Update fipsld to use external signature for fips_premain.c . Update build system

 Changes between 0.9.7l and 0.9.7m  [xx XXX xxxx]

  *) Remove redundant features: hash file source, editing of test vectors

     modify fipsld to use external fips_premain.c signature.

     [Steve Henson]

  *) New perl script mkfipsscr.pl to create shell scripts or batch files to

     run algorithm test programs.

     [Steve Henson]

RM=             rm -f

AR=		ar r

FIPSCANLOC=	$(FIPSLIBDIR)/fipscanister.o

PEX_LIBS=

EX_LIBS=

all:

	@if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \

		$(MAKE) -e subdirs check lib shared; \

		$(MAKE) -e subdirs $(FIPSCHECK) lib shared; \

	fi

check:

#	$(PERL) ../util/checkhash.pl || (rm fipscanister.o* 2>/dev/null; exit 1)

	echo FIPS module not built: no check done

# Idea behind fipscanister.o is to "seize" the sequestered code between

# known symbols for fingerprinting purposes, which would be commonly

# done with ld -r start.o ... end.o. The latter however presents a minor

	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \

	done;

lib:	$(FIPSLIBDIR)/fipscanister.o

	$(AR) $(LIB) $(FIPSLIBDIR)/fipscanister.o

lib:	$(FIPSCANLOC)

	$(AR) $(LIB) $(FIPSCANLOC)

	$(RANLIB) $(LIB) || echo Never mind.

	@touch lib

	(cd ..; make DIRS=test)

fips_test: top tests

	-cd testvectors && perl -p -i -e 's/COUNT=/COUNT = /' des[23]/req/*.req

	@for i in dsa sha aes des hmac rand rsa; \

	do \

		(cd $$i && echo "making fips_test in fips/$$i..." && $(MAKE) fips_test) \

HMAC-SHA1(fips_premain.c)= 6a08d15c578f1258246181bf52134ae974aa5a80

const char * const FIPS_source_hashes[] = {

"HMAC-SHA1(Makefile)= 369e2e023b73789e6af4b8fa2503a7b909c4c3f0",

"HMAC-SHA1(fips.c)= 3a2deb3c319512952bf5547ed92116a7e0db472b",

"HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898",

"HMAC-SHA1(fips.h)= 57d602d18efe0594f806fbcc64269e9440638ef4",

"HMAC-SHA1(fips_err.h)= e0649ee1d60c8162f7eeb293f89f3b63ac85202a",

"HMAC-SHA1(fips_locl.h)= f90a23c7f68642727012bbfd48ed58706383ad71",

"HMAC-SHA1(fips_canister.c)= da6d0f5daf9594881fd060773a5f3e057ba302ff",

"HMAC-SHA1(fips_premain.c)= 6a08d15c578f1258246181bf52134ae974aa5a80",

"HMAC-SHA1(aes/fips_aes_core.c)= b70bbbd675efe0613da0d57055310926a0104d55",

"HMAC-SHA1(aes/asm/fips-ax86-elf.s)= f797b524a79196e7f59458a5b223432fcfd4a868",

"HMAC-SHA1(aes/fips_aes_selftest.c)= 98b01502221e7fe529fd981222f2cbb52eb4cbe0",

"HMAC-SHA1(aes/fips_aes_locl.h)= a98eb0aa449f1d95b8064e261b2ac2b1f328685e",

"HMAC-SHA1(des/fips_des_enc.c)= 9527f8ea81602358f1aa11348237fdb1e9eeff32",

"HMAC-SHA1(des/asm/fips-dx86-elf.s)= 9570b03422ffbe5d3d090f91758ebfd46acd5d57",

"HMAC-SHA1(des/fips_des_selftest.c)= 3bc574e51647c5f5ab45d1007b2cf461d67764a9",

"HMAC-SHA1(des/fips_set_key.c)= cd1ba25d29376849523a9ddc194c3156a8a7a913",

"HMAC-SHA1(des/fips_des_locl.h)= e008da40dc6913e374edd66a20d44e1752f00583",

"HMAC-SHA1(dh/fips_dh_check.c)= 63347e2007e224381d4a7b6d871633889de72cf3",

"HMAC-SHA1(dh/fips_dh_gen.c)= 93fe69b758ca9d70d70cda1c57fff4eb5c668e85",

"HMAC-SHA1(dh/fips_dh_key.c)= 2d79eb8d59929ec129d34f53b5aded4a290a28ca",

"HMAC-SHA1(dsa/fips_dsa_ossl.c)= 2fadb271897a775f023393aa22ddede8a76eec0d",

"HMAC-SHA1(dsa/fips_dsa_gen.c)= 78c879484fd849312ca4828b957df3842b70efc0",

"HMAC-SHA1(dsa/fips_dsa_selftest.c)= 7c2ba8d82feda2aadc8b769a3b6c4c25a6356e01",

"HMAC-SHA1(rand/fips_rand.c)= 7e3964447a81cfe4e75df981827d14a5fe0c2923",

"HMAC-SHA1(rand/fips_rand.h)= bf009ea8963e79b1e414442ede9ae7010a03160b",

"HMAC-SHA1(rand/fips_rand_selftest.c)= 5661f383decf0708d0230409fe1564223e834a3b",

"HMAC-SHA1(rsa/fips_rsa_eay.c)= 2512f849a220daa083f346b10effdb2ee96d4395",

"HMAC-SHA1(rsa/fips_rsa_gen.c)= 577466931c054d99caf4ac2aefff0e35efd94024",

"HMAC-SHA1(rsa/fips_rsa_selftest.c)= a9dc47bd1001f795d1565111d26433c300101e06",

"HMAC-SHA1(rsa/fips_rsa_x931g.c)= 1827d381bb21c53a38a7194cb1c428a2b5f1e3ab",

"HMAC-SHA1(sha/fips_sha1dgst.c)= 26e529d630b5e754b4a29bd1bb697e991e7fdc04",

"HMAC-SHA1(sha/fips_standalone_sha1.c)= 46a66875e68398eabca2e933958a2d865149ca1b",

"HMAC-SHA1(sha/fips_sha1_selftest.c)= a08f9c1e2c0f63b9aa96b927c0333a03b020749f",

"HMAC-SHA1(sha/asm/fips-sx86-elf.s)= ae66fb23ab8e1a2287e87a0a2dd30a4b9039fe63",

"HMAC-SHA1(sha/fips_sha_locl.h)= 30b6d6bdbdc9db0d66dc89010c1f4fe1c7b60574",

"HMAC-SHA1(sha/fips_md32_common.h)= c34d8b7785d3194ff968cf6d3efdd2bfcaec1fad",

"HMAC-SHA1(sha/fips_sha.h)= cbe98c211cff1684adfa3fe6e6225e92a0a25f6c",

"HMAC-SHA1(sha/fips_sha256.c)= 97e6dee22a1fe993cc48aa8ff37af10701d7f599",

"HMAC-SHA1(sha/fips_sha512.c)= 74e6ef26de96f774d233888b831289e69834dd79",

"HMAC-SHA1(hmac/fips_hmac.c)= a477cec1da76c0092979c4a875b6469339bff7ef",

"HMAC-SHA1(hmac/fips_hmac_selftest.c)= ebb32b205babf4300017de767fd6e3f1879765c9",

};

		diff -w "${CANISTER_O}.sha1" - || \

	{ echo "${CANISTER_O} fingerprint mismatch"; exit 1; }

	# verify fipspremain.c against its detached signature...

	${FINGERTYPE} "${PREMAIN_C}" | sed "s/(.*\//(/" | \

		diff -w "${PREMAIN_C}.sha1" - || \

	{ echo "${PREMAIN_C} fingerprint mismatch"; exit 1; }

	# verify fips_premain.c against its signature embedded into

	# fipscanister.o...

	SIG=`${FINGERTYPE} "${PREMAIN_C}" | sed -n "s/(.*\//(/;/^./p"`

	REF=`strings "${CANISTER_O}" | grep "HMAC-SHA1(fips_premain\\.c)"`

	[ "${SIG}" = "${REF}" ] || \

	{ echo "${PREMAIN_C} fingerprint mismatch"; exit 1; }

	#SIG=`${FINGERTYPE} "${PREMAIN_C}" | sed -n "s/(.*\//(/;/^./p"`

	#REF=`strings "${CANISTER_O}" | grep "HMAC-SHA1(fips_premain\\.c)"`

	#[ "${SIG}" = "${REF}" ] || \

	#{ echo "${PREMAIN_C} fingerprint mismatch"; exit 1; }

	# Temporarily remove fipscanister.o from libcrypto.a!

	# We are required to use the standalone copy...