openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Cleanup some copyright stuff 

Remove some incorrect copyright references.
Move copyright to standard place
Add OpenSSL copyright where missing.
Remove copyrighted file that we don't use any more
Remove Itanium assembler for RC4 and MD5 (assembler versions of old and
weak algorithms for an old chip)
Standardize apps/rehash copyright comment; approved by Timo
Put dual-copyright notice on mkcert

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3691)
This commit is contained in:
Rich Salz 2017-06-15 12:03:40 -04:00
parent 1297ef9928
commit 624265c60e
15 changed files with 28 additions and 2378 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Configurations/00-base-templates.conf
View File

@ -184,9 +184,8 @@
cpuid_asm_src => "ia64cpuid.s",
bn_asm_src => "bn-ia64.s ia64-mont.s",
aes_asm_src => "aes_core.c aes_cbc.c aes-ia64.s",
md5_asm_src => "md5-ia64.s",
sha1_asm_src => "sha1-ia64.s sha256-ia64.s sha512-ia64.s",
rc4_asm_src => "rc4-ia64.s rc4_skey.c",
rc4_asm_src => "rc4_skey.c",
modes_asm_src => "ghash-ia64.s",
perlasm_scheme => "void"
},

7
apps/rehash.c
View File

@ -1,5 +1,6 @@
/*
* Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2013-2014 Timo Teräs <timo.teras@gmail.com>
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,12 +8,6 @@
* https://www.openssl.org/source/license.html
*/
/*
* C implementation based on the original Perl and shell versions
*
* Copyright (c) 2013-2014 Timo Teräs <timo.teras@iki.fi>
*/
#include "apps.h"
#if defined(OPENSSL_SYS_UNIX) || defined(__APPLE__) || \

2
apps/tsget.in
View File

@ -1,6 +1,6 @@
#!{- $config{hashbangperl} -}
# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
# Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2002 The OpenTSA Project. All rights reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy

1
apps/vms_term_sock.c
View File

@ -1,4 +1,5 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016 VMS Software, Inc. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use

1
apps/vms_term_sock.h
View File

@ -1,4 +1,5 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016 VMS Software, Inc. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use

5
crypto/asn1/x_spki.c
View File

@ -7,11 +7,6 @@
* https://www.openssl.org/source/license.html
*/
/*
* This module was send to me my Pat Richards <patr@x509.com> who wrote it.
* It is under my Copyright with his permission
*/
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/x509.h>

7
crypto/ec/asm/ecp_nistz256-ppc64.pl
View File

@ -1,4 +1,11 @@
#! /usr/bin/env perl
# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
#
# ====================================================================
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL

1002
crypto/md5/asm/md5-ia64.S
View File

File diff suppressed because it is too large Load Diff

12
crypto/md5/build.info
View File

@ -8,15 +8,3 @@ GENERATE[md5-x86_64.s]=asm/md5-x86_64.pl $(PERLASM_SCHEME)
GENERATE[md5-sparcv9.S]=asm/md5-sparcv9.pl $(PERLASM_SCHEME)
INCLUDE[md5-sparcv9.o]=..
BEGINRAW[makefile(windows)]
{- $builddir -}\md5-ia64.asm: {- $sourcedir -}\asm\md5-ia64.S
$(CC) $(CFLAGS) -EP {- $sourcedir -}\asm\md5-ia64.S > $@.i && move /Y $@.i $@
ENDRAW[makefile(windows)]
BEGINRAW[Makefile]
{- $builddir -}/md5-ia64.s: {- $sourcedir -}/asm/md5-ia64.S
$(CC) $(CFLAGS) -E {- $sourcedir -}/asm/md5-ia64.S | \
$(PERL) -ne 's/;\s+/;\n/g; print;' > $@
ENDRAW[Makefile]

6
crypto/mem_sec.c
View File

@ -1,5 +1,6 @@
/*
* Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2004-2014, Akamai Technologies. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@ -7,11 +8,6 @@
* https://www.openssl.org/source/license.html
*/
/*
* Copyright 2004-2014, Akamai Technologies. All Rights Reserved.
* This file is distributed under the terms of the OpenSSL license.
*/
/*
* This file is in two halves. The first half implements the public API
* to be used by external consumers, and to be used by OpenSSL to store

767
crypto/rc4/asm/rc4-ia64.pl
View File

@ -1,767 +0,0 @@
#! /usr/bin/env perl
# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
#
# ====================================================================
# Written by David Mosberger <David.Mosberger@acm.org> based on the
# Itanium optimized Crypto code which was released by HP Labs at
# http://www.hpl.hp.com/research/linux/crypto/.
#
# Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
# This is a little helper program which generates a software-pipelined
# for RC4 encryption. The basic algorithm looks like this:
#
# for (counter = 0; counter < len; ++counter)
# {
# in = inp[counter];
# SI = S[I];
# J = (SI + J) & 0xff;
# SJ = S[J];
# T = (SI + SJ) & 0xff;
# S[I] = SJ, S[J] = SI;
# ST = S[T];
# outp[counter] = in ^ ST;
# I = (I + 1) & 0xff;
# }
#
# Pipelining this loop isn't easy, because the stores to the S[] array
# need to be observed in the right order. The loop generated by the
# code below has the following pipeline diagram:
#
# cycle
# | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 |
# iter
# 1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
# 2: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
# 3: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
#
# where:
# LDI = load of S[I]
# LDJ = load of S[J]
# SWP = swap of S[I] and S[J]
# LDT = load of S[T]
#
# Note that in the above diagram, the major trouble-spot is that LDI
# of the 2nd iteration is performed BEFORE the SWP of the first
# iteration. Fortunately, this is easy to detect (I of the 1st
# iteration will be equal to J of the 2nd iteration) and when this
# happens, we simply forward the proper value from the 1st iteration
# to the 2nd one. The proper value in this case is simply the value
# of S[I] from the first iteration (thanks to the fact that SWP
# simply swaps the contents of S[I] and S[J]).
#
# Another potential trouble-spot is in cycle 7, where SWP of the 1st
# iteration issues at the same time as the LDI of the 3rd iteration.
# However, thanks to IA-64 execution semantics, this can be taken
# care of simply by placing LDI later in the instruction-group than
# SWP. IA-64 CPUs will automatically forward the value if they
# detect that the SWP and LDI are accessing the same memory-location.
# The core-loop that can be pipelined then looks like this (annotated
# with McKinley/Madison issue port & latency numbers, assuming L1
# cache hits for the most part):
# operation: instruction: issue-ports: latency
# ------------------ ----------------------------- ------------- -------
# Data = *inp++ ld1 data = [inp], 1 M0-M1 1 cyc c0
# shladd Iptr = I, KeyTable, 3 M0-M3, I0, I1 1 cyc
# I = (I + 1) & 0xff padd1 nextI = I, one M0-M3, I0, I1 3 cyc
# ;;
# SI = S[I] ld8 SI = [Iptr] M0-M1 1 cyc c1 * after SWAP!
# ;;
# cmp.eq.unc pBypass = I, J * after J is valid!
# J = SI + J add J = J, SI M0-M3, I0, I1 1 cyc c2
# (pBypass) br.cond.spnt Bypass
# ;;
# ---------------------------------------------------------------------------------------
# J = J & 0xff zxt1 J = J I0, I1, 1 cyc c3
# ;;
# shladd Jptr = J, KeyTable, 3 M0-M3, I0, I1 1 cyc c4
# ;;
# SJ = S[J] ld8 SJ = [Jptr] M0-M1 1 cyc c5
# ;;
# ---------------------------------------------------------------------------------------
# T = (SI + SJ) add T = SI, SJ M0-M3, I0, I1 1 cyc c6
# ;;
# T = T & 0xff zxt1 T = T I0, I1 1 cyc
# S[I] = SJ st8 [Iptr] = SJ M2-M3 c7
# S[J] = SI st8 [Jptr] = SI M2-M3
# ;;
# shladd Tptr = T, KeyTable, 3 M0-M3, I0, I1 1 cyc c8
# ;;
# ---------------------------------------------------------------------------------------
# T = S[T] ld8 T = [Tptr] M0-M1 1 cyc c9
# ;;
# data ^= T xor data = data, T M0-M3, I0, I1 1 cyc c10
# ;;
# *out++ = Data ^ T dep word = word, data, 8, POS I0, I1 1 cyc c11
# ;;
# ---------------------------------------------------------------------------------------
# There are several points worth making here:
# - Note that due to the bypass/forwarding-path, the first two
# phases of the loop are strangly mingled together. In
# particular, note that the first stage of the pipeline is
# using the value of "J", as calculated by the second stage.
# - Each bundle-pair will have exactly 6 instructions.
# - Pipelined, the loop can execute in 3 cycles/iteration and
# 4 stages. However, McKinley/Madison can issue "st1" to
# the same bank at a rate of at most one per 4 cycles. Thus,
# instead of storing each byte, we accumulate them in a word
# and then write them back at once with a single "st8" (this
# implies that the setup code needs to ensure that the output
# buffer is properly aligned, if need be, by encoding the
# first few bytes separately).
# - There is no space for a "br.ctop" instruction. For this
# reason we can't use module-loop support in IA-64 and have
# to do a traditional, purely software-pipelined loop.
# - We can't replace any of the remaining "add/zxt1" pairs with
# "padd1" because the latency for that instruction is too high
# and would push the loop to the point where more bypasses
# would be needed, which we don't have space for.
# - The above loop runs at around 3.26 cycles/byte, or roughly
# 440 MByte/sec on a 1.5GHz Madison. This is well below the
# system bus bandwidth and hence with judicious use of
# "lfetch" this loop can run at (almost) peak speed even when
# the input and output data reside in memory. The
# max. latency that can be tolerated is (PREFETCH_DISTANCE *
# L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at
# least) 1-ahead prefetching of 128 byte cache-lines. Note
# that we do NOT prefetch into L1, since that would only
# interfere with the S[] table values stored there. This is
# acceptable because there is a 10 cycle latency between
# load and first use of the input data.
# - We use a branch to out-of-line bypass-code of cycle-pressure:
# we calculate the next J, check for the need to activate the
# bypass path, and activate the bypass path ALL IN THE SAME
# CYCLE. If we didn't have these constraints, we could do
# the bypass with a simple conditional move instruction.
# Fortunately, the bypass paths get activated relatively
# infrequently, so the extra branches don't cost all that much
# (about 0.04 cycles/byte, measured on a 16396 byte file with
# random input data).
#
$output = pop;
open STDOUT,">$output";
$phases = 4; # number of stages/phases in the pipelined-loop
$unroll_count = 6; # number of times we unrolled it
$pComI = (1 << 0);
$pComJ = (1 << 1);
$pComT = (1 << 2);
$pOut = (1 << 3);
$NData = 4;
$NIP = 3;
$NJP = 2;
$NI = 2;
$NSI = 3;
$NSJ = 2;
$NT = 2;
$NOutWord = 2;
#
# $threshold is the minimum length before we attempt to use the
# big software-pipelined loop. It MUST be greater-or-equal
# to:
# PHASES * (UNROLL_COUNT + 1) + 7
#
# The "+ 7" comes from the fact we may have to encode up to
# 7 bytes separately before the output pointer is aligned.
#
$threshold = (3 * ($phases * ($unroll_count + 1)) + 7);
sub I {
local *code = shift;
local $format = shift;
$code .= sprintf ("\t\t".$format."\n", @_);
}
sub P {
local *code = shift;
local $format = shift;
$code .= sprintf ($format."\n", @_);
}
sub STOP {
local *code = shift;
$code .=<<___;
;;
___
}
sub emit_body {
local *c = shift;
local *bypass = shift;
local ($iteration, $p) = @_;
local $i0 = $iteration;
local $i1 = $iteration - 1;
local $i2 = $iteration - 2;
local $i3 = $iteration - 3;
local $iw0 = ($iteration - 3) / 8;
local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1;
local $byte_num = ($iteration - 3) % 8;
local $label = $iteration + 1;
local $pAny = ($p & 0xf) == 0xf;
local $pByp = (($p & $pComI) && ($iteration > 0));
$c.=<<___;
//////////////////////////////////////////////////
___
if (($p & 0xf) == 0) {
$c.="#ifdef HOST_IS_BIG_ENDIAN\n";
&I(\$c,"shr.u OutWord[%u] = OutWord[%u], 32;;",
$iw1 % $NOutWord, $iw1 % $NOutWord);
$c.="#endif\n";
&I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord);
return;
}
# Cycle 0
&I(\$c, "{ .mmi") if ($pAny);
&I(\$c, "ld1 Data[%u] = [InPtr], 1", $i0 % $NData) if ($p & $pComI);
&I(\$c, "padd1 I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI);
&I(\$c, "zxt1 J = J") if ($p & $pComJ);
&I(\$c, "}") if ($pAny);
&I(\$c, "{ .mmi") if ($pAny);
&I(\$c, "LKEY T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT) if ($p & $pOut);
&I(\$c, "add T[%u] = SI[%u], SJ[%u]",
$i0 % $NT, $i2 % $NSI, $i1 % $NSJ) if ($p & $pComT);
&I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI);
&I(\$c, "}") if ($pAny);
&STOP(\$c);
# Cycle 1
&I(\$c, "{ .mmi") if ($pAny);
&I(\$c, "SKEY [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT);
&I(\$c, "SKEY [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT);
&I(\$c, "zxt1 T[%u] = T[%u]", $i0 % $NT, $i0 % $NT) if ($p & $pComT);
&I(\$c, "}") if ($pAny);
&I(\$c, "{ .mmi") if ($pAny);
&I(\$c, "LKEY SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI);
&I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP) if ($p & $pComJ);
&I(\$c, "xor Data[%u] = Data[%u], T[%u]",
$i3 % $NData, $i3 % $NData, $i1 % $NT) if ($p & $pOut);
&I(\$c, "}") if ($pAny);
&STOP(\$c);
# Cycle 2
&I(\$c, "{ .mmi") if ($pAny);
&I(\$c, "LKEY SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ);
&I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI) if ($pByp);
&I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8",
$iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut);
&I(\$c, "}") if ($pAny);
&I(\$c, "{ .mmb") if ($pAny);
&I(\$c, "add J = J, SI[%u]", $i0 % $NSI) if ($p & $pComI);
&I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT) if ($p & $pComT);
&P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp);
&I(\$c, "}") if ($pAny);
&STOP(\$c);
&P(\$c, ".rc4Resume%u:", $label) if ($pByp);
if ($byte_num == 0 && $iteration >= $phases) {
&I(\$c, "st8 [OutPtr] = OutWord[%u], 8",
$iw1 % $NOutWord) if ($p & $pOut);
if ($iteration == (1 + $unroll_count) * $phases - 1) {
if ($unroll_count == 6) {
&I(\$c, "mov OutWord[%u] = OutWord[%u]",
$iw1 % $NOutWord, $iw0 % $NOutWord);
}
&I(\$c, "lfetch.nt1 [InPrefetch], %u",
$unroll_count * $phases);
&I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u",
$unroll_count * $phases);
&I(\$c, "br.cloop.sptk.few .rc4Loop");
}
}
if ($pByp) {
&P(\$bypass, ".rc4Bypass%u:", $label);
&I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI);
&I(\$bypass, "nop 0");
&I(\$bypass, "nop 0");
&I(\$bypass, ";;");
&I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI);
&I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI);
&I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label);
&I(\$bypass, ";;");
}
}
$code=<<___;
.ident \"rc4-ia64.s, version 3.0\"
.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\"
#define LCSave r8
#define PRSave r9
/* Inputs become invalid once rotation begins! */
#define StateTable in0
#define DataLen in1
#define InputBuffer in2
#define OutputBuffer in3
#define KTable r14
#define J r15
#define InPtr r16
#define OutPtr r17
#define InPrefetch r18
#define OutPrefetch r19
#define One r20
#define LoopCount r21
#define Remainder r22
#define IFinal r23
#define EndPtr r24
#define tmp0 r25
#define tmp1 r26
#define pBypass p6
#define pDone p7
#define pSmall p8
#define pAligned p9
#define pUnaligned p10
#define pComputeI pPhase[0]
#define pComputeJ pPhase[1]
#define pComputeT pPhase[2]
#define pOutput pPhase[3]
#define RetVal r8
#define L_OK p7
#define L_NOK p8
#define _NINPUTS 4
#define _NOUTPUT 0
#define _NROTATE 24
#define _NLOCALS (_NROTATE - _NINPUTS - _NOUTPUT)
#ifndef SZ
# define SZ 4 // this must be set to sizeof(RC4_INT)
#endif
#if SZ == 1
# define LKEY ld1
# define SKEY st1
# define KEYADDR(dst, i) add dst = i, KTable
#elif SZ == 2
# define LKEY ld2
# define SKEY st2
# define KEYADDR(dst, i) shladd dst = i, 1, KTable
#elif SZ == 4
# define LKEY ld4
# define SKEY st4
# define KEYADDR(dst, i) shladd dst = i, 2, KTable
#else
# define LKEY ld8
# define SKEY st8
# define KEYADDR(dst, i) shladd dst = i, 3, KTable
#endif
#if defined(_HPUX_SOURCE) && !defined(_LP64)
# define ADDP addp4
#else
# define ADDP add
#endif
/* Define a macro for the bit number of the n-th byte: */
#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
# define HOST_IS_BIG_ENDIAN
# define BYTE_POS(n) (56 - (8 * (n)))
#else
# define BYTE_POS(n) (8 * (n))
#endif
/*
We must perform the first phase of the pipeline explicitly since
we will always load from the stable the first time. The br.cexit
will never be taken since regardless of the number of bytes because
the epilogue count is 4.
*/
/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX
assembler failed on original macro with syntax error. <appro> */
#define MODSCHED_RC4_PROLOGUE \\
{ \\
ld1 Data[0] = [InPtr], 1; \\
add IFinal = 1, I[1]; \\
KEYADDR(IPr[0], I[1]); \\
} ;; \\
{ \\
LKEY SI[0] = [IPr[0]]; \\
mov pr.rot = 0x10000; \\
mov ar.ec = 4; \\
} ;; \\
{ \\
add J = J, SI[0]; \\
zxt1 I[0] = IFinal; \\
br.cexit.spnt.few .+16; /* never taken */ \\
} ;;
#define MODSCHED_RC4_LOOP(label) \\
label: \\
{ .mmi; \\
(pComputeI) ld1 Data[0] = [InPtr], 1; \\
(pComputeI) add IFinal = 1, I[1]; \\
(pComputeJ) zxt1 J = J; \\
}{ .mmi; \\
(pOutput) LKEY T[1] = [T[1]]; \\
(pComputeT) add T[0] = SI[2], SJ[1]; \\
(pComputeI) KEYADDR(IPr[0], I[1]); \\
} ;; \\
{ .mmi; \\
(pComputeT) SKEY [IPr[2]] = SJ[1]; \\
(pComputeT) SKEY [JP[1]] = SI[2]; \\
(pComputeT) zxt1 T[0] = T[0]; \\
}{ .mmi; \\
(pComputeI) LKEY SI[0] = [IPr[0]]; \\
(pComputeJ) KEYADDR(JP[0], J); \\
(pComputeI) cmp.eq.unc pBypass, p0 = I[1], J; \\
} ;; \\
{ .mmi; \\
(pComputeJ) LKEY SJ[0] = [JP[0]]; \\
(pOutput) xor Data[3] = Data[3], T[1]; \\
nop 0x0; \\
}{ .mmi; \\
(pComputeT) KEYADDR(T[0], T[0]); \\
(pBypass) mov SI[0] = SI[1]; \\
(pComputeI) zxt1 I[0] = IFinal; \\
} ;; \\
{ .mmb; \\
(pOutput) st1 [OutPtr] = Data[3], 1; \\
(pComputeI) add J = J, SI[0]; \\
br.ctop.sptk.few label; \\
} ;;
.text
.align 32
.type RC4, \@function
.global RC4
.proc RC4
.prologue
RC4:
{
.mmi
alloc r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
.rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\
OutWord[2]
.rotp pPhase[4]
ADDP InPrefetch = 0, InputBuffer
ADDP KTable = 0, StateTable
}
{
.mmi
ADDP InPtr = 0, InputBuffer
ADDP OutPtr = 0, OutputBuffer
mov RetVal = r0
}
;;
{
.mmi
lfetch.nt1 [InPrefetch], 0x80
ADDP OutPrefetch = 0, OutputBuffer
}
{ // Return 0 if the input length is nonsensical
.mib
ADDP StateTable = 0, StateTable
cmp.ge.unc L_NOK, L_OK = r0, DataLen
(L_NOK) br.ret.sptk.few rp
}
;;
{
.mib
cmp.eq.or L_NOK, L_OK = r0, InPtr
cmp.eq.or L_NOK, L_OK = r0, OutPtr
nop 0x0
}
{
.mib
cmp.eq.or L_NOK, L_OK = r0, StateTable
nop 0x0
(L_NOK) br.ret.sptk.few rp
}
;;
LKEY I[1] = [KTable], SZ
/* Prefetch the state-table. It contains 256 elements of size SZ */
#if SZ == 1
ADDP tmp0 = 1*128, StateTable
#elif SZ == 2
ADDP tmp0 = 3*128, StateTable
ADDP tmp1 = 2*128, StateTable
#elif SZ == 4
ADDP tmp0 = 7*128, StateTable
ADDP tmp1 = 6*128, StateTable
#elif SZ == 8
ADDP tmp0 = 15*128, StateTable
ADDP tmp1 = 14*128, StateTable
#endif
;;
#if SZ >= 8
lfetch.fault.nt1 [tmp0], -256 // 15
lfetch.fault.nt1 [tmp1], -256;;
lfetch.fault.nt1 [tmp0], -256 // 13
lfetch.fault.nt1 [tmp1], -256;;
lfetch.fault.nt1 [tmp0], -256 // 11
lfetch.fault.nt1 [tmp1], -256;;
lfetch.fault.nt1 [tmp0], -256 // 9
lfetch.fault.nt1 [tmp1], -256;;
#endif
#if SZ >= 4
lfetch.fault.nt1 [tmp0], -256 // 7
lfetch.fault.nt1 [tmp1], -256;;
lfetch.fault.nt1 [tmp0], -256 // 5
lfetch.fault.nt1 [tmp1], -256;;
#endif
#if SZ >= 2
lfetch.fault.nt1 [tmp0], -256 // 3
lfetch.fault.nt1 [tmp1], -256;;
#endif
{
.mii
lfetch.fault.nt1 [tmp0] // 1
add I[1]=1,I[1];;
zxt1 I[1]=I[1]
}
{
.mmi
lfetch.nt1 [InPrefetch], 0x80
lfetch.excl.nt1 [OutPrefetch], 0x80
.save pr, PRSave
mov PRSave = pr
} ;;
{
.mmi
lfetch.excl.nt1 [OutPrefetch], 0x80
LKEY J = [KTable], SZ
ADDP EndPtr = DataLen, InPtr
} ;;
{
.mmi
ADDP EndPtr = -1, EndPtr // Make it point to
// last data byte.
mov One = 1
.save ar.lc, LCSave
mov LCSave = ar.lc
.body
} ;;
{
.mmb
sub Remainder = 0, OutPtr
cmp.gtu pSmall, p0 = $threshold, DataLen
(pSmall) br.cond.dpnt .rc4Remainder // Data too small for
// big loop.
} ;;
{
.mmi
and Remainder = 0x7, Remainder
;;
cmp.eq pAligned, pUnaligned = Remainder, r0
nop 0x0
} ;;
{
.mmb
.pred.rel "mutex",pUnaligned,pAligned
(pUnaligned) add Remainder = -1, Remainder
(pAligned) sub Remainder = EndPtr, InPtr
(pAligned) br.cond.dptk.many .rc4Aligned
} ;;
{
.mmi
nop 0x0
nop 0x0
mov.i ar.lc = Remainder
}
/* Do the initial few bytes via the compact, modulo-scheduled loop
until the output pointer is 8-byte-aligned. */
MODSCHED_RC4_PROLOGUE
MODSCHED_RC4_LOOP(.RC4AlignLoop)
{
.mib
sub Remainder = EndPtr, InPtr
zxt1 IFinal = IFinal
clrrrb // Clear CFM.rrb.pr so
;; // next "mov pr.rot = N"
// does the right thing.
}
{
.mmi
mov I[1] = IFinal
nop 0x0
nop 0x0
} ;;
.rc4Aligned:
/*
Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases)
*/
{
.mlx
add LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder
movl Remainder = 0xaaaaaaaaaaaaaaab
} ;;
{
.mmi
setf.sig f6 = LoopCount // M2, M3 6 cyc
setf.sig f7 = Remainder // M2, M3 6 cyc
nop 0x0
} ;;
{
.mfb
nop 0x0
xmpy.hu f6 = f6, f7
nop 0x0
} ;;
{
.mmi
getf.sig LoopCount = f6;; // M2 5 cyc
nop 0x0
shr.u LoopCount = LoopCount, 4
} ;;
{
.mmi
nop 0x0
nop 0x0
mov.i ar.lc = LoopCount
} ;;
/* Now comes the unrolled loop: */
.rc4Prologue:
___
$iteration = 0;
# Generate the prologue:
$predicates = 1;
for ($i = 0; $i < $phases; ++$i) {
&emit_body (\$code, \$bypass, $iteration++, $predicates);
$predicates = ($predicates << 1) | 1;
}
$code.=<<___;
.rc4Loop:
___
# Generate the body:
for ($i = 0; $i < $unroll_count*$phases; ++$i) {
&emit_body (\$code, \$bypass, $iteration++, $predicates);
}
$code.=<<___;
.rc4Epilogue:
___
# Generate the epilogue:
for ($i = 0; $i < $phases; ++$i) {
$predicates <<= 1;
&emit_body (\$code, \$bypass, $iteration++, $predicates);
}
$code.=<<___;
{
.mmi
lfetch.nt1 [EndPtr] // fetch line with last byte
mov IFinal = I[1]
nop 0x0
}
.rc4Remainder:
{
.mmi
sub Remainder = EndPtr, InPtr // Calculate
// # of bytes
// left - 1
nop 0x0
nop 0x0
} ;;
{
.mib
cmp.eq pDone, p0 = -1, Remainder // done already?
mov.i ar.lc = Remainder
(pDone) br.cond.dptk.few .rc4Complete
}
/* Do the remaining bytes via the compact, modulo-scheduled loop */
MODSCHED_RC4_PROLOGUE
MODSCHED_RC4_LOOP(.RC4RestLoop)
.rc4Complete:
{
.mmi
add KTable = -SZ, KTable
add IFinal = -1, IFinal
mov ar.lc = LCSave
} ;;
{
.mii
SKEY [KTable] = J,-SZ
zxt1 IFinal = IFinal
mov pr = PRSave, 0x1FFFF
} ;;
{
.mib
SKEY [KTable] = IFinal
add RetVal = 1, r0
br.ret.sptk.few rp
} ;;
___
# Last but not least, emit the code for the bypass-code of the unrolled loop:
$code.=$bypass;
$code.=<<___;
.endp RC4
___
print $code;
close STDOUT;

16
crypto/rc4/build.info
View File

@ -10,23 +10,7 @@ GENERATE[rc4-md5-x86_64.s]=asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME)
GENERATE[rc4-parisc.s]=asm/rc4-parisc.pl $(PERLASM_SCHEME)
BEGINRAW[makefile(windows)]
{- $builddir -}\rc4-ia64.asm: {- $sourcedir -}\asm\rc4-ia64.pl
$(PERL) {- $sourcedir -}\asm\rc4-ia64.pl $@.S
$(CC) -DSZ=4 -EP $@.S > $@.i && move /Y $@.i $@
del /Q $@.S
ENDRAW[makefile(windows)]
BEGINRAW[Makefile]
{- $builddir -}/rc4-ia64.s: {- $sourcedir -}/asm/rc4-ia64.pl
@(trap "rm $@.*" INT 0; \
$(PERL) $< $(CFLAGS) $(LIB_CFLAGS) $@.S; \
case `awk '/^#define RC4_INT/{print$$NF}' $(BLDDIR)/include/openssl/opensslconf.h` in \
int) set -x; $(CC) $(CFLAGS) $(LIB_CFLAGS) -DSZ=4 -E $@.S > $@.i && mv -f $@.i $@;; \
char) set -x; $(CC) $(CFLAGS) $(LIB_CFLAGS) -DSZ=1 -E $@.S > $@.i && mv -f $@.i $@;; \
*) exit 1 ;; \
esac )
# GNU make "catch all"
{- $builddir -}/rc4-%.s: {- $sourcedir -}/asm/rc4-%.pl
CC="$(CC)" $(PERL) $< $(PERLASM_SCHEME) $@

509
engines/vendor_defns/hwcryptohook.h
View File

@ -1,509 +0,0 @@
/*
* Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* ModExp / RSA (with/without KM) plugin API
*
* The application will load a dynamic library which
* exports entrypoint(s) defined in this file.
*
* This set of entrypoints provides only a multithreaded,
* synchronous-within-each-thread, facility.
*
*
* This file is Copyright 1998-2000 nCipher Corporation Limited.
*
* Redistribution and use in source and binary forms, with opr without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the copyright notice,
* this list of conditions, and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions, and the following
* disclaimer, in the documentation and/or other materials provided
* with the distribution
*
* IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
* ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
* damages arising directly or indirectly from this file, its use or
* this licence. Without prejudice to the generality of the
* foregoing: all liability shall be excluded for direct, indirect,
* special, incidental, consequential or other damages or any loss of
* profits, business, revenue goodwill or anticipated savings;
* liability shall be excluded even if nCipher or anyone else has been
* advised of the possibility of damage. In any event, if the
* exclusion of liability is not effective, the liability of nCipher
* or any author or distributor shall be limited to the lesser of the
* price paid and 1,000 pounds sterling. This licence only fails to
* exclude or limit liability for death or personal injury arising out
* of negligence, and only to the extent that such an exclusion or
* limitation is not effective.
*
* NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
* AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
* limited to, any implied warranties of merchantability, fitness for
* a particular purpose, satisfactory quality, and/or non-infringement
* of any third party rights.
*
* US Government use: This software and documentation is Commercial
* Computer Software and Computer Software Documentation, as defined in
* sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
* Noncommercial Computer Software and Noncommercial Computer Software
* Documentation." Use, duplication or disclosure by the Government is
* subject to the terms and conditions specified here.
*
* By using or distributing this file you will be accepting these
* terms and conditions, including the limitation of liability and
* lack of warranty. If you do not wish to accept these terms and
* conditions, DO NOT USE THE FILE.
*
*
* The actual dynamically loadable plugin, and the library files for
* static linking, which are also provided in some distributions, are
* not covered by the licence described above. You should have
* received a separate licence with terms and conditions for these
* library files; if you received the library files without a licence,
* please contact nCipher.
*
*/
#ifndef HWCRYPTOHOOK_H
# define HWCRYPTOHOOK_H
# include <sys/types.h>
# include <stdio.h>
# ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
# define HWCRYPTOHOOK_DECLARE_APPTYPES 1
# endif
# define HWCRYPTOHOOK_ERROR_FAILED -1
# define HWCRYPTOHOOK_ERROR_FALLBACK -2
# define HWCRYPTOHOOK_ERROR_MPISIZE -3
# if HWCRYPTOHOOK_DECLARE_APPTYPES
/*-
* These structs are defined by the application and opaque to the
* crypto plugin. The application may define these as it sees fit.
* Default declarations are provided here, but the application may
* #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
* to prevent these declarations, and instead provide its own
* declarations of these types. (Pointers to them must still be
* ordinary pointers to structs or unions, or the resulting combined
* program will have a type inconsistency.)
*/
typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
typedef struct HWCryptoHook_PassphraseContextValue
HWCryptoHook_PassphraseContext;
typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
# endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
/*-
* These next two structs are opaque to the application. The crypto
* plugin will return pointers to them; the caller simply manipulates
* the pointers.
*/
typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
typedef struct {
char *buf;
size_t size;
} HWCryptoHook_ErrMsgBuf;
/*-
* Used for error reporting. When a HWCryptoHook function fails it
* will return a sentinel value (0 for pointer-valued functions, or a
* negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
* integer-valued ones). It will, if an ErrMsgBuf is passed, also put
* an error message there.
*
* size is the size of the buffer, and will not be modified. If you
* pass 0 for size you must pass 0 for buf, and nothing will be
* recorded (just as if you passed 0 for the struct pointer).
* Messages written to the buffer will always be null-terminated, even
* when truncated to fit within size bytes.
*
* The contents of the buffer are not defined if there is no error.
*/
typedef struct HWCryptoHook_MPIStruct {
unsigned char *buf;
size_t size;
} HWCryptoHook_MPI;
/*-
* When one of these is returned, a pointer is passed to the function.
* At call, size is the space available. Afterwards it is updated to
* be set to the actual length (which may be more than the space available,
* if there was not enough room and the result was truncated).
* buf (the pointer) is not updated.
*
* size is in bytes and may be zero at call or return, but must be a
* multiple of the limb size. Zero limbs at the MS end are not
* permitted.
*/
# define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL
# define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL
/*-
* Enable requesting fallback to software in case of problems with the
* hardware support. This indicates to the crypto provider that the
* application is prepared to fall back to software operation if the
* ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
* Without this flag those calls will never return
* HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto
* provider to avoid repeatedly attempting to contact dead hardware
* within a short interval, if appropriate.
*/
# define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL
/*-
* Without _SimpleForkCheck the library is allowed to assume that the
* application will not fork and call the library in the child(ren).
*
* When it is specified, this is allowed. However, after a fork
* neither parent nor child may unload any loaded keys or call
* _Finish. Instead, they should call exit (or die with a signal)
* without calling _Finish. After all the children have died the
* parent may unload keys or call _Finish.
*
* This flag only has any effect on UN*X platforms.
*/
typedef struct {
unsigned long flags;
void *logstream; /* usually a FILE*. See below. */
size_t limbsize; /* bignum format - size of radix type, must
* be power of 2 */
int mslimbfirst; /* 0 or 1 */
int msbytefirst; /* 0 or 1; -1 = native */
/*-
* All the callback functions should return 0 on success, or a
* nonzero integer (whose value will be visible in the error message
* put in the buffer passed to the call).
*
* If a callback is not available pass a null function pointer.
*
* The callbacks may not call down again into the crypto plugin.
*/
/*-
* For thread-safety. Set everything to 0 if you promise only to be
* singlethreaded. maxsimultaneous is the number of calls to
* ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
* put there then say 0 and the hook library will use a default.
*
* maxmutexes is a small limit on the number of simultaneous mutexes
* which will be requested by the library. If there is no small
* limit, set it to 0. If the crypto plugin cannot create the
* advertised number of mutexes the calls to its functions may fail.
* If a low number of mutexes is advertised the plugin will try to
* do the best it can. Making larger numbers of mutexes available
* may improve performance and parallelism by reducing contention
* over critical sections. Unavailability of any mutexes, implying
* single-threaded operation, should be indicated by the setting
* mutex_init et al to 0.
*/
int maxmutexes;
int maxsimultaneous;
size_t mutexsize;
int (*mutex_init) (HWCryptoHook_Mutex *,
HWCryptoHook_CallerContext * cactx);
int (*mutex_acquire) (HWCryptoHook_Mutex *);
void (*mutex_release) (HWCryptoHook_Mutex *);
void (*mutex_destroy) (HWCryptoHook_Mutex *);
/*-
* For greater efficiency, can use condition vars internally for
* synchronisation. In this case maxsimultaneous is ignored, but
* the other mutex stuff must be available. In singlethreaded
* programs, set everything to 0.
*/
size_t condvarsize;
int (*condvar_init) (HWCryptoHook_CondVar *,
HWCryptoHook_CallerContext * cactx);
int (*condvar_wait) (HWCryptoHook_CondVar *, HWCryptoHook_Mutex *);
void (*condvar_signal) (HWCryptoHook_CondVar *);
void (*condvar_broadcast) (HWCryptoHook_CondVar *);
void (*condvar_destroy) (HWCryptoHook_CondVar *);
/*-
* The semantics of acquiring and releasing mutexes and broadcasting
* and waiting on condition variables are expected to be those from
* POSIX threads (pthreads). The mutexes may be (in pthread-speak)
* fast mutexes, recursive mutexes, or nonrecursive ones.
*
* The _release/_signal/_broadcast and _destroy functions must
* always succeed when given a valid argument; if they are given an
* invalid argument then the program (crypto plugin + application)
* has an internal error, and they should abort the program.
*/
int (*getpassphrase) (const char *prompt_info,
int *len_io, char *buf,
HWCryptoHook_PassphraseContext * ppctx,
HWCryptoHook_CallerContext * cactx);
/*-
* Passphrases and the prompt_info, if they contain high-bit-set
* characters, are UTF-8. The prompt_info may be a null pointer if
* no prompt information is available (it should not be an empty
* string). It will not contain text like `enter passphrase';
* instead it might say something like `Operator Card for John
* Smith' or `SmartCard in nFast Module #1, Slot #1'.
*
* buf points to a buffer in which to return the passphrase; on
* entry *len_io is the length of the buffer. It should be updated
* by the callback. The returned passphrase should not be
* null-terminated by the callback.
*/
int (*getphystoken) (const char *prompt_info,
const char *wrong_info,
HWCryptoHook_PassphraseContext * ppctx,
HWCryptoHook_CallerContext * cactx);
/*-
* Requests that the human user physically insert a different
* smartcard, DataKey, etc. The plugin should check whether the
* currently inserted token(s) are appropriate, and if they are it
* should not make this call.
*
* prompt_info is as before. wrong_info is a description of the
* currently inserted token(s) so that the user is told what
* something is. wrong_info, like prompt_info, may be null, but
* should not be an empty string. Its contents should be
* syntactically similar to that of prompt_info.
*/
/*-
* Note that a single LoadKey operation might cause several calls to
* getpassphrase and/or requestphystoken. If requestphystoken is
* not provided (ie, a null pointer is passed) then the plugin may
* not support loading keys for which authorisation by several cards
* is required. If getpassphrase is not provided then cards with
* passphrases may not be supported.
*
* getpassphrase and getphystoken do not need to check that the
* passphrase has been entered correctly or the correct token
* inserted; the crypto plugin will do that. If this is not the
* case then the crypto plugin is responsible for calling these
* routines again as appropriate until the correct token(s) and
* passphrase(s) are supplied as required, or until any retry limits
* implemented by the crypto plugin are reached.
*
* In either case, the application must allow the user to say `no'
* or `cancel' to indicate that they do not know the passphrase or
* have the appropriate token; this should cause the callback to
* return nonzero indicating error.
*/
void (*logmessage) (void *logstream, const char *message);
/*-
* A log message will be generated at least every time something goes
* wrong and an ErrMsgBuf is filled in (or would be if one was
* provided). Other diagnostic information may be written there too,
* including more detailed reasons for errors which are reported in an
* ErrMsgBuf.
*
* When a log message is generated, this callback is called. It
* should write a message to the relevant logging arrangements.
*
* The message string passed will be null-terminated and may be of arbitrary
* length. It will not be prefixed by the time and date, nor by the
* name of the library that is generating it - if this is required,
* the logmessage callback must do it. The message will not have a
* trailing newline (though it may contain internal newlines).
*
* If a null pointer is passed for logmessage a default function is
* used. The default function treats logstream as a FILE* which has
* been converted to a void*. If logstream is 0 it does nothing.
* Otherwise it prepends the date and time and library name and
* writes the message to logstream. Each line will be prefixed by a
* descriptive string containing the date, time and identity of the
* crypto plugin. Errors on the logstream are not reported
* anywhere, and the default function doesn't flush the stream, so
* the application must set the buffering how it wants it.
*
* The crypto plugin may also provide a facility to have copies of
* log messages sent elsewhere, and or for adjusting the verbosity
* of the log messages; any such facilities will be configured by
* external means.
*/
} HWCryptoHook_InitInfo;
typedef
HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *
initinfo, size_t initinfosize,
const HWCryptoHook_ErrMsgBuf *
errors,
HWCryptoHook_CallerContext *
cactx);
extern HWCryptoHook_Init_t HWCryptoHook_Init;
/*-
* Caller should set initinfosize to the size of the HWCryptoHook struct,
* so it can be extended later.
*
* On success, a message for display or logging by the server,
* including the name and version number of the plugin, will be filled
* in into *errors; on failure *errors is used for error handling, as
* usual.
*/
/*-
* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
* on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
* the output MPI buffer(s) was too small; the sizes of all have been
* set to the desired size (and for those where the buffer was large
* enough, the value may have been copied in), and no error message
* has been recorded.
*
* You may pass 0 for the errors struct. In any case, unless you set
* _NoStderr at init time then messages may be reported to stderr.
*/
/*-
* The RSAImmed* functions (and key managed RSA) only work with
* modules which have an RSA patent licence - currently that means KM
* units; the ModExp* ones work with all modules, so you need a patent
* licence in the software in the US. They are otherwise identical.
*/
typedef
void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
/* You must not have any calls going or keys loaded when you call this. */
typedef
int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
unsigned char *buf, size_t len,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
typedef
int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI a,
HWCryptoHook_MPI p,
HWCryptoHook_MPI n,
HWCryptoHook_MPI * r,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
typedef
int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI m,
HWCryptoHook_MPI e,
HWCryptoHook_MPI n,
HWCryptoHook_MPI * r,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
typedef
int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI a,
HWCryptoHook_MPI p,
HWCryptoHook_MPI q,
HWCryptoHook_MPI dmp1,
HWCryptoHook_MPI dmq1,
HWCryptoHook_MPI iqmp,
HWCryptoHook_MPI * r,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
typedef
int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI m,
HWCryptoHook_MPI p,
HWCryptoHook_MPI q,
HWCryptoHook_MPI dmp1,
HWCryptoHook_MPI dmq1,
HWCryptoHook_MPI iqmp,
HWCryptoHook_MPI * r,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
/*-
* The RSAImmed* and ModExp* functions may return E_FAILED or
* E_FALLBACK for failure.
*
* E_FAILED means the failure is permanent and definite and there
* should be no attempt to fall back to software. (Eg, for some
* applications, which support only the acceleration-only
* functions, the `key material' may actually be an encoded key
* identifier, and doing the operation in software would give wrong
* answers.)
*
* E_FALLBACK means that doing the computation in software would seem
* reasonable. If an application pays attention to this and is
* able to fall back, it should also set the Fallback init flags.
*/
typedef
int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
const char *key_ident,
HWCryptoHook_RSAKeyHandle * keyhandle_r,
const HWCryptoHook_ErrMsgBuf * errors,
HWCryptoHook_PassphraseContext * ppctx);
extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
/*-
* The key_ident is a null-terminated string configured by the
* user via the application's usual configuration mechanisms.
* It is provided to the user by the crypto provider's key management
* system. The user must be able to enter at least any string of between
* 1 and 1023 characters inclusive, consisting of printable 7-bit
* ASCII characters. The provider should avoid using
* any characters except alphanumerics and the punctuation
* characters _ - + . / @ ~ (the user is expected to be able
* to enter these without quoting). The string may be case-sensitive.
* The application may allow the user to enter other NULL-terminated strings,
* and the provider must cope (returning an error if the string is not
* valid).
*
* If the key does not exist, no error is recorded and 0 is returned;
* keyhandle_r will be set to 0 instead of to a key handle.
*/
typedef
int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
HWCryptoHook_MPI * n,
HWCryptoHook_MPI * e,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
/*-
* The crypto plugin will not store certificates.
*
* Although this function for acquiring the public key value is
* provided, it is not the purpose of this API to deal fully with the
* handling of the public key.
*
* It is expected that the crypto supplier's key generation program
* will provide general facilities for producing X.509
* self-certificates and certificate requests in PEM format. These
* will be given to the user so that they can configure them in the
* application, send them to CAs, or whatever.
*
* In case this kind of certificate handling is not appropriate, the
* crypto supplier's key generation program should be able to be
* configured not to generate such a self-certificate or certificate
* request. Then the application will need to do all of this, and
* will need to store and handle the public key and certificates
* itself.
*/
typedef
int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
/* Might fail due to locking problems, or other serious internal problems. */
typedef
int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
HWCryptoHook_RSAKeyHandle k,
HWCryptoHook_MPI * r,
const HWCryptoHook_ErrMsgBuf * errors);
extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
/* RSA private key operation (sign or decrypt) - raw, unpadded. */
#endif /* HWCRYPTOHOOK_H */

11
test/certs/mkcert.sh
View File

@ -1,13 +1,18 @@
#! /bin/bash
#
# Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2016 Viktor Dukhovni <openssl-users@dukhovni.org>.
# All rights reserved.
#
# Contributed to the OpenSSL project under the terms of the OpenSSL license
# included with the version of the OpenSSL software that includes this module.
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# This file is dual-licensed and is also available under other terms.
# Please contact the author.
# 100 years should be enough for now
#
if [ -z "$DAYS" ]; then
DAYS=36525
fi

57
test/ossl_shim/include/openssl/base.h
View File

@ -1,54 +1,11 @@
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
/*
* Copyright 1998-2001 The OpenSSL Project Authors. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com). */
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_HEADER_BASE_H
#define OPENSSL_HEADER_BASE_H