Loading COPYRIGHT +1 −0 Original line number Original line Diff line number Diff line Loading @@ -62,3 +62,4 @@ The reason behind this being stated in this direct manner is past experience in code simply being copied and the attribution removed experience in code simply being copied and the attribution removed from it and then being distributed as part of other packages. This from it and then being distributed as part of other packages. This implementation was a non-trivial and unpaid effort. implementation was a non-trivial and unpaid effort. Configure +101 −41 Original line number Original line Diff line number Diff line Loading @@ -21,18 +21,22 @@ # This is used on the DEC Alpha where long is 8 bytes # This is used on the DEC Alpha where long is 8 bytes # and int is 4 # and int is 4 # BN_LLONG use the type 'long long' in crypto/bn/bn.h # BN_LLONG use the type 'long long' in crypto/bn/bn.h # MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h # MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h # MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h # MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h # IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h # RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_enc.c. This turns on # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on # array lookups instead of pointer use. # array lookups instead of pointer use. # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR2 use a pentium/intel specific version. # BF_PTR2 use a pentium/intel specific version. # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, # BN_ASM use some extra bn assember, $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; Loading @@ -51,7 +55,13 @@ $tlib="-lnsl -lsocket"; $bits1="THIRTY_TWO_BIT "; $bits1="THIRTY_TWO_BIT "; $bits2="SIXTY_FOUR_BIT "; $bits2="SIXTY_FOUR_BIT "; # -DB_ENDIAN slows things down on a sparc $x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; $x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; $x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1. # So the md5_locl.h file has an undef B_ENDIAN if sun is defined #config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \ #config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \ # des_asm:bf_asm # des_asm:bf_asm Loading @@ -63,18 +73,17 @@ $bits2="SIXTY_FOUR_BIT "; # A few of my development configs # A few of my development configs "purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", "purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", "debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", "debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", "dist", "cc:-O -DNOPROTO::::", "dist", "cc:-O -DNOPROTO::::", # Basic configs that should work on any box # Basic configs that should work on any box "gcc", "gcc:-O3::BN_LLONG:::", "gcc", "gcc:-O3::BN_LLONG:::", "cc", "cc:-O -DNOPROTO -DNOCONST:::::", "cc", "cc:-O -DNOPROTO -DNOCONST:::::", # My solaris setups # My solaris setups "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\ "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:", -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o", "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", # DO NOT use /xO[34] on sparc with SC3.0. # DO NOT use /xO[34] on sparc with SC3.0. # It is broken, and will not pass the tests # It is broken, and will not pass the tests "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\ "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\ Loading Loading @@ -116,30 +125,44 @@ $bits2="SIXTY_FOUR_BIT "; "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # x86-lnx.o file file since it is hand tweaked assembler. # bn86-elf.o file file since it is hand tweaked assembler. "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", "debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "FreeBSD", "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:", #"bsdi-gcc", "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::", "FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", #"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o", #"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm", "bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::", "nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", "nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", # NCR MP-RAS UNIX ver 02.03.01 "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", # UnixWare 2.0 # UnixWare 2.0 "unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", "unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", "unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::", "unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::", # IBM's AIX. # IBM's AIX. "aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", # # Cray T90 (SDSC) # It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT # defined. The T90 ints and longs are 8 bytes long, and apparently the # B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and # non L_ENDIAN code aligns the bytes in each word correctly. # # The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors: #'Taking the address of a bit field is not allowed. ' #'An expression with bit field exists as the operand of "sizeof" ' # (written by Wayne Schroeder <schroede@SDSC.EDU>) "cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::", # DGUX, 88100. # DGUX, 88100. "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", "dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", # SCO 5 # SCO 5 "sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? "sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? Loading Loading @@ -167,15 +190,21 @@ $Makefile="Makefile.ssl"; $des_locl="crypto/des/des_locl.h"; $des_locl="crypto/des/des_locl.h"; $des ="crypto/des/des.h"; $des ="crypto/des/des.h"; $bn ="crypto/bn/bn.h"; $bn ="crypto/bn/bn.h"; $md2 ="crypto/md/md2.h"; $md2 ="crypto/md2/md2.h"; $rc4 ="crypto/rc4/rc4.h"; $rc4 ="crypto/rc4/rc4.h"; $rc4_enc="crypto/rc4/rc4_enc.c"; $rc4_locl="crypto/rc4/rc4_locl.h"; $idea ="crypto/idea/idea.h"; $idea ="crypto/idea/idea.h"; $rc2 ="crypto/rc2/rc2.h"; $rc2 ="crypto/rc2/rc2.h"; $bf ="crypto/bf/bf_locl.h"; $bf ="crypto/bf/bf_locl.h"; $bn_mulw="bn_mulw.o"; $bn_mulw="bn_mulw.o"; $des_enc="des_enc.o fcrypt_b.o"; $des_enc="des_enc.o fcrypt_b.o"; $bf_enc ="bf_enc.o"; $bf_enc ="bf_enc.o"; $cast_enc="c_enc.o"; $rc4_enc="rc4_enc.o"; $rc5_enc="rc5_enc.o"; $md5_obj=""; $sha1_obj=""; $rmd160_obj=""; if ($#ARGV < 0) if ($#ARGV < 0) { { Loading Loading @@ -219,7 +248,8 @@ if (!defined($table{$target})) exit(1); exit(1); } } ($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)= ($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj, $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)= split(/\s*:\s*/,$table{$target}); split(/\s*:\s*/,$table{$target}); $cflags="$flags$cflags" if ($flags ne ""); $cflags="$flags$cflags" if ($flags ne ""); $lflags="$libs$lflags"if ($libs ne ""); $lflags="$libs$lflags"if ($libs ne ""); Loading @@ -227,6 +257,24 @@ $lflags="$libs$lflags"if ($libs ne ""); $bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); $bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); $rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/); $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/); if ($sha1_obj =~ /\.o$/) { # $sha1_obj=$sha1_enc; $cflags.=" -DSHA1_ASM"; } if ($md5_obj =~ /\.o$/) { # $md5_obj=$md5_enc; $cflags.=" -DMD5_ASM"; } if ($rmd160_obj =~ /\.o$/) { # $rmd160_obj=$rmd160_enc; $cflags.=" -DRMD160_ASM"; } $n=&file_new($Makefile); $n=&file_new($Makefile); open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n"; open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n"; Loading @@ -240,6 +288,12 @@ while (<IN>) s/^BN_MULW=.*$/BN_MULW= $bn_obj/; s/^BN_MULW=.*$/BN_MULW= $bn_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/; s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/; s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/; s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/; s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; print OUT $_."\n"; print OUT $_."\n"; } } close(IN); close(IN); Loading @@ -252,6 +306,12 @@ print "EX_LIBS=$lflags\n"; print "BN_MULW =$bn_obj\n"; print "BN_MULW =$bn_obj\n"; print "DES_ENC =$des_obj\n"; print "DES_ENC =$des_obj\n"; print "BF_ENC =$bf_obj\n"; print "BF_ENC =$bf_obj\n"; print "CAST_ENC =$cast_obj\n"; print "RC4_ENC =$rc4_obj\n"; print "RC5_ENC =$rc5_obj\n"; print "MD5_OBJ_ASM =$md5_obj\n"; print "SHA1_OBJ_ASM =$sha1_obj\n"; print "RMD160_OBJ_ASM=$rmd160_obj\n"; $des_ptr=0; $des_ptr=0; $des_risc1=0; $des_risc1=0; Loading Loading @@ -287,8 +347,8 @@ foreach (sort split(/\s+/,$bn_ops)) $rc2_int=3 if /RC2_LONG/; $rc2_int=3 if /RC2_LONG/; $bf_ptr=1 if $_ eq "BF_PTR"; $bf_ptr=1 if $_ eq "BF_PTR"; $bf_ptr=2 if $_ eq "BF_PTR2"; $bf_ptr=2 if $_ eq "BF_PTR2"; ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; Loading Loading @@ -375,9 +435,9 @@ close(OUT); &Rename($rc4,&file_old($rc4)); &Rename($rc4,&file_old($rc4)); &Rename($n,$rc4); &Rename($n,$rc4); (($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/); (($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/); $n=&file_new($rc4_enc); $n=&file_new($rc4_locl); open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n"; open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n"; open(OUT,">$n") || die "unable to read $n:$!\n"; open(OUT,">$n") || die "unable to read $n:$!\n"; while (<IN>) while (<IN>) { { Loading @@ -388,8 +448,8 @@ while (<IN>) } } close(IN); close(IN); close(OUT); close(OUT); &Rename($rc4_enc,&file_old($rc4_enc)); &Rename($rc4_locl,&file_old($rc4_locl)); &Rename($n,$rc4_enc); &Rename($n,$rc4_locl); (($in=$md2) =~ s/\.([^.]+)/.$postfix/); (($in=$md2) =~ s/\.([^.]+)/.$postfix/); $n=&file_new($md2); $n=&file_new($md2); Loading HISTORY +190 −0 Original line number Original line Diff line number Diff line 16-Mar-98 - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU> - Lots and lots of changes 29-Jan-98 - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from Goetz Babin-Ebell <babinebell@trustcenter.de>. - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or TLS1_VERSION. 7-Jan-98 - Finally reworked the cipher string to ciphers again, so it works correctly - All the app_data stuff is now ex_data with funcion calls to access. The index is supplied by a function and 'methods' can be setup for the types that are called on XXX_new/XXX_free. This lets applications get notified on creation and destruction. Some of the RSA methods could be implemented this way and I may do so. - Oh yes, SSL under perl5 is working at the basic level. 15-Dec-97 - Warning - the gethostbyname cache is not fully thread safe, but it should work well enough. - Major internal reworking of the app_data stuff. More functions but if you were accessing ->app_data directly, things will stop working. - The perlv5 stuff is working. Currently on message digests, ciphers and the bignum library. 9-Dec-97 - Modified re-negotiation so that server initated re-neg will cause a SSL_read() to return -1 should retry. The danger otherwise was that the server and the client could end up both trying to read when using non-blocking sockets. 4-Dec-97 - Lots of small changes - Fix for binaray mode in Windows for the FILE BIO, thanks to Bob Denny <rdenny@dc3.com> 17-Nov-97 - Quite a few internal cleanups, (removal of errno, and using macros defined in e_os.h). - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where the automactic naming out output files was being stuffed up. 29-Oct-97 - The Cast5 cipher has been added. MD5 and SHA-1 are now in assember for x86. 21-Oct-97 - Fixed a bug in the BIO_gethostbyname() cache. 15-Oct-97 - cbc mode for blowfish/des/3des is now in assember. Blowfish asm has also been improved. At this point in time, on the pentium, md5 is %80 faster, the unoptimesed sha-1 is %79 faster, des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc is %62 faster. 12-Oct-97 - MEM_BUF_grow() has been fixed so that it always sets the buf->length to the value we are 'growing' to. Think of MEM_BUF_grow() as the way to set the length value correctly. 10-Oct-97 - I now hash for certificate lookup on the raw DER encoded RDN (md5). This breaks things again :-(. This is efficent since I cache the DER encoding of the RDN. - The text DN now puts in the numeric OID instead of UNKNOWN. - req can now process arbitary OIDs in the config file. - I've been implementing md5 in x86 asm, much faster :-). - Started sha1 in x86 asm, needs more work. - Quite a few speedups in the BN stuff. RSA public operation has been made faster by caching the BN_MONT_CTX structure. The calulating of the Ai where A*Ai === 1 mod m was rather expensive. Basically a 40-50% speedup on public operations. The RSA speedup is now 15% on pentiums and %20 on pentium pro. 30-Sep-97 - After doing some profiling, I added x86 adm for bn_add_words(), which just adds 2 arrays of longs together. A %10 speedup for 512 and 1024 bit RSA on the pentium pro. 29-Sep-97 - Converted the x86 bignum assembler to us the perl scripts for generation. 23-Sep-97 - If SSL_set_session() is passed a NULL session, it now clears the current session-id. 22-Sep-97 - Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned certificates. - Bug in crypto/evp/encode.c where by decoding of 65 base64 encoded lines, one line at a time (via a memory BIO) would report EOF after the first line was decoded. - Fix in X509_find_by_issuer_and_serial() from Dr Stephen Henson <shenson@bigfoot.com> 19-Sep-97 - NO_FP_API and NO_STDIO added. - Put in sh config command. It auto runs Configure with the correct parameters. 18-Sep-97 - Fix x509.c so if a DSA cert has different parameters to its parent, they are left in place. Not tested yet. 16-Sep-97 - ssl_create_cipher_list() had some bugs, fixes from Patrick Eisenacher <eisenach@stud.uni-frankfurt.de> - Fixed a bug in the Base64 BIO, where it would return 1 instead of -1 when end of input was encountered but should retry. Basically a Base64/Memory BIO interaction problem. - Added a HMAC set of functions in preporarion for TLS work. 15-Sep-97 - Top level makefile tweak - Cameron Simpson <cs@zip.com.au> - Prime generation spead up %25 (512 bit prime, pentium pro linux) by using montgomery multiplication in the prime number test. 11-Sep-97 - Ugly bug in ssl3_write_bytes(). Basically if application land does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code did not check the size and tried to copy the entire buffer. This would tend to cause memory overwrites since SSLv3 has a maximum packet size of 16k. If your program uses buffers <= 16k, you would probably never see this problem. - Fixed a new errors that were cause by malloc() not returning 0 initialised memory.. - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing since this flags stops SSLeay being able to handle client cert requests correctly. 08-Sep-97 - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched on, the SSL server routines will not use a SSL_SESSION that is held in it's cache. This in intended to be used with the session-id callbacks so that while the session-ids are still stored in the cache, the decision to use them and how to look them up can be done by the callbacks. The are the 'new', 'get' and 'remove' callbacks. This can be used to determine the session-id to use depending on information like which port/host the connection is coming from. Since the are also SSL_SESSION_set_app_data() and SSL_SESSION_get_app_data() functions, the application can hold information against the session-id as well. 03-Sep-97 - Added lookup of CRLs to the by_dir method, X509_load_crl_file() also added. Basically it means you can lookup CRLs via the same system used to lookup certificates. - Changed things so that the X509_NAME structure can contain ASN.1 BIT_STRINGS which is required for the unique identifier OID. - Fixed some problems with the auto flushing of the session-id cache. It was not occuring on the server side. 02-Sep-97 - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size) which is the maximum number of entries allowed in the session-id cache. This is enforced with a simple FIFO list. The default size is 20*1024 entries which is rather large :-). The Timeout code is still always operating. 01-Sep-97 - Added an argument to all the 'generate private key/prime` callbacks. It is the last parameter so this should not break existing code but it is needed for C++. - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64() BIO. This lets the BIO read and write base64 encoded data without inserting or looking for '\n' characters. The '-A' flag turns this on when using apps/enc.c. - RSA_NO_PADDING added to help BSAFE functionality. This is a very dangerous thing to use, since RSA private key operations without random padding bytes (as PKCS#1 adds) can be attacked such that the private key can be revealed. - ASN.1 bug and rc2-40-cbc and rc4-40 added by Dr Stephen Henson <shenson@bigfoot.com> 31-Aug-97 (stuff added while I was away) - Linux pthreads by Tim Hudson (tjh@cryptsoft.com). - RSA_flags() added allowing bypass of pub/priv match check in ssl/ssl_rsa.c - Tim Hudson. - A few minor bugs. SSLeay 0.8.1 released. SSLeay 0.8.1 released. 19-Jul-97 19-Jul-97 Loading INSTALL +1 −1 Original line number Original line Diff line number Diff line Loading @@ -38,7 +38,7 @@ make -f Makefile.ssl links Makefile.ssl CC CFLAG EX_LIBS BN_MULW Makefile.ssl CC CFLAG EX_LIBS BN_MULW crypto/des/des.h DES_LONG crypto/des/des.h DES_LONG crypto/des/des_locl.h DES_PTR crypto/des/des_locl.h DES_PTR crypto/md/md2.h MD2_INT crypto/md2/md2.h MD2_INT crypto/rc4/rc4.h RC4_INT crypto/rc4/rc4.h RC4_INT crypto/rc4/rc4_enc.c RC4_INDEX crypto/rc4/rc4_enc.c RC4_INDEX crypto/rc2/rc2.h RC2_INT crypto/rc2/rc2.h RC2_INT Loading MINFO +217 −80 File changed.Preview size limit exceeded, changes collapsed. Show changes Loading
COPYRIGHT +1 −0 Original line number Original line Diff line number Diff line Loading @@ -62,3 +62,4 @@ The reason behind this being stated in this direct manner is past experience in code simply being copied and the attribution removed experience in code simply being copied and the attribution removed from it and then being distributed as part of other packages. This from it and then being distributed as part of other packages. This implementation was a non-trivial and unpaid effort. implementation was a non-trivial and unpaid effort.
Configure +101 −41 Original line number Original line Diff line number Diff line Loading @@ -21,18 +21,22 @@ # This is used on the DEC Alpha where long is 8 bytes # This is used on the DEC Alpha where long is 8 bytes # and int is 4 # and int is 4 # BN_LLONG use the type 'long long' in crypto/bn/bn.h # BN_LLONG use the type 'long long' in crypto/bn/bn.h # MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h # MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h # MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h # MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h # IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h # RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_enc.c. This turns on # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on # array lookups instead of pointer use. # array lookups instead of pointer use. # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR2 use a pentium/intel specific version. # BF_PTR2 use a pentium/intel specific version. # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, # BN_ASM use some extra bn assember, $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; Loading @@ -51,7 +55,13 @@ $tlib="-lnsl -lsocket"; $bits1="THIRTY_TWO_BIT "; $bits1="THIRTY_TWO_BIT "; $bits2="SIXTY_FOUR_BIT "; $bits2="SIXTY_FOUR_BIT "; # -DB_ENDIAN slows things down on a sparc $x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o"; $x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o"; $x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o"; $x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o"; # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1. # So the md5_locl.h file has an undef B_ENDIAN if sun is defined #config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \ #config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \ # des_asm:bf_asm # des_asm:bf_asm Loading @@ -63,18 +73,17 @@ $bits2="SIXTY_FOUR_BIT "; # A few of my development configs # A few of my development configs "purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", "purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::", "debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", "debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::", "dist", "cc:-O -DNOPROTO::::", "dist", "cc:-O -DNOPROTO::::", # Basic configs that should work on any box # Basic configs that should work on any box "gcc", "gcc:-O3::BN_LLONG:::", "gcc", "gcc:-O3::BN_LLONG:::", "cc", "cc:-O -DNOPROTO -DNOCONST:::::", "cc", "cc:-O -DNOPROTO -DNOCONST:::::", # My solaris setups # My solaris setups "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\ "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:", -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o", "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", "solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::", # DO NOT use /xO[34] on sparc with SC3.0. # DO NOT use /xO[34] on sparc with SC3.0. # It is broken, and will not pass the tests # It is broken, and will not pass the tests "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\ "solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\ Loading Loading @@ -116,30 +125,44 @@ $bits2="SIXTY_FOUR_BIT "; "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", "alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::", # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the # x86-lnx.o file file since it is hand tweaked assembler. # bn86-elf.o file file since it is hand tweaked assembler. "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", "debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::", "FreeBSD", "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o", "NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:", #"bsdi-gcc", "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::", "FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm", #"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o", #"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm", "bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::", "nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", "nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::", # NCR MP-RAS UNIX ver 02.03.01 "ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", # UnixWare 2.0 # UnixWare 2.0 "unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", "unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::", "unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::", "unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::", # IBM's AIX. # IBM's AIX. "aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", "aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::", # # Cray T90 (SDSC) # It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT # defined. The T90 ints and longs are 8 bytes long, and apparently the # B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and # non L_ENDIAN code aligns the bytes in each word correctly. # # The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors: #'Taking the address of a bit field is not allowed. ' #'An expression with bit field exists as the operand of "sizeof" ' # (written by Wayne Schroeder <schroede@SDSC.EDU>) "cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::", # DGUX, 88100. # DGUX, 88100. "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", "dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::", "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", "dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::", "dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o", "dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm", # SCO 5 # SCO 5 "sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? "sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options? Loading Loading @@ -167,15 +190,21 @@ $Makefile="Makefile.ssl"; $des_locl="crypto/des/des_locl.h"; $des_locl="crypto/des/des_locl.h"; $des ="crypto/des/des.h"; $des ="crypto/des/des.h"; $bn ="crypto/bn/bn.h"; $bn ="crypto/bn/bn.h"; $md2 ="crypto/md/md2.h"; $md2 ="crypto/md2/md2.h"; $rc4 ="crypto/rc4/rc4.h"; $rc4 ="crypto/rc4/rc4.h"; $rc4_enc="crypto/rc4/rc4_enc.c"; $rc4_locl="crypto/rc4/rc4_locl.h"; $idea ="crypto/idea/idea.h"; $idea ="crypto/idea/idea.h"; $rc2 ="crypto/rc2/rc2.h"; $rc2 ="crypto/rc2/rc2.h"; $bf ="crypto/bf/bf_locl.h"; $bf ="crypto/bf/bf_locl.h"; $bn_mulw="bn_mulw.o"; $bn_mulw="bn_mulw.o"; $des_enc="des_enc.o fcrypt_b.o"; $des_enc="des_enc.o fcrypt_b.o"; $bf_enc ="bf_enc.o"; $bf_enc ="bf_enc.o"; $cast_enc="c_enc.o"; $rc4_enc="rc4_enc.o"; $rc5_enc="rc5_enc.o"; $md5_obj=""; $sha1_obj=""; $rmd160_obj=""; if ($#ARGV < 0) if ($#ARGV < 0) { { Loading Loading @@ -219,7 +248,8 @@ if (!defined($table{$target})) exit(1); exit(1); } } ($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)= ($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj, $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)= split(/\s*:\s*/,$table{$target}); split(/\s*:\s*/,$table{$target}); $cflags="$flags$cflags" if ($flags ne ""); $cflags="$flags$cflags" if ($flags ne ""); $lflags="$libs$lflags"if ($libs ne ""); $lflags="$libs$lflags"if ($libs ne ""); Loading @@ -227,6 +257,24 @@ $lflags="$libs$lflags"if ($libs ne ""); $bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); $bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/); $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $des_obj=$des_enc unless ($des_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); $rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/); $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/); if ($sha1_obj =~ /\.o$/) { # $sha1_obj=$sha1_enc; $cflags.=" -DSHA1_ASM"; } if ($md5_obj =~ /\.o$/) { # $md5_obj=$md5_enc; $cflags.=" -DMD5_ASM"; } if ($rmd160_obj =~ /\.o$/) { # $rmd160_obj=$rmd160_enc; $cflags.=" -DRMD160_ASM"; } $n=&file_new($Makefile); $n=&file_new($Makefile); open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n"; open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n"; Loading @@ -240,6 +288,12 @@ while (<IN>) s/^BN_MULW=.*$/BN_MULW= $bn_obj/; s/^BN_MULW=.*$/BN_MULW= $bn_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/; s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/; s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/; s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/; s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; print OUT $_."\n"; print OUT $_."\n"; } } close(IN); close(IN); Loading @@ -252,6 +306,12 @@ print "EX_LIBS=$lflags\n"; print "BN_MULW =$bn_obj\n"; print "BN_MULW =$bn_obj\n"; print "DES_ENC =$des_obj\n"; print "DES_ENC =$des_obj\n"; print "BF_ENC =$bf_obj\n"; print "BF_ENC =$bf_obj\n"; print "CAST_ENC =$cast_obj\n"; print "RC4_ENC =$rc4_obj\n"; print "RC5_ENC =$rc5_obj\n"; print "MD5_OBJ_ASM =$md5_obj\n"; print "SHA1_OBJ_ASM =$sha1_obj\n"; print "RMD160_OBJ_ASM=$rmd160_obj\n"; $des_ptr=0; $des_ptr=0; $des_risc1=0; $des_risc1=0; Loading Loading @@ -287,8 +347,8 @@ foreach (sort split(/\s+/,$bn_ops)) $rc2_int=3 if /RC2_LONG/; $rc2_int=3 if /RC2_LONG/; $bf_ptr=1 if $_ eq "BF_PTR"; $bf_ptr=1 if $_ eq "BF_PTR"; $bf_ptr=2 if $_ eq "BF_PTR2"; $bf_ptr=2 if $_ eq "BF_PTR2"; ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; Loading Loading @@ -375,9 +435,9 @@ close(OUT); &Rename($rc4,&file_old($rc4)); &Rename($rc4,&file_old($rc4)); &Rename($n,$rc4); &Rename($n,$rc4); (($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/); (($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/); $n=&file_new($rc4_enc); $n=&file_new($rc4_locl); open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n"; open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n"; open(OUT,">$n") || die "unable to read $n:$!\n"; open(OUT,">$n") || die "unable to read $n:$!\n"; while (<IN>) while (<IN>) { { Loading @@ -388,8 +448,8 @@ while (<IN>) } } close(IN); close(IN); close(OUT); close(OUT); &Rename($rc4_enc,&file_old($rc4_enc)); &Rename($rc4_locl,&file_old($rc4_locl)); &Rename($n,$rc4_enc); &Rename($n,$rc4_locl); (($in=$md2) =~ s/\.([^.]+)/.$postfix/); (($in=$md2) =~ s/\.([^.]+)/.$postfix/); $n=&file_new($md2); $n=&file_new($md2); Loading
HISTORY +190 −0 Original line number Original line Diff line number Diff line 16-Mar-98 - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU> - Lots and lots of changes 29-Jan-98 - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from Goetz Babin-Ebell <babinebell@trustcenter.de>. - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or TLS1_VERSION. 7-Jan-98 - Finally reworked the cipher string to ciphers again, so it works correctly - All the app_data stuff is now ex_data with funcion calls to access. The index is supplied by a function and 'methods' can be setup for the types that are called on XXX_new/XXX_free. This lets applications get notified on creation and destruction. Some of the RSA methods could be implemented this way and I may do so. - Oh yes, SSL under perl5 is working at the basic level. 15-Dec-97 - Warning - the gethostbyname cache is not fully thread safe, but it should work well enough. - Major internal reworking of the app_data stuff. More functions but if you were accessing ->app_data directly, things will stop working. - The perlv5 stuff is working. Currently on message digests, ciphers and the bignum library. 9-Dec-97 - Modified re-negotiation so that server initated re-neg will cause a SSL_read() to return -1 should retry. The danger otherwise was that the server and the client could end up both trying to read when using non-blocking sockets. 4-Dec-97 - Lots of small changes - Fix for binaray mode in Windows for the FILE BIO, thanks to Bob Denny <rdenny@dc3.com> 17-Nov-97 - Quite a few internal cleanups, (removal of errno, and using macros defined in e_os.h). - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where the automactic naming out output files was being stuffed up. 29-Oct-97 - The Cast5 cipher has been added. MD5 and SHA-1 are now in assember for x86. 21-Oct-97 - Fixed a bug in the BIO_gethostbyname() cache. 15-Oct-97 - cbc mode for blowfish/des/3des is now in assember. Blowfish asm has also been improved. At this point in time, on the pentium, md5 is %80 faster, the unoptimesed sha-1 is %79 faster, des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc is %62 faster. 12-Oct-97 - MEM_BUF_grow() has been fixed so that it always sets the buf->length to the value we are 'growing' to. Think of MEM_BUF_grow() as the way to set the length value correctly. 10-Oct-97 - I now hash for certificate lookup on the raw DER encoded RDN (md5). This breaks things again :-(. This is efficent since I cache the DER encoding of the RDN. - The text DN now puts in the numeric OID instead of UNKNOWN. - req can now process arbitary OIDs in the config file. - I've been implementing md5 in x86 asm, much faster :-). - Started sha1 in x86 asm, needs more work. - Quite a few speedups in the BN stuff. RSA public operation has been made faster by caching the BN_MONT_CTX structure. The calulating of the Ai where A*Ai === 1 mod m was rather expensive. Basically a 40-50% speedup on public operations. The RSA speedup is now 15% on pentiums and %20 on pentium pro. 30-Sep-97 - After doing some profiling, I added x86 adm for bn_add_words(), which just adds 2 arrays of longs together. A %10 speedup for 512 and 1024 bit RSA on the pentium pro. 29-Sep-97 - Converted the x86 bignum assembler to us the perl scripts for generation. 23-Sep-97 - If SSL_set_session() is passed a NULL session, it now clears the current session-id. 22-Sep-97 - Added a '-ss_cert file' to apps/ca.c. This will sign selfsigned certificates. - Bug in crypto/evp/encode.c where by decoding of 65 base64 encoded lines, one line at a time (via a memory BIO) would report EOF after the first line was decoded. - Fix in X509_find_by_issuer_and_serial() from Dr Stephen Henson <shenson@bigfoot.com> 19-Sep-97 - NO_FP_API and NO_STDIO added. - Put in sh config command. It auto runs Configure with the correct parameters. 18-Sep-97 - Fix x509.c so if a DSA cert has different parameters to its parent, they are left in place. Not tested yet. 16-Sep-97 - ssl_create_cipher_list() had some bugs, fixes from Patrick Eisenacher <eisenach@stud.uni-frankfurt.de> - Fixed a bug in the Base64 BIO, where it would return 1 instead of -1 when end of input was encountered but should retry. Basically a Base64/Memory BIO interaction problem. - Added a HMAC set of functions in preporarion for TLS work. 15-Sep-97 - Top level makefile tweak - Cameron Simpson <cs@zip.com.au> - Prime generation spead up %25 (512 bit prime, pentium pro linux) by using montgomery multiplication in the prime number test. 11-Sep-97 - Ugly bug in ssl3_write_bytes(). Basically if application land does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code did not check the size and tried to copy the entire buffer. This would tend to cause memory overwrites since SSLv3 has a maximum packet size of 16k. If your program uses buffers <= 16k, you would probably never see this problem. - Fixed a new errors that were cause by malloc() not returning 0 initialised memory.. - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing since this flags stops SSLeay being able to handle client cert requests correctly. 08-Sep-97 - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added. When switched on, the SSL server routines will not use a SSL_SESSION that is held in it's cache. This in intended to be used with the session-id callbacks so that while the session-ids are still stored in the cache, the decision to use them and how to look them up can be done by the callbacks. The are the 'new', 'get' and 'remove' callbacks. This can be used to determine the session-id to use depending on information like which port/host the connection is coming from. Since the are also SSL_SESSION_set_app_data() and SSL_SESSION_get_app_data() functions, the application can hold information against the session-id as well. 03-Sep-97 - Added lookup of CRLs to the by_dir method, X509_load_crl_file() also added. Basically it means you can lookup CRLs via the same system used to lookup certificates. - Changed things so that the X509_NAME structure can contain ASN.1 BIT_STRINGS which is required for the unique identifier OID. - Fixed some problems with the auto flushing of the session-id cache. It was not occuring on the server side. 02-Sep-97 - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size) which is the maximum number of entries allowed in the session-id cache. This is enforced with a simple FIFO list. The default size is 20*1024 entries which is rather large :-). The Timeout code is still always operating. 01-Sep-97 - Added an argument to all the 'generate private key/prime` callbacks. It is the last parameter so this should not break existing code but it is needed for C++. - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64() BIO. This lets the BIO read and write base64 encoded data without inserting or looking for '\n' characters. The '-A' flag turns this on when using apps/enc.c. - RSA_NO_PADDING added to help BSAFE functionality. This is a very dangerous thing to use, since RSA private key operations without random padding bytes (as PKCS#1 adds) can be attacked such that the private key can be revealed. - ASN.1 bug and rc2-40-cbc and rc4-40 added by Dr Stephen Henson <shenson@bigfoot.com> 31-Aug-97 (stuff added while I was away) - Linux pthreads by Tim Hudson (tjh@cryptsoft.com). - RSA_flags() added allowing bypass of pub/priv match check in ssl/ssl_rsa.c - Tim Hudson. - A few minor bugs. SSLeay 0.8.1 released. SSLeay 0.8.1 released. 19-Jul-97 19-Jul-97 Loading
INSTALL +1 −1 Original line number Original line Diff line number Diff line Loading @@ -38,7 +38,7 @@ make -f Makefile.ssl links Makefile.ssl CC CFLAG EX_LIBS BN_MULW Makefile.ssl CC CFLAG EX_LIBS BN_MULW crypto/des/des.h DES_LONG crypto/des/des.h DES_LONG crypto/des/des_locl.h DES_PTR crypto/des/des_locl.h DES_PTR crypto/md/md2.h MD2_INT crypto/md2/md2.h MD2_INT crypto/rc4/rc4.h RC4_INT crypto/rc4/rc4.h RC4_INT crypto/rc4/rc4_enc.c RC4_INDEX crypto/rc4/rc4_enc.c RC4_INDEX crypto/rc2/rc2.h RC2_INT crypto/rc2/rc2.h RC2_INT Loading
