Commit 05d7bf6c authored by David Woodhouse's avatar David Woodhouse Committed by Rich Salz
Browse files

RT3992: Make SCT #ifdeffable. 



This code does open-coded division on 64-bit quantities and thus when
building with GCC on 32-bit platforms will require functions such as
__umoddi3 and __udivdi3 from libgcc.

In constrained environments such as firmware, those functions may not
be available. So make it possible to compile out SCT support, which in
fact (in the case of UEFI) we don't need anyway.

Signed-off-by: default avatarRich Salz <rsalz@akamai.com>
Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
parent 84d90cf3

crypto/x509v3/ext_dat.h

+2 −0
Original line number Diff line number Diff line
@@ -127,8 +127,10 @@ static const X509V3_EXT_METHOD *standard_exts[] = { 
    &v3_idp,

    &v3_alt[2],

    &v3_freshest_crl,

#ifndef OPENSSL_NO_SCT

    &v3_ct_scts[0],

    &v3_ct_scts[1],

#endif

};



/* Number of standard extensions */

crypto/x509v3/v3_scts.c

+2 −0
Original line number Diff line number Diff line
@@ -61,6 +61,7 @@ 
#include <openssl/asn1.h>

#include <openssl/x509v3.h>



#ifndef OPENSSL_NO_SCT

/* Signature and hash algorithms from RFC 5246 */

#define TLSEXT_hash_sha256                              4
@@ -321,3 +322,4 @@ static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list, 


    return 1;

}

#endif

makevms.com

+1 −0
Original line number Diff line number Diff line
@@ -295,6 +295,7 @@ $ CONFIG_LOGICALS := AES,- 
		     RFC3779,-

		     RMD160,-

		     RSA,-

		     SCT,-

                     SCRYPT,-

		     SCTP,-

		     SEED,-

util/mkdef.pl

+6 −2
Original line number Diff line number Diff line
@@ -81,6 +81,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", 
			 "FP_API", "STDIO", "SOCK", "DGRAM",

			 # Engines

                         "STATIC_ENGINE", "ENGINE", "HW", "GMP",

                         # X.509v3 Signed Certificate Timestamps

                         "SCT",

			 # RFC3779

			 "RFC3779",

			 # TLS
@@ -127,7 +129,7 @@ my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2; 
my $no_rsa; my $no_dsa; my $no_dh; my $no_aes; my $no_scrypt;

my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;

my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;

my $no_rfc3779; my $no_psk; my $no_cms; my $no_capieng;

my $no_sct; my $no_rfc3779; my $no_psk; my $no_cms; my $no_capieng;

my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc; 

my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;

my $no_unit_test; my $no_ssl3_method; my $no_ocb;
@@ -217,6 +219,7 @@ foreach (@ARGV, split(/ /, $options)) 
	elsif (/^no-engine$/)	{ $no_engine=1; }

	elsif (/^no-hw$/)	{ $no_hw=1; }

	elsif (/^no-gmp$/)	{ $no_gmp=1; }

	elsif (/^no-sct$/)	{ $no_sct=1; }

	elsif (/^no-rfc3779$/)	{ $no_rfc3779=1; }

	elsif (/^no-cms$/)	{ $no_cms=1; }

	elsif (/^no-ec2m$/)	{ $no_ec2m=1; }
@@ -1203,6 +1206,7 @@ sub is_valid 
			if ($keyword eq "FP_API" && $no_fp_api) { return 0; }

			if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }

			if ($keyword eq "GMP" && $no_gmp) { return 0; }

			if ($keyword eq "SCT" && $no_sct) { return 0; }

			if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }

			if ($keyword eq "PSK" && $no_psk) { return 0; }

			if ($keyword eq "CMS" && $no_cms) { return 0; }