sub.c \ + int/i15_tmont.c \ + int/i31_decred.c \ + int/i31_mulacc.c \ + int/i31_reduce.c \ + int/i32_add.c \ + int/i32_bitlen.c \ + int/i32_decmod.c \ + int/i32_decode.c \ + int/i32_decred.c \ + int/i32_encode.c \ + int/i32_fmont.c \ + int/i32_iszero.c \ + int/i32_modpow.c \ + int/i32_montmul.c \ + int/i32_mulacc.c \ + int/i32_muladd.c \ + int/i32_ninv32.c \ + int/i32_reduce.c \ + int/i32_sub.c \ + int/i32_tmont.c \ + +SRCS+= \ + kdf/hkdf.c \ + kdf/shake.c \ + +SRCS+= \ + rsa/rsa_default_keygen.c \ + rsa/rsa_default_modulus.c \ + rsa/rsa_default_pkcs1_sign.c \ + rsa/rsa_default_priv.c \ + rsa/rsa_default_privexp.c \ + rsa/rsa_default_pss_sign.c \ + rsa/rsa_default_pss_vrfy.c \ + rsa/rsa_default_pub.c \ + rsa/rsa_default_pubexp.c \ + rsa/rsa_i15_keygen.c \ + rsa/rsa_i15_modulus.c \ + rsa/rsa_i15_pkcs1_sign.c \ + rsa/rsa_i15_pkcs1_vrfy.c \ + rsa/rsa_i15_priv.c \ + rsa/rsa_i15_privexp.c \ + rsa/rsa_i15_pss_sign.c \ + rsa/rsa_i15_pss_vrfy.c \ + rsa/rsa_i15_pub.c \ + rsa/rsa_i15_pubexp.c \ + rsa/rsa_i31_keygen.c \ + rsa/rsa_i31_keygen_inner.c \ + rsa/rsa_i31_modulus.c \ + rsa/rsa_i31_pkcs1_sign.c \ + rsa/rsa_i31_priv.c \ + rsa/rsa_i31_privexp.c \ + rsa/rsa_i31_pss_sign.c \ + rsa/rsa_i31_pss_vrfy.c \ + rsa/rsa_i31_pubexp.c \ + rsa/rsa_i32_pkcs1_sign.c \ + rsa/rsa_i32_pkcs1_vrfy.c \ + rsa/rsa_i32_priv.c \ + rsa/rsa_i32_pss_sign.c \ + rsa/rsa_i32_pss_vrfy.c \ + rsa/rsa_i32_pub.c \ + rsa/rsa_i62_keygen.c \ + rsa/rsa_i62_pkcs1_sign.c \ + rsa/rsa_i62_priv.c \ + rsa/rsa_i62_pss_sign.c \ + rsa/rsa_i62_pss_vrfy.c \ + rsa/rsa_pkcs1_sig_pad.c \ + rsa/rsa_pss_sig_pad.c \ + rsa/rsa_pss_sig_unpad.c \ + rsa/rsa_ssl_decrypt.c \ + +SRCS+= \ + x509/encode_ec_pk8der.c \ + x509/encode_ec_rawder.c \ + x509/encode_rsa_pk8der.c \ + x509/encode_rsa_rawder.c \ + x509/skey_decoder.c \ + x509/x509_knownkey.c \ + x509/x509_minimal_full.c \ + +INCS= \ + inc/bearssl.h \ + inc/bearssl_aead.h \ + inc/bearssl_block.h \ + inc/bearssl_ec.h \ + inc/bearssl_hash.h \ + inc/bearssl_hmac.h \ + inc/bearssl_kdf.h \ + inc/bearssl_pem.h \ + inc/bearssl_prf.h \ + inc/bearssl_rand.h \ + inc/bearssl_rsa.h \ + inc/bearssl_ssl.h \ + inc/bearssl_x509.h \ + +INCS:= ${INCS:S,^,${BEARSSL}/,} + + +.if ${MK_BEARSSL_SSL:Uno} == "yes" +SRCS+= \ + mac/hmac.c \ + mac/hmac_ct.c \ + rand/hmac_drbg.c \ + ssl/prf.c \ + ssl/prf_md5sha1.c \ + ssl/prf_sha256.c \ + ssl/prf_sha384.c \ + ssl/ssl_ccert_single_ec.c \ + ssl/ssl_ccert_single_rsa.c \ + ssl/ssl_client.c \ + ssl/ssl_client_default_rsapub.c \ + ssl/ssl_client_full.c \ + ssl/ssl_engine.c \ + ssl/ssl_engine_default_aescbc.c \ + ssl/ssl_engine_default_aesccm.c \ + ssl/ssl_engine_default_aesgcm.c \ + ssl/ssl_engine_default_chapol.c \ + ssl/ssl_engine_default_descbc.c \ + ssl/ssl_engine_default_ec.c \ + ssl/ssl_engine_default_ecdsa.c \ + ssl/ssl_engine_default_rsavrfy.c \ + ssl/ssl_hashes.c \ + ssl/ssl_hs_client.c \ + ssl/ssl_hs_server.c \ + ssl/ssl_io.c \ + ssl/ssl_lru.c \ + ssl/ssl_rec_cbc.c \ + ssl/ssl_rec_ccm.c \ + ssl/ssl_rec_chapol.c \ + ssl/ssl_rec_gcm.c \ + ssl/ssl_scert_single_ec.c \ + ssl/ssl_scert_single_rsa.c \ + ssl/ssl_server.c \ + ssl/ssl_server_full_ec.c \ + ssl/ssl_server_full_rsa.c \ + ssl/ssl_server_mine2c.c \ + ssl/ssl_server_mine2g.c \ + ssl/ssl_server_minf2c.c \ + ssl/ssl_server_minf2g.c \ + ssl/ssl_server_minr2g.c \ + ssl/ssl_server_minu2g.c \ + ssl/ssl_server_minv2g.c \ + +SRCS+= \ + symcipher/aes_big_cbcdec.c \ + symcipher/aes_big_cbcenc.c \ + symcipher/aes_big_ctr.c \ + symcipher/aes_big_dec.c \ + symcipher/aes_big_enc.c \ + symcipher/aes_common.c \ + symcipher/aes_ct.c \ + symcipher/aes_ct64.c \ + symcipher/aes_ct64_cbcdec.c \ + symcipher/aes_ct64_cbcenc.c \ + symcipher/aes_ct64_ctr.c \ + symcipher/aes_ct64_dec.c \ + symcipher/aes_ct64_enc.c \ + symcipher/aes_ct_cbcdec.c \ + symcipher/aes_ct_cbcenc.c \ + symcipher/aes_ct_ctr.c \ + symcipher/aes_ct_dec.c \ + symcipher/aes_ct_enc.c \ + symcipher/aes_pwr8.c \ + symcipher/aes_pwr8_cbcdec.c \ + symcipher/aes_pwr8_cbcenc.c \ + symcipher/aes_pwr8_ctr.c \ + symcipher/aes_pwr8_ctrcbc.c \ + symcipher/aes_small_cbcdec.c \ + symcipher/aes_small_cbcenc.c \ + symcipher/aes_small_ctr.c \ + symcipher/aes_small_dec.c \ + symcipher/aes_small_enc.c \ + symcipher/aes_x86ni.c \ + symcipher/aes_x86ni_cbcdec.c \ + symcipher/aes_x86ni_cbcenc.c \ + symcipher/aes_x86ni_ctr.c \ + symcipher/chacha20_ct.c \ + symcipher/des_ct.c \ + symcipher/des_ct_cbcdec.c \ + symcipher/des_ct_cbcenc.c \ + symcipher/des_support.c \ + symcipher/des_tab.c \ + symcipher/des_tab_cbcdec.c \ + symcipher/des_tab_cbcenc.c \ + symcipher/poly1305_ctmul.c \ + symcipher/poly1305_ctmul32.c \ + symcipher/poly1305_ctmulq.c \ + symcipher/poly1305_i15.c \ + +.endif + +.include <bsd.lib.mk> + +.if ${MACHINE} == "host" +CWARNFLAGS+= -Wno-error +.endif +XCFLAGS.gcc.rsa_i62_keygen+= -Wno-error +XCFLAGS.i15_moddiv+= -Wno-shadow +XCFLAGS.i31_moddiv+= -Wno-shadow +XCFLAGS.i62_modpow2+= -Wno-cast-align +XCFLAGS.x509_minimal+= -Wno-cast-qual + +CFLAGS+= ${XCFLAGS.${.TARGET:T:R}:U} \ + ${XCFLAGS.${COMPILER_TYPE}.${.TARGET:T:R}:U} + Added: head/lib/libbearssl/Makefile.depend ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libbearssl/Makefile.depend Tue Feb 26 05:59:22 2019 (r344564) @@ -0,0 +1,17 @@ +# $FreeBSD$ +# Autogenerated - do NOT edit! + +DIRDEPS = \ + gnu/lib/csu \ + include \ + include/xlocale \ + lib/${CSU_DIR} \ + lib/libc \ + lib/libcompiler_rt \ + + +.include <dirdeps.mk> + +.if ${DEP_RELDIR} == ${_DEP_RELDIR} +# local dependencies - needed for -jN in clean tree +.endif Added: head/lib/libbearssl/Makefile.inc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libbearssl/Makefile.inc Tue Feb 26 05:59:22 2019 (r344564) @@ -0,0 +1,7 @@ +# $FreeBSD$ + +BEARSSL?= ${SRCTOP}/contrib/bearssl +BEARSSL_SRC= ${BEARSSL}/src + +CFLAGS+= -I${BEARSSL}/inc + Added: head/lib/libbearssl/Makefile.libsa.inc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libbearssl/Makefile.libsa.inc Tue Feb 26 05:59:22 2019 (r344564) @@ -0,0 +1,86 @@ +# $FreeBSD$ + +# This file is included by libsa +# It contains SRCS needed for loader + +.PATH: ${.PARSEDIR} + +.include "Makefile.inc" + +.PATH: ${BEARSSL_SRC} + +CFLAGS+= -I${BEARSSL_SRC} + +# we do not need/want nested objdirs +OBJS_SRCS_FILTER = T R + +# we list only the srcs the loader(s) actually needs +SRCS+= \ + codec/ccopy.c \ + codec/dec32be.c \ + codec/dec64be.c \ + codec/enc32be.c \ + codec/enc64be.c \ + codec/pemdec.c \ + +SRCS+= \ + ec/ec_all_m31.c \ + ec/ec_c25519_m31.c \ + ec/ec_c25519_m62.c \ + ec/ec_c25519_m64.c \ + ec/ec_default.c \ + ec/ec_p256_m31.c \ + ec/ec_p256_m62.c \ + ec/ec_p256_m64.c \ + ec/ec_prime_i31.c \ + ec/ec_pubkey.c \ + ec/ec_secp256r1.c \ + ec/ec_secp384r1.c \ + ec/ec_secp521r1.c \ + ec/ecdsa_atr.c \ + ec/ecdsa_default_vrfy_asn1.c \ + ec/ecdsa_i31_bits.c \ + ec/ecdsa_i31_vrfy_asn1.c \ + ec/ecdsa_i31_vrfy_raw.c \ + +# Note: sha1 is needed for OpenPGP (keyId) +SRCS+= \ + hash/multihash.c \ + hash/sha1.c \ + hash/sha2big.c \ + hash/sha2small.c \ + +SRCS+= \ + int/i31_add.c \ + int/i31_bitlen.c \ + int/i31_decmod.c \ + int/i31_decode.c \ + int/i31_encode.c \ + int/i31_fmont.c \ + int/i31_iszero.c \ + int/i31_moddiv.c \ + int/i31_modpow.c \ + int/i31_modpow2.c \ + int/i31_montmul.c \ + int/i31_muladd.c \ + int/i31_ninv31.c \ + int/i31_rshift.c \ + int/i31_sub.c \ + int/i31_tmont.c \ + int/i32_div32.c \ + int/i62_modpow2.c \ + +SRCS+= \ + rsa/rsa_default_pkcs1_vrfy.c \ + rsa/rsa_i31_pkcs1_vrfy.c \ + rsa/rsa_i31_pub.c \ + rsa/rsa_i62_pkcs1_vrfy.c \ + rsa/rsa_i62_pub.c \ + rsa/rsa_pkcs1_sig_unpad.c \ + + +SRCS+= \ + x509/asn1enc.c \ + x509/x509_decoder.c \ + x509/x509_minimal.c \ +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201902260559.x1Q5xNb1088410>