diff --git a/Configure b/Configure index 9473452bf8..09998d9c70 100755 --- a/Configure +++ b/Configure @@ -812,6 +812,7 @@ my @disablables = ( "camellia", "capieng", "cast", + "chacha", "cmac", "cms", "comp", @@ -845,6 +846,7 @@ my @disablables = ( "nextprotoneg", "ocb", "ocsp", + "poly1305", "posix-io", "psk", "rc2", diff --git a/crypto/include/internal/chacha.h b/crypto/include/internal/chacha.h index dacbdf59dc..98787d35b8 100644 --- a/crypto/include/internal/chacha.h +++ b/crypto/include/internal/chacha.h @@ -57,6 +57,10 @@ extern "C" { #endif +# ifdef OPENSSL_NO_CHACHA +# error CHACHA is disabled. +# endif + /* * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and * nonce and writes the result to |out|, which may be equal to |inp|. diff --git a/crypto/include/internal/poly1305.h b/crypto/include/internal/poly1305.h index 8e2cac5215..b6db3253f2 100644 --- a/crypto/include/internal/poly1305.h +++ b/crypto/include/internal/poly1305.h @@ -49,6 +49,10 @@ */ #include +#ifdef OPENSSL_NO_POLY1305 +# error POLY1305 is disabled. +#endif + #define POLY1305_BLOCK_SIZE 16 typedef struct poly1305_context POLY1305; diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index 84d4e2342e..fc6af90081 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -102,7 +102,7 @@ int SSL_library_init(void) EVP_add_cipher(EVP_camellia_128_cbc()); EVP_add_cipher(EVP_camellia_256_cbc()); #endif -#if !defined(OPENSSL_NO_CHACHA20) && !defined(OPENSSL_NO_POLY1305) +#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) EVP_add_cipher(EVP_chacha20_poly1305()); #endif diff --git a/util/mkdef.pl b/util/mkdef.pl index 6a8a096e89..a57f40312a 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -69,7 +69,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "SHA256", "SHA512", "RMD160", "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M", "HMAC", "AES", "CAMELLIA", "SEED", "GOST", - "SCRYPT", + "SCRYPT", "CHACHA", "POLY1305", # EC_NISTP_64_GCC_128 "EC_NISTP_64_GCC_128", # Envelope "algorithms" @@ -128,6 +128,7 @@ my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed; my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; my $no_rsa; my $no_dsa; my $no_dh; my $no_aes; my $no_scrypt; my $no_ec; my $no_engine; my $no_hw; +my $no_chacha; my $no_poly1305; my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated; my $no_sct; my $no_rfc3779; my $no_psk; my $no_cms; my $no_capieng; my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc; @@ -205,6 +206,8 @@ foreach (@ARGV, split(/ /, $options)) elsif (/^no-camellia$/) { $no_camellia=1; } elsif (/^no-seed$/) { $no_seed=1; } elsif (/^no-scrypt$/) { $no_scrypt=1; } + elsif (/^no-chacha$/) { $no_chacha=1; } + elsif (/^no-poly1305$/) { $no_poly1305=1; } elsif (/^no-evp$/) { $no_evp=1; } elsif (/^no-lhash$/) { $no_lhash=1; } elsif (/^no-stack$/) { $no_stack=1; } @@ -267,6 +270,8 @@ $ssl.=" include/openssl/srtp.h"; my $crypto ="include/openssl/crypto.h"; $crypto.=" crypto/include/internal/cryptlib.h"; +$crypto.=" crypto/include/internal/chacha.h"; # unless $no_chacha; +$crypto.=" crypto/include/internal/poly1305.h"; # unless $no_poly1305; $crypto.=" include/internal/o_dir.h"; $crypto.=" include/internal/o_str.h"; $crypto.=" include/openssl/des.h" ; # unless $no_des; @@ -1188,6 +1193,8 @@ sub is_valid if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; } if ($keyword eq "SEED" && $no_seed) { return 0; } if ($keyword eq "SCRYPT" && $no_scrypt) { return 0; } + if ($keyword eq "CHACHA" && $no_chacha) { return 0; } + if ($keyword eq "POLY1305" && $no_poly1305) { return 0; } if ($keyword eq "EVP" && $no_evp) { return 0; } if ($keyword eq "LHASH" && $no_lhash) { return 0; } if ($keyword eq "STACK" && $no_stack) { return 0; }