Index: secure/lib/libcrypto/Makefile =================================================================== --- secure/lib/libcrypto/Makefile +++ secure/lib/libcrypto/Makefile @@ -1,12 +1,11 @@ # $FreeBSD$ SHLIBDIR?= /lib -SUBDIR= engines .include LIB= crypto -SHLIB_MAJOR= 8 +SHLIB_MAJOR= 10 NO_LINT= @@ -20,10 +19,11 @@ .endif # base sources -SRCS= cpt_err.c cryptlib.c cversion.c ex_data.c mem.c mem_dbg.c o_dir.c \ - o_fips.c o_init.c o_str.c o_time.c uid.c +SRCS= cpt_err.c cryptlib.c cversion.c ebcdic.c ex_data.c init.c mem.c \ + mem_dbg.c mem_sec.c o_dir.c o_fips.c o_fopen.c o_init.c o_str.c \ + o_time.c threads_none.c threads_pthread.c threads_win.c uid.c .if defined(ASM_aarch64) -SRCS+= arm64cpuid.S armcap.c mem_clr.c +SRCS+= arm64cpuid.S armcap.c mem_clr.c vpaes-armv8.S ACFLAGS.arm64cpuid.S= -march=armv8-a+crypto .elif defined(ASM_amd64) SRCS+= x86_64cpuid.S @@ -34,18 +34,18 @@ .else SRCS+= mem_clr.c .endif -INCS+= crypto.h ebcdic.h opensslv.h ossl_typ.h symhacks.h ../e_os2.h +INCS+= crypto.h ebcdic.h opensslv.h ossl_typ.h symhacks.h e_os2.h # aes -SRCS+= aes_cfb.c aes_ctr.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c +SRCS+= aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c .if defined(ASM_aarch64) -SRCS+= aes_cbc.c aes_core.c aesv8-armx.S +SRCS+= aes_cbc.c aes_core.c aesv8-armx.S vpaes-armv8.S ACFLAGS.aesv8-armx.S= -march=armv8-a+crypto .elif defined(ASM_amd64) SRCS+= aes-x86_64.S aesni-mb-x86_64.S aesni-sha1-x86_64.S \ aesni-sha256-x86_64.S aesni-x86_64.S bsaes-x86_64.S vpaes-x86_64.S .elif defined(ASM_arm) -SRCS+= aes-armv4.S aes_cbc.c aesv8-armx.S bsaes-armv7.S +SRCS+= aes-armv4.S aes_cbc.c bsaes-armv7.S .elif defined(ASM_i386) SRCS+= aes-586.S aesni-x86.S vpaes-x86.S .else @@ -54,45 +54,50 @@ INCS+= aes.h # asn1 -SRCS+= a_bitstr.c a_bool.c a_bytes.c a_d2i_fp.c a_digest.c a_dup.c a_enum.c \ - a_gentm.c a_i2d_fp.c a_int.c a_mbstr.c a_object.c a_octet.c a_print.c \ - a_set.c a_sign.c a_strex.c a_strnid.c a_time.c a_type.c a_utctm.c \ - a_utf8.c a_verify.c ameth_lib.c asn1_err.c asn1_gen.c asn1_lib.c \ - asn1_par.c asn_mime.c asn_moid.c asn_pack.c bio_asn1.c bio_ndef.c \ - d2i_pr.c d2i_pu.c evp_asn1.c f_enum.c f_int.c f_string.c i2d_pr.c \ - i2d_pu.c n_pkey.c nsseq.c p5_pbe.c p5_pbev2.c p8_pkey.c t_bitst.c \ - t_crl.c t_pkey.c t_req.c t_spki.c t_x509.c t_x509a.c tasn_dec.c \ - tasn_enc.c tasn_fre.c tasn_new.c tasn_prn.c tasn_typ.c tasn_utl.c \ - x_algor.c x_attrib.c x_bignum.c x_crl.c x_exten.c x_info.c x_long.c \ - x_name.c x_nx509.c x_pkey.c x_pubkey.c x_req.c x_sig.c x_spki.c \ - x_val.c x_x509.c x_x509a.c +SRCS+= a_bitstr.c a_d2i_fp.c a_digest.c a_dup.c a_gentm.c a_i2d_fp.c a_int.c \ + a_mbstr.c a_object.c a_octet.c a_print.c a_sign.c a_strex.c \ + a_strnid.c a_time.c a_type.c a_utctm.c a_utf8.c a_verify.c \ + ameth_lib.c asn1_err.c asn1_gen.c asn1_lib.c asn1_par.c asn_mime.c \ + asn_moid.c asn_mstbl.c asn_pack.c bio_asn1.c bio_ndef.c d2i_pr.c \ + d2i_pu.c evp_asn1.c f_int.c f_string.c i2d_pr.c i2d_pu.c n_pkey.c \ + nsseq.c p5_pbe.c p5_pbev2.c p5_scrypt.c p8_pkey.c t_bitst.c t_pkey.c \ + t_spki.c tasn_dec.c tasn_enc.c tasn_fre.c tasn_new.c tasn_prn.c \ + tasn_scn.c tasn_typ.c tasn_utl.c x_algor.c x_bignum.c x_info.c \ + x_int64.c x_long.c x_pkey.c x_sig.c x_spki.c x_val.c INCS+= asn1.h asn1_mac.h asn1t.h +# async +SRCS+= async_null.c async_posix.c async.c async_err.c async_wait.c +INCS+= async.h + # bf SRCS+= bf_cfb64.c bf_ecb.c bf_ofb64.c bf_skey.c .if defined(ASM_i386) -.if ${MACHINE_CPU:Mi686} -SRCS+= bf-686.S -.else SRCS+= bf-586.S -.endif .else SRCS+= bf_enc.c .endif INCS+= blowfish.h # bio -SRCS+= b_dump.c b_print.c b_sock.c bf_buff.c bf_nbio.c bf_null.c bio_cb.c \ - bio_err.c bio_lib.c bss_acpt.c bss_bio.c bss_conn.c bss_dgram.c \ - bss_fd.c bss_file.c bss_log.c bss_mem.c bss_null.c bss_sock.c +SRCS+= b_addr.c b_dump.c b_print.c b_sock.c b_sock2.c bf_buff.c bf_lbuf.c \ + bf_nbio.c bf_null.c bio_cb.c bio_err.c bio_lib.c bio_meth.c \ + bss_acpt.c bss_bio.c bss_conn.c bss_dgram.c bss_fd.c bss_file.c \ + bss_log.c bss_mem.c bss_null.c bss_sock.c INCS+= bio.h +# blake2 +SRCS+= blake2b.c blake2s.c m_blake2b.c m_blake2s.c + # bn -SRCS+= bn_add.c bn_blind.c bn_const.c bn_ctx.c bn_depr.c bn_div.c bn_err.c \ - bn_exp.c bn_exp2.c bn_gcd.c bn_gf2m.c bn_kron.c bn_lib.c bn_mod.c \ - bn_mont.c bn_mpi.c bn_mul.c bn_nist.c bn_prime.c bn_print.c bn_rand.c \ - bn_recp.c bn_shift.c bn_sqr.c bn_sqrt.c bn_word.c bn_x931p.c -.if defined(ASM_amd64) +SRCS+= bn_add.c bn_blind.c bn_const.c bn_ctx.c bn_depr.c bn_dh.c bn_div.c \ + bn_err.c bn_exp.c bn_exp2.c bn_gcd.c bn_gf2m.c bn_intern.c bn_kron.c \ + bn_lib.c bn_mod.c bn_mont.c bn_mpi.c bn_mul.c bn_nist.c bn_prime.c \ + bn_print.c bn_rand.c bn_recp.c bn_shift.c bn_sqr.c bn_sqrt.c bn_srp.c \ + bn_word.c bn_x931p.c +.if defined(ASM_aarch64) +SRCS+= armv8-mont.S +.elif defined(ASM_amd64) SRCS+= rsaz-avx2.S rsaz-x86_64.S rsaz_exp.c x86_64-gcc.c x86_64-gf2m.S \ x86_64-mont.S x86_64-mont5.S .elif defined(ASM_arm) @@ -105,11 +110,11 @@ INCS+= bn.h # buffer -SRCS+= buf_err.c buf_str.c buffer.c +SRCS+= buf_err.c buffer.c INCS+= buffer.h # camellia -SRCS+= cmll_cfb.c cmll_ctr.c cmll_ecb.c cmll_ofb.c cmll_utl.c +SRCS+= cmll_cfb.c cmll_ctr.c cmll_ecb.c cmll_ofb.c .if defined(ASM_amd64) SRCS+= cmll_misc.c cmll-x86_64.S .elif defined(ASM_i386) @@ -120,21 +125,33 @@ INCS+= camellia.h # cast -SRCS+= c_cfb64.c c_ecb.c c_enc.c c_ofb64.c c_skey.c +SRCS+= c_cfb64.c c_ecb.c c_ofb64.c c_skey.c INCS+= cast.h +# chacha +INCS+= chacha.h +.if defined(aarch64) +SRCS+= chacha-armv8.S +.elif defined(ASM_amd64) +SRCS+= chacha-x86_64.S +.elif defined(ASM_arm) +SRCS+= chacha-armv4.S +.elif defined(ASM_i386) +SRCS+= chacha-x86.s +.endif + # cmac SRCS+= cm_ameth.c cm_pmeth.c cmac.c INCS+= cmac.h # cms -SRCS+= cms_asn1.c cms_att.c cms_dd.c cms_enc.c cms_env.c cms_err.c \ +SRCS+= cms_asn1.c cms_att.c cms_cd.c cms_dd.c cms_enc.c cms_env.c cms_err.c \ cms_ess.c cms_io.c cms_kari.c cms_lib.c cms_pwri.c cms_sd.c \ cms_smime.c INCS+= cms.h # comp -SRCS+= c_rle.c c_zlib.c comp_err.c comp_lib.c +SRCS+= c_zlib.c comp_err.c comp_lib.c INCS+= comp.h # conf @@ -142,55 +159,59 @@ conf_sap.c INCS+= conf.h conf_api.h +# ct +SRCS+= ct_b64.c ct_err.c ct_log.c ct_oct.c ct_policy.c ct_prn.c ct_sct.c \ + ct_sct_ctx.c ct_vfy.c ct_x509v3.c + # des -SRCS+= cbc_cksm.c cbc_enc.c cfb64ede.c cfb64enc.c cfb_enc.c des_old.c \ - des_old2.c ecb3_enc.c ecb_enc.c ede_cbcm_enc.c enc_read.c enc_writ.c \ - fcrypt.c ofb64ede.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c \ - rand_key.c read2pwd.c rpc_enc.c set_key.c str2key.c xcbc_enc.c +SRCS+= cbc_cksm.c cbc_enc.c cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \ + ecb_enc.c fcrypt.c ofb64ede.c ofb64enc.c ofb_enc.c pcbc_enc.c \ + qud_cksm.c rand_key.c rpc_enc.c set_key.c str2key.c xcbc_enc.c .if defined(ASM_i386) SRCS+= crypt586.S des-586.S .else SRCS+= des_enc.c fcrypt_b.c .endif -INCS+= des.h des_old.h +INCS+= des.h # dh SRCS+= dh_ameth.c dh_asn1.c dh_check.c dh_depr.c dh_err.c dh_gen.c dh_kdf.c \ - dh_key.c dh_lib.c dh_pmeth.c dh_prn.c dh_rfc5114.c + dh_key.c dh_lib.c dh_meth.c dh_pmeth.c dh_prn.c dh_rfc5114.c INCS+= dh.h # dsa SRCS+= dsa_ameth.c dsa_asn1.c dsa_depr.c dsa_err.c dsa_gen.c dsa_key.c \ - dsa_lib.c dsa_ossl.c dsa_pmeth.c dsa_prn.c dsa_sign.c dsa_vrf.c + dsa_lib.c dsa_meth.c dsa_ossl.c dsa_pmeth.c dsa_prn.c dsa_sign.c \ + dsa_vrf.c INCS+= dsa.h # dso -SRCS+= dso_dlfcn.c dso_err.c dso_lib.c dso_openssl.c +SRCS+= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_openssl.c INCS+= dso.h # ec -SRCS+= ec2_mult.c ec2_oct.c ec2_smpl.c ec_ameth.c ec_asn1.c ec_check.c \ - ec_curve.c ec_cvt.c ec_err.c ec_key.c ec_lib.c ec_mult.c ec_oct.c \ - ec_pmeth.c ec_print.c eck_prn.c ecp_mont.c ecp_nist.c ecp_oct.c \ - ecp_smpl.c +SRCS+= curve25519.c ec2_mult.c ec2_oct.c ec2_smpl.c ec_ameth.c ec_asn1.c \ + ec_check.c ec_curve.c ec_cvt.c ec_err.c ec_key.c ec_kmeth.c ec_lib.c \ + ec_mult.c ec_oct.c ec_pmeth.c ec_print.c ecdh_kdf.c ecdh_ossl.c \ + ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c eck_prn.c ecp_mont.c ecp_nist.c \ + ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \ + ecp_oct.c ecp_smpl.c ecx_meth.c .if defined(ASM_amd64) SRCS+= ecp_nistz256.c ecp_nistz256-x86_64.S .endif INCS+= ec.h # ecdh -SRCS+= ech_err.c ech_kdf.c ech_key.c ech_lib.c ech_ossl.c INCS+= ecdh.h # ecdsa -SRCS+= ecs_asn1.c ecs_err.c ecs_lib.c ecs_ossl.c ecs_sign.c ecs_vrf.c INCS+= ecdsa.h # engine SRCS+= eng_all.c eng_cnf.c eng_cryptodev.c eng_ctrl.c eng_dyn.c eng_err.c \ eng_fat.c eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c \ eng_rdrand.c eng_table.c tb_asnmth.c tb_cipher.c tb_dh.c tb_digest.c \ - tb_dsa.c tb_ecdh.c tb_ecdsa.c tb_pkmeth.c tb_rand.c tb_rsa.c tb_store.c + tb_dsa.c tb_eckey.c tb_pkmeth.c tb_rand.c tb_rsa.c INCS+= engine.h # err @@ -198,15 +219,15 @@ INCS+= err.h # evp -SRCS+= bio_b64.c bio_enc.c bio_md.c bio_ok.c c_all.c c_allc.c c_alld.c \ +SRCS+= bio_b64.c bio_enc.c bio_md.c bio_ok.c c_allc.c c_alld.c cmeth_lib.c \ digest.c e_aes.c e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_bf.c \ - e_camellia.c e_cast.c e_des.c e_des3.c e_idea.c e_null.c e_old.c \ - e_rc2.c e_rc4.c e_rc4_hmac_md5.c e_rc5.c e_seed.c e_xcbc_d.c encode.c \ - evp_acnf.c evp_cnf.c evp_enc.c evp_err.c evp_key.c evp_lib.c \ - evp_pbe.c evp_pkey.c m_dss.c m_dss1.c m_ecdsa.c m_md4.c m_md5.c \ - m_mdc2.c m_null.c m_ripemd.c m_sha.c m_sha1.c m_sigver.c m_wp.c \ - names.c p5_crpt.c p5_crpt2.c p_dec.c p_enc.c p_lib.c p_open.c \ - p_seal.c p_sign.c p_verify.c pmeth_fn.c pmeth_gn.c pmeth_lib.c + e_camellia.c e_cast.c e_chacha20_poly1305.c e_des.c e_des3.c e_idea.c \ + e_null.c e_old.c e_rc2.c e_rc4.c e_rc4_hmac_md5.c e_rc5.c e_seed.c \ + e_xcbc_d.c encode.c evp_cnf.c evp_enc.c evp_err.c evp_key.c evp_lib.c \ + evp_pbe.c evp_pkey.c m_md2.c m_md4.c m_md5.c m_md5_sha1.c m_mdc2.c \ + m_null.c m_ripemd.c m_sha1.c m_sigver.c m_wp.c names.c p5_crpt.c \ + p5_crpt2.c p_dec.c p_enc.c p_lib.c p_open.c p_seal.c p_sign.c \ + p_verify.c pmeth_fn.c pmeth_gn.c pmeth_lib.c scrypt.c INCS+= evp.h # hmac @@ -217,8 +238,9 @@ SRCS+= i_cbc.c i_cfb64.c i_ecb.c i_ofb64.c i_skey.c INCS+= idea.h -# krb5 -INCS+= krb5_asn.h +# kdf +SRCS+= hkdf.c kdf_err.c tls1_prf.c +INCS+= kdf.h # lhash SRCS+= lh_stats.c lhash.c @@ -242,8 +264,8 @@ INCS+= mdc2.h # modes -SRCS+= cbc128.c ccm128.c cfb128.c ctr128.c cts128.c gcm128.c ofb128.c \ - wrap128.c xts128.c +SRCS+= cbc128.c ccm128.c cfb128.c ctr128.c cts128.c gcm128.c ocb128.c \ + ofb128.c wrap128.c xts128.c .if defined(ASM_aarch64) SRCS+= ghashv8-armx.S ACFLAGS.ghashv8-armx.S= -march=armv8-a+crypto @@ -262,18 +284,18 @@ # ocsp SRCS+= ocsp_asn.c ocsp_cl.c ocsp_err.c ocsp_ext.c ocsp_ht.c ocsp_lib.c \ - ocsp_prn.c ocsp_srv.c ocsp_vfy.c + ocsp_prn.c ocsp_srv.c ocsp_vfy.c v3_ocsp.c INCS+= ocsp.h # pem SRCS+= pem_all.c pem_err.c pem_info.c pem_lib.c pem_oth.c pem_pk8.c \ - pem_pkey.c pem_seal.c pem_sign.c pem_x509.c pem_xaux.c pvkfmt.c + pem_pkey.c pem_sign.c pem_x509.c pem_xaux.c pvkfmt.c INCS+= pem.h pem2.h # pkcs12 SRCS+= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \ p12_init.c p12_key.c p12_kiss.c p12_mutl.c p12_npas.c p12_p8d.c \ - p12_p8e.c p12_utl.c pk12err.c + p12_p8e.c p12_sbag.c p12_utl.c pk12err.c INCS+= pkcs12.h # pkcs7 @@ -281,9 +303,9 @@ pk7_smime.c pkcs7err.c INCS+= pkcs7.h -# pqueue -SRCS+= pqueue.c -INCS+= pqueue.h +# poly1305 +SRCS+= poly1305.c +INCS+= poly1305.h # rand SRCS+= md_rand.c rand_egd.c rand_err.c rand_lib.c rand_unix.c randfile.c @@ -294,7 +316,6 @@ INCS+= rc2.h # rc4 -SRCS+= rc4_utl.c .if defined(ASM_amd64) SRCS+= rc4-md5-x86_64.S rc4-x86_64.S .elif defined(ASM_i386) @@ -305,13 +326,13 @@ INCS+= rc4.h # rc5 -SRCS+= rc5_ecb.c rc5_skey.c rc5cfb64.c rc5ofb64.c -.if defined(ASM_i386) -SRCS+= rc5-586.S -.else -SRCS+= rc5_enc.c -.endif -INCS+= rc5.h +#SRCS+= rc5_ecb.c rc5_skey.c rc5cfb64.c rc5ofb64.c +#.if defined(ASM_i386) +#SRCS+= rc5-586.S +#.else +#SRCS+= rc5_enc.c +#.endif +#INCS+= rc5.h # ripemd SRCS+= rmd_dgst.c rmd_one.c @@ -321,10 +342,10 @@ INCS+= ripemd.h # rsa -SRCS+= rsa_ameth.c rsa_asn1.c rsa_chk.c rsa_crpt.c rsa_depr.c rsa_eay.c \ - rsa_err.c rsa_gen.c rsa_lib.c rsa_none.c rsa_null.c rsa_oaep.c \ - rsa_pk1.c rsa_pmeth.c rsa_prn.c rsa_pss.c rsa_saos.c rsa_sign.c \ - rsa_ssl.c rsa_x931.c +SRCS+= rsa_ameth.c rsa_asn1.c rsa_chk.c rsa_crpt.c rsa_depr.c rsa_err.c \ + rsa_gen.c rsa_lib.c rsa_meth.c rsa_none.c rsa_null.c rsa_oaep.c \ + rsa_ossl.c rsa_pk1.c rsa_pmeth.c rsa_prn.c rsa_pss.c rsa_saos.c \ + rsa_sign.c rsa_ssl.c rsa_x931.c rsa_x931g.c INCS+= rsa.h # seed @@ -332,7 +353,7 @@ INCS+= seed.h # sha -SRCS+= sha1_one.c sha1dgst.c sha256.c sha512.c sha_dgst.c sha_one.c +SRCS+= sha1_one.c sha1dgst.c sha256.c sha512.c .if defined(ASM_aarch64) SRCS+= sha1-armv8.S sha256-armv8.S sha512-armv8.S .elif defined(ASM_amd64) @@ -364,8 +385,8 @@ INCS+= txt_db.h # ui -SRCS+= ui_compat.c ui_err.c ui_lib.c ui_openssl.c ui_util.c -INCS+= ui.h ui_compat.h +SRCS+= ui_err.c ui_lib.c ui_openssl.c ui_util.c +INCS+= ui.h # whrlpool SRCS+= wp_dgst.c @@ -379,19 +400,21 @@ INCS+= whrlpool.h # x509 -SRCS+= by_dir.c by_file.c x509_att.c x509_cmp.c x509_d2.c x509_def.c \ - x509_err.c x509_ext.c x509_lu.c x509_obj.c x509_r2x.c x509_req.c \ - x509_set.c x509_trs.c x509_txt.c x509_v3.c x509_vfy.c x509_vpm.c \ - x509cset.c x509name.c x509rset.c x509spki.c x509type.c x_all.c +SRCS+= by_dir.c by_file.c t_crl.c t_req.c t_x509.c x509_att.c x509_cmp.c \ + x509_d2.c x509_def.c x509_err.c x509_ext.c x509_lu.c x509_obj.c \ + x509_r2x.c x509_req.c x509_set.c x509_trs.c x509_txt.c x509_v3.c \ + x509_vfy.c x509_vpm.c x509cset.c x509name.c x509rset.c x509spki.c \ + x509type.c x_all.c x_attrib.c x_crl.c x_exten.c x_name.c x_pubkey.c \ + x_req.c x_x509.c x_x509a.c INCS+= x509.h x509_vfy.h # x509v3 SRCS+= pcy_cache.c pcy_data.c pcy_lib.c pcy_map.c pcy_node.c pcy_tree.c \ v3_addr.c v3_akey.c v3_akeya.c v3_alt.c v3_asid.c v3_bcons.c \ v3_bitst.c v3_conf.c v3_cpols.c v3_crld.c v3_enum.c v3_extku.c \ - v3_genn.c v3_ia5.c v3_info.c v3_int.c v3_lib.c v3_ncons.c v3_ocsp.c \ - v3_pci.c v3_pcia.c v3_pcons.c v3_pku.c v3_pmaps.c v3_prn.c v3_purp.c \ - v3_scts.c v3_skey.c v3_sxnet.c v3_utl.c v3err.c + v3_genn.c v3_ia5.c v3_info.c v3_int.c v3_lib.c v3_ncons.c v3_pci.c \ + v3_pcia.c v3_pcons.c v3_pku.c v3_pmaps.c v3_prn.c v3_purp.c v3_skey.c \ + v3_sxnet.c v3_tlsf.c v3_utl.c v3err.c INCS+= x509v3.h SRCS+= buildinf.h @@ -401,8 +424,9 @@ CSTD= gnu89 CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${LCRYPTO_SRC}/crypto -CFLAGS+= -I${LCRYPTO_SRC}/crypto/asn1 +CFLAGS+= -I${LCRYPTO_SRC}/include/openssl +CFLAGS+= -I${LCRYPTO_SRC}/include +CFLAGS+= -I${LCRYPTO_SRC}/crypto/include CFLAGS+= -I${LCRYPTO_SRC}/crypto/evp CFLAGS+= -I${LCRYPTO_SRC}/crypto/modes @@ -436,19 +460,27 @@ .endif .endif -.PATH: ${LCRYPTO_SRC}/crypto \ +.PATH: ${LCRYPTO_SRC}/include/openssl \ + ${LCRYPTO_SRC}/include/internal \ + ${LCRYPTO_SRC}/crypto/include/internal \ + ${LCRYPTO_SRC}/crypto \ ${LCRYPTO_SRC}/crypto/aes \ ${LCRYPTO_SRC}/crypto/asn1 \ + ${LCRYPTO_SRC}/crypto/async \ + ${LCRYPTO_SRC}/crypto/async/arch \ ${LCRYPTO_SRC}/crypto/bf \ ${LCRYPTO_SRC}/crypto/bio \ + ${LCRYPTO_SRC}/crypto/blake2 \ ${LCRYPTO_SRC}/crypto/bn \ ${LCRYPTO_SRC}/crypto/buffer \ ${LCRYPTO_SRC}/crypto/camellia \ ${LCRYPTO_SRC}/crypto/cast \ + ${LCRYPTO_SRC}/crypto/chacha \ ${LCRYPTO_SRC}/crypto/cmac \ ${LCRYPTO_SRC}/crypto/cms \ ${LCRYPTO_SRC}/crypto/comp \ ${LCRYPTO_SRC}/crypto/conf \ + ${LCRYPTO_SRC}/crypto/ct \ ${LCRYPTO_SRC}/crypto/des \ ${LCRYPTO_SRC}/crypto/dh \ ${LCRYPTO_SRC}/crypto/dsa \ @@ -461,7 +493,7 @@ ${LCRYPTO_SRC}/crypto/evp \ ${LCRYPTO_SRC}/crypto/hmac \ ${LCRYPTO_SRC}/crypto/idea \ - ${LCRYPTO_SRC}/crypto/krb5 \ + ${LCRYPTO_SRC}/crypto/kdf \ ${LCRYPTO_SRC}/crypto/lhash \ ${LCRYPTO_SRC}/crypto/md4 \ ${LCRYPTO_SRC}/crypto/md5 \ @@ -472,6 +504,7 @@ ${LCRYPTO_SRC}/crypto/pem \ ${LCRYPTO_SRC}/crypto/pkcs12 \ ${LCRYPTO_SRC}/crypto/pkcs7 \ + ${LCRYPTO_SRC}/crypto/poly1305 \ ${LCRYPTO_SRC}/crypto/pqueue \ ${LCRYPTO_SRC}/crypto/rand \ ${LCRYPTO_SRC}/crypto/rc2 \ Index: secure/lib/libcrypto/Makefile.asm =================================================================== --- secure/lib/libcrypto/Makefile.asm +++ secure/lib/libcrypto/Makefile.asm @@ -10,20 +10,39 @@ .PATH: ${LCRYPTO_SRC}/crypto \ ${LCRYPTO_SRC}/crypto/aes/asm \ + ${LCRYPTO_SRC}/crypto/bn/asm \ + ${LCRYPTO_SRC}/crypto/chacha/asm \ + ${LCRYPTO_SRC}/crypto/ec/asm \ ${LCRYPTO_SRC}/crypto/modes/asm \ + ${LCRYPTO_SRC}/crypto/poly1305 \ ${LCRYPTO_SRC}/crypto/sha/asm PERLPATH= -I${LCRYPTO_SRC}/crypto/perlasm # aes -SRCS= aesv8-armx.pl +SRCS= aesv8-armx.pl vpaes-armv8.pl + +# bn +SRCS+= armv8-mont.pl + +# chacha +SRCS+= chacha-armv8.pl + +# ec +SRCS+= ecp_nistz256-armv8.pl # modes SRCS+= ghashv8-armx.pl +# poly1305 +SRCS+= poly1305-armv8.pl + # sha SRCS+= sha1-armv8.pl sha512-armv8.pl +# cpuuid +SRCS+= arm64cpuid.pl + ASM= ${SRCS:R:S/$/.S/} sha256-armv8.S all: ${ASM} @@ -49,9 +68,11 @@ ${LCRYPTO_SRC}/crypto/aes/asm \ ${LCRYPTO_SRC}/crypto/bn/asm \ ${LCRYPTO_SRC}/crypto/camellia/asm \ + ${LCRYPTO_SRC}/crypto/chacha/asm \ ${LCRYPTO_SRC}/crypto/ec/asm \ ${LCRYPTO_SRC}/crypto/md5/asm \ ${LCRYPTO_SRC}/crypto/modes/asm \ + ${LCRYPTO_SRC}/crypto/poly1305/asm \ ${LCRYPTO_SRC}/crypto/rc4/asm \ ${LCRYPTO_SRC}/crypto/sha/asm \ ${LCRYPTO_SRC}/crypto/whrlpool/asm @@ -68,6 +89,9 @@ # camellia SRCS+= cmll-x86_64.pl +# chacha +SRCS+= chacha-x86_64.pl + # ec SRCS+= ecp_nistz256-x86_64.pl @@ -77,11 +101,14 @@ # modes SRCS+= aesni-gcm-x86_64.pl ghash-x86_64.pl +# poly1305 +SRCS+= poly1305-x86_64.pl + # rc4 SRCS+= rc4-md5-x86_64.pl rc4-x86_64.pl # sha -SRCS+= sha1-mb-x86_64.pl sha1-x86_64.pl sha256-mb-x86_64.pl +SRCS+= sha1-mb-x86_64.pl sha1-x86_64.pl sha256-mb-x86_64.pl sha512-x86_64.pl # whrlpool SRCS+= wp-x86_64.pl @@ -120,23 +147,38 @@ .PATH: ${LCRYPTO_SRC}/crypto \ ${LCRYPTO_SRC}/crypto/aes/asm \ ${LCRYPTO_SRC}/crypto/bn/asm \ + ${LCRYPTO_SRC}/crypto/chacha/asm \ + ${LCRYPTO_SRC}/crypto/ec/asm \ ${LCRYPTO_SRC}/crypto/modes/asm \ + ${LCRYPTO_SRC}/crypto/poly1305/asm \ ${LCRYPTO_SRC}/crypto/sha/asm PERLPATH= -I${LCRYPTO_SRC}/crypto/perlasm # aes -SRCS= aesv8-armx.pl bsaes-armv7.pl +SRCS= aes-armv4.pl aesv8-armx.pl bsaes-armv7.pl aesv8-armx.pl # bn SRCS+= armv4-mont.pl armv4-gf2m.pl +# chacha +SRCS+= chacha-armv4.pl + +# ec +SRCS+= ecp_nistz256-armv4.pl + # modes SRCS+= ghash-armv4.pl ghashv8-armx.pl +# poly1305 +SRCS+= poly1305-armv4.pl + # sha SRCS+= sha1-armv4-large.pl sha256-armv4.pl sha512-armv4.pl +# cpuuid +SRCS+= armv4cpuid.pl + ASM= aes-armv4.S ${SRCS:R:S/$/.S/} all: ${ASM} @@ -162,9 +204,13 @@ ${LCRYPTO_SRC}/crypto/bf/asm \ ${LCRYPTO_SRC}/crypto/bn/asm \ ${LCRYPTO_SRC}/crypto/camellia/asm \ + ${LCRYPTO_SRC}/crypto/cast/asm \ + ${LCRYPTO_SRC}/crypto/chacha/asm \ ${LCRYPTO_SRC}/crypto/des/asm \ + ${LCRYPTO_SRC}/crypto/ec/asm \ ${LCRYPTO_SRC}/crypto/md5/asm \ ${LCRYPTO_SRC}/crypto/modes/asm \ + ${LCRYPTO_SRC}/crypto/poly1305/asm \ ${LCRYPTO_SRC}/crypto/rc4/asm \ ${LCRYPTO_SRC}/crypto/rc5/asm \ ${LCRYPTO_SRC}/crypto/ripemd/asm \ @@ -177,7 +223,7 @@ SRCS= aes-586.pl aesni-x86.pl vpaes-x86.pl # blowfish -SRCS+= bf-586.pl bf-686.pl +SRCS+= bf-586.pl # bn SRCS+= bn-586.pl co-586.pl x86-gf2m.pl x86-mont.pl @@ -185,15 +231,27 @@ # camellia SRCS+= cmll-x86.pl +# cast +SRCS+= cast-586.pl + +# chacha +SRCS+= chacha-x86.pl + # des SRCS+= crypt586.pl des-586.pl +# ec +SRCS+= ecp_nistz256-x86.pl + # md5 SRCS+= md5-586.pl # modes SRCS+= ghash-x86.pl +# poly1305 +SRCS+= poly1305-x86.pl + # rc4 SRCS+= rc4-586.pl Index: secure/lib/libcrypto/Makefile.inc =================================================================== --- secure/lib/libcrypto/Makefile.inc +++ secure/lib/libcrypto/Makefile.inc @@ -3,7 +3,7 @@ .include # OpenSSL version used for manual page generation -OPENSSL_VER= 1.0.2o +OPENSSL_VER= 1.1.0h OPENSSL_DATE= 2018-03-27 LCRYPTO_SRC= ${SRCTOP}/crypto/openssl @@ -12,6 +12,8 @@ CFLAGS+= -I${LCRYPTO_SRC} CFLAGS+= -DTERMIOS -DANSI_SOURCE CFLAGS+= -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H +CFLAGS+= -DOPENSSLDIR="\"/etc/ssl\"" +CFLAGS+= -DENGINESDIR="\"/usr/lib/engines\"" .include @@ -40,8 +42,10 @@ CFLAGS+=-DAES_ASM -DBSAES_ASM -DVPAES_ASM CFLAGS+=-DECP_NISTZ256_ASM CFLAGS+=-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -CFLAGS+=-DMD5_ASM CFLAGS+=-DGHASH_ASM +CFLAGS+=-DMD5_ASM +CFLAGS+=-DPOLY1305_ASM +CFLAGS+=-DRC4_ASM CFLAGS+=-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM CFLAGS+=-DWHIRLPOOL_ASM .elif defined(ASM_arm) @@ -106,7 +110,8 @@ test -f $$j || continue; \ fn=`basename $$j .pod`; \ if ! echo '${_skip}' | grep -qw "$$fn"; then \ - perl ${LCRYPTO_SRC}/util/extract-names.pl < $$j | \ + sed '/=head1 NAME/,/^=.*/! d;/^=.*/d;/^\s*$$/d' $$j | tr '\n' ' ' | \ + sed 's/ - .*$$//;s/,/ /g;s/ / /g' | tr ' ' '\n' | \ awk "/^$$fn\$$/ { next; } \ { print \"MLINKS+= $$fn.${_sec} \" \$$1 \".${_sec}\" }"; \ fi; \ Index: secure/lib/libssl/Makefile =================================================================== --- secure/lib/libssl/Makefile +++ secure/lib/libssl/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ LIB= ssl -SHLIB_MAJOR= 8 +SHLIB_MAJOR= 10 NO_LINT= @@ -10,22 +10,29 @@ .endif .include "../libcrypto/Makefile.inc" -SRCS= bio_ssl.c d1_both.c d1_clnt.c d1_lib.c d1_meth.c d1_pkt.c d1_srtp.c \ - d1_srvr.c s23_clnt.c s23_lib.c s23_meth.c s23_pkt.c s23_srvr.c \ - s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c s3_pkt.c \ - s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c ssl_conf.c \ - ssl_err.c ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c \ - ssl_txt.c t1_clnt.c t1_enc.c t1_ext.c t1_lib.c t1_meth.c t1_reneg.c \ - t1_srvr.c tls_srp.c +SRCS= bio_ssl.c d1_lib.c d1_msg.c d1_srtp.c methods.c pqueue.c s3_cbc.c \ + s3_enc.c s3_lib.c s3_msg.c ssl_asn1.c ssl_cert.c ssl_ciph.c \ + ssl_conf.c ssl_err.c ssl_init.c ssl_lib.c ssl_mcnf.c ssl_rsa.c \ + ssl_sess.c ssl_stat.c ssl_txt.c ssl_utst.c t1_enc.c t1_ext.c t1_lib.c \ + t1_reneg.c t1_trce.c +INCS= dtls1.h srtp.h ssl.h ssl2.h ssl3.h tls1.h + +# record +SRCS+= dtls1_bitmap.c rec_layer_d1.c rec_layer_s3.c ssl3_buffer.c ssl3_record.c + +# statem +SRCS+= statem.c statem_clnt.c statem_dtls.c statem_lib.c statem_srvr.c -INCS= dtls1.h kssl.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h INCSDIR=${INCLUDEDIR}/openssl LIBADD= crypto -CFLAGS+= -I${LCRYPTO_SRC}/crypto +CFLAGS+= -I${LCRYPTO_SRC}/include .include -.PATH: ${LCRYPTO_SRC}/ssl \ +.PATH: ${LCRYPTO_SRC}/include/openssl \ + ${LCRYPTO_SRC}/ssl \ + ${LCRYPTO_SRC}/ssl/record \ + ${LCRYPTO_SRC}/ssl/statem \ ${.CURDIR}/man Index: secure/usr.bin/openssl/Makefile =================================================================== --- secure/usr.bin/openssl/Makefile +++ secure/usr.bin/openssl/Makefile @@ -12,12 +12,12 @@ CFLAGS+= -DMONOLITH SRCS+= app_rand.c apps.c asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c \ - dgst.c dh.c dhparam.c dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c \ - errstr.c gendh.c gendsa.c genpkey.c genrsa.c nseq.c ocsp.c openssl.c \ - passwd.c pkcs12.c pkcs7.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \ - prime.c rand.c req.c rsa.c rsautl.c s_cb.c s_client.c s_server.c \ - s_socket.c s_time.c sess_id.c smime.c speed.c spkac.c srp.c ts.c \ - verify.c version.c x509.c + dgst.c dhparam.c dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c \ + errstr.c gendsa.c genpkey.c genrsa.c nseq.c ocsp.c opt.c passwd.c \ + pkcs12.c pkcs7.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c \ + rehash.c req.c rsa.c rsautl.c s_cb.c s_client.c s_server.c s_socket.c \ + s_time.c sess_id.c smime.c speed.c spkac.c srp.c ts.c verify.c \ + version.c x509.c .include