From nobody Tue Jul 4 20:38:49 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QwZQ15hcHz4mFVw; Tue, 4 Jul 2023 20:38:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QwZQ15XBTz3Nvj; Tue, 4 Jul 2023 20:38:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1688503129; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lkIv7MYQd9QbuXJhdXlJKQco3HIfin5qW6YnJciuxV4=; b=nKq05o9vfmpqDWBC0W/Lr+chyeVg++vWd8Hpep5aQT7rqj5Bd0saZ1pXk5AQtvnWqyS/F2 4LuijNxwXZuHlI2Hg9EMQolm7objDPLAIzDJgIP/+LBWhD0afouIJDwEpd6wpEHMjJ8VF7 6kgZF80ZIV7llDZbrKJ2ZwIymPArzCGI0lC0lDEnBxdT4Ha2pCsHy/iyBy+qHC483KDQK8 YJ/o/QvmsU6EQbdDO/HCHabD/9mIIHTpglrHl9JPNCW8yQ6b2v2EnPOaVHG8qL4KNV4WEg LEm1+wQ1dVPCMuuLnH1y+MHcPg0Qf8/i4en7NE4Z8UB6hj2hQIPtMn1ZVWEkPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1688503129; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lkIv7MYQd9QbuXJhdXlJKQco3HIfin5qW6YnJciuxV4=; b=hiSFXgV2EetRNiwE5wM5EYecvJnb+neTdkTcG4gMkD4nbSs4B2sFyNdfdZgsVkOO9KJizQ TnYyuSyClzGEDrCSCA7HZ8aNHk+9/xJC+LV4bQwZ/ZL15+TbnOzCT4fMXoIHEsIPjd61zJ zVFNXnNVpsRrNFQeP2vauKcOWTRKEj03F8n1OabwVI+7B/IEbvIXU6F1drPJDhJjqYvOVb eJea5q9l4r/5tSwWBA53B3mKgUwMWeY/2AF1Dxvdv31SZk5/QmoSLGFnM0mOVcujhzm5Wf U3Eumybs1ukImCvAKyUF4SWerStiena8QpAceYfZoIsWrkdxhXzfV96APckUFw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1688503129; a=rsa-sha256; cv=none; b=Vybgg4xFkfw2650c0Uykbv2zfOWj9vYUOlIL/BiTykFpQnfAvTOuhGTX/ET2mCZkzSrkX1 M3l++Io75ACJEJ2/q2ag8dgUG6e1bhH/NvTwaTz2Aiq6jDvDTjleV9mDlGgRSUksU58CSb gQ4c4vsGNRGt57dzGhJJSHHcBmX/GriJ8Q+/WjxAjnvVKyOtsx4hjPZPwFYJGNDgiMMVmb enZaFqolNc2tjF4y7aID25MajrUL7RNrj5e6dBDz+7cTmdR4H+tCfTnSmz6d+kbN3n5K2w Z/1PjXph4JPMSgjiuJ5j9x1Cbj8MR4334U5BFRn8I0pVzl2wm1PIsfoxvteT6A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QwZQ14cYbzmfd; Tue, 4 Jul 2023 20:38:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 364KcnYF030344; Tue, 4 Jul 2023 20:38:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 364KcnZe030343; Tue, 4 Jul 2023 20:38:49 GMT (envelope-from git) Date: Tue, 4 Jul 2023 20:38:49 GMT Message-Id: <202307042038.364KcnZe030343@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 8e7046ff29a0 - main - libcrypto: Revert recent changes to fix legacy and fips providers List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8e7046ff29a09852584b87f5237c230283023e11 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8e7046ff29a09852584b87f5237c230283023e11 commit 8e7046ff29a09852584b87f5237c230283023e11 Author: Mark Johnston AuthorDate: 2023-07-04 20:37:21 +0000 Commit: Mark Johnston CommitDate: 2023-07-04 20:38:26 +0000 libcrypto: Revert recent changes to fix legacy and fips providers They break the !amd64 builds due to an underspecified include path and will be re-applied once that's fixed. Reported by: Ronald Klop --- crypto/openssl/crypto/bn/bn_const.c | 2 - secure/lib/libcrypto/Makefile.common | 102 ----------- secure/lib/libcrypto/Makefile.inc | 103 ++++++++++- secure/lib/libcrypto/modules/Makefile.inc | 7 +- secure/lib/libcrypto/modules/fips/Makefile | 263 +-------------------------- secure/lib/libcrypto/modules/legacy/Makefile | 30 +-- 6 files changed, 107 insertions(+), 400 deletions(-) diff --git a/crypto/openssl/crypto/bn/bn_const.c b/crypto/openssl/crypto/bn/bn_const.c index bc7ede575d62..a36e0ac792dd 100644 --- a/crypto/openssl/crypto/bn/bn_const.c +++ b/crypto/openssl/crypto/bn/bn_const.c @@ -82,12 +82,10 @@ BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn) * RFC2312 specifies a generator of 22. */ -#ifndef FIPS_MODULE BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) { return COPY_BN(bn, ossl_bignum_modp_1536_p); } -#endif /*- * "2048-bit MODP Group" from RFC3526, Section 3. diff --git a/secure/lib/libcrypto/Makefile.common b/secure/lib/libcrypto/Makefile.common deleted file mode 100644 index ff9050e72370..000000000000 --- a/secure/lib/libcrypto/Makefile.common +++ /dev/null @@ -1,102 +0,0 @@ -# $FreeBSD$ - -.include - -.if ${TARGET_ENDIANNESS} == 1234 -CFLAGS+= -DL_ENDIAN -.elif ${TARGET_ENDIANNESS} == 4321 -CFLAGS+= -DB_ENDIAN -.endif - -.if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64" || \ - ${MACHINE_CPUARCH} == "arm" || ${MACHINE_CPUARCH} == "i386" -ASM_${MACHINE_CPUARCH}= -.elif ${MACHINE_ARCH} == "powerpc" || ${MACHINE_ARCH} == "powerpc64" || \ - ${MACHINE_ARCH} == "powerpc64le" -ASM_${MACHINE_ARCH}= -.endif - -.if defined(ASM_${MACHINE_CPUARCH}) || defined(ASM_${MACHINE_ARCH}) -CFLAGS+= -DOPENSSL_CPUID_OBJ -.if defined(ASM_aarch64) -CFLAGS+= -DOPENSSL_BN_ASM_MONT -CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -CFLAGS+= -DKECCAK1600_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DECP_NISTZ256_ASM -CFLAGS+= -DPOLY1305_ASM -.elif defined(ASM_amd64) -CFLAGS+= -DOPENSSL_IA32_SSE2 -CFLAGS+= -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -CFLAGS+= -DOPENSSL_BN_ASM_GF2m -CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -CFLAGS+= -DKECCAK1600_ASM -CFLAGS+= -DRC4_ASM -CFLAGS+= -DMD5_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DGHASH_ASM -CFLAGS+= -DECP_NISTZ256_ASM -DX25519_ASM -CFLAGS+= -DPADLOCK_ASM -CFLAGS+= -DPOLY1305_ASM -.elif defined(ASM_arm) -CFLAGS+= -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -CFLAGS+= -DKECCAK1600_ASM -CFLAGS+= -DBSAES_ASM -CFLAGS+= -DGHASH_ASM -CFLAGS+= -DECP_NISTZ256_ASM -CFLAGS+= -DPOLY1305_ASM -.elif defined(ASM_i386) -CFLAGS+= -DOPENSSL_IA32_SSE2 -CFLAGS+= -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -CFLAGS+= -DOPENSSL_BN_ASM_GF2m -CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -CFLAGS+= -DRC4_ASM -CFLAGS+= -DMD5_ASM -CFLAGS+= -DRMD160_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DWHIRLPOOL_ASM -CFLAGS+= -DGHASH_ASM -CFLAGS+= -DECP_NISTZ256_ASM -CFLAGS+= -DPADLOCK_ASM -CFLAGS+= -DPOLY1305_ASM -.elif defined(ASM_powerpc) -CFLAGS+= -DOPENSSL_BN_ASM_MONT -CFLAGS+= -DAES_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DSHA1_ASM -CFLAGS+= -DSHA256_ASM -CFLAGS+= -DSHA512_ASM -CFLAGS+= -DPOLY1305_ASM -.elif defined(ASM_powerpc64) -CFLAGS+= -DOPENSSL_BN_ASM_MONT -CFLAGS+= -DAES_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DSHA1_ASM -CFLAGS+= -DSHA256_ASM -CFLAGS+= -DSHA512_ASM -CFLAGS+= -DPOLY1305_ASM -CFLAGS+= -DECP_NISTZ256_ASM -CFLAGS+= -DX25519_ASM -CFLAGS+= -DKECCAK1600_ASM -.elif defined(ASM_powerpc64le) -CFLAGS+= -DOPENSSL_BN_ASM_MONT -CFLAGS+= -DAES_ASM -CFLAGS+= -DVPAES_ASM -CFLAGS+= -DSHA1_ASM -CFLAGS+= -DSHA256_ASM -CFLAGS+= -DSHA512_ASM -CFLAGS+= -DPOLY1305_ASM -CFLAGS+= -DECP_NISTZ256_ASM -CFLAGS+= -DX25519_ASM -CFLAGS+= -DKECCAK1600_ASM -.endif -.endif - -MANDIR= ${SHAREDIR}/openssl/man/man - -CFLAGS+= -DOPENSSLDIR="\"/etc/ssl\"" -CFLAGS+= -DENGINESDIR="\"${LIBDIR}/engines-3\"" -CFLAGS+= -DMODULESDIR="\"${LIBDIR}/ossl-modules\"" - -CFLAGS+= -DNDEBUG diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc index d462d9f82857..d995fb2a0cb2 100644 --- a/secure/lib/libcrypto/Makefile.inc +++ b/secure/lib/libcrypto/Makefile.inc @@ -14,7 +14,108 @@ CFLAGS+= -I${LCRYPTO_SRC}/include CFLAGS+= -I${LCRYPTO_SRC}/providers/common/include CFLAGS+= -I${LCRYPTO_SRC}/providers/implementations/include -.include "Makefile.common" +.include + +.if ${TARGET_ENDIANNESS} == 1234 +CFLAGS+= -DL_ENDIAN +.elif ${TARGET_ENDIANNESS} == 4321 +CFLAGS+= -DB_ENDIAN +.endif + +.if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64" || \ + ${MACHINE_CPUARCH} == "arm" || ${MACHINE_CPUARCH} == "i386" +ASM_${MACHINE_CPUARCH}= +.elif ${MACHINE_ARCH} == "powerpc" || ${MACHINE_ARCH} == "powerpc64" || \ + ${MACHINE_ARCH} == "powerpc64le" +ASM_${MACHINE_ARCH}= +.endif + +.if defined(ASM_${MACHINE_CPUARCH}) || defined(ASM_${MACHINE_ARCH}) +CFLAGS+= -DOPENSSL_CPUID_OBJ +.if defined(ASM_aarch64) +CFLAGS+= -DOPENSSL_BN_ASM_MONT +CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM +CFLAGS+= -DKECCAK1600_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DECP_NISTZ256_ASM +CFLAGS+= -DPOLY1305_ASM +.elif defined(ASM_amd64) +CFLAGS+= -DOPENSSL_IA32_SSE2 +CFLAGS+= -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 +CFLAGS+= -DOPENSSL_BN_ASM_GF2m +CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM +CFLAGS+= -DKECCAK1600_ASM +CFLAGS+= -DRC4_ASM +CFLAGS+= -DMD5_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DGHASH_ASM +CFLAGS+= -DECP_NISTZ256_ASM -DX25519_ASM +CFLAGS+= -DPADLOCK_ASM +CFLAGS+= -DPOLY1305_ASM +.elif defined(ASM_arm) +CFLAGS+= -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m +CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM +CFLAGS+= -DKECCAK1600_ASM +CFLAGS+= -DBSAES_ASM +CFLAGS+= -DGHASH_ASM +CFLAGS+= -DECP_NISTZ256_ASM +CFLAGS+= -DPOLY1305_ASM +.elif defined(ASM_i386) +CFLAGS+= -DOPENSSL_IA32_SSE2 +CFLAGS+= -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT +CFLAGS+= -DOPENSSL_BN_ASM_GF2m +CFLAGS+= -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM +CFLAGS+= -DRC4_ASM +CFLAGS+= -DMD5_ASM +CFLAGS+= -DRMD160_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DWHIRLPOOL_ASM +CFLAGS+= -DGHASH_ASM +CFLAGS+= -DECP_NISTZ256_ASM +CFLAGS+= -DPADLOCK_ASM +CFLAGS+= -DPOLY1305_ASM +.elif defined(ASM_powerpc) +CFLAGS+= -DOPENSSL_BN_ASM_MONT +CFLAGS+= -DAES_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DSHA1_ASM +CFLAGS+= -DSHA256_ASM +CFLAGS+= -DSHA512_ASM +CFLAGS+= -DPOLY1305_ASM +.elif defined(ASM_powerpc64) +CFLAGS+= -DOPENSSL_BN_ASM_MONT +CFLAGS+= -DAES_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DSHA1_ASM +CFLAGS+= -DSHA256_ASM +CFLAGS+= -DSHA512_ASM +CFLAGS+= -DPOLY1305_ASM +CFLAGS+= -DECP_NISTZ256_ASM +CFLAGS+= -DX25519_ASM +CFLAGS+= -DKECCAK1600_ASM +.elif defined(ASM_powerpc64le) +CFLAGS+= -DOPENSSL_BN_ASM_MONT +CFLAGS+= -DAES_ASM +CFLAGS+= -DVPAES_ASM +CFLAGS+= -DSHA1_ASM +CFLAGS+= -DSHA256_ASM +CFLAGS+= -DSHA512_ASM +CFLAGS+= -DPOLY1305_ASM +CFLAGS+= -DECP_NISTZ256_ASM +CFLAGS+= -DX25519_ASM +CFLAGS+= -DKECCAK1600_ASM +.endif +.endif + +.if defined(LIB) +CFLAGS+= -DOPENSSLDIR="\"/etc/ssl\"" +CFLAGS+= -DENGINESDIR="\"${LIBDIR}/engines-3\"" +CFLAGS+= -DMODULESDIR="\"${LIBDIR}/ossl-modules\"" +.endif + +CFLAGS+= -DNDEBUG + +MANDIR= ${SHAREDIR}/openssl/man/man .for pcfile in ${PCFILES} ${pcfile}: ${pcfile}.in diff --git a/secure/lib/libcrypto/modules/Makefile.inc b/secure/lib/libcrypto/modules/Makefile.inc index 6e74ff36a9cf..e2f8e9437953 100644 --- a/secure/lib/libcrypto/modules/Makefile.inc +++ b/secure/lib/libcrypto/modules/Makefile.inc @@ -9,11 +9,8 @@ CFLAGS+= -I${LCRYPTO_SRC}/include CFLAGS+= -I${LCRYPTO_SRC}/providers/common/include CFLAGS+= -I${LCRYPTO_SRC}/providers/implementations/include -# common -SRCS+= provider_err.c provider_ctx.c -SRCS+= provider_util.c +.include -.PATH: ${LCRYPTO_SRC}/providers \ - ${LCRYPTO_SRC}/providers/common +.PATH: ${LCRYPTO_SRC}/providers WARNS?= 0 diff --git a/secure/lib/libcrypto/modules/fips/Makefile b/secure/lib/libcrypto/modules/fips/Makefile index c8b79e3badfd..46c5ec2a091f 100644 --- a/secure/lib/libcrypto/modules/fips/Makefile +++ b/secure/lib/libcrypto/modules/fips/Makefile @@ -2,268 +2,9 @@ SHLIB_NAME?= fips.so -CFLAGS+= -DFIPS_MODULE - -SRCS+= fips_entry.c fipsprov.c self_test.c self_test_kats.c - -.include "../../Makefile.common" - -# crypto -SRCS+= provider_core.c provider_predefined.c \ - core_fetch.c core_algorithm.c core_namemap.c self_test_core.c - -SRCS+= cpuid.c ctype.c -.if defined(ASM_aarch64) -SRCS+= arm64cpuid.S armcap.c -ACFLAGS.arm64cpuid.S= -march=armv8-a+crypto -.elif defined(ASM_amd64) -SRCS+= x86_64cpuid.S -.elif defined(ASM_arm) -SRCS+= armv4cpuid.S armcap.c -.elif defined(ASM_i386) -SRCS+= x86cpuid.S -.elif defined(ASM_powerpc) -SRCS+= ppccpuid.S ppccap.c -.elif defined(ASM_powerpc64) -SRCS+= ppccpuid.S ppccap.c -.elif defined(ASM_powerpc64le) -SRCS+= ppccpuid.S ppccap.c -.else -SRCS+= mem_clr.c -.endif - -# crypto/bn -SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ - bn_mod.c bn_conv.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ - bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_sqr.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ - bn_intern.c bn_dh.c bn_rsa_fips186_4.c bn_const.c -.if defined(ASM_aarch64) -SRCS+= armv8-mont.S bn_asm.c -.elif defined(ASM_amd64) -SRCS+= rsaz-avx2.S rsaz-avx512.S rsaz-x86_64.S rsaz_exp.c rsaz_exp_x2.c -SRCS+= x86_64-gcc.c x86_64-gf2m.S x86_64-mont.S x86_64-mont5.S -.elif defined(ASM_arm) -SRCS+= armv4-gf2m.S armv4-mont.S bn_asm.c -.elif defined(ASM_i386) -SRCS+= bn-586.S co-586.S x86-gf2m.S x86-mont.S -.elif defined(ASM_powerpc) -SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S -.elif defined(ASM_powerpc64) -SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S -.elif defined(ASM_powerpc64le) -SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S -.else -SRCS+= bn_asm.c -.endif - -# crypto/dh -SRCS+= dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c \ - dh_kdf.c - -# crypto/dsa -SRCS+= dsa_sign.c dsa_vrf.c dsa_lib.c dsa_ossl.c dsa_check.c \ - dsa_key.c dsa_backend.c dsa_gen.c - -# crypto/ec -SRCS+= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_curve.c ec_check.c ec_key.c ec_kmeth.c ecx_key.c ec_asn1.c \ - ec2_smpl.c \ - ecp_oct.c ec2_oct.c ec_oct.c ecdh_ossl.c \ - ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \ - curve448/f_generic.c curve448/scalar.c \ - curve448/curve448_tables.c curve448/eddsa.c curve448/curve448.c \ - ec_backend.c ecx_backend.c ecdh_kdf.c curve448/arch_64/f_impl64.c \ - curve448/arch_32/f_impl32.c -SRCS+= cryptlib.c params.c params_from_text.c bsearch.c ex_data.c o_str.c \ - threads_pthread.c threads_none.c initthread.c \ - context.c sparse_array.c asn1_dsa.c packet.c param_build.c \ - param_build_set.c der_writer.c threads_lib.c params_dup.c - -.include -.if ${MACHINE_ABI:Mlittle-endian} && ${MACHINE_ABI:Mlong64} -SRCS+= ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c -.endif -.if defined(ASM_aarch64) -SRCS+= ecp_nistz256-armv8.S ecp_nistz256.c -.elif defined(ASM_amd64) -SRCS+= ecp_nistz256-x86_64.S ecp_nistz256.c x25519-x86_64.S -.elif defined(ASM_arm) -SRCS+= ecp_nistz256-armv4.S ecp_nistz256.c -.elif defined(ASM_i386) -SRCS+= ecp_nistz256-x86.S ecp_nistz256.c -.elif defined(ASM_powerpc64) -SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S -.elif defined(ASM_powerpc64le) -SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S -.endif - -# crypto/evp -SRCS+= digest.c evp_enc.c evp_lib.c evp_fetch.c evp_utils.c \ - mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c \ - m_sigver.c pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ - evp_rand.c asymcipher.c kem.c dh_support.c ec_support.c pmeth_check.c - -# crypto/ffc -SRCS+= ffc_params.c ffc_params_generate.c ffc_key_generate.c \ - ffc_params_validate.c ffc_key_validate.c ffc_backend.c \ - ffc_dh.c - -# crypto/lhash -SRCS+= lhash.c - -# crypto/property -SRCS+= property_string.c property_parse.c property_query.c property.c defn_cache.c - -# crypto/rsa -SRCS+= rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \ - rsa_none.c rsa_oaep.c rsa_chk.c rsa_pss.c rsa_x931.c rsa_crpt.c \ - rsa_sp800_56b_gen.c rsa_sp800_56b_check.c rsa_backend.c \ - rsa_mp_names.c rsa_schemes.c -SRCS+= rsa_acvp_test_params.c - -# crypto/sha -SRCS+= sha1dgst.c sha256.c sha512.c sha3.c -.if defined(ASM_aarch64) -SRCS+= keccak1600-armv8.S sha1-armv8.S sha256-armv8.S sha512-armv8.S -.elif defined(ASM_amd64) -SRCS+= keccak1600-x86_64.S sha1-mb-x86_64.S sha1-x86_64.S -SRCS+= sha256-mb-x86_64.S sha256-x86_64.S sha512-x86_64.S -.elif defined(ASM_arm) -SRCS+= keccak1600-armv4.S sha1-armv4-large.S sha256-armv4.S sha512-armv4.S -.elif defined(ASM_i386) -SRCS+= keccak1600.c sha1-586.S sha256-586.S sha512-586.S -.elif defined(ASM_powerpc) -SRCS+= keccak1600.c sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S -.elif defined(ASM_powerpc64) -SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S -.elif defined(ASM_powerpc64le) -SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S -.else -SRCS+= keccak1600.c -.endif - -# common -SRCS+= capabilities.c bio_prov.c digest_to_nid.c \ - securitycheck.c provider_seeding.c -SRCS+= securitycheck_fips.c - -# common/der -SRCS+= der_rsa_gen.c der_rsa_key.c -SRCS+= der_rsa_sig.c - -SRCS+= der_dsa_gen.c der_dsa_key.c -SRCS+= der_dsa_sig.c - -SRCS+= der_ec_gen.c der_ec_key.c -SRCS+= der_ec_sig.c - -SRCS+= der_ecx_gen.c der_ecx_key.c - -SRCS+= der_wrap_gen.c - -# asymciphers -SRCS+= rsa_enc.c - -# ciphers -SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \ - ciphercommon_gcm.c ciphercommon_gcm_hw.c \ - ciphercommon_ccm.c ciphercommon_ccm_hw.c -SRCS+= cipher_aes.c cipher_aes_hw.c \ - cipher_aes_xts.c cipher_aes_xts_hw.c \ - cipher_aes_gcm.c cipher_aes_gcm_hw.c \ - cipher_aes_ccm.c cipher_aes_ccm_hw.c \ - cipher_aes_wrp.c \ - cipher_aes_cbc_hmac_sha.c \ - cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \ - cipher_cts.c -SRCS+= cipher_aes_xts_fips.c -SRCS+= cipher_tdes.c cipher_tdes_common.c cipher_tdes_hw.c - -# digests -SRCS+= digestcommon.c -SRCS+= sha2_prov.c -SRCS+= sha3_prov.c - -# exchange -SRCS+= dh_exch.c -SRCS+= ecx_exch.c -SRCS+= ecdh_exch.c -SRCS+= kdf_exch.c - -# kdfs -SRCS+= tls1_prf.c -SRCS+= hkdf.c -SRCS+= kbkdf.c -SRCS+= pbkdf2.c -SRCS+= pbkdf2_fips.c -SRCS+= sskdf.c -SRCS+= sshkdf.c -SRCS+= x942kdf.c - -# kem -SRCS+= rsa_kem.c - -# keymgmt -SRCS+= dh_kmgmt.c -SRCS+= dsa_kmgmt.c -SRCS+= ec_kmgmt.c -SRCS+= ecx_kmgmt.c -SRCS+= kdf_legacy_kmgmt.c -SRCS+= mac_legacy_kmgmt.c -SRCS+= rsa_kmgmt.c - -# macs -SRCS+= gmac_prov.c -SRCS+= hmac_prov.c -SRCS+= kmac_prov.c -SRCS+= cmac_prov.c - -# rands -SRCS+= drbg.c test_rng.c drbg_ctr.c drbg_hash.c drbg_hmac.c crngt.c - -# signature -SRCS+= dsa_sig.c -SRCS+= eddsa_sig.c ecdsa_sig.c -SRCS+= mac_legacy_sig.c -SRCS+= rsa_sig.c - -# ssl -SRCS+= record/tls_pad.c s3_cbc.c +SRCS= fips_entry.c fipsprov.c self_test.c self_test_kats.c .include -.if defined(ASM_${MACHINE_CPUARCH}) -.PATH: ${SRCTOP}/secure/lib/libcrypto/arch/${MACHINE_CPUARCH} -.if defined(ASM_amd64) -.PATH: ${LCRYPTO_SRC}/crypto/bn/asm -.endif -.elif defined(ASM_${MACHINE_ARCH}) -.PATH: ${SRCTOP}/secure/lib/libcrypto/arch/${MACHINE_ARCH} -.endif - .PATH: ${LCRYPTO_SRC}/crypto \ - ${LCRYPTO_SRC}/crypto/bio \ - ${LCRYPTO_SRC}/crypto/bn \ - ${LCRYPTO_SRC}/crypto/dh \ - ${LCRYPTO_SRC}/crypto/dsa \ - ${LCRYPTO_SRC}/crypto/ec \ - ${LCRYPTO_SRC}/crypto/evp \ - ${LCRYPTO_SRC}/crypto/ffc \ - ${LCRYPTO_SRC}/crypto/lhash \ - ${LCRYPTO_SRC}/crypto/property \ - ${LCRYPTO_SRC}/crypto/rsa \ - ${LCRYPTO_SRC}/crypto/sha \ - ${LCRYPTO_SRC}/providers/fips \ - ${LCRYPTO_SRC}/providers/common/der \ - ${LCRYPTO_SRC}/providers/implementations/asymciphers \ - ${LCRYPTO_SRC}/providers/implementations/ciphers \ - ${LCRYPTO_SRC}/providers/implementations/digests \ - ${LCRYPTO_SRC}/providers/implementations/exchange \ - ${LCRYPTO_SRC}/providers/implementations/kdfs \ - ${LCRYPTO_SRC}/providers/implementations/kem \ - ${LCRYPTO_SRC}/providers/implementations/keymgmt \ - ${LCRYPTO_SRC}/providers/implementations/macs \ - ${LCRYPTO_SRC}/providers/implementations/rands \ - ${LCRYPTO_SRC}/providers/implementations/signature \ - ${LCRYPTO_SRC}/ssl + ${LCRYPTO_SRC}/providers/fips diff --git a/secure/lib/libcrypto/modules/legacy/Makefile b/secure/lib/libcrypto/modules/legacy/Makefile index c98ca9553e20..3ed4bed6cd52 100644 --- a/secure/lib/libcrypto/modules/legacy/Makefile +++ b/secure/lib/libcrypto/modules/legacy/Makefile @@ -2,34 +2,6 @@ SHLIB_NAME?= legacy.so -SRCS+= legacyprov.c prov_running.c - -# ciphers -SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \ - ciphercommon_gcm.c ciphercommon_gcm_hw.c \ - ciphercommon_ccm.c ciphercommon_ccm_hw.c -SRCS+= cipher_desx.c cipher_desx_hw.c cipher_des.c cipher_des_hw.c -SRCS+= cipher_tdes_common.c -SRCS+= cipher_blowfish.c cipher_blowfish_hw.c -SRCS+= cipher_cast5.c cipher_cast5_hw.c -SRCS+= cipher_rc2.c cipher_rc2_hw.c -SRCS+= cipher_rc4.c cipher_rc4_hw.c -SRCS+= cipher_rc4_hmac_md5.c cipher_rc4_hmac_md5_hw.c -SRCS+= cipher_seed.c cipher_seed_hw.c - -# digests -SRCS+= digestcommon.c -SRCS+= md4_prov.c wp_prov.c ripemd_prov.c - -# kdfs -SRCS+= pbkdf1.c - -# ssl -SRCS+= record/tls_pad.c +SRCS= legacyprov.c .include - -.PATH: ${LCRYPTO_SRC}/providers/implementations/ciphers \ - ${LCRYPTO_SRC}/providers/implementations/digests \ - ${LCRYPTO_SRC}/providers/implementations/kdfs \ - ${LCRYPTO_SRC}/ssl