rpms/openssl/devel openssl-1.0.0-beta3-fips.patch,1.2,1.3
Tomáš Mráz
tmraz at fedoraproject.org
Thu Aug 20 15:08:22 UTC 2009
Author: tmraz
Update of /cvs/pkgs/rpms/openssl/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2149
Modified Files:
openssl-1.0.0-beta3-fips.patch
Log Message:
- fix camellia compilation with asm and fips
openssl-1.0.0-beta3-fips.patch:
Configure | 14
Makefile.org | 6
crypto/Makefile | 6
crypto/bf/bf_skey.c | 7
crypto/bf/blowfish.h | 4
crypto/bn/Makefile | 4
crypto/bn/bn.h | 11
crypto/bn/bn_x931p.c | 272 ++++++++++
crypto/camellia/Makefile | 4
crypto/camellia/asm/cmll-x86.pl | 7
crypto/camellia/camellia.h | 5
crypto/camellia/cmll_fblk.c | 68 ++
crypto/camellia/cmll_misc.c | 9
crypto/cast/c_skey.c | 7
crypto/cast/cast.h | 4
crypto/crypto.h | 57 ++
crypto/dh/dh.h | 5
crypto/dh/dh_err.c | 3
crypto/dh/dh_gen.c | 18
crypto/dh/dh_key.c | 21
crypto/dsa/dsa.h | 23
crypto/dsa/dsa_gen.c | 19
crypto/dsa/dsa_key.c | 48 +
crypto/dsa/dsa_ossl.c | 36 +
crypto/err/err_all.c | 6
crypto/evp/digest.c | 60 ++
crypto/evp/e_aes.c | 41 -
crypto/evp/e_camellia.c | 2
crypto/evp/e_des3.c | 24
crypto/evp/e_null.c | 2
crypto/evp/evp.h | 23
crypto/evp/evp_enc.c | 69 ++
crypto/evp/evp_err.c | 1
crypto/evp/evp_lib.c | 22
crypto/evp/evp_locl.h | 29 -
crypto/evp/m_dss.c | 2
crypto/evp/m_dss1.c | 2
crypto/evp/m_sha1.c | 15
crypto/evp/names.c | 8
crypto/fips/Makefile | 81 +++
crypto/fips/cavs/fips_aesavs.c | 939 +++++++++++++++++++++++++++++++++++++
crypto/fips/cavs/fips_desmovs.c | 702 +++++++++++++++++++++++++++
crypto/fips/cavs/fips_dssvs.c | 537 +++++++++++++++++++++
crypto/fips/cavs/fips_rngvs.c | 230 +++++++++
crypto/fips/cavs/fips_rsagtest.c | 390 +++++++++++++++
crypto/fips/cavs/fips_rsastest.c | 370 ++++++++++++++
crypto/fips/cavs/fips_rsavtest.c | 377 ++++++++++++++
crypto/fips/cavs/fips_shatest.c | 388 +++++++++++++++
crypto/fips/cavs/fips_utl.h | 343 +++++++++++++
crypto/fips/fips.c | 419 ++++++++++++++++
crypto/fips/fips.h | 163 ++++++
crypto/fips/fips_aes_selftest.c | 101 +++
crypto/fips/fips_des_selftest.c | 137 +++++
crypto/fips/fips_dsa_selftest.c | 180 +++++++
crypto/fips/fips_hmac_selftest.c | 135 +++++
crypto/fips/fips_rand.c | 410 ++++++++++++++++
crypto/fips/fips_rand.h | 77 +++
crypto/fips/fips_rand_selftest.c | 371 ++++++++++++++
crypto/fips/fips_randtest.c | 248 +++++++++
crypto/fips/fips_rsa_selftest.c | 432 +++++++++++++++++
crypto/fips/fips_rsa_x931g.c | 281 +++++++++++
crypto/fips/fips_sha1_selftest.c | 97 +++
crypto/fips/fips_standalone_sha1.c | 173 ++++++
crypto/fips/fips_test_suite.c | 588 +++++++++++++++++++++++
crypto/fips_err.c | 7
crypto/fips_err.h | 137 +++++
crypto/fips_locl.h | 72 ++
crypto/hmac/hmac.c | 14
crypto/hmac/hmac.h | 1
crypto/md2/md2.h | 3
crypto/md2/md2_dgst.c | 7
crypto/md4/md4.h | 3
crypto/md4/md4_dgst.c | 7
crypto/md5/md5.h | 3
crypto/md5/md5_dgst.c | 7
crypto/mdc2/mdc2.h | 4
crypto/mdc2/mdc2dgst.c | 7
crypto/mem.c | 2
crypto/o_init.c | 80 +++
crypto/opensslconf.h.in | 15
crypto/pkcs12/p12_crt.c | 11
crypto/rand/md_rand.c | 12
crypto/rand/rand.h | 17
crypto/rand/rand_err.c | 17
crypto/rand/rand_lib.c | 17
crypto/rc2/rc2.h | 4
crypto/rc2/rc2_skey.c | 17
crypto/rc4/Makefile | 4
crypto/rc4/asm/rc4-586.pl | 8
crypto/rc4/asm/rc4-s390x.pl | 2
crypto/rc4/asm/rc4-x86_64.pl | 2
crypto/rc4/rc4.h | 5
crypto/rc4/rc4_fblk.c | 75 ++
crypto/rc4/rc4_skey.c | 14
crypto/ripemd/ripemd.h | 3
crypto/ripemd/rmd_dgst.c | 7
crypto/rsa/rsa.h | 28 +
crypto/rsa/rsa_eay.c | 158 ++++--
crypto/rsa/rsa_err.c | 6
crypto/rsa/rsa_gen.c | 99 +++
crypto/rsa/rsa_lib.c | 87 +--
crypto/rsa/rsa_sign.c | 10
crypto/sha/sha.h | 3
crypto/sha/sha1dgst.c | 4
crypto/sha/sha256.c | 10
crypto/sha/sha512.c | 12
crypto/sha/sha_dgst.c | 6
crypto/sha/sha_locl.h | 7
ssl/s23_clnt.c | 16
ssl/s23_srvr.c | 9
ssl/s3_clnt.c | 6
ssl/s3_enc.c | 4
ssl/s3_srvr.c | 2
ssl/ssl_ciph.c | 7
ssl/ssl_lib.c | 8
ssl/ssltest.c | 35 +
ssl/t1_enc.c | 2
117 files changed, 10055 insertions(+), 181 deletions(-)
Index: openssl-1.0.0-beta3-fips.patch
===================================================================
RCS file: /cvs/pkgs/rpms/openssl/devel/openssl-1.0.0-beta3-fips.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- openssl-1.0.0-beta3-fips.patch 20 Aug 2009 14:41:33 -0000 1.2
+++ openssl-1.0.0-beta3-fips.patch 20 Aug 2009 15:08:21 -0000 1.3
@@ -393,6 +393,35 @@ diff -up openssl-1.0.0-beta3/crypto/bn/M
SRC= $(LIBSRC)
+diff -up openssl-1.0.0-beta3/crypto/camellia/asm/cmll-x86.pl.fips openssl-1.0.0-beta3/crypto/camellia/asm/cmll-x86.pl
+--- openssl-1.0.0-beta3/crypto/camellia/asm/cmll-x86.pl.fips 2009-04-06 16:25:02.000000000 +0200
++++ openssl-1.0.0-beta3/crypto/camellia/asm/cmll-x86.pl 2009-08-20 16:54:59.000000000 +0200
+@@ -722,12 +722,15 @@ my $bias=int(@T[0])?shift(@T):0;
+ }
+ &function_end("Camellia_Ekeygen");
+
++$setkeyfunc = "Camellia_set_key";
++$setkeyfunc = "private_Camellia_set_key" if ($ENV{FIPS} ne "");
++
+ if ($OPENSSL) {
+ # int Camellia_set_key (
+ # const unsigned char *userKey,
+ # int bits,
+ # CAMELLIA_KEY *key)
+-&function_begin_B("Camellia_set_key");
++&function_begin_B($setkeyfunc);
+ &push ("ebx");
+ &mov ("ecx",&wparam(0)); # pull arguments
+ &mov ("ebx",&wparam(1));
+@@ -760,7 +763,7 @@ if ($OPENSSL) {
+ &set_label("done",4);
+ &pop ("ebx");
+ &ret ();
+-&function_end_B("Camellia_set_key");
++&function_end_B($setkeyfunc);
+ }
+
+ @SBOX=(
diff -up openssl-1.0.0-beta3/crypto/camellia/camellia.h.fips openssl-1.0.0-beta3/crypto/camellia/camellia.h
--- openssl-1.0.0-beta3/crypto/camellia/camellia.h.fips 2009-08-11 18:07:29.000000000 +0200
+++ openssl-1.0.0-beta3/crypto/camellia/camellia.h 2009-08-11 18:07:30.000000000 +0200
@@ -408,10 +437,82 @@ diff -up openssl-1.0.0-beta3/crypto/came
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
+diff -up openssl-1.0.0-beta3/crypto/camellia/cmll_fblk.c.fips openssl-1.0.0-beta3/crypto/camellia/cmll_fblk.c
+--- openssl-1.0.0-beta3/crypto/camellia/cmll_fblk.c.fips 2009-08-20 17:01:56.000000000 +0200
++++ openssl-1.0.0-beta3/crypto/camellia/cmll_fblk.c 2009-08-20 17:03:21.000000000 +0200
+@@ -0,0 +1,68 @@
++/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
++/* ====================================================================
++ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ * software must display the following acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission. For written permission, please contact
++ * openssl-core at openssl.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ * nor may "OpenSSL" appear in their names without prior written
++ * permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ */
++
++#include <openssl/opensslv.h>
++#include <openssl/camellia.h>
++#include "cmll_locl.h"
++#include <openssl/crypto.h>
++#ifdef OPENSSL_FIPS
++#include <openssl/fips.h>
++#endif
++
++#ifdef OPENSSL_FIPS
++int Camellia_set_key(const unsigned char *userKey, const int bits,
++ CAMELLIA_KEY *key)
++ {
++ if (FIPS_mode())
++ FIPS_BAD_ABORT(CAMELLIA)
++ return private_Camellia_set_key(userKey, bits, key);
++ }
++#endif
diff -up openssl-1.0.0-beta3/crypto/camellia/cmll_misc.c.fips openssl-1.0.0-beta3/crypto/camellia/cmll_misc.c
--- openssl-1.0.0-beta3/crypto/camellia/cmll_misc.c.fips 2008-10-28 13:13:52.000000000 +0100
-+++ openssl-1.0.0-beta3/crypto/camellia/cmll_misc.c 2009-08-11 18:07:30.000000000 +0200
-@@ -52,11 +52,24 @@
++++ openssl-1.0.0-beta3/crypto/camellia/cmll_misc.c 2009-08-20 17:04:10.000000000 +0200
+@@ -52,11 +52,20 @@
#include <openssl/opensslv.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
@@ -422,20 +523,31 @@ diff -up openssl-1.0.0-beta3/crypto/came
const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT;
- int Camellia_set_key(const unsigned char *userKey, const int bits,
- CAMELLIA_KEY *key)
+#ifdef OPENSSL_FIPS
-+ {
-+ if (FIPS_mode())
-+ FIPS_BAD_ABORT(CAMELLIA)
-+ return private_Camellia_set_key(userKey, bits, key);
-+ }
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key)
++#else
+ int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key)
+#endif
{
if(!userKey || !key)
return -1;
+diff -up openssl-1.0.0-beta3/crypto/camellia/Makefile.fips openssl-1.0.0-beta3/crypto/camellia/Makefile
+--- openssl-1.0.0-beta3/crypto/camellia/Makefile.fips 2008-12-23 12:33:00.000000000 +0100
++++ openssl-1.0.0-beta3/crypto/camellia/Makefile 2009-08-20 17:02:56.000000000 +0200
+@@ -23,9 +23,9 @@ APPS=
+
+ LIB=$(TOP)/libcrypto.a
+ LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+- cmll_cfb.c cmll_ctr.c
++ cmll_cfb.c cmll_ctr.c cmll_fblk.c
+
+-LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o $(CMLL_ENC)
++LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_fblk.o $(CMLL_ENC)
+
+ SRC= $(LIBSRC)
+
diff -up openssl-1.0.0-beta3/crypto/cast/cast.h.fips openssl-1.0.0-beta3/crypto/cast/cast.h
--- openssl-1.0.0-beta3/crypto/cast/cast.h.fips 2009-08-11 18:07:29.000000000 +0200
+++ openssl-1.0.0-beta3/crypto/cast/cast.h 2009-08-11 18:07:30.000000000 +0200
More information about the fedora-extras-commits
mailing list