summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Noordhuis <info@bnoordhuis.nl>2013-05-01 16:21:21 +0200
committerBen Noordhuis <info@bnoordhuis.nl>2013-05-01 16:45:31 +0200
commit2cf7e5de6f0af289f231ff499ef1acf731e9f3b1 (patch)
treee46d0e6f98bf52fe10495c73a933b3267c140afb
parentdda7b402044a4ecde60baf386cb54997fbd570a1 (diff)
downloadnode-2cf7e5de6f0af289f231ff499ef1acf731e9f3b1.tar.gz
Revert "deps: downgrade openssl to v1.0.0f"
After much investigation it turns out that the affected servers are buggy. user-service.condenastdigital.com:443 in particular seems to reject large TLS handshake records. Cutting down the number of advertised ciphers or disabling SNI fixes the issue. Similarly, passing { secureOptions: constants.SSL_OP_NO_TLSv1_2 } seems to fix most connection issues with IIS servers. Having to work around buggy servers is annoying for our users but not a reason to downgrade OpenSSL. Therefore, revert it. This reverts commit 4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.
-rw-r--r--deps/openssl/README.chromium96
-rw-r--r--deps/openssl/asm/Makefile30
-rw-r--r--deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s25
-rw-r--r--deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s1311
-rw-r--r--deps/openssl/asm/x64-elf-gas/rc4/rc4-x86_64.s734
-rw-r--r--deps/openssl/asm/x64-elf-gas/sha/sha1-x86_64.s3531
-rw-r--r--deps/openssl/asm/x64-elf-gas/sha/sha512-x86_64.s2144
-rw-r--r--deps/openssl/asm/x64-elf-gas/x86_64cpuid.s70
-rw-r--r--deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s17
-rw-r--r--deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s1309
-rw-r--r--deps/openssl/asm/x64-macosx-gas/md5/md5-x86_64.s1
-rw-r--r--deps/openssl/asm/x64-macosx-gas/rc4/rc4-x86_64.s731
-rw-r--r--deps/openssl/asm/x64-macosx-gas/sha/sha1-x86_64.s3529
-rw-r--r--deps/openssl/asm/x64-macosx-gas/sha/sha512-x86_64.s2144
-rw-r--r--deps/openssl/asm/x64-macosx-gas/x86_64cpuid.s69
-rw-r--r--deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm45
-rw-r--r--deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm1428
-rw-r--r--deps/openssl/asm/x64-win32-masm/camellia/cmll-x86_64.asm4
-rw-r--r--deps/openssl/asm/x64-win32-masm/md5/md5-x86_64.asm280
-rw-r--r--deps/openssl/asm/x64-win32-masm/rc4/rc4-x86_64.asm744
-rw-r--r--deps/openssl/asm/x64-win32-masm/sha/sha1-x86_64.asm3624
-rw-r--r--deps/openssl/asm/x64-win32-masm/sha/sha512-x86_64.asm2248
-rw-r--r--deps/openssl/asm/x64-win32-masm/whrlpool/wp-x86_64.asm204
-rw-r--r--deps/openssl/asm/x64-win32-masm/x86_64cpuid.asm72
-rw-r--r--deps/openssl/asm/x86-elf-gas/aes/aes-586.s22
-rw-r--r--deps/openssl/asm/x86-elf-gas/camellia/cmll-x86.s10
-rw-r--r--deps/openssl/asm/x86-elf-gas/rc4/rc4-586.s218
-rw-r--r--deps/openssl/asm/x86-elf-gas/sha/sha1-586.s1262
-rw-r--r--deps/openssl/asm/x86-elf-gas/sha/sha256-586.s65
-rw-r--r--deps/openssl/asm/x86-elf-gas/x86cpuid.s135
-rw-r--r--deps/openssl/asm/x86-macosx-gas/aes/aes-586.s24
-rw-r--r--deps/openssl/asm/x86-macosx-gas/camellia/cmll-x86.s6
-rw-r--r--deps/openssl/asm/x86-macosx-gas/des/crypt586.s13
-rw-r--r--deps/openssl/asm/x86-macosx-gas/rc4/rc4-586.s231
-rw-r--r--deps/openssl/asm/x86-macosx-gas/sha/sha1-586.s1262
-rw-r--r--deps/openssl/asm/x86-macosx-gas/sha/sha256-586.s65
-rw-r--r--deps/openssl/asm/x86-macosx-gas/x86cpuid.s149
-rw-r--r--deps/openssl/asm/x86-win32-masm/aes/aes-586.asm14
-rw-r--r--deps/openssl/asm/x86-win32-masm/bf/bf-686.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/bn/x86.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm8
-rw-r--r--deps/openssl/asm/x86-win32-masm/cast/cast-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/des/crypt586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/des/des-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/md5/md5-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/rc4/rc4-586.asm225
-rw-r--r--deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm1264
-rw-r--r--deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm67
-rw-r--r--deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm2
-rw-r--r--deps/openssl/asm/x86-win32-masm/x86cpuid.asm132
-rw-r--r--deps/openssl/config/android/openssl/opensslconf.h253
-rw-r--r--deps/openssl/config/k8/openssl/opensslconf-posix.h273
-rw-r--r--deps/openssl/config/k8/openssl/opensslconf-win32.h262
-rw-r--r--deps/openssl/config/k8/openssl/opensslconf.h5
-rw-r--r--deps/openssl/config/piii/openssl/opensslconf-posix.h273
-rw-r--r--deps/openssl/config/piii/openssl/opensslconf-win32.h274
-rw-r--r--deps/openssl/config/piii/openssl/opensslconf.h5
-rw-r--r--deps/openssl/openssl.gyp173
-rw-r--r--deps/openssl/openssl/CHANGES473
-rwxr-xr-xdeps/openssl/openssl/Configure255
-rw-r--r--deps/openssl/openssl/FAQ24
-rw-r--r--deps/openssl/openssl/INSTALL.W324
-rw-r--r--deps/openssl/openssl/Makefile77
-rw-r--r--deps/openssl/openssl/Makefile.org69
-rw-r--r--deps/openssl/openssl/NEWS52
-rw-r--r--deps/openssl/openssl/PROBLEMS14
-rw-r--r--deps/openssl/openssl/README4
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/VMS/install-vms.com0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/VMS/openssl_startup.com0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/VMS/openssl_undo.com0
-rwxr-xr-xdeps/openssl/openssl/config102
-rw-r--r--deps/openssl/openssl/crypto/Makefile34
-rw-r--r--deps/openssl/openssl/crypto/aes/Makefile29
-rw-r--r--deps/openssl/openssl/crypto/aes/aes.h5
-rw-r--r--deps/openssl/openssl/crypto/aes/aes_core.c12
-rw-r--r--deps/openssl/openssl/crypto/aes/aes_misc.c21
-rwxr-xr-xdeps/openssl/openssl/crypto/aes/asm/aes-586.pl14
-rw-r--r--deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl182
-rw-r--r--deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl444
-rw-r--r--deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl1054
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/aes/asm/aes-sparcv9.pl3
-rwxr-xr-xdeps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl48
-rw-r--r--deps/openssl/openssl/crypto/asn1/Makefile2
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_digest.c6
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_int.c4
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_sign.c111
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_strex.c1
-rw-r--r--deps/openssl/openssl/crypto/asn1/a_verify.c83
-rw-r--r--deps/openssl/openssl/crypto/asn1/ameth_lib.c12
-rw-r--r--deps/openssl/openssl/crypto/asn1/asn1.h8
-rw-r--r--deps/openssl/openssl/crypto/asn1/asn1_err.c5
-rw-r--r--deps/openssl/openssl/crypto/asn1/asn1_locl.h11
-rw-r--r--deps/openssl/openssl/crypto/asn1/asn_mime.c23
-rw-r--r--deps/openssl/openssl/crypto/asn1/n_pkey.c38
-rw-r--r--deps/openssl/openssl/crypto/asn1/p5_pbev2.c143
-rw-r--r--deps/openssl/openssl/crypto/asn1/t_crl.c3
-rw-r--r--deps/openssl/openssl/crypto/asn1/t_x509.c55
-rw-r--r--deps/openssl/openssl/crypto/asn1/tasn_prn.c12
-rw-r--r--deps/openssl/openssl/crypto/asn1/x_algor.c14
-rw-r--r--deps/openssl/openssl/crypto/asn1/x_name.c3
-rw-r--r--deps/openssl/openssl/crypto/asn1/x_pubkey.c14
-rw-r--r--deps/openssl/openssl/crypto/bf/Makefile7
-rw-r--r--deps/openssl/openssl/crypto/bf/bf_skey.c8
-rw-r--r--deps/openssl/openssl/crypto/bf/blowfish.h4
-rw-r--r--deps/openssl/openssl/crypto/bio/bio.h70
-rw-r--r--deps/openssl/openssl/crypto/bio/bio_err.c3
-rw-r--r--deps/openssl/openssl/crypto/bio/bio_lib.c28
-rw-r--r--deps/openssl/openssl/crypto/bio/bss_bio.c18
-rw-r--r--deps/openssl/openssl/crypto/bio/bss_dgram.c1073
-rw-r--r--deps/openssl/openssl/crypto/bn/Makefile34
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl23
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl107
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc.pl43
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl338
-rw-r--r--deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl102
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/bn/asm/s390x.S0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/bn/asm/x86-mont.pl0
-rwxr-xr-xdeps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl1489
-rw-r--r--deps/openssl/openssl/crypto/bn/bn.h15
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_div.c274
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_exp.c240
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_gcd.c1
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_gf2m.c114
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_lcl.h30
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_lib.c19
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_mont.c116
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_nist.c338
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_print.c19
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_shift.c27
-rw-r--r--deps/openssl/openssl/crypto/bn/bn_word.c25
-rw-r--r--deps/openssl/openssl/crypto/bn/bntest.c8
-rw-r--r--deps/openssl/openssl/crypto/buffer/Makefile11
-rw-r--r--deps/openssl/openssl/crypto/buffer/buffer.c58
-rw-r--r--deps/openssl/openssl/crypto/camellia/Makefile17
-rw-r--r--deps/openssl/openssl/crypto/camellia/asm/cmll-x86.pl6
-rw-r--r--deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl3
-rw-r--r--deps/openssl/openssl/crypto/camellia/camellia.h4
-rw-r--r--deps/openssl/openssl/crypto/camellia/cmll_locl.h5
-rw-r--r--deps/openssl/openssl/crypto/camellia/cmll_misc.c3
-rw-r--r--deps/openssl/openssl/crypto/cast/Makefile5
-rw-r--r--deps/openssl/openssl/crypto/cast/c_skey.c9
-rw-r--r--deps/openssl/openssl/crypto/cast/cast.h4
-rw-r--r--deps/openssl/openssl/crypto/cms/Makefile24
-rw-r--r--deps/openssl/openssl/crypto/cms/cms.h22
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_asn1.c9
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_cd.c2
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_enc.c60
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_env.c22
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_err.c13
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_lcl.h12
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_lib.c5
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_sd.c3
-rw-r--r--deps/openssl/openssl/crypto/cms/cms_smime.c61
-rw-r--r--deps/openssl/openssl/crypto/comp/c_rle.c4
-rw-r--r--deps/openssl/openssl/crypto/conf/conf_mall.c1
-rw-r--r--deps/openssl/openssl/crypto/cpt_err.c4
-rw-r--r--deps/openssl/openssl/crypto/cryptlib.c56
-rw-r--r--deps/openssl/openssl/crypto/cryptlib.h4
-rw-r--r--deps/openssl/openssl/crypto/crypto-lib.com39
-rw-r--r--deps/openssl/openssl/crypto/crypto.h40
-rw-r--r--deps/openssl/openssl/crypto/des/Makefile5
-rw-r--r--deps/openssl/openssl/crypto/des/des.h3
-rw-r--r--deps/openssl/openssl/crypto/des/set_key.c8
-rw-r--r--deps/openssl/openssl/crypto/des/str2key.c2
-rw-r--r--deps/openssl/openssl/crypto/dh/dh.h20
-rw-r--r--deps/openssl/openssl/crypto/dh/dh_ameth.c1
-rw-r--r--deps/openssl/openssl/crypto/dh/dh_err.c7
-rw-r--r--deps/openssl/openssl/crypto/dh/dh_gen.c17
-rw-r--r--deps/openssl/openssl/crypto/dh/dh_key.c33
-rw-r--r--deps/openssl/openssl/crypto/dh/dh_lib.c15
-rw-r--r--deps/openssl/openssl/crypto/dsa/Makefile7
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa.h20
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_ameth.c47
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_asn1.c40
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_err.c7
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_gen.c35
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_key.c16
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_lib.c22
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_locl.h1
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_ossl.c16
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_pmeth.c6
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_sign.c50
-rw-r--r--deps/openssl/openssl/crypto/dsa/dsa_vrf.c29
-rw-r--r--deps/openssl/openssl/crypto/dso/dso_dlfcn.c3
-rw-r--r--deps/openssl/openssl/crypto/ec/Makefile36
-rw-r--r--deps/openssl/openssl/crypto/ec/ec.h97
-rw-r--r--deps/openssl/openssl/crypto/ec/ec2_mult.c4
-rw-r--r--deps/openssl/openssl/crypto/ec/ec2_smpl.c351
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_ameth.c1
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_asn1.c24
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_curve.c197
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_cvt.c28
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_err.c20
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_key.c115
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_lcl.h55
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_lib.c80
-rw-r--r--deps/openssl/openssl/crypto/ec/ec_pmeth.c3
-rw-r--r--deps/openssl/openssl/crypto/ec/eck_prn.c3
-rw-r--r--deps/openssl/openssl/crypto/ec/ecp_mont.c13
-rw-r--r--deps/openssl/openssl/crypto/ec/ecp_nist.c13
-rw-r--r--deps/openssl/openssl/crypto/ec/ecp_smpl.c379
-rw-r--r--deps/openssl/openssl/crypto/ec/ectest.c343
-rw-r--r--deps/openssl/openssl/crypto/ecdh/Makefile17
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ecdh.h2
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ecdhtest.c6
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ech_err.c4
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ech_key.c3
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ech_lib.c31
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ech_locl.h8
-rw-r--r--deps/openssl/openssl/crypto/ecdh/ech_ossl.c2
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecdsa.h2
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecdsatest.c14
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecs_err.c4
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecs_lib.c32
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecs_locl.h8
-rw-r--r--deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c5
-rw-r--r--deps/openssl/openssl/crypto/engine/Makefile34
-rw-r--r--deps/openssl/openssl/crypto/engine/eng_all.c9
-rw-r--r--deps/openssl/openssl/crypto/engine/eng_cryptodev.c71
-rw-r--r--deps/openssl/openssl/crypto/engine/eng_fat.c3
-rw-r--r--deps/openssl/openssl/crypto/engine/engine.h9
-rw-r--r--deps/openssl/openssl/crypto/err/err.c13
-rw-r--r--deps/openssl/openssl/crypto/err/err.h3
-rw-r--r--deps/openssl/openssl/crypto/err/err_all.c12
-rw-r--r--deps/openssl/openssl/crypto/evp/Makefile125
-rw-r--r--deps/openssl/openssl/crypto/evp/bio_md.c11
-rw-r--r--deps/openssl/openssl/crypto/evp/bio_ok.c103
-rw-r--r--deps/openssl/openssl/crypto/evp/c_allc.c18
-rw-r--r--deps/openssl/openssl/crypto/evp/digest.c27
-rw-r--r--deps/openssl/openssl/crypto/evp/e_aes.c1274
-rw-r--r--deps/openssl/openssl/crypto/evp/e_des3.c3
-rw-r--r--deps/openssl/openssl/crypto/evp/e_null.c4
-rw-r--r--deps/openssl/openssl/crypto/evp/e_rc2.c3
-rw-r--r--deps/openssl/openssl/crypto/evp/e_rc4.c1
-rw-r--r--deps/openssl/openssl/crypto/evp/evp.h101
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_enc.c95
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_err.c26
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_key.c27
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_lib.c4
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_locl.h40
-rw-r--r--deps/openssl/openssl/crypto/evp/evp_pbe.c5
-rw-r--r--deps/openssl/openssl/crypto/evp/evptests.txt13
-rw-r--r--deps/openssl/openssl/crypto/evp/m_dss.c4
-rw-r--r--deps/openssl/openssl/crypto/evp/m_dss1.c5
-rw-r--r--deps/openssl/openssl/crypto/evp/m_ecdsa.c3
-rw-r--r--deps/openssl/openssl/crypto/evp/m_md4.c2
-rw-r--r--deps/openssl/openssl/crypto/evp/m_md5.c1
-rw-r--r--deps/openssl/openssl/crypto/evp/m_mdc2.c2
-rw-r--r--deps/openssl/openssl/crypto/evp/m_ripemd.c1
-rw-r--r--deps/openssl/openssl/crypto/evp/m_sha.c1
-rw-r--r--deps/openssl/openssl/crypto/evp/m_sha1.c7
-rw-r--r--deps/openssl/openssl/crypto/evp/m_wp.c1
-rw-r--r--deps/openssl/openssl/crypto/evp/names.c5
-rw-r--r--deps/openssl/openssl/crypto/evp/p5_crpt.c33
-rw-r--r--deps/openssl/openssl/crypto/evp/p5_crpt2.c89
-rw-r--r--deps/openssl/openssl/crypto/evp/p_open.c3
-rw-r--r--deps/openssl/openssl/crypto/evp/p_seal.c3
-rw-r--r--deps/openssl/openssl/crypto/evp/p_sign.c10
-rw-r--r--deps/openssl/openssl/crypto/evp/p_verify.c10
-rw-r--r--deps/openssl/openssl/crypto/evp/pmeth_gn.c5
-rw-r--r--deps/openssl/openssl/crypto/evp/pmeth_lib.c55
-rw-r--r--deps/openssl/openssl/crypto/hmac/hm_ameth.c2
-rw-r--r--deps/openssl/openssl/crypto/hmac/hm_pmeth.c14
-rw-r--r--deps/openssl/openssl/crypto/hmac/hmac.c37
-rw-r--r--deps/openssl/openssl/crypto/ia64cpuid.S2
-rw-r--r--deps/openssl/openssl/crypto/idea/Makefile5
-rw-r--r--deps/openssl/openssl/crypto/idea/i_skey.c8
-rw-r--r--deps/openssl/openssl/crypto/idea/idea.h3
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/install-crypto.com0
-rw-r--r--deps/openssl/openssl/crypto/md2/md2.h3
-rw-r--r--deps/openssl/openssl/crypto/md2/md2_dgst.c2
-rw-r--r--deps/openssl/openssl/crypto/md4/Makefile8
-rw-r--r--deps/openssl/openssl/crypto/md4/md4.h3
-rw-r--r--deps/openssl/openssl/crypto/md4/md4_dgst.c36
-rw-r--r--deps/openssl/openssl/crypto/md4/md4_locl.h8
-rw-r--r--deps/openssl/openssl/crypto/md5/Makefile8
-rwxr-xr-xdeps/openssl/openssl/crypto/md5/asm/md5-x86_64.pl3
-rw-r--r--deps/openssl/openssl/crypto/md5/md5.h3
-rw-r--r--deps/openssl/openssl/crypto/md5/md5_dgst.c3
-rw-r--r--deps/openssl/openssl/crypto/md5/md5_locl.h8
-rw-r--r--deps/openssl/openssl/crypto/mdc2/Makefile14
-rw-r--r--deps/openssl/openssl/crypto/mdc2/mdc2.h3
-rw-r--r--deps/openssl/openssl/crypto/mdc2/mdc2dgst.c3
-rw-r--r--deps/openssl/openssl/crypto/mem.c4
-rw-r--r--deps/openssl/openssl/crypto/modes/Makefile77
-rw-r--r--deps/openssl/openssl/crypto/modes/cbc128.c10
-rw-r--r--deps/openssl/openssl/crypto/modes/cfb128.c11
-rw-r--r--deps/openssl/openssl/crypto/modes/ctr128.c92
-rw-r--r--deps/openssl/openssl/crypto/modes/cts128.c226
-rw-r--r--deps/openssl/openssl/crypto/modes/modes.h76
-rw-r--r--deps/openssl/openssl/crypto/modes/ofb128.c11
-rw-r--r--deps/openssl/openssl/crypto/objects/o_names.c2
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_dat.h136
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_mac.h142
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_mac.num27
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_xref.c9
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_xref.h2
-rw-r--r--deps/openssl/openssl/crypto/objects/obj_xref.txt4
-rw-r--r--deps/openssl/openssl/crypto/objects/objects.txt41
-rw-r--r--deps/openssl/openssl/crypto/ocsp/ocsp_lib.c3
-rw-r--r--deps/openssl/openssl/crypto/ocsp/ocsp_vfy.c10
-rw-r--r--deps/openssl/openssl/crypto/opensslv.h6
-rw-r--r--deps/openssl/openssl/crypto/ossl_typ.h2
-rw-r--r--deps/openssl/openssl/crypto/pem/pem_all.c161
-rw-r--r--deps/openssl/openssl/crypto/pem/pem_lib.c27
-rw-r--r--deps/openssl/openssl/crypto/pem/pem_seal.c6
-rw-r--r--deps/openssl/openssl/crypto/pem/pvkfmt.c58
-rw-r--r--deps/openssl/openssl/crypto/perlasm/cbc.pl2
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/perlasm/ppc-xlate.pl13
-rwxr-xr-xdeps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl218
-rw-r--r--deps/openssl/openssl/crypto/perlasm/x86asm.pl55
-rw-r--r--deps/openssl/openssl/crypto/perlasm/x86gas.pl34
-rw-r--r--deps/openssl/openssl/crypto/perlasm/x86masm.pl22
-rw-r--r--deps/openssl/openssl/crypto/perlasm/x86nasm.pl15
-rw-r--r--deps/openssl/openssl/crypto/pkcs12/p12_decr.c9
-rw-r--r--deps/openssl/openssl/crypto/pkcs12/p12_key.c40
-rw-r--r--deps/openssl/openssl/crypto/pkcs12/p12_kiss.c2
-rw-r--r--deps/openssl/openssl/crypto/pkcs12/p12_mutl.c12
-rw-r--r--deps/openssl/openssl/crypto/pkcs7/bio_pk7.c2
-rw-r--r--deps/openssl/openssl/crypto/pkcs7/pk7_doit.c101
-rw-r--r--deps/openssl/openssl/crypto/pkcs7/pk7_smime.c25
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/ppccpuid.pl48
-rw-r--r--deps/openssl/openssl/crypto/rand/md_rand.c33
-rw-r--r--deps/openssl/openssl/crypto/rand/rand.h9
-rw-r--r--deps/openssl/openssl/crypto/rand/rand_err.c6
-rw-r--r--deps/openssl/openssl/crypto/rand/rand_lib.c122
-rw-r--r--deps/openssl/openssl/crypto/rand/randfile.c4
-rw-r--r--deps/openssl/openssl/crypto/rc2/Makefile6
-rw-r--r--deps/openssl/openssl/crypto/rc2/rc2.h4
-rw-r--r--deps/openssl/openssl/crypto/rc2/rc2_skey.c8
-rw-r--r--deps/openssl/openssl/crypto/rc4/Makefile18
-rw-r--r--deps/openssl/openssl/crypto/rc4/asm/rc4-586.pl162
-rw-r--r--deps/openssl/openssl/crypto/rc4/asm/rc4-s390x.pl47
-rwxr-xr-xdeps/openssl/openssl/crypto/rc4/asm/rc4-x86_64.pl293
-rw-r--r--deps/openssl/openssl/crypto/rc4/rc4.h1
-rw-r--r--deps/openssl/openssl/crypto/rc4/rc4_skey.c36
-rw-r--r--deps/openssl/openssl/crypto/rc4/rc4test.c6
-rw-r--r--deps/openssl/openssl/crypto/ripemd/Makefile7
-rw-r--r--deps/openssl/openssl/crypto/ripemd/ripemd.h3
-rw-r--r--deps/openssl/openssl/crypto/ripemd/rmd_dgst.c33
-rw-r--r--deps/openssl/openssl/crypto/ripemd/rmd_locl.h10
-rw-r--r--deps/openssl/openssl/crypto/rsa/Makefile39
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa.h81
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_ameth.c351
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_asn1.c10
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_eay.c6
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_err.c21
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_gen.c15
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_lib.c172
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_oaep.c8
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_pmeth.c154
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_pss.c81
-rw-r--r--deps/openssl/openssl/crypto/rsa/rsa_sign.c33
-rw-r--r--deps/openssl/openssl/crypto/s390xcap.c12
-rw-r--r--deps/openssl/openssl/crypto/s390xcpuid.S17
-rw-r--r--deps/openssl/openssl/crypto/seed/seed.c13
-rw-r--r--deps/openssl/openssl/crypto/seed/seed.h4
-rw-r--r--deps/openssl/openssl/crypto/sha/Makefile39
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha1-586.pl1107
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha1-armv4-large.pl41
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha1-ia64.pl193
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl83
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl50
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha1-sparcv9a.pl2
-rwxr-xr-xdeps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl1188
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha256-586.pl52
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha256-armv4.pl55
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha512-586.pl16
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha512-armv4.pl357
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl114
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl63
-rw-r--r--deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl6
-rwxr-xr-xdeps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl89
-rw-r--r--deps/openssl/openssl/crypto/sha/sha.h14
-rw-r--r--deps/openssl/openssl/crypto/sha/sha1_one.c2
-rw-r--r--deps/openssl/openssl/crypto/sha/sha1dgst.c1
-rw-r--r--deps/openssl/openssl/crypto/sha/sha256.c10
-rw-r--r--deps/openssl/openssl/crypto/sha/sha512.c54
-rw-r--r--deps/openssl/openssl/crypto/sha/sha_dgst.c1
-rw-r--r--deps/openssl/openssl/crypto/sha/sha_locl.h46
-rw-r--r--deps/openssl/openssl/crypto/sparccpuid.S4
-rw-r--r--deps/openssl/openssl/crypto/sparcv9cap.c4
-rw-r--r--deps/openssl/openssl/crypto/stack/safestack.h138
-rw-r--r--deps/openssl/openssl/crypto/symhacks.h32
-rw-r--r--deps/openssl/openssl/crypto/ts/ts.h3
-rw-r--r--deps/openssl/openssl/crypto/ts/ts_rsp_verify.c9
-rw-r--r--deps/openssl/openssl/crypto/ui/ui.h2
-rw-r--r--deps/openssl/openssl/crypto/ui/ui_openssl.c8
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/crypto/vms_rms.h0
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/Makefile5
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/asm/wp-mmx.pl2
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/asm/wp-x86_64.pl3
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/whrlpool.h3
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/wp_block.c4
-rw-r--r--deps/openssl/openssl/crypto/whrlpool/wp_dgst.c3
-rw-r--r--deps/openssl/openssl/crypto/x509/by_dir.c8
-rw-r--r--deps/openssl/openssl/crypto/x509/x509.h11
-rw-r--r--deps/openssl/openssl/crypto/x509/x509_cmp.c34
-rw-r--r--deps/openssl/openssl/crypto/x509/x509_lu.c2
-rw-r--r--deps/openssl/openssl/crypto/x509/x509_vfy.c9
-rw-r--r--deps/openssl/openssl/crypto/x509/x509type.c32
-rw-r--r--deps/openssl/openssl/crypto/x509/x_all.c19
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_asid.c63
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_purp.c4
-rw-r--r--deps/openssl/openssl/crypto/x509v3/v3_skey.c3
-rw-r--r--deps/openssl/openssl/crypto/x86_64cpuid.pl88
-rw-r--r--deps/openssl/openssl/crypto/x86cpuid.pl82
-rw-r--r--deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt2
-rw-r--r--deps/openssl/openssl/doc/apps/CA.pl.pod8
-rw-r--r--deps/openssl/openssl/doc/apps/genpkey.pod2
-rw-r--r--deps/openssl/openssl/doc/apps/openssl.pod4
-rw-r--r--deps/openssl/openssl/doc/apps/verify.pod60
-rw-r--r--deps/openssl/openssl/doc/apps/x509.pod5
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_DigestInit.pod66
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_decrypt.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_derive.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_encrypt.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_keygen.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_sign.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/EVP_PKEY_verify.pod2
-rw-r--r--deps/openssl/openssl/doc/crypto/ecdsa.pod2
-rw-r--r--deps/openssl/openssl/doc/ssl/SSL_alert_type_string.pod5
-rw-r--r--deps/openssl/openssl/e_os.h12
-rw-r--r--deps/openssl/openssl/e_os2.h20
-rw-r--r--deps/openssl/openssl/engines/ccgost/Makefile14
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost89.c14
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost_ameth.c37
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost_crypt.c29
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost_eng.c17
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost_lcl.h4
-rw-r--r--deps/openssl/openssl/engines/ccgost/gost_pmeth.c19
-rw-r--r--deps/openssl/openssl/engines/ccgost/gosthash.c2
-rw-r--r--deps/openssl/openssl/engines/e_aep.c1
-rw-r--r--deps/openssl/openssl/engines/e_capi.c56
-rw-r--r--deps/openssl/openssl/engines/e_padlock.c8
-rwxr-xr-xdeps/openssl/openssl/makevms.com20
-rwxr-xr-xdeps/openssl/openssl/ms/do_win64a.bat18
-rwxr-xr-xdeps/openssl/openssl/ms/do_win64i.bat6
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/ms/uplink-common.pl0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/ms/uplink-ia64.pl0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/ms/uplink-x86.pl0
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/ms/uplink-x86_64.pl3
-rw-r--r--deps/openssl/openssl/ms/uplink.h4
-rw-r--r--deps/openssl/openssl/openssl.spec4
-rw-r--r--deps/openssl/openssl/ssl/Makefile556
-rw-r--r--deps/openssl/openssl/ssl/d1_both.c178
-rw-r--r--deps/openssl/openssl/ssl/d1_clnt.c200
-rw-r--r--deps/openssl/openssl/ssl/d1_enc.c59
-rw-r--r--deps/openssl/openssl/ssl/d1_lib.c53
-rw-r--r--deps/openssl/openssl/ssl/d1_pkt.c277
-rw-r--r--deps/openssl/openssl/ssl/d1_srvr.c186
-rw-r--r--deps/openssl/openssl/ssl/dtls1.h26
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/ssl/install-ssl.com2
-rw-r--r--deps/openssl/openssl/ssl/kssl.c16
-rw-r--r--deps/openssl/openssl/ssl/kssl.h4
-rw-r--r--deps/openssl/openssl/ssl/s23_clnt.c118
-rw-r--r--deps/openssl/openssl/ssl/s23_meth.c4
-rw-r--r--deps/openssl/openssl/ssl/s23_srvr.c59
-rw-r--r--deps/openssl/openssl/ssl/s2_clnt.c14
-rw-r--r--deps/openssl/openssl/ssl/s2_pkt.c3
-rw-r--r--deps/openssl/openssl/ssl/s2_srvr.c16
-rw-r--r--deps/openssl/openssl/ssl/s3_both.c44
-rw-r--r--deps/openssl/openssl/ssl/s3_clnt.c440
-rw-r--r--deps/openssl/openssl/ssl/s3_enc.c147
-rw-r--r--deps/openssl/openssl/ssl/s3_lib.c991
-rw-r--r--deps/openssl/openssl/ssl/s3_pkt.c225
-rw-r--r--deps/openssl/openssl/ssl/s3_srvr.c476
-rw-r--r--deps/openssl/openssl/ssl/ssl-lib.com4
-rw-r--r--deps/openssl/openssl/ssl/ssl.h331
-rw-r--r--deps/openssl/openssl/ssl/ssl2.h4
-rw-r--r--deps/openssl/openssl/ssl/ssl3.h45
-rw-r--r--deps/openssl/openssl/ssl/ssl_algs.c10
-rw-r--r--deps/openssl/openssl/ssl/ssl_asn1.c50
-rw-r--r--deps/openssl/openssl/ssl/ssl_cert.c21
-rw-r--r--deps/openssl/openssl/ssl/ssl_ciph.c178
-rw-r--r--deps/openssl/openssl/ssl/ssl_err.c35
-rw-r--r--deps/openssl/openssl/ssl/ssl_lib.c228
-rw-r--r--deps/openssl/openssl/ssl/ssl_locl.h111
-rw-r--r--deps/openssl/openssl/ssl/ssl_rsa.c50
-rw-r--r--deps/openssl/openssl/ssl/ssl_sess.c167
-rw-r--r--deps/openssl/openssl/ssl/ssl_txt.c8
-rw-r--r--deps/openssl/openssl/ssl/ssltest.c176
-rw-r--r--deps/openssl/openssl/ssl/t1_clnt.c21
-rw-r--r--deps/openssl/openssl/ssl/t1_enc.c353
-rw-r--r--deps/openssl/openssl/ssl/t1_lib.c955
-rw-r--r--deps/openssl/openssl/ssl/t1_meth.c22
-rw-r--r--deps/openssl/openssl/ssl/t1_srvr.c21
-rw-r--r--deps/openssl/openssl/ssl/tls1.h201
-rw-r--r--deps/openssl/openssl/util/copy.pl11
-rwxr-xr-xdeps/openssl/openssl/util/cygwin.sh12
-rwxr-xr-xdeps/openssl/openssl/util/libeay.num219
-rwxr-xr-xdeps/openssl/openssl/util/mk1mf.pl85
-rwxr-xr-xdeps/openssl/openssl/util/mkdef.pl40
-rwxr-xr-xdeps/openssl/openssl/util/mkfiles.pl2
-rwxr-xr-x[-rw-r--r--]deps/openssl/openssl/util/mkrc.pl0
-rw-r--r--deps/openssl/openssl/util/pl/VC-32.pl81
-rwxr-xr-xdeps/openssl/openssl/util/ssleay.num61
-rw-r--r--deps/openssl/patches/handshake_cutthrough.patch275
-rw-r--r--deps/openssl/patches/jsse.patch426
-rw-r--r--deps/openssl/patches/npn.patch1293
-rw-r--r--deps/openssl/patches/openssl_no_dtls1.patch13
-rw-r--r--deps/openssl/patches/progs.patch54
-rw-r--r--deps/openssl/patches/sha1_armv4_large.patch21
-rw-r--r--deps/openssl/patches/small_records.patch337
-rwxr-xr-xdeps/openssl/patches/tls_exporter.patch220
-rw-r--r--deps/openssl/patches/x509_hash_name_algorithm_change.patch31
512 files changed, 41826 insertions, 21029 deletions
diff --git a/deps/openssl/README.chromium b/deps/openssl/README.chromium
deleted file mode 100644
index aec361b66..000000000
--- a/deps/openssl/README.chromium
+++ /dev/null
@@ -1,96 +0,0 @@
-Name: openssl
-URL: http://openssl.org/source/
-Version: 1.0.0f
-License: BSDish
-License File: openssl/LICENSE
-
-Description:
-This is OpenSSL, the standard SSL/TLS library, which is used only in Android.
-
-It's an unmodified, upstream source except for the patches listed below.
-
-
-********************************************************************************
-The following patches are taken from Android Open Source Project.
-
-
-progs.patch:
-
-Fixup sources under the apps/ directory that are not built under the android environment.
-
-
-small_records.patch:
-
-Reduce OpenSSL memory consumption.
-SSL records may be as large as 16K, but are typically < 2K. In
-addition, a historic bug in Windows allowed records to be as large
-32K. OpenSSL statically allocates read and write buffers (34K and
-18K respectively) used for processing records.
-With this patch, OpenSSL statically allocates 4K + 4K buffers, with
-the option of dynamically growing buffers to 34K + 4K, which is a
-saving of 44K per connection for the typical case.
-
-
-handshake_cutthrough.patch
-
-Enables SSL3+ clients to send application data immediately following the
-Finished message even when negotiating full-handshakes. With this patch,
-clients can negotiate SSL connections in 1-RTT even when performing
-full-handshakes.
-
-
-jsse.patch
-
-Support for JSSE implementation based on OpenSSL.
-
-
-npn.patch
-
-Transport Layer Security (TLS) Next Protocol Negotiation Extension
-
-
-sha1_armv4_large.patch
-
-This patch eliminates memory stores to addresses below SP.
-
-
-openssl_no_dtls1.patch
-
-Add missing #ifndef OPENSSL_NO_DTLS1
-
-
-********************************************************************************
-The following patches are needed to compile this openssl on Chromium and pass
-the related net unit tests.
-
-
-empty_OPENSSL_cpuid_setup.patch
-
-Use a empty implementation for function OPENSSL_cpuid_setup to resolve link
-error. We should figure out how to geenrate platform specific implementation
-of OPENSSL_cpuid_setup by leveraging crypto/*cpuid.pl.
-
-
-x509_hash_name_algorithm_change.patch
-
-There are many symbolic links under /etc/ssl/certs created by using hash of
-the pem certificates in order for OpenSSL to find those certificate.
-Openssl has a tool to help you create hash symbolic links. (See tools/c_rehash)
-However the new openssl changed the hash algorithm, Unless you compile/install
-the latest openssl library and re-create all related symbolic links, the new
-openssl can not find some certificates because the links of those certificates
-were created by using old hash algorithm, which causes some tests failed.
-This patch gives a way to find a certificate according to its hash by using both
-new algorithm and old algorithm.
-crbug.com/111045 is used to track this issue.
-
-
-tls_exporter.patch
-
-Keying Material Exporters for Transport Layer Security (RFC 5705).
-
-
-Android platform support
-
-Copy config/android/openssl/opensslconf.h from Android's
-external/openssl/include/openssl/opensslconf.h
diff --git a/deps/openssl/asm/Makefile b/deps/openssl/asm/Makefile
index 383d5f64c..9f54785b4 100644
--- a/deps/openssl/asm/Makefile
+++ b/deps/openssl/asm/Makefile
@@ -3,6 +3,7 @@ PERL += -I../openssl/crypto/perlasm -I../openssl/crypto/bn/asm
OUTPUTS = \
x86-elf-gas/aes/aes-586.s \
+ x86-elf-gas/aes/aesni-x86.s \
x86-elf-gas/bf/bf-686.s \
x86-elf-gas/bn/x86-mont.s \
x86-elf-gas/bn/x86.s \
@@ -20,15 +21,20 @@ OUTPUTS = \
x86-elf-gas/whrlpool/wp-mmx.s \
x86-elf-gas/x86cpuid.s \
x64-elf-gas/aes/aes-x86_64.s \
+ x64-elf-gas/aes/aesni-x86_64.s \
+ x64-elf-gas/aes/aesni-sha1-x86_64.s \
+ x64-elf-gas/bn/modexp512-x86_64.s \
x64-elf-gas/bn/x86_64-mont.s \
x64-elf-gas/camellia/cmll-x86_64.s \
x64-elf-gas/md5/md5-x86_64.s \
x64-elf-gas/rc4/rc4-x86_64.s \
+ x64-elf-gas/rc4/rc4-md5-x86_64.s \
x64-elf-gas/sha/sha1-x86_64.s \
x64-elf-gas/sha/sha512-x86_64.s \
x64-elf-gas/whrlpool/wp-x86_64.s \
x64-elf-gas/x86_64cpuid.s \
x86-macosx-gas/aes/aes-586.s \
+ x86-macosx-gas/aes/aesni-x86.s \
x86-macosx-gas/bf/bf-686.s \
x86-macosx-gas/bn/x86-mont.s \
x86-macosx-gas/bn/x86.s \
@@ -46,15 +52,20 @@ OUTPUTS = \
x86-macosx-gas/whrlpool/wp-mmx.s \
x86-macosx-gas/x86cpuid.s \
x64-macosx-gas/aes/aes-x86_64.s \
+ x64-macosx-gas/aes/aesni-x86_64.s \
+ x64-macosx-gas/aes/aesni-sha1-x86_64.s \
+ x64-macosx-gas/bn/modexp512-x86_64.s \
x64-macosx-gas/bn/x86_64-mont.s \
x64-macosx-gas/camellia/cmll-x86_64.s \
x64-macosx-gas/md5/md5-x86_64.s \
x64-macosx-gas/rc4/rc4-x86_64.s \
+ x64-macosx-gas/rc4/rc4-md5-x86_64.s \
x64-macosx-gas/sha/sha1-x86_64.s \
x64-macosx-gas/sha/sha512-x86_64.s \
x64-macosx-gas/whrlpool/wp-x86_64.s \
x64-macosx-gas/x86_64cpuid.s \
x86-win32-masm/aes/aes-586.asm \
+ x86-win32-masm/aes/aesni-x86.asm \
x86-win32-masm/bf/bf-686.asm \
x86-win32-masm/bn/x86-mont.asm \
x86-win32-masm/bn/x86.asm \
@@ -72,10 +83,14 @@ OUTPUTS = \
x86-win32-masm/whrlpool/wp-mmx.asm \
x86-win32-masm/x86cpuid.asm \
x64-win32-masm/aes/aes-x86_64.asm \
+ x64-win32-masm/aes/aesni-x86_64.asm \
+ x64-win32-masm/aes/aesni-sha1-x86_64.asm \
+ x64-win32-masm/bn/modexp512-x86_64.asm \
x64-win32-masm/bn/x86_64-mont.asm \
x64-win32-masm/camellia/cmll-x86_64.asm \
x64-win32-masm/md5/md5-x86_64.asm \
x64-win32-masm/rc4/rc4-x86_64.asm \
+ x64-win32-masm/rc4/rc4-md5-x86_64.asm \
x64-win32-masm/sha/sha1-x86_64.asm \
x64-win32-masm/sha/sha512-x86_64.asm \
x64-win32-masm/whrlpool/wp-x86_64.asm \
@@ -103,33 +118,46 @@ clean:
find . -iname '*.s' -exec rm "{}" \;
x64-elf-gas/aes/aes-x86_64.s: ../openssl/crypto/aes/asm/aes-x86_64.pl
+x64-elf-gas/aes/aesni-x86_64.s: ../openssl/crypto/aes/asm/aesni-x86_64.pl
+x64-elf-gas/aes/aesni-sha1-x86_64.s: ../openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
+x64-elf-gas/bn/modexp512-x86_64.s: ../openssl/crypto/bn/asm/modexp512-x86_64.pl
x64-elf-gas/bn/x86_64-mont.s: ../openssl/crypto/bn/asm/x86_64-mont.pl
x64-elf-gas/camellia/cmll-x86_64.s: ../openssl/crypto/camellia/asm/cmll-x86_64.pl
x64-elf-gas/md5/md5-x86_64.s: ../openssl/crypto/md5/asm/md5-x86_64.pl
x64-elf-gas/rc4/rc4-x86_64.s: ../openssl/crypto/rc4/asm/rc4-x86_64.pl
+x64-elf-gas/rc4/rc4-md5-x86_64.s: ../openssl/crypto/rc4/asm/rc4-md5-x86_64.pl
x64-elf-gas/sha/sha1-x86_64.s: ../openssl/crypto/sha/asm/sha1-x86_64.pl
x64-elf-gas/sha/sha512-x86_64.s: ../openssl/crypto/sha/asm/sha512-x86_64.pl
x64-elf-gas/whrlpool/wp-x86_64.s: ../openssl/crypto/whrlpool/asm/wp-x86_64.pl
x64-elf-gas/x86_64cpuid.s: ../openssl/crypto/x86_64cpuid.pl
x64-macosx-gas/aes/aes-x86_64.s: ../openssl/crypto/aes/asm/aes-x86_64.pl
+x64-macosx-gas/aes/aesni-x86_64.s: ../openssl/crypto/aes/asm/aesni-x86_64.pl
+x64-macosx-gas/aes/aesni-sha1-x86_64.s: ../openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
+x64-macosx-gas/bn/modexp512-x86_64.s: ../openssl/crypto/bn/asm/modexp512-x86_64.pl
x64-macosx-gas/bn/x86_64-mont.s: ../openssl/crypto/bn/asm/x86_64-mont.pl
x64-macosx-gas/camellia/cmll-x86_64.s: ../openssl/crypto/camellia/asm/cmll-x86_64.pl
x64-macosx-gas/md5/md5-x86_64.s: ../openssl/crypto/md5/asm/md5-x86_64.pl
x64-macosx-gas/rc4/rc4-x86_64.s: ../openssl/crypto/rc4/asm/rc4-x86_64.pl
+x64-macosx-gas/rc4/rc4-md5-x86_64.s: ../openssl/crypto/rc4/asm/rc4-md5-x86_64.pl
x64-macosx-gas/sha/sha1-x86_64.s: ../openssl/crypto/sha/asm/sha1-x86_64.pl
x64-macosx-gas/sha/sha512-x86_64.s: ../openssl/crypto/sha/asm/sha512-x86_64.pl
x64-macosx-gas/whrlpool/wp-x86_64.s: ../openssl/crypto/whrlpool/asm/wp-x86_64.pl
x64-macosx-gas/x86_64cpuid.s: ../openssl/crypto/x86_64cpuid.pl
x64-win32-masm/aes/aes-x86_64.asm: ../openssl/crypto/aes/asm/aes-x86_64.pl
+x64-win32-masm/aes/aesni-x86_64.asm: ../openssl/crypto/aes/asm/aesni-x86_64.pl
+x64-win32-masm/aes/aesni-sha1-x86_64.asm: ../openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
+x64-win32-masm/bn/modexp512-x86_64.asm: ../openssl/crypto/bn/asm/modexp512-x86_64.pl
x64-win32-masm/bn/x86_64-mont.asm: ../openssl/crypto/bn/asm/x86_64-mont.pl
x64-win32-masm/camellia/cmll-x86_64.asm: ../openssl/crypto/camellia/asm/cmll-x86_64.pl
x64-win32-masm/md5/md5-x86_64.asm: ../openssl/crypto/md5/asm/md5-x86_64.pl
x64-win32-masm/rc4/rc4-x86_64.asm: ../openssl/crypto/rc4/asm/rc4-x86_64.pl
+x64-win32-masm/rc4/rc4-md5-x86_64.asm: ../openssl/crypto/rc4/asm/rc4-md5-x86_64.pl
x64-win32-masm/sha/sha1-x86_64.asm: ../openssl/crypto/sha/asm/sha1-x86_64.pl
x64-win32-masm/sha/sha512-x86_64.asm: ../openssl/crypto/sha/asm/sha512-x86_64.pl
x64-win32-masm/whrlpool/wp-x86_64.asm: ../openssl/crypto/whrlpool/asm/wp-x86_64.pl
x64-win32-masm/x86_64cpuid.asm: ../openssl/crypto/x86_64cpuid.pl
x86-elf-gas/aes/aes-586.s: ../openssl/crypto/aes/asm/aes-586.pl
+x86-elf-gas/aes/aesni-x86.s: ../openssl/crypto/aes/asm/aesni-x86.pl
x86-elf-gas/bf/bf-686.s: ../openssl/crypto/bf/asm/bf-686.pl
x86-elf-gas/bn/x86-mont.s: ../openssl/crypto/bn/asm/x86-mont.pl
x86-elf-gas/bn/x86.s: ../openssl/crypto/bn/asm/x86.pl
@@ -147,6 +175,7 @@ x86-elf-gas/sha/sha512-586.s: ../openssl/crypto/sha/asm/sha512-586.pl
x86-elf-gas/whrlpool/wp-mmx.s: ../openssl/crypto/whrlpool/asm/wp-mmx.pl
x86-elf-gas/x86cpuid.s: ../openssl/crypto/x86cpuid.pl
x86-macosx-gas/aes/aes-586.s: ../openssl/crypto/aes/asm/aes-586.pl
+x86-macosx-gas/aes/aesni-x86.s: ../openssl/crypto/aes/asm/aesni-x86.pl
x86-macosx-gas/bf/bf-686.s: ../openssl/crypto/bf/asm/bf-686.pl
x86-macosx-gas/bn/x86-mont.s: ../openssl/crypto/bn/asm/x86-mont.pl
x86-macosx-gas/bn/x86.s: ../openssl/crypto/bn/asm/x86.pl
@@ -164,6 +193,7 @@ x86-macosx-gas/sha/sha512-586.s: ../openssl/crypto/sha/asm/sha512-586.pl
x86-macosx-gas/whrlpool/wp-mmx.s: ../openssl/crypto/whrlpool/asm/wp-mmx.pl
x86-macosx-gas/x86cpuid.s: ../openssl/crypto/x86cpuid.pl
x86-win32-masm/aes/aes-586.asm: ../openssl/crypto/aes/asm/aes-586.pl
+x86-win32-masm/aes/aesni-x86.asm: ../openssl/crypto/aes/asm/aesni-x86.pl
x86-win32-masm/bf/bf-686.asm: ../openssl/crypto/bf/asm/bf-686.pl
x86-win32-masm/bn/x86.asm: ../openssl/crypto/bn/asm/x86.pl
x86-win32-masm/bn/x86-mont.asm: ../openssl/crypto/bn/asm/x86-mont.pl
diff --git a/deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s b/deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s
index d7feffbfa..e7c261fe4 100644
--- a/deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s
+++ b/deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s
@@ -333,6 +333,9 @@ _x86_64_AES_encrypt_compact:
.globl AES_encrypt
.type AES_encrypt,@function
.align 16
+.globl asm_AES_encrypt
+.hidden asm_AES_encrypt
+asm_AES_encrypt:
AES_encrypt:
pushq %rbx
pushq %rbp
@@ -780,6 +783,9 @@ _x86_64_AES_decrypt_compact:
.globl AES_decrypt
.type AES_decrypt,@function
.align 16
+.globl asm_AES_decrypt
+.hidden asm_AES_decrypt
+asm_AES_decrypt:
AES_decrypt:
pushq %rbx
pushq %rbp
@@ -843,10 +849,10 @@ AES_decrypt:
.Ldec_epilogue:
.byte 0xf3,0xc3
.size AES_decrypt,.-AES_decrypt
-.globl AES_set_encrypt_key
-.type AES_set_encrypt_key,@function
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,@function
.align 16
-AES_set_encrypt_key:
+private_AES_set_encrypt_key:
pushq %rbx
pushq %rbp
pushq %r12
@@ -867,7 +873,7 @@ AES_set_encrypt_key:
addq $56,%rsp
.Lenc_key_epilogue:
.byte 0xf3,0xc3
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
.type _x86_64_AES_set_encrypt_key,@function
.align 16
@@ -1109,10 +1115,10 @@ _x86_64_AES_set_encrypt_key:
.byte 0xf3,0xc3
.size _x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
-.globl AES_set_decrypt_key
-.type AES_set_decrypt_key,@function
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,@function
.align 16
-AES_set_decrypt_key:
+private_AES_set_decrypt_key:
pushq %rbx
pushq %rbp
pushq %r12
@@ -1295,11 +1301,14 @@ AES_set_decrypt_key:
addq $56,%rsp
.Ldec_key_epilogue:
.byte 0xf3,0xc3
-.size AES_set_decrypt_key,.-AES_set_decrypt_key
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
.globl AES_cbc_encrypt
.type AES_cbc_encrypt,@function
.align 16
+.globl asm_AES_cbc_encrypt
+.hidden asm_AES_cbc_encrypt
+asm_AES_cbc_encrypt:
AES_cbc_encrypt:
cmpq $0,%rdx
je .Lcbc_epilogue
diff --git a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s
index 2dbcffc59..ea12bd408 100644
--- a/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s
+++ b/deps/openssl/asm/x64-elf-gas/bn/x86_64-mont.s
@@ -5,6 +5,16 @@
.type bn_mul_mont,@function
.align 16
bn_mul_mont:
+ testl $3,%r9d
+ jnz .Lmul_enter
+ cmpl $8,%r9d
+ jb .Lmul_enter
+ cmpq %rsi,%rdx
+ jne .Lmul4x_enter
+ jmp .Lsqr4x_enter
+
+.align 16
+.Lmul_enter:
pushq %rbx
pushq %rbp
pushq %r12
@@ -20,48 +30,63 @@ bn_mul_mont:
andq $-1024,%rsp
movq %r11,8(%rsp,%r9,8)
-.Lprologue:
+.Lmul_body:
movq %rdx,%r12
-
movq (%r8),%r8
+ movq (%r12),%rbx
+ movq (%rsi),%rax
xorq %r14,%r14
xorq %r15,%r15
- movq (%r12),%rbx
- movq (%rsi),%rax
+ movq %r8,%rbp
mulq %rbx
movq %rax,%r10
- movq %rdx,%r11
+ movq (%rcx),%rax
- imulq %r8,%rax
- movq %rax,%rbp
+ imulq %r10,%rbp
+ movq %rdx,%r11
- mulq (%rcx)
- addq %r10,%rax
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
adcq $0,%rdx
movq %rdx,%r13
leaq 1(%r15),%r15
+ jmp .L1st_enter
+
+.align 16
.L1st:
+ addq %rax,%r13
movq (%rsi,%r15,8),%rax
- mulq %rbx
- addq %r11,%rax
adcq $0,%rdx
- movq %rax,%r10
+ addq %r11,%r13
+ movq %r10,%r11
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+.L1st_enter:
+ mulq %rbx
+ addq %rax,%r11
movq (%rcx,%r15,8),%rax
- movq %rdx,%r11
+ adcq $0,%rdx
+ leaq 1(%r15),%r15
+ movq %rdx,%r10
mulq %rbp
- addq %r13,%rax
- leaq 1(%r15),%r15
+ cmpq %r9,%r15
+ jne .L1st
+
+ addq %rax,%r13
+ movq (%rsi),%rax
adcq $0,%rdx
- addq %r10,%rax
+ addq %r11,%r13
adcq $0,%rdx
- movq %rax,-16(%rsp,%r15,8)
- cmpq %r9,%r15
+ movq %r13,-16(%rsp,%r15,8)
movq %rdx,%r13
- jl .L1st
+ movq %r10,%r11
xorq %rdx,%rdx
addq %r11,%r13
@@ -70,50 +95,64 @@ bn_mul_mont:
movq %rdx,(%rsp,%r9,8)
leaq 1(%r14),%r14
-.align 4
+ jmp .Louter
+.align 16
.Louter:
- xorq %r15,%r15
-
movq (%r12,%r14,8),%rbx
- movq (%rsi),%rax
+ xorq %r15,%r15
+ movq %r8,%rbp
+ movq (%rsp),%r10
mulq %rbx
- addq (%rsp),%rax
+ addq %rax,%r10
+ movq (%rcx),%rax
adcq $0,%rdx
- movq %rax,%r10
- movq %rdx,%r11
- imulq %r8,%rax
- movq %rax,%rbp
+ imulq %r10,%rbp
+ movq %rdx,%r11
- mulq (%rcx,%r15,8)
- addq %r10,%rax
- movq 8(%rsp),%r10
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
adcq $0,%rdx
+ movq 8(%rsp),%r10
movq %rdx,%r13
leaq 1(%r15),%r15
-.align 4
+ jmp .Linner_enter
+
+.align 16
.Linner:
+ addq %rax,%r13
movq (%rsi,%r15,8),%rax
- mulq %rbx
- addq %r11,%rax
adcq $0,%rdx
- addq %rax,%r10
+ addq %r10,%r13
+ movq (%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+.Linner_enter:
+ mulq %rbx
+ addq %rax,%r11
movq (%rcx,%r15,8),%rax
adcq $0,%rdx
+ addq %r11,%r10
movq %rdx,%r11
+ adcq $0,%r11
+ leaq 1(%r15),%r15
mulq %rbp
- addq %r13,%rax
- leaq 1(%r15),%r15
- adcq $0,%rdx
- addq %r10,%rax
+ cmpq %r9,%r15
+ jne .Linner
+
+ addq %rax,%r13
+ movq (%rsi),%rax
adcq $0,%rdx
+ addq %r10,%r13
movq (%rsp,%r15,8),%r10
- cmpq %r9,%r15
- movq %rax,-16(%rsp,%r15,8)
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
movq %rdx,%r13
- jl .Linner
xorq %rdx,%rdx
addq %r11,%r13
@@ -127,35 +166,434 @@ bn_mul_mont:
cmpq %r9,%r14
jl .Louter
- leaq (%rsp),%rsi
- leaq -1(%r9),%r15
-
- movq (%rsi),%rax
xorq %r14,%r14
+ movq (%rsp),%rax
+ leaq (%rsp),%rsi
+ movq %r9,%r15
jmp .Lsub
.align 16
.Lsub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
- decq %r15
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
- jge .Lsub
+ decq %r15
+ jnz .Lsub
sbbq $0,%rax
+ xorq %r14,%r14
andq %rax,%rsi
notq %rax
movq %rdi,%rcx
andq %rax,%rcx
- leaq -1(%r9),%r15
+ movq %r9,%r15
orq %rcx,%rsi
.align 16
.Lcopy:
+ movq (%rsi,%r14,8),%rax
+ movq %r14,(%rsp,%r14,8)
+ movq %rax,(%rdi,%r14,8)
+ leaq 1(%r14),%r14
+ subq $1,%r15
+ jnz .Lcopy
+
+ movq 8(%rsp,%r9,8),%rsi
+ movq $1,%rax
+ movq (%rsi),%r15
+ movq 8(%rsi),%r14
+ movq 16(%rsi),%r13
+ movq 24(%rsi),%r12
+ movq 32(%rsi),%rbp
+ movq 40(%rsi),%rbx
+ leaq 48(%rsi),%rsp
+.Lmul_epilogue:
+ .byte 0xf3,0xc3
+.size bn_mul_mont,.-bn_mul_mont
+.type bn_mul4x_mont,@function
+.align 16
+bn_mul4x_mont:
+.Lmul4x_enter:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+
+ movl %r9d,%r9d
+ leaq 4(%r9),%r10
+ movq %rsp,%r11
+ negq %r10
+ leaq (%rsp,%r10,8),%rsp
+ andq $-1024,%rsp
+
+ movq %r11,8(%rsp,%r9,8)
+.Lmul4x_body:
+ movq %rdi,16(%rsp,%r9,8)
+ movq %rdx,%r12
+ movq (%r8),%r8
+ movq (%r12),%rbx
+ movq (%rsi),%rax
+
+ xorq %r14,%r14
+ xorq %r15,%r15
+
+ movq %r8,%rbp
+ mulq %rbx
+ movq %rax,%r10
+ movq (%rcx),%rax
+
+ imulq %r10,%rbp
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
+ adcq $0,%rdx
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq 16(%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ leaq 4(%r15),%r15
+ adcq $0,%rdx
+ movq %rdi,(%rsp)
+ movq %rdx,%r13
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq 8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ leaq 4(%r15),%r15
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq -16(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-32(%rsp,%r15,8)
+ movq %rdx,%r13
+ cmpq %r9,%r15
+ jl .L1st4x
+
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ xorq %rdi,%rdi
+ addq %r10,%r13
+ adcq $0,%rdi
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdi,(%rsp,%r15,8)
+
+ leaq 1(%r14),%r14
+.align 4
+.Louter4x:
+ movq (%r12,%r14,8),%rbx
+ xorq %r15,%r15
+ movq (%rsp),%r10
+ movq %r8,%rbp
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx),%rax
+ adcq $0,%rdx
+
+ imulq %r10,%rbp
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
+ adcq $0,%rdx
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx),%rax
+ adcq $0,%rdx
+ addq 8(%rsp),%r11
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq 16(%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ leaq 4(%r15),%r15
+ adcq $0,%rdx
+ movq %rdi,(%rsp)
+ movq %rdx,%r13
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -16(%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
movq (%rsi,%r15,8),%rax
- movq %rax,(%rdi,%r15,8)
- movq %r14,(%rsp,%r15,8)
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq (%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq 8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq 8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ leaq 4(%r15),%r15
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq -16(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-32(%rsp,%r15,8)
+ movq %rdx,%r13
+ cmpq %r9,%r15
+ jl .Linner4x
+
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -16(%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ leaq 1(%r14),%r14
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ xorq %rdi,%rdi
+ addq %r10,%r13
+ adcq $0,%rdi
+ addq (%rsp,%r9,8),%r13
+ adcq $0,%rdi
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdi,(%rsp,%r15,8)
+
+ cmpq %r9,%r14
+ jl .Louter4x
+ movq 16(%rsp,%r9,8),%rdi
+ movq 0(%rsp),%rax
+ pxor %xmm0,%xmm0
+ movq 8(%rsp),%rdx
+ shrq $2,%r9
+ leaq (%rsp),%rsi
+ xorq %r14,%r14
+
+ subq 0(%rcx),%rax
+ movq 16(%rsi),%rbx
+ movq 24(%rsi),%rbp
+ sbbq 8(%rcx),%rdx
+ leaq -1(%r9),%r15
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ movq %rax,0(%rdi,%r14,8)
+ movq %rdx,8(%rdi,%r14,8)
+ sbbq 16(%rcx,%r14,8),%rbx
+ movq 32(%rsi,%r14,8),%rax
+ movq 40(%rsi,%r14,8),%rdx
+ sbbq 24(%rcx,%r14,8),%rbp
+ movq %rbx,16(%rdi,%r14,8)
+ movq %rbp,24(%rdi,%r14,8)
+ sbbq 32(%rcx,%r14,8),%rax
+ movq 48(%rsi,%r14,8),%rbx
+ movq 56(%rsi,%r14,8),%rbp
+ sbbq 40(%rcx,%r14,8),%rdx
+ leaq 4(%r14),%r14
+ decq %r15
+ jnz .Lsub4x
+
+ movq %rax,0(%rdi,%r14,8)
+ movq 32(%rsi,%r14,8),%rax
+ sbbq 16(%rcx,%r14,8),%rbx
+ movq %rdx,8(%rdi,%r14,8)
+ sbbq 24(%rcx,%r14,8),%rbp
+ movq %rbx,16(%rdi,%r14,8)
+
+ sbbq $0,%rax
+ movq %rbp,24(%rdi,%r14,8)
+ xorq %r14,%r14
+ andq %rax,%rsi
+ notq %rax
+ movq %rdi,%rcx
+ andq %rax,%rcx
+ leaq -1(%r9),%r15
+ orq %rcx,%rsi
+
+ movdqu (%rsi),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,(%rdi)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x:
+ movdqu 16(%rsi,%r14,1),%xmm2
+ movdqu 32(%rsi,%r14,1),%xmm1
+ movdqa %xmm0,16(%rsp,%r14,1)
+ movdqu %xmm2,16(%rdi,%r14,1)
+ movdqa %xmm0,32(%rsp,%r14,1)
+ movdqu %xmm1,32(%rdi,%r14,1)
+ leaq 32(%r14),%r14
decq %r15
- jge .Lcopy
+ jnz .Lcopy4x
+ shlq $2,%r9
+ movdqu 16(%rsi,%r14,1),%xmm2
+ movdqa %xmm0,16(%rsp,%r14,1)
+ movdqu %xmm2,16(%rdi,%r14,1)
movq 8(%rsp,%r9,8),%rsi
movq $1,%rax
movq (%rsi),%r15
@@ -165,8 +603,773 @@ bn_mul_mont:
movq 32(%rsi),%rbp
movq 40(%rsi),%rbx
leaq 48(%rsi),%rsp
-.Lepilogue:
+.Lmul4x_epilogue:
.byte 0xf3,0xc3
-.size bn_mul_mont,.-bn_mul_mont
+.size bn_mul4x_mont,.-bn_mul4x_mont
+.type bn_sqr4x_mont,@function
+.align 16
+bn_sqr4x_mont:
+.Lsqr4x_enter:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+
+ shll $3,%r9d
+ xorq %r10,%r10
+ movq %rsp,%r11
+ subq %r9,%r10
+ movq (%r8),%r8
+ leaq -72(%rsp,%r10,2),%rsp
+ andq $-1024,%rsp
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdi,32(%rsp)
+ movq %rcx,40(%rsp)
+ movq %r8,48(%rsp)
+ movq %r11,56(%rsp)
+.Lsqr4x_body:
+
+
+
+
+
+
+
+ leaq 32(%r10),%rbp
+ leaq (%rsi,%r9,1),%rsi
+
+ movq %r9,%rcx
+
+
+ movq -32(%rsi,%rbp,1),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi,%rbp,1),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi,%rbp,1),%rbx
+ movq %rax,%r15
+
+ mulq %r14
+ movq %rax,%r10
+ movq %rbx,%rax
+ movq %rdx,%r11
+ movq %r10,-24(%rdi,%rbp,1)
+
+ xorq %r10,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi,%rbp,1)
+
+ leaq -16(%rbp),%rcx
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ mulq %r15
+ movq %rax,%r12
+ movq %rbx,%rax
+ movq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 16(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+ jmp .Lsqr4x_1st
+
+.align 16
+.Lsqr4x_1st:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,(%rdi,%rcx,1)
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,8(%rdi,%rcx,1)
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,16(%rdi,%rcx,1)
+
+
+ movq 24(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 32(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+
+ cmpq $0,%rcx
+ jne .Lsqr4x_1st
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ leaq 16(%rbp),%rbp
+ movq %r12,8(%rdi)
+ jmp .Lsqr4x_outer
+
+.align 16
+.Lsqr4x_outer:
+ movq -32(%rsi,%rbp,1),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi,%rbp,1),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi,%rbp,1),%rbx
+ movq %rax,%r15
+
+ movq -24(%rdi,%rbp,1),%r10
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-24(%rdi,%rbp,1)
+
+ xorq %r10,%r10
+ addq -16(%rdi,%rbp,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi,%rbp,1)
+
+ leaq -16(%rbp),%rcx
+ xorq %r12,%r12
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq 8(%rdi,%rcx,1),%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,8(%rdi,%rcx,1)
+
+ leaq 16(%rcx),%rcx
+ jmp .Lsqr4x_inner
+
+.align 16
+.Lsqr4x_inner:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ addq (%rdi,%rcx,1),%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,(%rdi,%rcx,1)
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq 8(%rdi,%rcx,1),%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 16(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+
+ cmpq $0,%rcx
+ jne .Lsqr4x_inner
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ movq %r12,8(%rdi)
+
+ addq $16,%rbp
+ jnz .Lsqr4x_outer
+
+
+ movq -32(%rsi),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi),%rbx
+ movq %rax,%r15
+
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-24(%rdi)
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi)
+
+ movq -8(%rsi),%rbx
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq $0,%rdx
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ movq %rdx,%r13
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi)
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq -16(%rsi),%rax
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ movq %r12,8(%rdi)
+
+ mulq %rbx
+ addq $16,%rbp
+ xorq %r14,%r14
+ subq %r9,%rbp
+ xorq %r15,%r15
+
+ addq %r12,%rax
+ adcq $0,%rdx
+ movq %rax,8(%rdi)
+ movq %rdx,16(%rdi)
+ movq %r15,24(%rdi)
+
+ movq -16(%rsi,%rbp,1),%rax
+ leaq 64(%rsp,%r9,2),%rdi
+ xorq %r10,%r10
+ movq -24(%rdi,%rbp,2),%r11
+
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq -8(%rsi,%rbp,1),%rax
+ movq %r12,-32(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 0(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 8(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 0(%rsi,%rbp,1),%rax
+ movq %rbx,-16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+ leaq 16(%rbp),%rbp
+ movq %r8,-40(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ jmp .Lsqr4x_shift_n_add
+
+.align 16
+.Lsqr4x_shift_n_add:
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq -8(%rsi,%rbp,1),%rax
+ movq %r12,-32(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 0(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 8(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 0(%rsi,%rbp,1),%rax
+ movq %rbx,-16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+
+ leaq (%r14,%r10,2),%r12
+ movq %r8,-8(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq 16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 24(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq 8(%rsi,%rbp,1),%rax
+ movq %r12,0(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,8(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 32(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 40(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 16(%rsi,%rbp,1),%rax
+ movq %rbx,16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+ movq %r8,24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ addq $32,%rbp
+ jnz .Lsqr4x_shift_n_add
+
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi),%r11
+ adcq %rax,%r12
+ movq -8(%rsi),%rax
+ movq %r12,-32(%rdi)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ mulq %rax
+ negq %r15
+ adcq %rax,%rbx
+ adcq %rdx,%r8
+ movq %rbx,-16(%rdi)
+ movq %r8,-8(%rdi)
+ movq 40(%rsp),%rsi
+ movq 48(%rsp),%r8
+ xorq %rcx,%rcx
+ movq %r9,0(%rsp)
+ subq %r9,%rcx
+ movq 64(%rsp),%r10
+ movq %r8,%r14
+ leaq 64(%rsp,%r9,2),%rax
+ leaq 64(%rsp,%r9,1),%rdi
+ movq %rax,8(%rsp)
+ leaq (%rsi,%r9,1),%rsi
+ xorq %rbp,%rbp
+
+ movq 0(%rsi,%rcx,1),%rax
+ movq 8(%rsi,%rcx,1),%r9
+ imulq %r10,%r14
+ movq %rax,%rbx
+ jmp .Lsqr4x_mont_outer
+
+.align 16
+.Lsqr4x_mont_outer:
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+ movq %r8,%r15
+
+ xorq %r10,%r10
+ addq 8(%rdi,%rcx,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+
+ imulq %r11,%r15
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 24(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,16(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 24(%rdi,%rcx,1),%r11
+ leaq 32(%rcx),%rcx
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ jmp .Lsqr4x_mont_inner
+
+.align 16
+.Lsqr4x_mont_inner:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,-8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq (%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 8(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 8(%rdi,%rcx,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 24(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,16(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 24(%rdi,%rcx,1),%r11
+ leaq 32(%rcx),%rcx
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ cmpq $0,%rcx
+ jne .Lsqr4x_mont_inner
+
+ subq 0(%rsp),%rcx
+ movq %r8,%r14
+
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %r9,%rax
+ adcq %rdx,%r13
+ movq %r12,-8(%rdi)
+
+ xorq %r11,%r11
+ addq (%rdi),%r10
+ adcq $0,%r11
+ movq 0(%rsi,%rcx,1),%rbx
+ addq %rbp,%r10
+ adcq $0,%r11
+
+ imulq 16(%rdi,%rcx,1),%r14
+ xorq %r12,%r12
+ movq 8(%rsi,%rcx,1),%r9
+ addq %r10,%r13
+ movq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+ movq %r13,(%rdi)
+
+ xorq %rbp,%rbp
+ addq 8(%rdi),%r12
+ adcq %rbp,%rbp
+ addq %r11,%r12
+ leaq 16(%rdi),%rdi
+ adcq $0,%rbp
+ movq %r12,-8(%rdi)
+ cmpq 8(%rsp),%rdi
+ jb .Lsqr4x_mont_outer
+
+ movq 0(%rsp),%r9
+ movq %rbp,(%rdi)
+ movq 64(%rsp,%r9,1),%rax
+ leaq 64(%rsp,%r9,1),%rbx
+ movq 40(%rsp),%rsi
+ shrq $5,%r9
+ movq 8(%rbx),%rdx
+ xorq %rbp,%rbp
+
+ movq 32(%rsp),%rdi
+ subq 0(%rsi),%rax
+ movq 16(%rbx),%r10
+ movq 24(%rbx),%r11
+ sbbq 8(%rsi),%rdx
+ leaq -1(%r9),%rcx
+ jmp .Lsqr4x_sub
+.align 16
+.Lsqr4x_sub:
+ movq %rax,0(%rdi,%rbp,8)
+ movq %rdx,8(%rdi,%rbp,8)
+ sbbq 16(%rsi,%rbp,8),%r10
+ movq 32(%rbx,%rbp,8),%rax
+ movq 40(%rbx,%rbp,8),%rdx
+ sbbq 24(%rsi,%rbp,8),%r11
+ movq %r10,16(%rdi,%rbp,8)
+ movq %r11,24(%rdi,%rbp,8)
+ sbbq 32(%rsi,%rbp,8),%rax
+ movq 48(%rbx,%rbp,8),%r10
+ movq 56(%rbx,%rbp,8),%r11
+ sbbq 40(%rsi,%rbp,8),%rdx
+ leaq 4(%rbp),%rbp
+ decq %rcx
+ jnz .Lsqr4x_sub
+
+ movq %rax,0(%rdi,%rbp,8)
+ movq 32(%rbx,%rbp,8),%rax
+ sbbq 16(%rsi,%rbp,8),%r10
+ movq %rdx,8(%rdi,%rbp,8)
+ sbbq 24(%rsi,%rbp,8),%r11
+ movq %r10,16(%rdi,%rbp,8)
+
+ sbbq $0,%rax
+ movq %r11,24(%rdi,%rbp,8)
+ xorq %rbp,%rbp
+ andq %rax,%rbx
+ notq %rax
+ movq %rdi,%rsi
+ andq %rax,%rsi
+ leaq -1(%r9),%rcx
+ orq %rsi,%rbx
+
+ pxor %xmm0,%xmm0
+ leaq 64(%rsp,%r9,8),%rsi
+ movdqu (%rbx),%xmm1
+ leaq (%rsi,%r9,8),%rsi
+ movdqa %xmm0,64(%rsp)
+ movdqa %xmm0,(%rsi)
+ movdqu %xmm1,(%rdi)
+ jmp .Lsqr4x_copy
+.align 16
+.Lsqr4x_copy:
+ movdqu 16(%rbx,%rbp,1),%xmm2
+ movdqu 32(%rbx,%rbp,1),%xmm1
+ movdqa %xmm0,80(%rsp,%rbp,1)
+ movdqa %xmm0,96(%rsp,%rbp,1)
+ movdqa %xmm0,16(%rsi,%rbp,1)
+ movdqa %xmm0,32(%rsi,%rbp,1)
+ movdqu %xmm2,16(%rdi,%rbp,1)
+ movdqu %xmm1,32(%rdi,%rbp,1)
+ leaq 32(%rbp),%rbp
+ decq %rcx
+ jnz .Lsqr4x_copy
+
+ movdqu 16(%rbx,%rbp,1),%xmm2
+ movdqa %xmm0,80(%rsp,%rbp,1)
+ movdqa %xmm0,16(%rsi,%rbp,1)
+ movdqu %xmm2,16(%rdi,%rbp,1)
+ movq 56(%rsp),%rsi
+ movq $1,%rax
+ movq 0(%rsi),%r15
+ movq 8(%rsi),%r14
+ movq 16(%rsi),%r13
+ movq 24(%rsi),%r12
+ movq 32(%rsi),%rbp
+ movq 40(%rsi),%rbx
+ leaq 48(%rsi),%rsp
+.Lsqr4x_epilogue:
+ .byte 0xf3,0xc3
+.size bn_sqr4x_mont,.-bn_sqr4x_mont
.byte 77,111,110,116,103,111,109,101,114,121,32,77,117,108,116,105,112,108,105,99,97,116,105,111,110,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 16
diff --git a/deps/openssl/asm/x64-elf-gas/rc4/rc4-x86_64.s b/deps/openssl/asm/x64-elf-gas/rc4/rc4-x86_64.s
index 1bafefeb0..f2b8a8bc0 100644
--- a/deps/openssl/asm/x64-elf-gas/rc4/rc4-x86_64.s
+++ b/deps/openssl/asm/x64-elf-gas/rc4/rc4-x86_64.s
@@ -1,6 +1,7 @@
.text
+
.globl RC4
.type RC4,@function
.align 16
@@ -12,316 +13,511 @@ RC4: orq %rsi,%rsi
pushq %r12
pushq %r13
.Lprologue:
+ movq %rsi,%r11
+ movq %rdx,%r12
+ movq %rcx,%r13
+ xorq %r10,%r10
+ xorq %rcx,%rcx
- addq $8,%rdi
- movl -8(%rdi),%r8d
- movl -4(%rdi),%r12d
+ leaq 8(%rdi),%rdi
+ movb -8(%rdi),%r10b
+ movb -4(%rdi),%cl
cmpl $-1,256(%rdi)
je .LRC4_CHAR
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- testq $-8,%rsi
- jz .Lloop1
- jmp .Lloop8
-.align 16
-.Lloop8:
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ movl OPENSSL_ia32cap_P(%rip),%r8d
+ xorq %rbx,%rbx
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ subq %r10,%rbx
+ subq %r12,%r13
+ movl (%rdi,%r10,4),%eax
+ testq $-16,%r11
+ jz .Lloop1
+ btl $30,%r8d
+ jc .Lintel
+ andq $7,%rbx
+ leaq 1(%r10),%rsi
+ jz .Loop8
+ subq %rbx,%r11
+.Loop8_warmup:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %rbx
+ jnz .Loop8_warmup
+
+ leaq 1(%r10),%rsi
+ jmp .Loop8
+.align 16
+.Loop8:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 0(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,0(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 4(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,4(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 8(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,8(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 12(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,12(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 16(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,16(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 20(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,20(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 24(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,24(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb $8,%sil
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl -4(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,28(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb $8,%r10b
+ rorq $8,%r8
+ subq $8,%r11
+
+ xorq (%r12),%r8
+ movq %r8,(%r13,%r12,1)
+ leaq 8(%r12),%r12
+
+ testq $-8,%r11
+ jnz .Loop8
+ cmpq $0,%r11
+ jne .Lloop1
+ jmp .Lexit
+
+.align 16
+.Lintel:
+ testq $-32,%r11
+ jz .Lloop1
+ andq $15,%rbx
+ jz .Loop16_is_hot
+ subq %rbx,%r11
+.Loop16_warmup:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- rorq $8,%rax
- subq $8,%rsi
-
- xorq (%rdx),%rax
- addq $8,%rdx
- movq %rax,(%rcx)
- addq $8,%rcx
-
- testq $-8,%rsi
- jnz .Lloop8
- cmpq $0,%rsi
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %rbx
+ jnz .Loop16_warmup
+
+ movq %rcx,%rbx
+ xorq %rcx,%rcx
+ movb %bl,%cl
+
+.Loop16_is_hot:
+ leaq (%rdi,%r10,4),%rsi
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm0,%xmm0
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 4(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,0(%rsi)
+ addb %bl,%cl
+ pinsrw $0,(%rdi,%rax,4),%xmm0
+ jmp .Loop16_enter
+.align 16
+.Loop16:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm0,%xmm2
+ psllq $8,%xmm1
+ pxor %xmm0,%xmm0
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 4(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,0(%rsi)
+ pxor %xmm1,%xmm2
+ addb %bl,%cl
+ pinsrw $0,(%rdi,%rax,4),%xmm0
+ movdqu %xmm2,(%r13,%r12,1)
+ leaq 16(%r12),%r12
+.Loop16_enter:
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm1,%xmm1
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 8(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,4(%rsi)
+ addb %al,%cl
+ pinsrw $0,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 12(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,8(%rsi)
+ addb %bl,%cl
+ pinsrw $1,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 16(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,12(%rsi)
+ addb %al,%cl
+ pinsrw $1,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 20(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,16(%rsi)
+ addb %bl,%cl
+ pinsrw $2,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 24(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,20(%rsi)
+ addb %al,%cl
+ pinsrw $2,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 28(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,24(%rsi)
+ addb %bl,%cl
+ pinsrw $3,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 32(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,28(%rsi)
+ addb %al,%cl
+ pinsrw $3,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 36(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,32(%rsi)
+ addb %bl,%cl
+ pinsrw $4,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 40(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,36(%rsi)
+ addb %al,%cl
+ pinsrw $4,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 44(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,40(%rsi)
+ addb %bl,%cl
+ pinsrw $5,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 48(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,44(%rsi)
+ addb %al,%cl
+ pinsrw $5,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 52(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,48(%rsi)
+ addb %bl,%cl
+ pinsrw $6,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 56(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,52(%rsi)
+ addb %al,%cl
+ pinsrw $6,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 60(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,56(%rsi)
+ addb %bl,%cl
+ pinsrw $7,(%rdi,%rax,4),%xmm0
+ addb $16,%r10b
+ movdqu (%r12),%xmm2
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movzbl %bl,%ebx
+ movl %edx,60(%rsi)
+ leaq (%rdi,%r10,4),%rsi
+ pinsrw $7,(%rdi,%rbx,4),%xmm1
+ movl (%rsi),%eax
+ movq %rcx,%rbx
+ xorq %rcx,%rcx
+ subq $16,%r11
+ movb %bl,%cl
+ testq $-16,%r11
+ jnz .Loop16
+
+ psllq $8,%xmm1
+ pxor %xmm0,%xmm2
+ pxor %xmm1,%xmm2
+ movdqu %xmm2,(%r13,%r12,1)
+ leaq 16(%r12),%r12
+
+ cmpq $0,%r11
jne .Lloop1
jmp .Lexit
.align 16
.Lloop1:
- addb %r9b,%r12b
- movl (%rdi,%r12,4),%r13d
- movl %r9d,(%rdi,%r12,4)
- movl %r13d,(%rdi,%r8,4)
- addb %r13b,%r9b
- incb %r8b
- movl (%rdi,%r9,4),%r13d
- movl (%rdi,%r8,4),%r9d
- xorb (%rdx),%r13b
- incq %rdx
- movb %r13b,(%rcx)
- incq %rcx
- decq %rsi
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
+ incb %r10b
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %r11
jnz .Lloop1
jmp .Lexit
.align 16
.LRC4_CHAR:
- addb $1,%r8b
- movzbl (%rdi,%r8,1),%r9d
- testq $-8,%rsi
+ addb $1,%r10b
+ movzbl (%rdi,%r10,1),%eax
+ testq $-8,%r11
jz .Lcloop1
- cmpl $0,260(%rdi)
- jnz .Lcloop1
jmp .Lcloop8
.align 16
.Lcloop8:
- movl (%rdx),%eax
- movl 4(%rdx),%ebx
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ movl (%r12),%r8d
+ movl 4(%r12),%r9d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne .Lcmov0
- movq %r9,%r11
+ movq %rax,%rbx
.Lcmov0:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne .Lcmov1
- movq %r11,%r9
+ movq %rbx,%rax
.Lcmov1:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne .Lcmov2
- movq %r9,%r11
+ movq %rax,%rbx
.Lcmov2:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne .Lcmov3
- movq %r11,%r9
+ movq %rbx,%rax
.Lcmov3:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne .Lcmov4
- movq %r9,%r11
+ movq %rax,%rbx
.Lcmov4:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne .Lcmov5
- movq %r11,%r9
+ movq %rbx,%rax
.Lcmov5:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne .Lcmov6
- movq %r9,%r11
+ movq %rax,%rbx
.Lcmov6:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne .Lcmov7
- movq %r11,%r9
+ movq %rbx,%rax
.Lcmov7:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- leaq -8(%rsi),%rsi
- movl %eax,(%rcx)
- leaq 8(%rdx),%rdx
- movl %ebx,4(%rcx)
- leaq 8(%rcx),%rcx
-
- testq $-8,%rsi
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ leaq -8(%r11),%r11
+ movl %r8d,(%r13)
+ leaq 8(%r12),%r12
+ movl %r9d,4(%r13)
+ leaq 8(%r13),%r13
+
+ testq $-8,%r11
jnz .Lcloop8
- cmpq $0,%rsi
+ cmpq $0,%r11
jne .Lcloop1
jmp .Lexit
.align 16
.Lcloop1:
- addb %r9b,%r12b
- movzbl (%rdi,%r12,1),%r13d
- movb %r9b,(%rdi,%r12,1)
- movb %r13b,(%rdi,%r8,1)
- addb %r9b,%r13b
- addb $1,%r8b
- movzbl %r13b,%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r13,1),%r13d
- movzbl (%rdi,%r8,1),%r9d
- xorb (%rdx),%r13b
- leaq 1(%rdx),%rdx
- movb %r13b,(%rcx)
- leaq 1(%rcx),%rcx
- subq $1,%rsi
+ addb %al,%cl
+ movzbl %cl,%ecx
+ movzbl (%rdi,%rcx,1),%edx
+ movb %al,(%rdi,%rcx,1)
+ movb %dl,(%rdi,%r10,1)
+ addb %al,%dl
+ addb $1,%r10b
+ movzbl %dl,%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%rdx,1),%edx
+ movzbl (%rdi,%r10,1),%eax
+ xorb (%r12),%dl
+ leaq 1(%r12),%r12
+ movb %dl,(%r13)
+ leaq 1(%r13),%r13
+ subq $1,%r11
jnz .Lcloop1
jmp .Lexit
.align 16
.Lexit:
- subb $1,%r8b
- movl %r8d,-8(%rdi)
- movl %r12d,-4(%rdi)
+ subb $1,%r10b
+ movl %r10d,-8(%rdi)
+ movl %ecx,-4(%rdi)
movq (%rsp),%r13
movq 8(%rsp),%r12
@@ -330,11 +526,10 @@ RC4: orq %rsi,%rsi
.Lepilogue:
.byte 0xf3,0xc3
.size RC4,.-RC4
-
-.globl RC4_set_key
-.type RC4_set_key,@function
+.globl private_RC4_set_key
+.type private_RC4_set_key,@function
.align 16
-RC4_set_key:
+private_RC4_set_key:
leaq 8(%rdi),%rdi
leaq (%rdx,%rsi,1),%rdx
negq %rsi
@@ -346,11 +541,8 @@ RC4_set_key:
movl OPENSSL_ia32cap_P(%rip),%r8d
btl $20,%r8d
- jnc .Lw1stloop
- btl $30,%r8d
- setc %r9b
- movl %r9d,260(%rdi)
- jmp .Lc1stloop
+ jc .Lc1stloop
+ jmp .Lw1stloop
.align 16
.Lw1stloop:
@@ -404,7 +596,7 @@ RC4_set_key:
movl %eax,-8(%rdi)
movl %eax,-4(%rdi)
.byte 0xf3,0xc3
-.size RC4_set_key,.-RC4_set_key
+.size private_RC4_set_key,.-private_RC4_set_key
.globl RC4_options
.type RC4_options,@function
@@ -413,18 +605,20 @@ RC4_options:
leaq .Lopts(%rip),%rax
movl OPENSSL_ia32cap_P(%rip),%edx
btl $20,%edx
- jnc .Ldone
- addq $12,%rax
+ jc .L8xchar
btl $30,%edx
jnc .Ldone
- addq $13,%rax
+ addq $25,%rax
+ .byte 0xf3,0xc3
+.L8xchar:
+ addq $12,%rax
.Ldone:
.byte 0xf3,0xc3
.align 64
.Lopts:
.byte 114,99,52,40,56,120,44,105,110,116,41,0
.byte 114,99,52,40,56,120,44,99,104,97,114,41,0
-.byte 114,99,52,40,49,120,44,99,104,97,114,41,0
+.byte 114,99,52,40,49,54,120,44,105,110,116,41,0
.byte 82,67,52,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 64
.size RC4_options,.-RC4_options
diff --git a/deps/openssl/asm/x64-elf-gas/sha/sha1-x86_64.s b/deps/openssl/asm/x64-elf-gas/sha/sha1-x86_64.s
index 208c2cdd2..c11c6f650 100644
--- a/deps/openssl/asm/x64-elf-gas/sha/sha1-x86_64.s
+++ b/deps/openssl/asm/x64-elf-gas/sha/sha1-x86_64.s
@@ -1,12 +1,23 @@
.text
+
+
.globl sha1_block_data_order
.type sha1_block_data_order,@function
.align 16
sha1_block_data_order:
+ movl OPENSSL_ia32cap_P+0(%rip),%r9d
+ movl OPENSSL_ia32cap_P+4(%rip),%r8d
+ testl $512,%r8d
+ jz .Lialu
+ jmp _ssse3_shortcut
+
+.align 16
+.Lialu:
pushq %rbx
pushq %rbp
pushq %r12
+ pushq %r13
movq %rsp,%r11
movq %rdi,%r8
subq $72,%rsp
@@ -16,1268 +27,2466 @@ sha1_block_data_order:
movq %r11,64(%rsp)
.Lprologue:
- movl 0(%r8),%edx
- movl 4(%r8),%esi
- movl 8(%r8),%edi
- movl 12(%r8),%ebp
- movl 16(%r8),%r11d
-.align 4
+ movl 0(%r8),%esi
+ movl 4(%r8),%edi
+ movl 8(%r8),%r11d
+ movl 12(%r8),%r12d
+ movl 16(%r8),%r13d
+ jmp .Lloop
+
+.align 16
.Lloop:
- movl 0(%r9),%eax
- bswapl %eax
- movl %eax,0(%rsp)
- leal 1518500249(%rax,%r11,1),%r12d
- movl %edi,%ebx
- movl 4(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
- andl %esi,%ebx
- movl %eax,4(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
+ movl 0(%r9),%edx
+ bswapl %edx
+ movl %edx,0(%rsp)
+ movl %r11d,%eax
+ movl 4(%r9),%ebp
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r13,1),%r13d
+ andl %edi,%eax
+ movl %ebp,4(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 8(%r9),%edx
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r12,1),%r12d
+ andl %esi,%eax
+ movl %edx,8(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
roll $30,%esi
- addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
- movl %esi,%ebx
- movl 8(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,8(%rsp)
- addl %ebp,%r11d
- xorl %edi,%ebx
- roll $30,%edx
- addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 12(%r9),%eax
- movl %r11d,%edi
- xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
- andl %r12d,%ebx
- movl %eax,12(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 12(%r9),%ebp
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %ebp,12(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 16(%r9),%edx
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %edx,16(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
- movl %r12d,%ebx
- movl 16(%r9),%eax
- movl %ebp,%esi
- xorl %edx,%ebx
- bswapl %eax
- roll $5,%esi
- andl %r11d,%ebx
- movl %eax,16(%rsp)
- addl %esi,%edi
- xorl %edx,%ebx
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 20(%r9),%ebp
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %ebp,20(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
roll $30,%r11d
- addl %ebx,%edi
- leal 1518500249(%rax,%rdx,1),%esi
+ addl %eax,%esi
+ movl %r11d,%eax
+ movl 24(%r9),%edx
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r13,1),%r13d
+ andl %edi,%eax
+ movl %edx,24(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 28(%r9),%ebp
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r12,1),%r12d
+ andl %esi,%eax
+ movl %ebp,28(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
+ roll $30,%esi
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 32(%r9),%edx
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %edx,32(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 36(%r9),%ebp
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %ebp,36(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
+ roll $30,%r12d
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 40(%r9),%edx
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %edx,40(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
+ roll $30,%r11d
+ addl %eax,%esi
+ movl %r11d,%eax
+ movl 44(%r9),%ebp
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r13,1),%r13d
+ andl %edi,%eax
+ movl %ebp,44(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 48(%r9),%edx
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r12,1),%r12d
+ andl %esi,%eax
+ movl %edx,48(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
+ roll $30,%esi
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 52(%r9),%ebp
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %ebp,52(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 56(%r9),%edx
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %edx,56(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
+ roll $30,%r12d
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 60(%r9),%ebp
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %ebp,60(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
+ roll $30,%r11d
+ addl %eax,%esi
+ movl 0(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ xorl 32(%rsp),%edx
+ andl %edi,%eax
+ leal 1518500249(%rbp,%r13,1),%r13d
+ xorl 52(%rsp),%edx
+ xorl %r12d,%eax
+ roll $1,%edx
+ addl %ecx,%r13d
+ roll $30,%edi
+ movl %edx,0(%rsp)
+ addl %eax,%r13d
+ movl 4(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ xorl 36(%rsp),%ebp
+ andl %esi,%eax
+ leal 1518500249(%rdx,%r12,1),%r12d
+ xorl 56(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $1,%ebp
+ addl %ecx,%r12d
+ roll $30,%esi
+ movl %ebp,4(%rsp)
+ addl %eax,%r12d
+ movl 8(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ xorl 40(%rsp),%edx
+ andl %r13d,%eax
+ leal 1518500249(%rbp,%r11,1),%r11d
+ xorl 60(%rsp),%edx
+ xorl %edi,%eax
+ roll $1,%edx
+ addl %ecx,%r11d
+ roll $30,%r13d
+ movl %edx,8(%rsp)
+ addl %eax,%r11d
+ movl 12(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ xorl 44(%rsp),%ebp
+ andl %r12d,%eax
+ leal 1518500249(%rdx,%rdi,1),%edi
+ xorl 0(%rsp),%ebp
+ xorl %esi,%eax
+ roll $1,%ebp
+ addl %ecx,%edi
+ roll $30,%r12d
+ movl %ebp,12(%rsp)
+ addl %eax,%edi
+ movl 16(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ xorl 48(%rsp),%edx
+ andl %r11d,%eax
+ leal 1518500249(%rbp,%rsi,1),%esi
+ xorl 4(%rsp),%edx
+ xorl %r13d,%eax
+ roll $1,%edx
+ addl %ecx,%esi
+ roll $30,%r11d
+ movl %edx,16(%rsp)
+ addl %eax,%esi
+ movl 20(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r13,1),%r13d
+ xorl 52(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 8(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 32(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r12,1),%r12d
+ xorl 56(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 12(%rsp),%edx
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 36(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r11,1),%r11d
+ xorl 60(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 16(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rdi,1),%edi
+ xorl 0(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 20(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 44(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rsi,1),%esi
+ xorl 4(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 24(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,36(%rsp)
+ movl 40(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 48(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r13,1),%r13d
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 28(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,40(%rsp)
+ movl 44(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 52(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r12,1),%r12d
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 32(%rsp),%ebp
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,44(%rsp)
+ movl 48(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 56(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r11,1),%r11d
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 36(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,48(%rsp)
+ movl 52(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rdi,1),%edi
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 40(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,52(%rsp)
+ movl 56(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 0(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rsi,1),%esi
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 44(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,56(%rsp)
+ movl 60(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r13,1),%r13d
+ xorl 28(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 48(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,60(%rsp)
+ movl 0(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r12,1),%r12d
+ xorl 32(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 52(%rsp),%edx
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,0(%rsp)
+ movl 4(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r11,1),%r11d
+ xorl 36(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 56(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,4(%rsp)
+ movl 8(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 16(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rdi,1),%edi
+ xorl 40(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 60(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,8(%rsp)
+ movl 12(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rsi,1),%esi
+ xorl 44(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 0(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,12(%rsp)
+ movl 16(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 24(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r13,1),%r13d
+ xorl 48(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 4(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,16(%rsp)
+ movl 20(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r12,1),%r12d
+ xorl 52(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 8(%rsp),%ebp
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 32(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r11,1),%r11d
+ xorl 56(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 12(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 36(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rdi,1),%edi
+ xorl 60(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 16(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rsi,1),%esi
+ xorl 0(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 20(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %r11d,%eax
movl %r11d,%ebx
- movl 20(%r9),%eax
- movl %edi,%edx
- xorl %r12d,%ebx
- bswapl %eax
- roll $5,%edx
- andl %ebp,%ebx
- movl %eax,20(%rsp)
- addl %edx,%esi
+ xorl 44(%rsp),%ebp
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 4(%rsp),%ebp
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- leal 1518500249(%rax,%r12,1),%edx
- movl %ebp,%ebx
- movl 24(%r9),%eax
- movl %esi,%r12d
- xorl %r11d,%ebx
- bswapl %eax
- roll $5,%r12d
+ leal -1894007588(%rdx,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 24(%rsp),%ebp
+ addl %eax,%r13d
andl %edi,%ebx
- movl %eax,24(%rsp)
- addl %r12d,%edx
- xorl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- leal 1518500249(%rax,%r11,1),%r12d
+ movl %ebp,36(%rsp)
+ addl %ecx,%r13d
+ movl 40(%rsp),%edx
+ movl %edi,%eax
movl %edi,%ebx
- movl 28(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
+ xorl 48(%rsp),%edx
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r11d,%ebx
+ leal -1894007588(%rbp,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 28(%rsp),%edx
+ addl %eax,%r12d
andl %esi,%ebx
- movl %eax,28(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%edx
addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
+ roll $30,%esi
+ movl %edx,40(%rsp)
+ addl %ecx,%r12d
+ movl 44(%rsp),%ebp
+ movl %esi,%eax
movl %esi,%ebx
- movl 32(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,32(%rsp)
- addl %ebp,%r11d
+ xorl 52(%rsp),%ebp
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 12(%rsp),%ebp
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rdx,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 32(%rsp),%ebp
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%ebp
addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 36(%r9),%eax
- movl %r11d,%edi
+ roll $30,%r13d
+ movl %ebp,44(%rsp)
+ addl %ecx,%r11d
+ movl 48(%rsp),%edx
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 56(%rsp),%edx
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 16(%rsp),%edx
xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
+ leal -1894007588(%rbp,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 36(%rsp),%edx
+ addl %eax,%edi
andl %r12d,%ebx
- movl %eax,36(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ roll $1,%edx
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
+ movl %edx,48(%rsp)
+ addl %ecx,%edi
+ movl 52(%rsp),%ebp
+ movl %r12d,%eax
movl %r12d,%ebx
- movl 40(%r9),%eax
- movl %ebp,%esi
- xorl %edx,%ebx
- bswapl %eax
- roll $5,%esi
+ xorl 60(%rsp),%ebp
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %r13d,%ebx
+ leal -1894007588(%rdx,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 40(%rsp),%ebp
+ addl %eax,%esi
andl %r11d,%ebx
- movl %eax,40(%rsp)
- addl %esi,%edi
- xorl %edx,%ebx
+ roll $1,%ebp
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- leal 1518500249(%rax,%rdx,1),%esi
+ movl %ebp,52(%rsp)
+ addl %ecx,%esi
+ movl 56(%rsp),%edx
+ movl %r11d,%eax
movl %r11d,%ebx
- movl 44(%r9),%eax
- movl %edi,%edx
- xorl %r12d,%ebx
- bswapl %eax
- roll $5,%edx
- andl %ebp,%ebx
- movl %eax,44(%rsp)
- addl %edx,%esi
+ xorl 0(%rsp),%edx
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 24(%rsp),%edx
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- leal 1518500249(%rax,%r12,1),%edx
- movl %ebp,%ebx
- movl 48(%r9),%eax
- movl %esi,%r12d
- xorl %r11d,%ebx
- bswapl %eax
- roll $5,%r12d
+ leal -1894007588(%rbp,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 44(%rsp),%edx
+ addl %eax,%r13d
andl %edi,%ebx
- movl %eax,48(%rsp)
- addl %r12d,%edx
- xorl %r11d,%ebx
+ roll $1,%edx
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- leal 1518500249(%rax,%r11,1),%r12d
+ movl %edx,56(%rsp)
+ addl %ecx,%r13d
+ movl 60(%rsp),%ebp
+ movl %edi,%eax
movl %edi,%ebx
- movl 52(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
+ xorl 4(%rsp),%ebp
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %r11d,%ebx
+ leal -1894007588(%rdx,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 48(%rsp),%ebp
+ addl %eax,%r12d
andl %esi,%ebx
- movl %eax,52(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%ebp
addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
+ roll $30,%esi
+ movl %ebp,60(%rsp)
+ addl %ecx,%r12d
+ movl 0(%rsp),%edx
+ movl %esi,%eax
movl %esi,%ebx
- movl 56(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,56(%rsp)
- addl %ebp,%r11d
+ xorl 8(%rsp),%edx
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 32(%rsp),%edx
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rbp,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 52(%rsp),%edx
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%edx
addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 60(%r9),%eax
- movl %r11d,%edi
+ roll $30,%r13d
+ movl %edx,0(%rsp)
+ addl %ecx,%r11d
+ movl 4(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 12(%rsp),%ebp
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 36(%rsp),%ebp
xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
+ leal -1894007588(%rdx,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 56(%rsp),%ebp
+ addl %eax,%edi
andl %r12d,%ebx
- movl %eax,60(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ roll $1,%ebp
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
- movl 0(%rsp),%eax
+ movl %ebp,4(%rsp)
+ addl %ecx,%edi
+ movl 8(%rsp),%edx
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 8(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%esi
- xorl 32(%rsp),%eax
+ xorl 16(%rsp),%edx
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r13d,%ebx
+ leal -1894007588(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 60(%rsp),%edx
+ addl %eax,%esi
andl %r11d,%ebx
- addl %esi,%edi
- xorl 52(%rsp),%eax
- xorl %edx,%ebx
+ roll $1,%edx
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,0(%rsp)
- leal 1518500249(%rax,%rdx,1),%esi
- movl 4(%rsp),%eax
+ movl %edx,8(%rsp)
+ addl %ecx,%esi
+ movl 12(%rsp),%ebp
+ movl %r11d,%eax
movl %r11d,%ebx
- movl %edi,%edx
- xorl 12(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edx
- xorl 36(%rsp),%eax
- andl %ebp,%ebx
- addl %edx,%esi
- xorl 56(%rsp),%eax
+ xorl 20(%rsp),%ebp
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 44(%rsp),%ebp
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,4(%rsp)
- leal 1518500249(%rax,%r12,1),%edx
- movl 8(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 16(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%r12d
- xorl 40(%rsp),%eax
+ leal -1894007588(%rdx,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 0(%rsp),%ebp
+ addl %eax,%r13d
andl %edi,%ebx
- addl %r12d,%edx
- xorl 60(%rsp),%eax
- xorl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,8(%rsp)
- leal 1518500249(%rax,%r11,1),%r12d
- movl 12(%rsp),%eax
+ movl %ebp,12(%rsp)
+ addl %ecx,%r13d
+ movl 16(%rsp),%edx
+ movl %edi,%eax
movl %edi,%ebx
- movl %edx,%r11d
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%r11d
- xorl 44(%rsp),%eax
+ xorl 24(%rsp),%edx
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 48(%rsp),%edx
+ xorl %r11d,%ebx
+ leal -1894007588(%rbp,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 4(%rsp),%edx
+ addl %eax,%r12d
andl %esi,%ebx
- addl %r11d,%r12d
- xorl 0(%rsp),%eax
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%edx
addl %ebx,%r12d
- roll $1,%eax
- movl %eax,12(%rsp)
- leal 1518500249(%rax,%rbp,1),%r11d
- movl 16(%rsp),%eax
+ roll $30,%esi
+ movl %edx,16(%rsp)
+ addl %ecx,%r12d
+ movl 20(%rsp),%ebp
+ movl %esi,%eax
movl %esi,%ebx
- movl %r12d,%ebp
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%ebp
- xorl 48(%rsp),%eax
- andl %edx,%ebx
- addl %ebp,%r11d
- xorl 4(%rsp),%eax
+ xorl 28(%rsp),%ebp
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 52(%rsp),%ebp
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rdx,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 8(%rsp),%ebp
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%ebp
addl %ebx,%r11d
- roll $1,%eax
- movl %eax,16(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 20(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 28(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 52(%rsp),%eax
+ roll $30,%r13d
+ movl %ebp,20(%rsp)
+ addl %ecx,%r11d
+ movl 24(%rsp),%edx
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 32(%rsp),%edx
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 56(%rsp),%edx
xorl %esi,%ebx
- addl %edi,%ebp
- xorl 8(%rsp),%eax
+ leal -1894007588(%rbp,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 12(%rsp),%edx
+ addl %eax,%edi
+ andl %r12d,%ebx
+ roll $1,%edx
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,20(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 24(%rsp),%eax
+ movl %edx,24(%rsp)
+ addl %ecx,%edi
+ movl 28(%rsp),%ebp
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 32(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 56(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 12(%rsp),%eax
+ xorl 36(%rsp),%ebp
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %r13d,%ebx
+ leal -1894007588(%rdx,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 16(%rsp),%ebp
+ addl %eax,%esi
+ andl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,24(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 28(%rsp),%eax
+ movl %ebp,28(%rsp)
+ addl %ecx,%esi
+ movl 32(%rsp),%edx
+ movl %r11d,%eax
movl %r11d,%ebx
- movl %edi,%edx
- xorl 36(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 60(%rsp),%eax
+ xorl 40(%rsp),%edx
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 0(%rsp),%edx
xorl %r12d,%ebx
- addl %edx,%esi
- xorl 16(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,28(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 32(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 40(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 0(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 20(%rsp),%eax
+ leal -1894007588(%rbp,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 20(%rsp),%edx
+ addl %eax,%r13d
+ andl %edi,%ebx
+ roll $1,%edx
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,32(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 36(%rsp),%eax
+ movl %edx,32(%rsp)
+ addl %ecx,%r13d
+ movl 36(%rsp),%ebp
+ movl %edi,%eax
movl %edi,%ebx
- movl %edx,%r11d
- xorl 44(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 4(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 24(%rsp),%eax
- roll $30,%esi
+ xorl 44(%rsp),%ebp
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %r11d,%ebx
+ leal -1894007588(%rdx,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 24(%rsp),%ebp
+ addl %eax,%r12d
+ andl %esi,%ebx
+ roll $1,%ebp
addl %ebx,%r12d
- roll $1,%eax
- movl %eax,36(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 40(%rsp),%eax
+ roll $30,%esi
+ movl %ebp,36(%rsp)
+ addl %ecx,%r12d
+ movl 40(%rsp),%edx
+ movl %esi,%eax
movl %esi,%ebx
- movl %r12d,%ebp
- xorl 48(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 8(%rsp),%eax
+ xorl 48(%rsp),%edx
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 8(%rsp),%edx
xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 28(%rsp),%eax
- roll $30,%edx
+ leal -1894007588(%rbp,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 28(%rsp),%edx
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%edx
addl %ebx,%r11d
- roll $1,%eax
- movl %eax,40(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 44(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 52(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 12(%rsp),%eax
+ roll $30,%r13d
+ movl %edx,40(%rsp)
+ addl %ecx,%r11d
+ movl 44(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 52(%rsp),%ebp
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 12(%rsp),%ebp
xorl %esi,%ebx
- addl %edi,%ebp
- xorl 32(%rsp),%eax
+ leal -1894007588(%rdx,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 32(%rsp),%ebp
+ addl %eax,%edi
+ andl %r12d,%ebx
+ roll $1,%ebp
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,44(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 48(%rsp),%eax
+ movl %ebp,44(%rsp)
+ addl %ecx,%edi
+ movl 48(%rsp),%edx
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 56(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 16(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 36(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,48(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 52(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 60(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 20(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 40(%rsp),%eax
- roll $30,%ebp
+ xorl 56(%rsp),%edx
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 16(%rsp),%edx
+ xorl %r13d,%ebx
+ leal -1894007588(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 36(%rsp),%edx
+ addl %eax,%esi
+ andl %r11d,%ebx
+ roll $1,%edx
addl %ebx,%esi
- roll $1,%eax
- movl %eax,52(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 56(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 0(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 24(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 44(%rsp),%eax
+ roll $30,%r11d
+ movl %edx,48(%rsp)
+ addl %ecx,%esi
+ movl 52(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r13,1),%r13d
+ xorl 20(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 40(%rsp),%ebp
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,56(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 60(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 4(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 28(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 48(%rsp),%eax
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,52(%rsp)
+ movl 56(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 0(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r12,1),%r12d
+ xorl 24(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 44(%rsp),%edx
roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,60(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 0(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 8(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 32(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 52(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,0(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 4(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 12(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 36(%rsp),%eax
- xorl %esi,%ebx
- addl %edi,%ebp
- xorl 56(%rsp),%eax
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,56(%rsp)
+ movl 60(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r11,1),%r11d
+ xorl 28(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 48(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,60(%rsp)
+ movl 0(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rdi,1),%edi
+ xorl 32(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 52(%rsp),%edx
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,4(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 8(%rsp),%eax
- movl %r12d,%ebx
- movl %ebp,%esi
- xorl 16(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 40(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 60(%rsp),%eax
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,0(%rsp)
+ movl 4(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rsi,1),%esi
+ xorl 36(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 56(%rsp),%ebp
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,8(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 12(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 44(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 0(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,12(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 16(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 48(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 4(%rsp),%eax
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,4(%rsp)
+ movl 8(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r13,1),%r13d
+ xorl 40(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 60(%rsp),%edx
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,16(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 20(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 28(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 52(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 8(%rsp),%eax
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,8(%rsp)
+ movl 12(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r12,1),%r12d
+ xorl 44(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 0(%rsp),%ebp
roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,20(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 24(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 32(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 56(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 12(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,24(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 28(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 36(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 60(%rsp),%eax
- xorl %esi,%ebx
- addl %edi,%ebp
- xorl 16(%rsp),%eax
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,12(%rsp)
+ movl 16(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r11,1),%r11d
+ xorl 48(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 4(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,16(%rsp)
+ movl 20(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rdi,1),%edi
+ xorl 52(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 8(%rsp),%ebp
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,28(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 32(%rsp),%eax
- movl %r12d,%ebx
- movl %ebp,%esi
- xorl 40(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 0(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 20(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,32(%rsp)
- leal -1894007588(%rax,%rdx,1),%esi
- movl 36(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 44(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 4(%rsp),%eax
- orl %r11d,%ecx
- roll $5,%edx
- xorl 24(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,36(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 40(%rsp),%eax
- movl %edi,%ebx
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %r12d,%eax
movl %edi,%ecx
- xorl 48(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 8(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 28(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,40(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 44(%rsp),%eax
- movl %esi,%ebx
+ xorl 32(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rsi,1),%esi
+ xorl 56(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 12(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %r11d,%eax
movl %esi,%ecx
- xorl 52(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 12(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 32(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 36(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r13,1),%r13d
+ xorl 60(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 16(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 40(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r12,1),%r12d
+ xorl 0(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 20(%rsp),%edx
roll $30,%esi
- movl %eax,44(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 48(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 56(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 16(%rsp),%eax
- orl %esi,%ecx
- roll $5,%ebp
- xorl 36(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,48(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 52(%rsp),%eax
- movl %r12d,%ebx
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %esi,%eax
movl %r12d,%ecx
- xorl 60(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 20(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 40(%rsp),%eax
- andl %esi,%ecx
- addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,52(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 56(%rsp),%eax
- movl %r11d,%ebx
+ xorl 44(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r11,1),%r11d
+ xorl 4(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 24(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,36(%rsp)
+ movl 40(%rsp),%edx
+ movl %r13d,%eax
movl %r11d,%ecx
- xorl 0(%rsp),%eax
- movl %ebp,%esi
- andl %r12d,%ebx
- xorl 24(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 44(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r11d
- movl %eax,56(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 60(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 4(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 28(%rsp),%eax
- orl %r11d,%ecx
- roll $5,%edx
- xorl 48(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,60(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 0(%rsp),%eax
- movl %edi,%ebx
+ xorl 48(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rdi,1),%edi
+ xorl 8(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 28(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,40(%rsp)
+ movl 44(%rsp),%ebp
+ movl %r12d,%eax
movl %edi,%ecx
- xorl 8(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 32(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 52(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,0(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 4(%rsp),%eax
- movl %esi,%ebx
+ xorl 52(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rsi,1),%esi
+ xorl 12(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 32(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,44(%rsp)
+ movl 48(%rsp),%edx
+ movl %r11d,%eax
movl %esi,%ecx
- xorl 12(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 36(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 56(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 56(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r13,1),%r13d
+ xorl 16(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 36(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,48(%rsp)
+ movl 52(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r12,1),%r12d
+ xorl 20(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 40(%rsp),%ebp
roll $30,%esi
- movl %eax,4(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 8(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 16(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 40(%rsp),%eax
- orl %esi,%ecx
- roll $5,%ebp
- xorl 60(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,8(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 12(%rsp),%eax
- movl %r12d,%ebx
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl 56(%rsp),%edx
+ movl %esi,%eax
movl %r12d,%ecx
- xorl 20(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 44(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 0(%rsp),%eax
- andl %esi,%ecx
- addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,12(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 16(%rsp),%eax
- movl %r11d,%ebx
+ xorl 0(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r11,1),%r11d
+ xorl 24(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 44(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl 60(%rsp),%ebp
+ movl %r13d,%eax
movl %r11d,%ecx
- xorl 24(%rsp),%eax
- movl %ebp,%esi
- andl %r12d,%ebx
- xorl 48(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 4(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 4(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rdi,1),%edi
+ xorl 28(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 48(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl %r11d,%eax
+ leal -899497514(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl %r13d,%eax
+ addl %ecx,%esi
roll $30,%r11d
- movl %eax,16(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 20(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 28(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 52(%rsp),%eax
- orl %r11d,%ecx
+ addl %eax,%esi
+ addl 0(%r8),%esi
+ addl 4(%r8),%edi
+ addl 8(%r8),%r11d
+ addl 12(%r8),%r12d
+ addl 16(%r8),%r13d
+ movl %esi,0(%r8)
+ movl %edi,4(%r8)
+ movl %r11d,8(%r8)
+ movl %r12d,12(%r8)
+ movl %r13d,16(%r8)
+
+ subq $1,%r10
+ leaq 64(%r9),%r9
+ jnz .Lloop
+
+ movq 64(%rsp),%rsi
+ movq (%rsi),%r13
+ movq 8(%rsi),%r12
+ movq 16(%rsi),%rbp
+ movq 24(%rsi),%rbx
+ leaq 32(%rsi),%rsp
+.Lepilogue:
+ .byte 0xf3,0xc3
+.size sha1_block_data_order,.-sha1_block_data_order
+.type sha1_block_data_order_ssse3,@function
+.align 16
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ leaq -64(%rsp),%rsp
+ movq %rdi,%r8
+ movq %rsi,%r9
+ movq %rdx,%r10
+
+ shlq $6,%r10
+ addq %r9,%r10
+ leaq K_XX_XX(%rip),%r11
+
+ movl 0(%r8),%eax
+ movl 4(%r8),%ebx
+ movl 8(%r8),%ecx
+ movl 12(%r8),%edx
+ movl %ebx,%esi
+ movl 16(%r8),%ebp
+
+ movdqa 64(%r11),%xmm6
+ movdqa 0(%r11),%xmm9
+ movdqu 0(%r9),%xmm0
+ movdqu 16(%r9),%xmm1
+ movdqu 32(%r9),%xmm2
+ movdqu 48(%r9),%xmm3
+.byte 102,15,56,0,198
+ addq $64,%r9
+.byte 102,15,56,0,206
+.byte 102,15,56,0,214
+.byte 102,15,56,0,222
+ paddd %xmm9,%xmm0
+ paddd %xmm9,%xmm1
+ paddd %xmm9,%xmm2
+ movdqa %xmm0,0(%rsp)
+ psubd %xmm9,%xmm0
+ movdqa %xmm1,16(%rsp)
+ psubd %xmm9,%xmm1
+ movdqa %xmm2,32(%rsp)
+ psubd %xmm9,%xmm2
+ jmp .Loop_ssse3
+.align 16
+.Loop_ssse3:
+ movdqa %xmm1,%xmm4
+ addl 0(%rsp),%ebp
+ xorl %edx,%ecx
+ movdqa %xmm3,%xmm8
+.byte 102,15,58,15,224,8
+ movl %eax,%edi
+ roll $5,%eax
+ paddd %xmm3,%xmm9
+ andl %ecx,%esi
+ xorl %edx,%ecx
+ psrldq $4,%xmm8
+ xorl %edx,%esi
+ addl %eax,%ebp
+ pxor %xmm0,%xmm4
+ rorl $2,%ebx
+ addl %esi,%ebp
+ pxor %xmm2,%xmm8
+ addl 4(%rsp),%edx
+ xorl %ecx,%ebx
+ movl %ebp,%esi
+ roll $5,%ebp
+ pxor %xmm8,%xmm4
+ andl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa %xmm9,48(%rsp)
+ xorl %ecx,%edi
+ addl %ebp,%edx
+ movdqa %xmm4,%xmm10
+ movdqa %xmm4,%xmm8
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 8(%rsp),%ecx
+ xorl %ebx,%eax
+ pslldq $12,%xmm10
+ paddd %xmm4,%xmm4
+ movl %edx,%edi
roll $5,%edx
- xorl 8(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,20(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 24(%rsp),%eax
- movl %edi,%ebx
- movl %edi,%ecx
- xorl 32(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 56(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 12(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,24(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 28(%rsp),%eax
- movl %esi,%ebx
- movl %esi,%ecx
- xorl 36(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 60(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 16(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%esi
- movl %eax,28(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 32(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 40(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 0(%rsp),%eax
- orl %esi,%ecx
+ andl %eax,%esi
+ xorl %ebx,%eax
+ psrld $31,%xmm8
+ xorl %ebx,%esi
+ addl %edx,%ecx
+ movdqa %xmm10,%xmm9
+ rorl $7,%ebp
+ addl %esi,%ecx
+ psrld $30,%xmm10
+ por %xmm8,%xmm4
+ addl 12(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%esi
+ roll $5,%ecx
+ pslld $2,%xmm9
+ pxor %xmm10,%xmm4
+ andl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa 0(%r11),%xmm10
+ xorl %eax,%edi
+ addl %ecx,%ebx
+ pxor %xmm9,%xmm4
+ rorl $7,%edx
+ addl %edi,%ebx
+ movdqa %xmm2,%xmm5
+ addl 16(%rsp),%eax
+ xorl %ebp,%edx
+ movdqa %xmm4,%xmm9
+.byte 102,15,58,15,233,8
+ movl %ebx,%edi
+ roll $5,%ebx
+ paddd %xmm4,%xmm10
+ andl %edx,%esi
+ xorl %ebp,%edx
+ psrldq $4,%xmm9
+ xorl %ebp,%esi
+ addl %ebx,%eax
+ pxor %xmm1,%xmm5
+ rorl $7,%ecx
+ addl %esi,%eax
+ pxor %xmm3,%xmm9
+ addl 20(%rsp),%ebp
+ xorl %edx,%ecx
+ movl %eax,%esi
+ roll $5,%eax
+ pxor %xmm9,%xmm5
+ andl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa %xmm10,0(%rsp)
+ xorl %edx,%edi
+ addl %eax,%ebp
+ movdqa %xmm5,%xmm8
+ movdqa %xmm5,%xmm9
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 24(%rsp),%edx
+ xorl %ecx,%ebx
+ pslldq $12,%xmm8
+ paddd %xmm5,%xmm5
+ movl %ebp,%edi
roll $5,%ebp
- xorl 20(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,32(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 36(%rsp),%eax
- movl %r12d,%ebx
- movl %r12d,%ecx
- xorl 44(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 4(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 24(%rsp),%eax
- andl %esi,%ecx
+ andl %ebx,%esi
+ xorl %ecx,%ebx
+ psrld $31,%xmm9
+ xorl %ecx,%esi
+ addl %ebp,%edx
+ movdqa %xmm8,%xmm10
+ rorl $7,%eax
+ addl %esi,%edx
+ psrld $30,%xmm8
+ por %xmm9,%xmm5
+ addl 28(%rsp),%ecx
+ xorl %ebx,%eax
+ movl %edx,%esi
+ roll $5,%edx
+ pslld $2,%xmm10
+ pxor %xmm8,%xmm5
+ andl %eax,%edi
+ xorl %ebx,%eax
+ movdqa 16(%r11),%xmm8
+ xorl %ebx,%edi
+ addl %edx,%ecx
+ pxor %xmm10,%xmm5
+ rorl $7,%ebp
+ addl %edi,%ecx
+ movdqa %xmm3,%xmm6
+ addl 32(%rsp),%ebx
+ xorl %eax,%ebp
+ movdqa %xmm5,%xmm10
+.byte 102,15,58,15,242,8
+ movl %ecx,%edi
+ roll $5,%ecx
+ paddd %xmm5,%xmm8
+ andl %ebp,%esi
+ xorl %eax,%ebp
+ psrldq $4,%xmm10
+ xorl %eax,%esi
+ addl %ecx,%ebx
+ pxor %xmm2,%xmm6
+ rorl $7,%edx
+ addl %esi,%ebx
+ pxor %xmm4,%xmm10
+ addl 36(%rsp),%eax
+ xorl %ebp,%edx
+ movl %ebx,%esi
+ roll $5,%ebx
+ pxor %xmm10,%xmm6
+ andl %edx,%edi
+ xorl %ebp,%edx
+ movdqa %xmm8,16(%rsp)
+ xorl %ebp,%edi
+ addl %ebx,%eax
+ movdqa %xmm6,%xmm9
+ movdqa %xmm6,%xmm10
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 40(%rsp),%ebp
+ xorl %edx,%ecx
+ pslldq $12,%xmm9
+ paddd %xmm6,%xmm6
+ movl %eax,%edi
+ roll $5,%eax
+ andl %ecx,%esi
+ xorl %edx,%ecx
+ psrld $31,%xmm10
+ xorl %edx,%esi
+ addl %eax,%ebp
+ movdqa %xmm9,%xmm8
+ rorl $7,%ebx
+ addl %esi,%ebp
+ psrld $30,%xmm9
+ por %xmm10,%xmm6
+ addl 44(%rsp),%edx
+ xorl %ecx,%ebx
+ movl %ebp,%esi
+ roll $5,%ebp
+ pslld $2,%xmm8
+ pxor %xmm9,%xmm6
+ andl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa 16(%r11),%xmm9
+ xorl %ecx,%edi
+ addl %ebp,%edx
+ pxor %xmm8,%xmm6
+ rorl $7,%eax
+ addl %edi,%edx
+ movdqa %xmm4,%xmm7
+ addl 48(%rsp),%ecx
+ xorl %ebx,%eax
+ movdqa %xmm6,%xmm8
+.byte 102,15,58,15,251,8
+ movl %edx,%edi
+ roll $5,%edx
+ paddd %xmm6,%xmm9
+ andl %eax,%esi
+ xorl %ebx,%eax
+ psrldq $4,%xmm8
+ xorl %ebx,%esi
+ addl %edx,%ecx
+ pxor %xmm3,%xmm7
+ rorl $7,%ebp
+ addl %esi,%ecx
+ pxor %xmm5,%xmm8
+ addl 52(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%esi
+ roll $5,%ecx
+ pxor %xmm8,%xmm7
+ andl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa %xmm9,32(%rsp)
+ xorl %eax,%edi
+ addl %ecx,%ebx
+ movdqa %xmm7,%xmm10
+ movdqa %xmm7,%xmm8
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 56(%rsp),%eax
+ xorl %ebp,%edx
+ pslldq $12,%xmm10
+ paddd %xmm7,%xmm7
+ movl %ebx,%edi
+ roll $5,%ebx
+ andl %edx,%esi
+ xorl %ebp,%edx
+ psrld $31,%xmm8
+ xorl %ebp,%esi
+ addl %ebx,%eax
+ movdqa %xmm10,%xmm9
+ rorl $7,%ecx
+ addl %esi,%eax
+ psrld $30,%xmm10
+ por %xmm8,%xmm7
+ addl 60(%rsp),%ebp
+ xorl %edx,%ecx
+ movl %eax,%esi
+ roll $5,%eax
+ pslld $2,%xmm9
+ pxor %xmm10,%xmm7
+ andl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa 16(%r11),%xmm10
+ xorl %edx,%edi
+ addl %eax,%ebp
+ pxor %xmm9,%xmm7
+ rorl $7,%ebx
addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,36(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 40(%rsp),%eax
- movl %r11d,%ebx
- movl %r11d,%ecx
- xorl 48(%rsp),%eax
+ movdqa %xmm7,%xmm9
+ addl 0(%rsp),%edx
+ pxor %xmm4,%xmm0
+.byte 102,68,15,58,15,206,8
+ xorl %ecx,%ebx
+ movl %ebp,%edi
+ roll $5,%ebp
+ pxor %xmm1,%xmm0
+ andl %ebx,%esi
+ xorl %ecx,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm7,%xmm10
+ xorl %ecx,%esi
+ addl %ebp,%edx
+ pxor %xmm9,%xmm0
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 4(%rsp),%ecx
+ xorl %ebx,%eax
+ movdqa %xmm0,%xmm9
+ movdqa %xmm10,48(%rsp)
+ movl %edx,%esi
+ roll $5,%edx
+ andl %eax,%edi
+ xorl %ebx,%eax
+ pslld $2,%xmm0
+ xorl %ebx,%edi
+ addl %edx,%ecx
+ psrld $30,%xmm9
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 8(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%edi
+ roll $5,%ecx
+ por %xmm9,%xmm0
+ andl %ebp,%esi
+ xorl %eax,%ebp
+ movdqa %xmm0,%xmm10
+ xorl %eax,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 12(%rsp),%eax
+ xorl %ebp,%edx
+ movl %ebx,%esi
+ roll $5,%ebx
+ andl %edx,%edi
+ xorl %ebp,%edx
+ xorl %ebp,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 16(%rsp),%ebp
+ pxor %xmm5,%xmm1
+.byte 102,68,15,58,15,215,8
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ pxor %xmm2,%xmm1
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ movdqa %xmm8,%xmm9
+ paddd %xmm0,%xmm8
+ rorl $7,%ebx
+ addl %esi,%ebp
+ pxor %xmm10,%xmm1
+ addl 20(%rsp),%edx
+ xorl %ecx,%edi
movl %ebp,%esi
- andl %r12d,%ebx
- xorl 8(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 28(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r11d
- movl %eax,40(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 44(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 52(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 12(%rsp),%eax
- orl %r11d,%ecx
+ roll $5,%ebp
+ movdqa %xmm1,%xmm10
+ movdqa %xmm8,0(%rsp)
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ pslld $2,%xmm1
+ addl 24(%rsp),%ecx
+ xorl %ebx,%esi
+ psrld $30,%xmm10
+ movl %edx,%edi
roll $5,%edx
- xorl 32(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,44(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 48(%rsp),%eax
- movl %edi,%ebx
- movl %edi,%ecx
- xorl 56(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 16(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 36(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,48(%rsp)
- addl %ebx,%edx
- leal -899497514(%rax,%r11,1),%r12d
- movl 52(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 60(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 40(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,52(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 56(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 0(%rsp),%eax
- xorl %edx,%ebx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ por %xmm10,%xmm1
+ addl 28(%rsp),%ebx
+ xorl %eax,%edi
+ movdqa %xmm1,%xmm8
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 32(%rsp),%eax
+ pxor %xmm6,%xmm2
+.byte 102,68,15,58,15,192,8
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ pxor %xmm3,%xmm2
+ xorl %edx,%esi
+ addl %ebx,%eax
+ movdqa 32(%r11),%xmm10
+ paddd %xmm1,%xmm9
+ rorl $7,%ecx
+ addl %esi,%eax
+ pxor %xmm8,%xmm2
+ addl 36(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ movdqa %xmm2,%xmm8
+ movdqa %xmm9,16(%rsp)
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ pslld $2,%xmm2
+ addl 40(%rsp),%edx
+ xorl %ecx,%esi
+ psrld $30,%xmm8
+ movl %ebp,%edi
roll $5,%ebp
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 44(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,56(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 60(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 4(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 28(%rsp),%eax
- xorl %esi,%ebx
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ por %xmm8,%xmm2
+ addl 44(%rsp),%ecx
+ xorl %ebx,%edi
+ movdqa %xmm2,%xmm9
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 48(%rsp),%ebx
+ pxor %xmm7,%xmm3
+.byte 102,68,15,58,15,201,8
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ pxor %xmm4,%xmm3
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm2,%xmm10
+ rorl $7,%edx
+ addl %esi,%ebx
+ pxor %xmm9,%xmm3
+ addl 52(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ movdqa %xmm3,%xmm9
+ movdqa %xmm10,32(%rsp)
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ pslld $2,%xmm3
+ addl 56(%rsp),%ebp
+ xorl %edx,%esi
+ psrld $30,%xmm9
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ por %xmm9,%xmm3
+ addl 60(%rsp),%edx
+ xorl %ecx,%edi
+ movdqa %xmm3,%xmm10
+ movl %ebp,%esi
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 0(%rsp),%ecx
+ pxor %xmm0,%xmm4
+.byte 102,68,15,58,15,210,8
+ xorl %ebx,%esi
+ movl %edx,%edi
+ roll $5,%edx
+ pxor %xmm5,%xmm4
+ xorl %eax,%esi
+ addl %edx,%ecx
+ movdqa %xmm8,%xmm9
+ paddd %xmm3,%xmm8
+ rorl $7,%ebp
+ addl %esi,%ecx
+ pxor %xmm10,%xmm4
+ addl 4(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ movdqa %xmm4,%xmm10
+ movdqa %xmm8,48(%rsp)
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ pslld $2,%xmm4
+ addl 8(%rsp),%eax
+ xorl %ebp,%esi
+ psrld $30,%xmm10
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ por %xmm10,%xmm4
+ addl 12(%rsp),%ebp
+ xorl %edx,%edi
+ movdqa %xmm4,%xmm8
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 48(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,60(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 0(%rsp),%eax
- movl %r12d,%ebx
+ addl 16(%rsp),%edx
+ pxor %xmm1,%xmm5
+.byte 102,68,15,58,15,195,8
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ pxor %xmm6,%xmm5
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ movdqa %xmm9,%xmm10
+ paddd %xmm4,%xmm9
+ rorl $7,%eax
+ addl %esi,%edx
+ pxor %xmm8,%xmm5
+ addl 20(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ movdqa %xmm5,%xmm8
+ movdqa %xmm9,0(%rsp)
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ pslld $2,%xmm5
+ addl 24(%rsp),%ebx
+ xorl %eax,%esi
+ psrld $30,%xmm8
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ por %xmm8,%xmm5
+ addl 28(%rsp),%eax
+ xorl %ebp,%edi
+ movdqa %xmm5,%xmm9
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ movl %ecx,%edi
+ pxor %xmm2,%xmm6
+.byte 102,68,15,58,15,204,8
+ xorl %edx,%ecx
+ addl 32(%rsp),%ebp
+ andl %edx,%edi
+ pxor %xmm7,%xmm6
+ andl %ecx,%esi
+ rorl $7,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm5,%xmm10
+ addl %edi,%ebp
+ movl %eax,%edi
+ pxor %xmm9,%xmm6
+ roll $5,%eax
+ addl %esi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movdqa %xmm6,%xmm9
+ movdqa %xmm10,16(%rsp)
+ movl %ebx,%esi
+ xorl %ecx,%ebx
+ addl 36(%rsp),%edx
+ andl %ecx,%esi
+ pslld $2,%xmm6
+ andl %ebx,%edi
+ rorl $7,%eax
+ psrld $30,%xmm9
+ addl %esi,%edx
movl %ebp,%esi
- xorl 8(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 32(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 52(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,0(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 4(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 12(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ addl %edi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ por %xmm9,%xmm6
+ movl %eax,%edi
+ xorl %ebx,%eax
+ movdqa %xmm6,%xmm10
+ addl 40(%rsp),%ecx
+ andl %ebx,%edi
+ andl %eax,%esi
+ rorl $7,%ebp
+ addl %edi,%ecx
+ movl %edx,%edi
roll $5,%edx
- xorl 36(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 56(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,4(%rsp)
- leal -899497514(%rax,%r12,1),%edx
- movl 8(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 16(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 40(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 60(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,8(%rsp)
- leal -899497514(%rax,%r11,1),%r12d
- movl 12(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 20(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 44(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 0(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,12(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 16(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 24(%rsp),%eax
- xorl %edx,%ebx
+ addl %esi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movl %ebp,%esi
+ xorl %eax,%ebp
+ addl 44(%rsp),%ebx
+ andl %eax,%esi
+ andl %ebp,%edi
+ rorl $7,%edx
+ addl %esi,%ebx
+ movl %ecx,%esi
+ roll $5,%ecx
+ addl %edi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movl %edx,%edi
+ pxor %xmm3,%xmm7
+.byte 102,68,15,58,15,213,8
+ xorl %ebp,%edx
+ addl 48(%rsp),%eax
+ andl %ebp,%edi
+ pxor %xmm0,%xmm7
+ andl %edx,%esi
+ rorl $7,%ecx
+ movdqa 48(%r11),%xmm9
+ paddd %xmm6,%xmm8
+ addl %edi,%eax
+ movl %ebx,%edi
+ pxor %xmm10,%xmm7
+ roll $5,%ebx
+ addl %esi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ movdqa %xmm7,%xmm10
+ movdqa %xmm8,32(%rsp)
+ movl %ecx,%esi
+ xorl %edx,%ecx
+ addl 52(%rsp),%ebp
+ andl %edx,%esi
+ pslld $2,%xmm7
+ andl %ecx,%edi
+ rorl $7,%ebx
+ psrld $30,%xmm10
+ addl %esi,%ebp
+ movl %eax,%esi
+ roll $5,%eax
+ addl %edi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ por %xmm10,%xmm7
+ movl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa %xmm7,%xmm8
+ addl 56(%rsp),%edx
+ andl %ecx,%edi
+ andl %ebx,%esi
+ rorl $7,%eax
+ addl %edi,%edx
+ movl %ebp,%edi
roll $5,%ebp
- xorl 48(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 4(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,16(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 20(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 28(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 52(%rsp),%eax
- xorl %esi,%ebx
+ addl %esi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movl %eax,%esi
+ xorl %ebx,%eax
+ addl 60(%rsp),%ecx
+ andl %ebx,%esi
+ andl %eax,%edi
+ rorl $7,%ebp
+ addl %esi,%ecx
+ movl %edx,%esi
+ roll $5,%edx
+ addl %edi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movl %ebp,%edi
+ pxor %xmm4,%xmm0
+.byte 102,68,15,58,15,198,8
+ xorl %eax,%ebp
+ addl 0(%rsp),%ebx
+ andl %eax,%edi
+ pxor %xmm1,%xmm0
+ andl %ebp,%esi
+ rorl $7,%edx
+ movdqa %xmm9,%xmm10
+ paddd %xmm7,%xmm9
+ addl %edi,%ebx
+ movl %ecx,%edi
+ pxor %xmm8,%xmm0
+ roll $5,%ecx
+ addl %esi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movdqa %xmm0,%xmm8
+ movdqa %xmm9,48(%rsp)
+ movl %edx,%esi
+ xorl %ebp,%edx
+ addl 4(%rsp),%eax
+ andl %ebp,%esi
+ pslld $2,%xmm0
+ andl %edx,%edi
+ rorl $7,%ecx
+ psrld $30,%xmm8
+ addl %esi,%eax
+ movl %ebx,%esi
+ roll $5,%ebx
+ addl %edi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ por %xmm8,%xmm0
+ movl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa %xmm0,%xmm9
+ addl 8(%rsp),%ebp
+ andl %edx,%edi
+ andl %ecx,%esi
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 8(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,20(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 24(%rsp),%eax
- movl %r12d,%ebx
+ movl %eax,%edi
+ roll $5,%eax
+ addl %esi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movl %ebx,%esi
+ xorl %ecx,%ebx
+ addl 12(%rsp),%edx
+ andl %ecx,%esi
+ andl %ebx,%edi
+ rorl $7,%eax
+ addl %esi,%edx
movl %ebp,%esi
- xorl 32(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 56(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 12(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,24(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 28(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 36(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ addl %edi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movl %eax,%edi
+ pxor %xmm5,%xmm1
+.byte 102,68,15,58,15,207,8
+ xorl %ebx,%eax
+ addl 16(%rsp),%ecx
+ andl %ebx,%edi
+ pxor %xmm2,%xmm1
+ andl %eax,%esi
+ rorl $7,%ebp
+ movdqa %xmm10,%xmm8
+ paddd %xmm0,%xmm10
+ addl %edi,%ecx
+ movl %edx,%edi
+ pxor %xmm9,%xmm1
roll $5,%edx
- xorl 60(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 16(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,28(%rsp)
- leal -899497514(%rax,%r12,1),%edx
- movl 32(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 40(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 0(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 20(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,32(%rsp)
- leal -899497514(%rax,%r11,1),%r12d
- movl 36(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 44(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 4(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 24(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,36(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 40(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 48(%rsp),%eax
- xorl %edx,%ebx
+ addl %esi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movdqa %xmm1,%xmm9
+ movdqa %xmm10,0(%rsp)
+ movl %ebp,%esi
+ xorl %eax,%ebp
+ addl 20(%rsp),%ebx
+ andl %eax,%esi
+ pslld $2,%xmm1
+ andl %ebp,%edi
+ rorl $7,%edx
+ psrld $30,%xmm9
+ addl %esi,%ebx
+ movl %ecx,%esi
+ roll $5,%ecx
+ addl %edi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ por %xmm9,%xmm1
+ movl %edx,%edi
+ xorl %ebp,%edx
+ movdqa %xmm1,%xmm10
+ addl 24(%rsp),%eax
+ andl %ebp,%edi
+ andl %edx,%esi
+ rorl $7,%ecx
+ addl %edi,%eax
+ movl %ebx,%edi
+ roll $5,%ebx
+ addl %esi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ movl %ecx,%esi
+ xorl %edx,%ecx
+ addl 28(%rsp),%ebp
+ andl %edx,%esi
+ andl %ecx,%edi
+ rorl $7,%ebx
+ addl %esi,%ebp
+ movl %eax,%esi
+ roll $5,%eax
+ addl %edi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movl %ebx,%edi
+ pxor %xmm6,%xmm2
+.byte 102,68,15,58,15,208,8
+ xorl %ecx,%ebx
+ addl 32(%rsp),%edx
+ andl %ecx,%edi
+ pxor %xmm3,%xmm2
+ andl %ebx,%esi
+ rorl $7,%eax
+ movdqa %xmm8,%xmm9
+ paddd %xmm1,%xmm8
+ addl %edi,%edx
+ movl %ebp,%edi
+ pxor %xmm10,%xmm2
roll $5,%ebp
- xorl 8(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 28(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,40(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 44(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 52(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 12(%rsp),%eax
- xorl %esi,%ebx
+ addl %esi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movdqa %xmm2,%xmm10
+ movdqa %xmm8,16(%rsp)
+ movl %eax,%esi
+ xorl %ebx,%eax
+ addl 36(%rsp),%ecx
+ andl %ebx,%esi
+ pslld $2,%xmm2
+ andl %eax,%edi
+ rorl $7,%ebp
+ psrld $30,%xmm10
+ addl %esi,%ecx
+ movl %edx,%esi
+ roll $5,%edx
+ addl %edi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ por %xmm10,%xmm2
+ movl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa %xmm2,%xmm8
+ addl 40(%rsp),%ebx
+ andl %eax,%edi
+ andl %ebp,%esi
+ rorl $7,%edx
+ addl %edi,%ebx
+ movl %ecx,%edi
+ roll $5,%ecx
+ addl %esi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movl %edx,%esi
+ xorl %ebp,%edx
+ addl 44(%rsp),%eax
+ andl %ebp,%esi
+ andl %edx,%edi
+ rorl $7,%ecx
+ addl %esi,%eax
+ movl %ebx,%esi
+ roll $5,%ebx
+ addl %edi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ addl 48(%rsp),%ebp
+ pxor %xmm7,%xmm3
+.byte 102,68,15,58,15,193,8
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ pxor %xmm4,%xmm3
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ movdqa %xmm9,%xmm10
+ paddd %xmm2,%xmm9
+ rorl $7,%ebx
+ addl %esi,%ebp
+ pxor %xmm8,%xmm3
+ addl 52(%rsp),%edx
+ xorl %ecx,%edi
+ movl %ebp,%esi
+ roll $5,%ebp
+ movdqa %xmm3,%xmm8
+ movdqa %xmm9,32(%rsp)
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ pslld $2,%xmm3
+ addl 56(%rsp),%ecx
+ xorl %ebx,%esi
+ psrld $30,%xmm8
+ movl %edx,%edi
+ roll $5,%edx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ por %xmm8,%xmm3
+ addl 60(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 0(%rsp),%eax
+ paddd %xmm3,%xmm10
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ movdqa %xmm10,48(%rsp)
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 4(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 32(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,44(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 48(%rsp),%eax
- movl %r12d,%ebx
+ addl 8(%rsp),%edx
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 12(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ cmpq %r10,%r9
+ je .Ldone_ssse3
+ movdqa 64(%r11),%xmm6
+ movdqa 0(%r11),%xmm9
+ movdqu 0(%r9),%xmm0
+ movdqu 16(%r9),%xmm1
+ movdqu 32(%r9),%xmm2
+ movdqu 48(%r9),%xmm3
+.byte 102,15,56,0,198
+ addq $64,%r9
+ addl 16(%rsp),%ebx
+ xorl %eax,%esi
+.byte 102,15,56,0,206
+ movl %ecx,%edi
+ roll $5,%ecx
+ paddd %xmm9,%xmm0
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ movdqa %xmm0,0(%rsp)
+ addl 20(%rsp),%eax
+ xorl %ebp,%edi
+ psubd %xmm9,%xmm0
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 24(%rsp),%ebp
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ addl 28(%rsp),%edx
+ xorl %ecx,%edi
movl %ebp,%esi
- xorl 56(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 16(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 36(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,48(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 52(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 60(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 32(%rsp),%ecx
+ xorl %ebx,%esi
+.byte 102,15,56,0,214
+ movl %edx,%edi
roll $5,%edx
- xorl 20(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 40(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- leal -899497514(%rax,%r12,1),%edx
- movl 56(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 0(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 24(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 44(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- leal -899497514(%rax,%r11,1),%r12d
- movl 60(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 4(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 28(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 48(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- leal -899497514(%rax,%rbp,1),%r11d
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl %edx,%ebx
+ paddd %xmm9,%xmm1
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ movdqa %xmm1,16(%rsp)
+ addl 36(%rsp),%ebx
+ xorl %eax,%edi
+ psubd %xmm9,%xmm1
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 40(%rsp),%eax
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 44(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 48(%rsp),%edx
+ xorl %ecx,%esi
+.byte 102,15,56,0,222
+ movl %ebp,%edi
roll $5,%ebp
- xorl %edi,%ebx
- addl %ebp,%r11d
- roll $30,%edx
- addl %ebx,%r11d
- addl 0(%r8),%r11d
- addl 4(%r8),%r12d
- addl 8(%r8),%edx
- addl 12(%r8),%esi
- addl 16(%r8),%edi
- movl %r11d,0(%r8)
- movl %r12d,4(%r8)
- movl %edx,8(%r8)
- movl %esi,12(%r8)
- movl %edi,16(%r8)
-
- xchgl %r11d,%edx
- xchgl %r12d,%esi
- xchgl %r11d,%edi
- xchgl %r12d,%ebp
+ paddd %xmm9,%xmm2
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ movdqa %xmm2,32(%rsp)
+ addl 52(%rsp),%ecx
+ xorl %ebx,%edi
+ psubd %xmm9,%xmm2
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 56(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 60(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 0(%r8),%eax
+ addl 4(%r8),%esi
+ addl 8(%r8),%ecx
+ addl 12(%r8),%edx
+ movl %eax,0(%r8)
+ addl 16(%r8),%ebp
+ movl %esi,4(%r8)
+ movl %esi,%ebx
+ movl %ecx,8(%r8)
+ movl %edx,12(%r8)
+ movl %ebp,16(%r8)
+ jmp .Loop_ssse3
- leaq 64(%r9),%r9
- subq $1,%r10
- jnz .Lloop
- movq 64(%rsp),%rsi
- movq (%rsi),%r12
+.align 16
+.Ldone_ssse3:
+ addl 16(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 20(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 24(%rsp),%ebp
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ addl 28(%rsp),%edx
+ xorl %ecx,%edi
+ movl %ebp,%esi
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 32(%rsp),%ecx
+ xorl %ebx,%esi
+ movl %edx,%edi
+ roll $5,%edx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ addl 36(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 40(%rsp),%eax
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 44(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 48(%rsp),%edx
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 52(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 56(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 60(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 0(%r8),%eax
+ addl 4(%r8),%esi
+ addl 8(%r8),%ecx
+ movl %eax,0(%r8)
+ addl 12(%r8),%edx
+ movl %esi,4(%r8)
+ addl 16(%r8),%ebp
+ movl %ecx,8(%r8)
+ movl %edx,12(%r8)
+ movl %ebp,16(%r8)
+ leaq 64(%rsp),%rsi
+ movq 0(%rsi),%r12
movq 8(%rsi),%rbp
movq 16(%rsi),%rbx
leaq 24(%rsi),%rsp
-.Lepilogue:
+.Lepilogue_ssse3:
.byte 0xf3,0xc3
-.size sha1_block_data_order,.-sha1_block_data_order
+.size sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
+.align 64
+K_XX_XX:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999
+
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+
+.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+
.byte 83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
-.align 16
+.align 64
diff --git a/deps/openssl/asm/x64-elf-gas/sha/sha512-x86_64.s b/deps/openssl/asm/x64-elf-gas/sha/sha512-x86_64.s
index ddf7b907a..576d7d8bf 100644
--- a/deps/openssl/asm/x64-elf-gas/sha/sha512-x86_64.s
+++ b/deps/openssl/asm/x64-elf-gas/sha/sha512-x86_64.s
@@ -38,1880 +38,1688 @@ sha256_block_data_order:
.Lloop:
xorq %rdi,%rdi
movl 0(%rsi),%r12d
- bswapl %r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %eax,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,0(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,0(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
+
movl 4(%rsi),%r12d
- bswapl %r12d
movl %edx,%r13d
- movl %edx,%r14d
+ movl %r11d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,4(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,4(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
+
movl 8(%rsi),%r12d
- bswapl %r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %r10d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,8(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,8(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
+
movl 12(%rsi),%r12d
- bswapl %r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %r9d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,12(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,12(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
+
movl 16(%rsi),%r12d
- bswapl %r12d
movl %eax,%r13d
- movl %eax,%r14d
+ movl %r8d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,16(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,16(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
+
movl 20(%rsi),%r12d
- bswapl %r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %edx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,20(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,20(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
+
movl 24(%rsi),%r12d
- bswapl %r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %ecx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,24(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,24(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
+
movl 28(%rsi),%r12d
- bswapl %r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %ebx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,28(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,28(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
movl 32(%rsi),%r12d
- bswapl %r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %eax,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,32(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,32(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
+
movl 36(%rsi),%r12d
- bswapl %r12d
movl %edx,%r13d
- movl %edx,%r14d
+ movl %r11d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,36(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,36(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
+
movl 40(%rsi),%r12d
- bswapl %r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %r10d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,40(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,40(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
+
movl 44(%rsi),%r12d
- bswapl %r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %r9d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,44(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,44(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
+
movl 48(%rsi),%r12d
- bswapl %r12d
movl %eax,%r13d
- movl %eax,%r14d
+ movl %r8d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,48(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,48(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
+
movl 52(%rsi),%r12d
- bswapl %r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %edx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,52(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,52(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
+
movl 56(%rsi),%r12d
- bswapl %r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %ecx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,56(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,56(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
+
movl 60(%rsi),%r12d
- bswapl %r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %ebx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,60(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,60(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
jmp .Lrounds_16_xx
.align 16
.Lrounds_16_xx:
movl 4(%rsp),%r13d
- movl 56(%rsp),%r12d
-
- movl %r13d,%r15d
+ movl 56(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 36(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 36(%rsp),%r12d
+ xorl %r15d,%r14d
addl 0(%rsp),%r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ addl %r14d,%r12d
+ movl %eax,%r14d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,0(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,0(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
- movl 8(%rsp),%r13d
- movl 60(%rsp),%r12d
- movl %r13d,%r15d
+ movl 8(%rsp),%r13d
+ movl 60(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 40(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 40(%rsp),%r12d
+ xorl %r15d,%r14d
addl 4(%rsp),%r12d
movl %edx,%r13d
- movl %edx,%r14d
+ addl %r14d,%r12d
+ movl %r11d,%r14d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,4(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,4(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
- movl 12(%rsp),%r13d
- movl 0(%rsp),%r12d
- movl %r13d,%r15d
+ movl 12(%rsp),%r13d
+ movl 0(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 44(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 44(%rsp),%r12d
+ xorl %r15d,%r14d
addl 8(%rsp),%r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ addl %r14d,%r12d
+ movl %r10d,%r14d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,8(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,8(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
- movl 16(%rsp),%r13d
- movl 4(%rsp),%r12d
- movl %r13d,%r15d
+ movl 16(%rsp),%r13d
+ movl 4(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 48(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 48(%rsp),%r12d
+ xorl %r15d,%r14d
addl 12(%rsp),%r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ addl %r14d,%r12d
+ movl %r9d,%r14d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,12(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,12(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
- movl 20(%rsp),%r13d
- movl 8(%rsp),%r12d
- movl %r13d,%r15d
+ movl 20(%rsp),%r13d
+ movl 8(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 52(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 52(%rsp),%r12d
+ xorl %r15d,%r14d
addl 16(%rsp),%r12d
movl %eax,%r13d
- movl %eax,%r14d
+ addl %r14d,%r12d
+ movl %r8d,%r14d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,16(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,16(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
- movl 24(%rsp),%r13d
- movl 12(%rsp),%r12d
- movl %r13d,%r15d
+ movl 24(%rsp),%r13d
+ movl 12(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 56(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 56(%rsp),%r12d
+ xorl %r15d,%r14d
addl 20(%rsp),%r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ addl %r14d,%r12d
+ movl %edx,%r14d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,20(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,20(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
- movl 28(%rsp),%r13d
- movl 16(%rsp),%r12d
- movl %r13d,%r15d
+ movl 28(%rsp),%r13d
+ movl 16(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 60(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 60(%rsp),%r12d
+ xorl %r15d,%r14d
addl 24(%rsp),%r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ addl %r14d,%r12d
+ movl %ecx,%r14d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,24(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,24(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
- movl 32(%rsp),%r13d
- movl 20(%rsp),%r12d
- movl %r13d,%r15d
+ movl 32(%rsp),%r13d
+ movl 20(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 0(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 0(%rsp),%r12d
+ xorl %r15d,%r14d
addl 28(%rsp),%r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ addl %r14d,%r12d
+ movl %ebx,%r14d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,28(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,28(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
- movl 36(%rsp),%r13d
- movl 24(%rsp),%r12d
- movl %r13d,%r15d
+ movl 36(%rsp),%r13d
+ movl 24(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 4(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 4(%rsp),%r12d
+ xorl %r15d,%r14d
addl 32(%rsp),%r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ addl %r14d,%r12d
+ movl %eax,%r14d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,32(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,32(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
- movl 40(%rsp),%r13d
- movl 28(%rsp),%r12d
- movl %r13d,%r15d
+ movl 40(%rsp),%r13d
+ movl 28(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 8(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 8(%rsp),%r12d
+ xorl %r15d,%r14d
addl 36(%rsp),%r12d
movl %edx,%r13d
- movl %edx,%r14d
+ addl %r14d,%r12d
+ movl %r11d,%r14d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,36(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,36(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
- movl 44(%rsp),%r13d
- movl 32(%rsp),%r12d
- movl %r13d,%r15d
+ movl 44(%rsp),%r13d
+ movl 32(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 12(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 12(%rsp),%r12d
+ xorl %r15d,%r14d
addl 40(%rsp),%r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ addl %r14d,%r12d
+ movl %r10d,%r14d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,40(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,40(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
- movl 48(%rsp),%r13d
- movl 36(%rsp),%r12d
- movl %r13d,%r15d
+ movl 48(%rsp),%r13d
+ movl 36(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 16(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 16(%rsp),%r12d
+ xorl %r15d,%r14d
addl 44(%rsp),%r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ addl %r14d,%r12d
+ movl %r9d,%r14d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,44(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,44(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
- movl 52(%rsp),%r13d
- movl 40(%rsp),%r12d
- movl %r13d,%r15d
+ movl 52(%rsp),%r13d
+ movl 40(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 20(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 20(%rsp),%r12d
+ xorl %r15d,%r14d
addl 48(%rsp),%r12d
movl %eax,%r13d
- movl %eax,%r14d
+ addl %r14d,%r12d
+ movl %r8d,%r14d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,48(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,48(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
- movl 56(%rsp),%r13d
- movl 44(%rsp),%r12d
- movl %r13d,%r15d
+ movl 56(%rsp),%r13d
+ movl 44(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 24(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 24(%rsp),%r12d
+ xorl %r15d,%r14d
addl 52(%rsp),%r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ addl %r14d,%r12d
+ movl %edx,%r14d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,52(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,52(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
- movl 60(%rsp),%r13d
- movl 48(%rsp),%r12d
- movl %r13d,%r15d
+ movl 60(%rsp),%r13d
+ movl 48(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 28(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 28(%rsp),%r12d
+ xorl %r15d,%r14d
addl 56(%rsp),%r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ addl %r14d,%r12d
+ movl %ecx,%r14d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,56(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,56(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
- movl 0(%rsp),%r13d
- movl 52(%rsp),%r12d
- movl %r13d,%r15d
+ movl 0(%rsp),%r13d
+ movl 52(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 32(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 32(%rsp),%r12d
+ xorl %r15d,%r14d
addl 60(%rsp),%r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ addl %r14d,%r12d
+ movl %ebx,%r14d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,60(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,60(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
cmpq $64,%rdi
jb .Lrounds_16_xx
diff --git a/deps/openssl/asm/x64-elf-gas/x86_64cpuid.s b/deps/openssl/asm/x64-elf-gas/x86_64cpuid.s
index 0a565a989..e0a828708 100644
--- a/deps/openssl/asm/x64-elf-gas/x86_64cpuid.s
+++ b/deps/openssl/asm/x64-elf-gas/x86_64cpuid.s
@@ -1,7 +1,11 @@
+.hidden OPENSSL_cpuid_setup
.section .init
call OPENSSL_cpuid_setup
+.hidden OPENSSL_ia32cap_P
+.comm OPENSSL_ia32cap_P,8,4
+
.text
@@ -67,7 +71,15 @@ OPENSSL_ia32_cpuid:
movl $2147483648,%eax
cpuid
- cmpl $2147483656,%eax
+ cmpl $2147483649,%eax
+ jb .Lintel
+ movl %eax,%r10d
+ movl $2147483649,%eax
+ cpuid
+ orl %ecx,%r9d
+ andl $2049,%r9d
+
+ cmpl $2147483656,%r10d
jb .Lintel
movl $2147483656,%eax
@@ -78,12 +90,12 @@ OPENSSL_ia32_cpuid:
movl $1,%eax
cpuid
btl $28,%edx
- jnc .Ldone
+ jnc .Lgeneric
shrl $16,%ebx
cmpb %r10b,%bl
- ja .Ldone
+ ja .Lgeneric
andl $4026531839,%edx
- jmp .Ldone
+ jmp .Lgeneric
.Lintel:
cmpl $4,%r11d
@@ -100,30 +112,48 @@ OPENSSL_ia32_cpuid:
.Lnocacheinfo:
movl $1,%eax
cpuid
+ andl $3220176895,%edx
cmpl $0,%r9d
jne .Lnotintel
- orl $1048576,%edx
+ orl $1073741824,%edx
andb $15,%ah
cmpb $15,%ah
- je .Lnotintel
- orl $1073741824,%edx
+ jne .Lnotintel
+ orl $1048576,%edx
.Lnotintel:
btl $28,%edx
- jnc .Ldone
+ jnc .Lgeneric
andl $4026531839,%edx
cmpl $0,%r10d
- je .Ldone
+ je .Lgeneric
orl $268435456,%edx
shrl $16,%ebx
cmpb $1,%bl
- ja .Ldone
+ ja .Lgeneric
andl $4026531839,%edx
+.Lgeneric:
+ andl $2048,%r9d
+ andl $4294965247,%ecx
+ orl %ecx,%r9d
+
+ movl %edx,%r10d
+ btl $27,%r9d
+ jnc .Lclear_avx
+ xorl %ecx,%ecx
+.byte 0x0f,0x01,0xd0
+
+ andl $6,%eax
+ cmpl $6,%eax
+ je .Ldone
+.Lclear_avx:
+ movl $4026525695,%eax
+ andl %eax,%r9d
.Ldone:
- shlq $32,%rcx
- movl %edx,%eax
+ shlq $32,%r9
+ movl %r10d,%eax
movq %r8,%rbx
- orq %rcx,%rax
+ orq %r9,%rax
.byte 0xf3,0xc3
.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
@@ -192,3 +222,17 @@ OPENSSL_wipe_cpu:
leaq 8(%rsp),%rax
.byte 0xf3,0xc3
.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+.globl OPENSSL_ia32_rdrand
+.type OPENSSL_ia32_rdrand,@function
+.align 16
+OPENSSL_ia32_rdrand:
+ movl $8,%ecx
+.Loop_rdrand:
+.byte 72,15,199,240
+ jc .Lbreak_rdrand
+ loop .Loop_rdrand
+.Lbreak_rdrand:
+ cmpq $0,%rax
+ cmoveq %rcx,%rax
+ .byte 0xf3,0xc3
+.size OPENSSL_ia32_rdrand,.-OPENSSL_ia32_rdrand
diff --git a/deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s b/deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s
index d42e1ea79..88120a189 100644
--- a/deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s
+++ b/deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s
@@ -333,6 +333,9 @@ L$enc_compact_done:
.globl _AES_encrypt
.p2align 4
+.globl _asm_AES_encrypt
+.private_extern _asm_AES_encrypt
+_asm_AES_encrypt:
_AES_encrypt:
pushq %rbx
pushq %rbp
@@ -780,6 +783,9 @@ L$dec_compact_done:
.globl _AES_decrypt
.p2align 4
+.globl _asm_AES_decrypt
+.private_extern _asm_AES_decrypt
+_asm_AES_decrypt:
_AES_decrypt:
pushq %rbx
pushq %rbp
@@ -843,10 +849,10 @@ L$dec_prologue:
L$dec_epilogue:
.byte 0xf3,0xc3
-.globl _AES_set_encrypt_key
+.globl _private_AES_set_encrypt_key
.p2align 4
-_AES_set_encrypt_key:
+_private_AES_set_encrypt_key:
pushq %rbx
pushq %rbp
pushq %r12
@@ -1109,10 +1115,10 @@ L$exit:
.byte 0xf3,0xc3
-.globl _AES_set_decrypt_key
+.globl _private_AES_set_decrypt_key
.p2align 4
-_AES_set_decrypt_key:
+_private_AES_set_decrypt_key:
pushq %rbx
pushq %rbp
pushq %r12
@@ -1300,6 +1306,9 @@ L$dec_key_epilogue:
.p2align 4
+.globl _asm_AES_cbc_encrypt
+.private_extern _asm_AES_cbc_encrypt
+_asm_AES_cbc_encrypt:
_AES_cbc_encrypt:
cmpq $0,%rdx
je L$cbc_epilogue
diff --git a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s
index 23292a071..ece106c49 100644
--- a/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s
+++ b/deps/openssl/asm/x64-macosx-gas/bn/x86_64-mont.s
@@ -5,6 +5,16 @@
.p2align 4
_bn_mul_mont:
+ testl $3,%r9d
+ jnz L$mul_enter
+ cmpl $8,%r9d
+ jb L$mul_enter
+ cmpq %rsi,%rdx
+ jne L$mul4x_enter
+ jmp L$sqr4x_enter
+
+.p2align 4
+L$mul_enter:
pushq %rbx
pushq %rbp
pushq %r12
@@ -20,48 +30,63 @@ _bn_mul_mont:
andq $-1024,%rsp
movq %r11,8(%rsp,%r9,8)
-L$prologue:
+L$mul_body:
movq %rdx,%r12
-
movq (%r8),%r8
+ movq (%r12),%rbx
+ movq (%rsi),%rax
xorq %r14,%r14
xorq %r15,%r15
- movq (%r12),%rbx
- movq (%rsi),%rax
+ movq %r8,%rbp
mulq %rbx
movq %rax,%r10
- movq %rdx,%r11
+ movq (%rcx),%rax
- imulq %r8,%rax
- movq %rax,%rbp
+ imulq %r10,%rbp
+ movq %rdx,%r11
- mulq (%rcx)
- addq %r10,%rax
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
adcq $0,%rdx
movq %rdx,%r13
leaq 1(%r15),%r15
+ jmp L$1st_enter
+
+.p2align 4
L$1st:
+ addq %rax,%r13
movq (%rsi,%r15,8),%rax
- mulq %rbx
- addq %r11,%rax
adcq $0,%rdx
- movq %rax,%r10
+ addq %r11,%r13
+ movq %r10,%r11
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+L$1st_enter:
+ mulq %rbx
+ addq %rax,%r11
movq (%rcx,%r15,8),%rax
- movq %rdx,%r11
+ adcq $0,%rdx
+ leaq 1(%r15),%r15
+ movq %rdx,%r10
mulq %rbp
- addq %r13,%rax
- leaq 1(%r15),%r15
+ cmpq %r9,%r15
+ jne L$1st
+
+ addq %rax,%r13
+ movq (%rsi),%rax
adcq $0,%rdx
- addq %r10,%rax
+ addq %r11,%r13
adcq $0,%rdx
- movq %rax,-16(%rsp,%r15,8)
- cmpq %r9,%r15
+ movq %r13,-16(%rsp,%r15,8)
movq %rdx,%r13
- jl L$1st
+ movq %r10,%r11
xorq %rdx,%rdx
addq %r11,%r13
@@ -70,50 +95,64 @@ L$1st:
movq %rdx,(%rsp,%r9,8)
leaq 1(%r14),%r14
-.p2align 2
+ jmp L$outer
+.p2align 4
L$outer:
- xorq %r15,%r15
-
movq (%r12,%r14,8),%rbx
- movq (%rsi),%rax
+ xorq %r15,%r15
+ movq %r8,%rbp
+ movq (%rsp),%r10
mulq %rbx
- addq (%rsp),%rax
+ addq %rax,%r10
+ movq (%rcx),%rax
adcq $0,%rdx
- movq %rax,%r10
- movq %rdx,%r11
- imulq %r8,%rax
- movq %rax,%rbp
+ imulq %r10,%rbp
+ movq %rdx,%r11
- mulq (%rcx,%r15,8)
- addq %r10,%rax
- movq 8(%rsp),%r10
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
adcq $0,%rdx
+ movq 8(%rsp),%r10
movq %rdx,%r13
leaq 1(%r15),%r15
-.p2align 2
+ jmp L$inner_enter
+
+.p2align 4
L$inner:
+ addq %rax,%r13
movq (%rsi,%r15,8),%rax
- mulq %rbx
- addq %r11,%rax
adcq $0,%rdx
- addq %rax,%r10
+ addq %r10,%r13
+ movq (%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+L$inner_enter:
+ mulq %rbx
+ addq %rax,%r11
movq (%rcx,%r15,8),%rax
adcq $0,%rdx
+ addq %r11,%r10
movq %rdx,%r11
+ adcq $0,%r11
+ leaq 1(%r15),%r15
mulq %rbp
- addq %r13,%rax
- leaq 1(%r15),%r15
- adcq $0,%rdx
- addq %r10,%rax
+ cmpq %r9,%r15
+ jne L$inner
+
+ addq %rax,%r13
+ movq (%rsi),%rax
adcq $0,%rdx
+ addq %r10,%r13
movq (%rsp,%r15,8),%r10
- cmpq %r9,%r15
- movq %rax,-16(%rsp,%r15,8)
+ adcq $0,%rdx
+ movq %r13,-16(%rsp,%r15,8)
movq %rdx,%r13
- jl L$inner
xorq %rdx,%rdx
addq %r11,%r13
@@ -127,35 +166,434 @@ L$inner:
cmpq %r9,%r14
jl L$outer
- leaq (%rsp),%rsi
- leaq -1(%r9),%r15
-
- movq (%rsi),%rax
xorq %r14,%r14
+ movq (%rsp),%rax
+ leaq (%rsp),%rsi
+ movq %r9,%r15
jmp L$sub
.p2align 4
L$sub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
- decq %r15
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
- jge L$sub
+ decq %r15
+ jnz L$sub
sbbq $0,%rax
+ xorq %r14,%r14
andq %rax,%rsi
notq %rax
movq %rdi,%rcx
andq %rax,%rcx
- leaq -1(%r9),%r15
+ movq %r9,%r15
orq %rcx,%rsi
.p2align 4
L$copy:
+ movq (%rsi,%r14,8),%rax
+ movq %r14,(%rsp,%r14,8)
+ movq %rax,(%rdi,%r14,8)
+ leaq 1(%r14),%r14
+ subq $1,%r15
+ jnz L$copy
+
+ movq 8(%rsp,%r9,8),%rsi
+ movq $1,%rax
+ movq (%rsi),%r15
+ movq 8(%rsi),%r14
+ movq 16(%rsi),%r13
+ movq 24(%rsi),%r12
+ movq 32(%rsi),%rbp
+ movq 40(%rsi),%rbx
+ leaq 48(%rsi),%rsp
+L$mul_epilogue:
+ .byte 0xf3,0xc3
+
+
+.p2align 4
+bn_mul4x_mont:
+L$mul4x_enter:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+
+ movl %r9d,%r9d
+ leaq 4(%r9),%r10
+ movq %rsp,%r11
+ negq %r10
+ leaq (%rsp,%r10,8),%rsp
+ andq $-1024,%rsp
+
+ movq %r11,8(%rsp,%r9,8)
+L$mul4x_body:
+ movq %rdi,16(%rsp,%r9,8)
+ movq %rdx,%r12
+ movq (%r8),%r8
+ movq (%r12),%rbx
+ movq (%rsi),%rax
+
+ xorq %r14,%r14
+ xorq %r15,%r15
+
+ movq %r8,%rbp
+ mulq %rbx
+ movq %rax,%r10
+ movq (%rcx),%rax
+
+ imulq %r10,%rbp
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
+ adcq $0,%rdx
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq 16(%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ leaq 4(%r15),%r15
+ adcq $0,%rdx
+ movq %rdi,(%rsp)
+ movq %rdx,%r13
+ jmp L$1st4x
+.p2align 4
+L$1st4x:
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq 8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ leaq 4(%r15),%r15
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq -16(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-32(%rsp,%r15,8)
+ movq %rdx,%r13
+ cmpq %r9,%r15
+ jl L$1st4x
+
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ xorq %rdi,%rdi
+ addq %r10,%r13
+ adcq $0,%rdi
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdi,(%rsp,%r15,8)
+
+ leaq 1(%r14),%r14
+.p2align 2
+L$outer4x:
+ movq (%r12,%r14,8),%rbx
+ xorq %r15,%r15
+ movq (%rsp),%r10
+ movq %r8,%rbp
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx),%rax
+ adcq $0,%rdx
+
+ imulq %r10,%rbp
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r10
+ movq 8(%rsi),%rax
+ adcq $0,%rdx
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx),%rax
+ adcq $0,%rdx
+ addq 8(%rsp),%r11
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq 16(%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ leaq 4(%r15),%r15
+ adcq $0,%rdx
+ movq %rdi,(%rsp)
+ movq %rdx,%r13
+ jmp L$inner4x
+.p2align 4
+L$inner4x:
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -16(%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
movq (%rsi,%r15,8),%rax
- movq %rax,(%rdi,%r15,8)
- movq %r14,(%rsp,%r15,8)
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ mulq %rbx
+ addq %rax,%r10
+ movq (%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq (%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq 8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq 8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq 8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ leaq 4(%r15),%r15
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq -16(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-32(%rsp,%r15,8)
+ movq %rdx,%r13
+ cmpq %r9,%r15
+ jl L$inner4x
+
+ mulq %rbx
+ addq %rax,%r10
+ movq -16(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -16(%rsp,%r15,8),%r10
+ adcq $0,%rdx
+ movq %rdx,%r11
+
+ mulq %rbp
+ addq %rax,%r13
+ movq -8(%rsi,%r15,8),%rax
+ adcq $0,%rdx
+ addq %r10,%r13
+ adcq $0,%rdx
+ movq %r13,-24(%rsp,%r15,8)
+ movq %rdx,%rdi
+
+ mulq %rbx
+ addq %rax,%r11
+ movq -8(%rcx,%r15,8),%rax
+ adcq $0,%rdx
+ addq -8(%rsp,%r15,8),%r11
+ adcq $0,%rdx
+ leaq 1(%r14),%r14
+ movq %rdx,%r10
+
+ mulq %rbp
+ addq %rax,%rdi
+ movq (%rsi),%rax
+ adcq $0,%rdx
+ addq %r11,%rdi
+ adcq $0,%rdx
+ movq %rdi,-16(%rsp,%r15,8)
+ movq %rdx,%r13
+
+ xorq %rdi,%rdi
+ addq %r10,%r13
+ adcq $0,%rdi
+ addq (%rsp,%r9,8),%r13
+ adcq $0,%rdi
+ movq %r13,-8(%rsp,%r15,8)
+ movq %rdi,(%rsp,%r15,8)
+
+ cmpq %r9,%r14
+ jl L$outer4x
+ movq 16(%rsp,%r9,8),%rdi
+ movq 0(%rsp),%rax
+ pxor %xmm0,%xmm0
+ movq 8(%rsp),%rdx
+ shrq $2,%r9
+ leaq (%rsp),%rsi
+ xorq %r14,%r14
+
+ subq 0(%rcx),%rax
+ movq 16(%rsi),%rbx
+ movq 24(%rsi),%rbp
+ sbbq 8(%rcx),%rdx
+ leaq -1(%r9),%r15
+ jmp L$sub4x
+.p2align 4
+L$sub4x:
+ movq %rax,0(%rdi,%r14,8)
+ movq %rdx,8(%rdi,%r14,8)
+ sbbq 16(%rcx,%r14,8),%rbx
+ movq 32(%rsi,%r14,8),%rax
+ movq 40(%rsi,%r14,8),%rdx
+ sbbq 24(%rcx,%r14,8),%rbp
+ movq %rbx,16(%rdi,%r14,8)
+ movq %rbp,24(%rdi,%r14,8)
+ sbbq 32(%rcx,%r14,8),%rax
+ movq 48(%rsi,%r14,8),%rbx
+ movq 56(%rsi,%r14,8),%rbp
+ sbbq 40(%rcx,%r14,8),%rdx
+ leaq 4(%r14),%r14
decq %r15
- jge L$copy
+ jnz L$sub4x
+ movq %rax,0(%rdi,%r14,8)
+ movq 32(%rsi,%r14,8),%rax
+ sbbq 16(%rcx,%r14,8),%rbx
+ movq %rdx,8(%rdi,%r14,8)
+ sbbq 24(%rcx,%r14,8),%rbp
+ movq %rbx,16(%rdi,%r14,8)
+
+ sbbq $0,%rax
+ movq %rbp,24(%rdi,%r14,8)
+ xorq %r14,%r14
+ andq %rax,%rsi
+ notq %rax
+ movq %rdi,%rcx
+ andq %rax,%rcx
+ leaq -1(%r9),%r15
+ orq %rcx,%rsi
+
+ movdqu (%rsi),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,(%rdi)
+ jmp L$copy4x
+.p2align 4
+L$copy4x:
+ movdqu 16(%rsi,%r14,1),%xmm2
+ movdqu 32(%rsi,%r14,1),%xmm1
+ movdqa %xmm0,16(%rsp,%r14,1)
+ movdqu %xmm2,16(%rdi,%r14,1)
+ movdqa %xmm0,32(%rsp,%r14,1)
+ movdqu %xmm1,32(%rdi,%r14,1)
+ leaq 32(%r14),%r14
+ decq %r15
+ jnz L$copy4x
+
+ shlq $2,%r9
+ movdqu 16(%rsi,%r14,1),%xmm2
+ movdqa %xmm0,16(%rsp,%r14,1)
+ movdqu %xmm2,16(%rdi,%r14,1)
movq 8(%rsp,%r9,8),%rsi
movq $1,%rax
movq (%rsi),%r15
@@ -165,7 +603,772 @@ L$copy:
movq 32(%rsi),%rbp
movq 40(%rsi),%rbx
leaq 48(%rsi),%rsp
-L$epilogue:
+L$mul4x_epilogue:
+ .byte 0xf3,0xc3
+
+
+.p2align 4
+bn_sqr4x_mont:
+L$sqr4x_enter:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+
+ shll $3,%r9d
+ xorq %r10,%r10
+ movq %rsp,%r11
+ subq %r9,%r10
+ movq (%r8),%r8
+ leaq -72(%rsp,%r10,2),%rsp
+ andq $-1024,%rsp
+
+
+
+
+
+
+
+
+
+
+
+ movq %rdi,32(%rsp)
+ movq %rcx,40(%rsp)
+ movq %r8,48(%rsp)
+ movq %r11,56(%rsp)
+L$sqr4x_body:
+
+
+
+
+
+
+
+ leaq 32(%r10),%rbp
+ leaq (%rsi,%r9,1),%rsi
+
+ movq %r9,%rcx
+
+
+ movq -32(%rsi,%rbp,1),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi,%rbp,1),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi,%rbp,1),%rbx
+ movq %rax,%r15
+
+ mulq %r14
+ movq %rax,%r10
+ movq %rbx,%rax
+ movq %rdx,%r11
+ movq %r10,-24(%rdi,%rbp,1)
+
+ xorq %r10,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi,%rbp,1)
+
+ leaq -16(%rbp),%rcx
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ mulq %r15
+ movq %rax,%r12
+ movq %rbx,%rax
+ movq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 16(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+ jmp L$sqr4x_1st
+
+.p2align 4
+L$sqr4x_1st:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,(%rdi,%rcx,1)
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,8(%rdi,%rcx,1)
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,16(%rdi,%rcx,1)
+
+
+ movq 24(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 32(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+
+ cmpq $0,%rcx
+ jne L$sqr4x_1st
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ leaq 16(%rbp),%rbp
+ movq %r12,8(%rdi)
+ jmp L$sqr4x_outer
+
+.p2align 4
+L$sqr4x_outer:
+ movq -32(%rsi,%rbp,1),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi,%rbp,1),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi,%rbp,1),%rbx
+ movq %rax,%r15
+
+ movq -24(%rdi,%rbp,1),%r10
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-24(%rdi,%rbp,1)
+
+ xorq %r10,%r10
+ addq -16(%rdi,%rbp,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi,%rbp,1)
+
+ leaq -16(%rbp),%rcx
+ xorq %r12,%r12
+
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq 8(%rdi,%rcx,1),%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,8(%rdi,%rcx,1)
+
+ leaq 16(%rcx),%rcx
+ jmp L$sqr4x_inner
+
+.p2align 4
+L$sqr4x_inner:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r12,%r12
+ addq (%rdi,%rcx,1),%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,(%rdi,%rcx,1)
+
+ movq 8(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq 8(%rdi,%rcx,1),%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ leaq 16(%rcx),%rcx
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi,%rcx,1)
+
+ cmpq $0,%rcx
+ jne L$sqr4x_inner
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ movq %r12,8(%rdi)
+
+ addq $16,%rbp
+ jnz L$sqr4x_outer
+
+
+ movq -32(%rsi),%r14
+ leaq 64(%rsp,%r9,2),%rdi
+ movq -24(%rsi),%rax
+ leaq -32(%rdi,%rbp,1),%rdi
+ movq -16(%rsi),%rbx
+ movq %rax,%r15
+
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-24(%rdi)
+
+ xorq %r10,%r10
+ addq %r13,%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ movq %r11,-16(%rdi)
+
+ movq -8(%rsi),%rbx
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq $0,%rdx
+
+ xorq %r11,%r11
+ addq %r12,%r10
+ movq %rdx,%r13
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %rbx,%rax
+ adcq %rdx,%r11
+ movq %r10,-8(%rdi)
+
+ xorq %r12,%r12
+ addq %r11,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq -16(%rsi),%rax
+ adcq %rdx,%r12
+
+ movq %r13,(%rdi)
+ movq %r12,8(%rdi)
+
+ mulq %rbx
+ addq $16,%rbp
+ xorq %r14,%r14
+ subq %r9,%rbp
+ xorq %r15,%r15
+
+ addq %r12,%rax
+ adcq $0,%rdx
+ movq %rax,8(%rdi)
+ movq %rdx,16(%rdi)
+ movq %r15,24(%rdi)
+
+ movq -16(%rsi,%rbp,1),%rax
+ leaq 64(%rsp,%r9,2),%rdi
+ xorq %r10,%r10
+ movq -24(%rdi,%rbp,2),%r11
+
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq -8(%rsi,%rbp,1),%rax
+ movq %r12,-32(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 0(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 8(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 0(%rsi,%rbp,1),%rax
+ movq %rbx,-16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+ leaq 16(%rbp),%rbp
+ movq %r8,-40(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ jmp L$sqr4x_shift_n_add
+
+.p2align 4
+L$sqr4x_shift_n_add:
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq -8(%rsi,%rbp,1),%rax
+ movq %r12,-32(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 0(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 8(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 0(%rsi,%rbp,1),%rax
+ movq %rbx,-16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+
+ leaq (%r14,%r10,2),%r12
+ movq %r8,-8(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq 16(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 24(%rdi,%rbp,2),%r11
+ adcq %rax,%r12
+ movq 8(%rsi,%rbp,1),%rax
+ movq %r12,0(%rdi,%rbp,2)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,8(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ movq 32(%rdi,%rbp,2),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq 40(%rdi,%rbp,2),%r11
+ adcq %rax,%rbx
+ movq 16(%rsi,%rbp,1),%rax
+ movq %rbx,16(%rdi,%rbp,2)
+ adcq %rdx,%r8
+ movq %r8,24(%rdi,%rbp,2)
+ sbbq %r15,%r15
+ addq $32,%rbp
+ jnz L$sqr4x_shift_n_add
+
+ leaq (%r14,%r10,2),%r12
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r13
+ shrq $63,%r11
+ orq %r10,%r13
+ movq -16(%rdi),%r10
+ movq %r11,%r14
+ mulq %rax
+ negq %r15
+ movq -8(%rdi),%r11
+ adcq %rax,%r12
+ movq -8(%rsi),%rax
+ movq %r12,-32(%rdi)
+ adcq %rdx,%r13
+
+ leaq (%r14,%r10,2),%rbx
+ movq %r13,-24(%rdi)
+ sbbq %r15,%r15
+ shrq $63,%r10
+ leaq (%rcx,%r11,2),%r8
+ shrq $63,%r11
+ orq %r10,%r8
+ mulq %rax
+ negq %r15
+ adcq %rax,%rbx
+ adcq %rdx,%r8
+ movq %rbx,-16(%rdi)
+ movq %r8,-8(%rdi)
+ movq 40(%rsp),%rsi
+ movq 48(%rsp),%r8
+ xorq %rcx,%rcx
+ movq %r9,0(%rsp)
+ subq %r9,%rcx
+ movq 64(%rsp),%r10
+ movq %r8,%r14
+ leaq 64(%rsp,%r9,2),%rax
+ leaq 64(%rsp,%r9,1),%rdi
+ movq %rax,8(%rsp)
+ leaq (%rsi,%r9,1),%rsi
+ xorq %rbp,%rbp
+
+ movq 0(%rsi,%rcx,1),%rax
+ movq 8(%rsi,%rcx,1),%r9
+ imulq %r10,%r14
+ movq %rax,%rbx
+ jmp L$sqr4x_mont_outer
+
+.p2align 4
+L$sqr4x_mont_outer:
+ xorq %r11,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+ movq %r8,%r15
+
+ xorq %r10,%r10
+ addq 8(%rdi,%rcx,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+
+ imulq %r11,%r15
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 24(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,16(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 24(%rdi,%rcx,1),%r11
+ leaq 32(%rcx),%rcx
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ jmp L$sqr4x_mont_inner
+
+.p2align 4
+L$sqr4x_mont_inner:
+ movq (%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,-8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq (%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 8(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 8(%rdi,%rcx,1),%r11
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+
+
+ movq 16(%rsi,%rcx,1),%rbx
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %rbx,%rax
+ adcq %rdx,%r13
+ movq %r12,8(%rdi,%rcx,1)
+
+ xorq %r11,%r11
+ addq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r11
+ mulq %r14
+ addq %rax,%r10
+ movq %r9,%rax
+ adcq %rdx,%r11
+
+ movq 24(%rsi,%rcx,1),%r9
+ xorq %r12,%r12
+ addq %r10,%r13
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %r9,%rax
+ adcq %rdx,%r12
+ movq %r13,16(%rdi,%rcx,1)
+
+ xorq %r10,%r10
+ addq 24(%rdi,%rcx,1),%r11
+ leaq 32(%rcx),%rcx
+ adcq $0,%r10
+ mulq %r14
+ addq %rax,%r11
+ movq %rbx,%rax
+ adcq %rdx,%r10
+ cmpq $0,%rcx
+ jne L$sqr4x_mont_inner
+
+ subq 0(%rsp),%rcx
+ movq %r8,%r14
+
+ xorq %r13,%r13
+ addq %r11,%r12
+ adcq $0,%r13
+ mulq %r15
+ addq %rax,%r12
+ movq %r9,%rax
+ adcq %rdx,%r13
+ movq %r12,-8(%rdi)
+
+ xorq %r11,%r11
+ addq (%rdi),%r10
+ adcq $0,%r11
+ movq 0(%rsi,%rcx,1),%rbx
+ addq %rbp,%r10
+ adcq $0,%r11
+
+ imulq 16(%rdi,%rcx,1),%r14
+ xorq %r12,%r12
+ movq 8(%rsi,%rcx,1),%r9
+ addq %r10,%r13
+ movq 16(%rdi,%rcx,1),%r10
+ adcq $0,%r12
+ mulq %r15
+ addq %rax,%r13
+ movq %rbx,%rax
+ adcq %rdx,%r12
+ movq %r13,(%rdi)
+
+ xorq %rbp,%rbp
+ addq 8(%rdi),%r12
+ adcq %rbp,%rbp
+ addq %r11,%r12
+ leaq 16(%rdi),%rdi
+ adcq $0,%rbp
+ movq %r12,-8(%rdi)
+ cmpq 8(%rsp),%rdi
+ jb L$sqr4x_mont_outer
+
+ movq 0(%rsp),%r9
+ movq %rbp,(%rdi)
+ movq 64(%rsp,%r9,1),%rax
+ leaq 64(%rsp,%r9,1),%rbx
+ movq 40(%rsp),%rsi
+ shrq $5,%r9
+ movq 8(%rbx),%rdx
+ xorq %rbp,%rbp
+
+ movq 32(%rsp),%rdi
+ subq 0(%rsi),%rax
+ movq 16(%rbx),%r10
+ movq 24(%rbx),%r11
+ sbbq 8(%rsi),%rdx
+ leaq -1(%r9),%rcx
+ jmp L$sqr4x_sub
+.p2align 4
+L$sqr4x_sub:
+ movq %rax,0(%rdi,%rbp,8)
+ movq %rdx,8(%rdi,%rbp,8)
+ sbbq 16(%rsi,%rbp,8),%r10
+ movq 32(%rbx,%rbp,8),%rax
+ movq 40(%rbx,%rbp,8),%rdx
+ sbbq 24(%rsi,%rbp,8),%r11
+ movq %r10,16(%rdi,%rbp,8)
+ movq %r11,24(%rdi,%rbp,8)
+ sbbq 32(%rsi,%rbp,8),%rax
+ movq 48(%rbx,%rbp,8),%r10
+ movq 56(%rbx,%rbp,8),%r11
+ sbbq 40(%rsi,%rbp,8),%rdx
+ leaq 4(%rbp),%rbp
+ decq %rcx
+ jnz L$sqr4x_sub
+
+ movq %rax,0(%rdi,%rbp,8)
+ movq 32(%rbx,%rbp,8),%rax
+ sbbq 16(%rsi,%rbp,8),%r10
+ movq %rdx,8(%rdi,%rbp,8)
+ sbbq 24(%rsi,%rbp,8),%r11
+ movq %r10,16(%rdi,%rbp,8)
+
+ sbbq $0,%rax
+ movq %r11,24(%rdi,%rbp,8)
+ xorq %rbp,%rbp
+ andq %rax,%rbx
+ notq %rax
+ movq %rdi,%rsi
+ andq %rax,%rsi
+ leaq -1(%r9),%rcx
+ orq %rsi,%rbx
+
+ pxor %xmm0,%xmm0
+ leaq 64(%rsp,%r9,8),%rsi
+ movdqu (%rbx),%xmm1
+ leaq (%rsi,%r9,8),%rsi
+ movdqa %xmm0,64(%rsp)
+ movdqa %xmm0,(%rsi)
+ movdqu %xmm1,(%rdi)
+ jmp L$sqr4x_copy
+.p2align 4
+L$sqr4x_copy:
+ movdqu 16(%rbx,%rbp,1),%xmm2
+ movdqu 32(%rbx,%rbp,1),%xmm1
+ movdqa %xmm0,80(%rsp,%rbp,1)
+ movdqa %xmm0,96(%rsp,%rbp,1)
+ movdqa %xmm0,16(%rsi,%rbp,1)
+ movdqa %xmm0,32(%rsi,%rbp,1)
+ movdqu %xmm2,16(%rdi,%rbp,1)
+ movdqu %xmm1,32(%rdi,%rbp,1)
+ leaq 32(%rbp),%rbp
+ decq %rcx
+ jnz L$sqr4x_copy
+
+ movdqu 16(%rbx,%rbp,1),%xmm2
+ movdqa %xmm0,80(%rsp,%rbp,1)
+ movdqa %xmm0,16(%rsi,%rbp,1)
+ movdqu %xmm2,16(%rdi,%rbp,1)
+ movq 56(%rsp),%rsi
+ movq $1,%rax
+ movq 0(%rsi),%r15
+ movq 8(%rsi),%r14
+ movq 16(%rsi),%r13
+ movq 24(%rsi),%r12
+ movq 32(%rsi),%rbp
+ movq 40(%rsi),%rbx
+ leaq 48(%rsi),%rsp
+L$sqr4x_epilogue:
.byte 0xf3,0xc3
.byte 77,111,110,116,103,111,109,101,114,121,32,77,117,108,116,105,112,108,105,99,97,116,105,111,110,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
diff --git a/deps/openssl/asm/x64-macosx-gas/md5/md5-x86_64.s b/deps/openssl/asm/x64-macosx-gas/md5/md5-x86_64.s
index 96f6ea16c..cdecac7b4 100644
--- a/deps/openssl/asm/x64-macosx-gas/md5/md5-x86_64.s
+++ b/deps/openssl/asm/x64-macosx-gas/md5/md5-x86_64.s
@@ -668,4 +668,3 @@ L$end:
addq $40,%rsp
L$epilogue:
.byte 0xf3,0xc3
-
diff --git a/deps/openssl/asm/x64-macosx-gas/rc4/rc4-x86_64.s b/deps/openssl/asm/x64-macosx-gas/rc4/rc4-x86_64.s
index 41183cebe..8c4f29ecb 100644
--- a/deps/openssl/asm/x64-macosx-gas/rc4/rc4-x86_64.s
+++ b/deps/openssl/asm/x64-macosx-gas/rc4/rc4-x86_64.s
@@ -1,6 +1,7 @@
.text
+
.globl _RC4
.p2align 4
@@ -12,316 +13,511 @@ L$entry:
pushq %r12
pushq %r13
L$prologue:
+ movq %rsi,%r11
+ movq %rdx,%r12
+ movq %rcx,%r13
+ xorq %r10,%r10
+ xorq %rcx,%rcx
- addq $8,%rdi
- movl -8(%rdi),%r8d
- movl -4(%rdi),%r12d
+ leaq 8(%rdi),%rdi
+ movb -8(%rdi),%r10b
+ movb -4(%rdi),%cl
cmpl $-1,256(%rdi)
je L$RC4_CHAR
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- testq $-8,%rsi
- jz L$loop1
- jmp L$loop8
-.p2align 4
-L$loop8:
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ movl _OPENSSL_ia32cap_P(%rip),%r8d
+ xorq %rbx,%rbx
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ subq %r10,%rbx
+ subq %r12,%r13
+ movl (%rdi,%r10,4),%eax
+ testq $-16,%r11
+ jz L$loop1
+ btl $30,%r8d
+ jc L$intel
+ andq $7,%rbx
+ leaq 1(%r10),%rsi
+ jz L$oop8
+ subq %rbx,%r11
+L$oop8_warmup:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r9b,%r12b
- movq %r8,%r10
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %rbx
+ jnz L$oop8_warmup
+
+ leaq 1(%r10),%rsi
+ jmp L$oop8
+.p2align 4
+L$oop8:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 0(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,0(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 4(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,4(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 8(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,8(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 12(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,12(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 16(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,16(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl 20(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,20(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl 24(%rdi,%rsi,4),%ebx
+ rorq $8,%r8
+ movl %edx,24(%rdi,%r10,4)
+ addb %al,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb $8,%sil
+ addb %bl,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ movl -4(%rdi,%rsi,4),%eax
+ rorq $8,%r8
+ movl %edx,28(%rdi,%r10,4)
+ addb %bl,%dl
+ movb (%rdi,%rdx,4),%r8b
+ addb $8,%r10b
+ rorq $8,%r8
+ subq $8,%r11
+
+ xorq (%r12),%r8
+ movq %r8,(%r13,%r12,1)
+ leaq 8(%r12),%r12
+
+ testq $-8,%r11
+ jnz L$oop8
+ cmpq $0,%r11
+ jne L$loop1
+ jmp L$exit
+
+.p2align 4
+L$intel:
+ testq $-32,%r11
+ jz L$loop1
+ andq $15,%rbx
+ jz L$oop16_is_hot
+ subq %rbx,%r11
+L$oop16_warmup:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
incb %r10b
- movl (%rdi,%r10,4),%r11d
- cmpq %r10,%r12
- movl %r9d,(%rdi,%r12,4)
- cmoveq %r9,%r11
- movl %r13d,(%rdi,%r8,4)
- addb %r9b,%r13b
- movb (%rdi,%r13,4),%al
- addb %r11b,%r12b
- movq %r10,%r8
- movl (%rdi,%r12,4),%r13d
- rorq $8,%rax
- incb %r8b
- movl (%rdi,%r8,4),%r9d
- cmpq %r8,%r12
- movl %r11d,(%rdi,%r12,4)
- cmoveq %r11,%r9
- movl %r13d,(%rdi,%r10,4)
- addb %r11b,%r13b
- movb (%rdi,%r13,4),%al
- rorq $8,%rax
- subq $8,%rsi
-
- xorq (%rdx),%rax
- addq $8,%rdx
- movq %rax,(%rcx)
- addq $8,%rcx
-
- testq $-8,%rsi
- jnz L$loop8
- cmpq $0,%rsi
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %rbx
+ jnz L$oop16_warmup
+
+ movq %rcx,%rbx
+ xorq %rcx,%rcx
+ movb %bl,%cl
+
+L$oop16_is_hot:
+ leaq (%rdi,%r10,4),%rsi
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm0,%xmm0
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 4(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,0(%rsi)
+ addb %bl,%cl
+ pinsrw $0,(%rdi,%rax,4),%xmm0
+ jmp L$oop16_enter
+.p2align 4
+L$oop16:
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm0,%xmm2
+ psllq $8,%xmm1
+ pxor %xmm0,%xmm0
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 4(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,0(%rsi)
+ pxor %xmm1,%xmm2
+ addb %bl,%cl
+ pinsrw $0,(%rdi,%rax,4),%xmm0
+ movdqu %xmm2,(%r13,%r12,1)
+ leaq 16(%r12),%r12
+L$oop16_enter:
+ movl (%rdi,%rcx,4),%edx
+ pxor %xmm1,%xmm1
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 8(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,4(%rsi)
+ addb %al,%cl
+ pinsrw $0,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 12(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,8(%rsi)
+ addb %bl,%cl
+ pinsrw $1,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 16(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,12(%rsi)
+ addb %al,%cl
+ pinsrw $1,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 20(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,16(%rsi)
+ addb %bl,%cl
+ pinsrw $2,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 24(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,20(%rsi)
+ addb %al,%cl
+ pinsrw $2,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 28(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,24(%rsi)
+ addb %bl,%cl
+ pinsrw $3,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 32(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,28(%rsi)
+ addb %al,%cl
+ pinsrw $3,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 36(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,32(%rsi)
+ addb %bl,%cl
+ pinsrw $4,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 40(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,36(%rsi)
+ addb %al,%cl
+ pinsrw $4,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 44(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,40(%rsi)
+ addb %bl,%cl
+ pinsrw $5,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 48(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,44(%rsi)
+ addb %al,%cl
+ pinsrw $5,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 52(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,48(%rsi)
+ addb %bl,%cl
+ pinsrw $6,(%rdi,%rax,4),%xmm0
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movl 56(%rsi),%eax
+ movzbl %bl,%ebx
+ movl %edx,52(%rsi)
+ addb %al,%cl
+ pinsrw $6,(%rdi,%rbx,4),%xmm1
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ addb %dl,%al
+ movl 60(%rsi),%ebx
+ movzbl %al,%eax
+ movl %edx,56(%rsi)
+ addb %bl,%cl
+ pinsrw $7,(%rdi,%rax,4),%xmm0
+ addb $16,%r10b
+ movdqu (%r12),%xmm2
+ movl (%rdi,%rcx,4),%edx
+ movl %ebx,(%rdi,%rcx,4)
+ addb %dl,%bl
+ movzbl %bl,%ebx
+ movl %edx,60(%rsi)
+ leaq (%rdi,%r10,4),%rsi
+ pinsrw $7,(%rdi,%rbx,4),%xmm1
+ movl (%rsi),%eax
+ movq %rcx,%rbx
+ xorq %rcx,%rcx
+ subq $16,%r11
+ movb %bl,%cl
+ testq $-16,%r11
+ jnz L$oop16
+
+ psllq $8,%xmm1
+ pxor %xmm0,%xmm2
+ pxor %xmm1,%xmm2
+ movdqu %xmm2,(%r13,%r12,1)
+ leaq 16(%r12),%r12
+
+ cmpq $0,%r11
jne L$loop1
jmp L$exit
.p2align 4
L$loop1:
- addb %r9b,%r12b
- movl (%rdi,%r12,4),%r13d
- movl %r9d,(%rdi,%r12,4)
- movl %r13d,(%rdi,%r8,4)
- addb %r13b,%r9b
- incb %r8b
- movl (%rdi,%r9,4),%r13d
- movl (%rdi,%r8,4),%r9d
- xorb (%rdx),%r13b
- incq %rdx
- movb %r13b,(%rcx)
- incq %rcx
- decq %rsi
+ addb %al,%cl
+ movl (%rdi,%rcx,4),%edx
+ movl %eax,(%rdi,%rcx,4)
+ movl %edx,(%rdi,%r10,4)
+ addb %dl,%al
+ incb %r10b
+ movl (%rdi,%rax,4),%edx
+ movl (%rdi,%r10,4),%eax
+ xorb (%r12),%dl
+ movb %dl,(%r13,%r12,1)
+ leaq 1(%r12),%r12
+ decq %r11
jnz L$loop1
jmp L$exit
.p2align 4
L$RC4_CHAR:
- addb $1,%r8b
- movzbl (%rdi,%r8,1),%r9d
- testq $-8,%rsi
+ addb $1,%r10b
+ movzbl (%rdi,%r10,1),%eax
+ testq $-8,%r11
jz L$cloop1
- cmpl $0,260(%rdi)
- jnz L$cloop1
jmp L$cloop8
.p2align 4
L$cloop8:
- movl (%rdx),%eax
- movl 4(%rdx),%ebx
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ movl (%r12),%r8d
+ movl 4(%r12),%r9d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne L$cmov0
- movq %r9,%r11
+ movq %rax,%rbx
L$cmov0:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne L$cmov1
- movq %r11,%r9
+ movq %rbx,%rax
L$cmov1:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne L$cmov2
- movq %r9,%r11
+ movq %rax,%rbx
L$cmov2:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne L$cmov3
- movq %r11,%r9
+ movq %rbx,%rax
L$cmov3:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%al
- rorl $8,%eax
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r8b
+ rorl $8,%r8d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne L$cmov4
- movq %r9,%r11
+ movq %rax,%rbx
L$cmov4:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne L$cmov5
- movq %r11,%r9
+ movq %rbx,%rax
L$cmov5:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r9b,%r12b
- leaq 1(%r8),%r10
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r10b,%r10d
- movzbl (%rdi,%r10,1),%r11d
- movb %r9b,(%rdi,%r12,1)
- cmpq %r10,%r12
- movb %r13b,(%rdi,%r8,1)
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %al,%cl
+ leaq 1(%r10),%rsi
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %sil,%esi
+ movzbl (%rdi,%rsi,1),%ebx
+ movb %al,(%rdi,%rcx,1)
+ cmpq %rsi,%rcx
+ movb %dl,(%rdi,%r10,1)
jne L$cmov6
- movq %r9,%r11
+ movq %rax,%rbx
L$cmov6:
- addb %r9b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- addb %r11b,%r12b
- leaq 1(%r10),%r8
- movzbl (%rdi,%r12,1),%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r8,1),%r9d
- movb %r11b,(%rdi,%r12,1)
- cmpq %r8,%r12
- movb %r13b,(%rdi,%r10,1)
+ addb %al,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ addb %bl,%cl
+ leaq 1(%rsi),%r10
+ movzbl (%rdi,%rcx,1),%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%r10,1),%eax
+ movb %bl,(%rdi,%rcx,1)
+ cmpq %r10,%rcx
+ movb %dl,(%rdi,%rsi,1)
jne L$cmov7
- movq %r11,%r9
+ movq %rbx,%rax
L$cmov7:
- addb %r11b,%r13b
- xorb (%rdi,%r13,1),%bl
- rorl $8,%ebx
- leaq -8(%rsi),%rsi
- movl %eax,(%rcx)
- leaq 8(%rdx),%rdx
- movl %ebx,4(%rcx)
- leaq 8(%rcx),%rcx
-
- testq $-8,%rsi
+ addb %bl,%dl
+ xorb (%rdi,%rdx,1),%r9b
+ rorl $8,%r9d
+ leaq -8(%r11),%r11
+ movl %r8d,(%r13)
+ leaq 8(%r12),%r12
+ movl %r9d,4(%r13)
+ leaq 8(%r13),%r13
+
+ testq $-8,%r11
jnz L$cloop8
- cmpq $0,%rsi
+ cmpq $0,%r11
jne L$cloop1
jmp L$exit
.p2align 4
L$cloop1:
- addb %r9b,%r12b
- movzbl (%rdi,%r12,1),%r13d
- movb %r9b,(%rdi,%r12,1)
- movb %r13b,(%rdi,%r8,1)
- addb %r9b,%r13b
- addb $1,%r8b
- movzbl %r13b,%r13d
- movzbl %r8b,%r8d
- movzbl (%rdi,%r13,1),%r13d
- movzbl (%rdi,%r8,1),%r9d
- xorb (%rdx),%r13b
- leaq 1(%rdx),%rdx
- movb %r13b,(%rcx)
- leaq 1(%rcx),%rcx
- subq $1,%rsi
+ addb %al,%cl
+ movzbl %cl,%ecx
+ movzbl (%rdi,%rcx,1),%edx
+ movb %al,(%rdi,%rcx,1)
+ movb %dl,(%rdi,%r10,1)
+ addb %al,%dl
+ addb $1,%r10b
+ movzbl %dl,%edx
+ movzbl %r10b,%r10d
+ movzbl (%rdi,%rdx,1),%edx
+ movzbl (%rdi,%r10,1),%eax
+ xorb (%r12),%dl
+ leaq 1(%r12),%r12
+ movb %dl,(%r13)
+ leaq 1(%r13),%r13
+ subq $1,%r11
jnz L$cloop1
jmp L$exit
.p2align 4
L$exit:
- subb $1,%r8b
- movl %r8d,-8(%rdi)
- movl %r12d,-4(%rdi)
+ subb $1,%r10b
+ movl %r10d,-8(%rdi)
+ movl %ecx,-4(%rdi)
movq (%rsp),%r13
movq 8(%rsp),%r12
@@ -330,11 +526,10 @@ L$exit:
L$epilogue:
.byte 0xf3,0xc3
-
-.globl _RC4_set_key
+.globl _private_RC4_set_key
.p2align 4
-_RC4_set_key:
+_private_RC4_set_key:
leaq 8(%rdi),%rdi
leaq (%rdx,%rsi,1),%rdx
negq %rsi
@@ -346,11 +541,8 @@ _RC4_set_key:
movl _OPENSSL_ia32cap_P(%rip),%r8d
btl $20,%r8d
- jnc L$w1stloop
- btl $30,%r8d
- setc %r9b
- movl %r9d,260(%rdi)
- jmp L$c1stloop
+ jc L$c1stloop
+ jmp L$w1stloop
.p2align 4
L$w1stloop:
@@ -413,18 +605,19 @@ _RC4_options:
leaq L$opts(%rip),%rax
movl _OPENSSL_ia32cap_P(%rip),%edx
btl $20,%edx
- jnc L$done
- addq $12,%rax
+ jc L$8xchar
btl $30,%edx
jnc L$done
- addq $13,%rax
+ addq $25,%rax
+ .byte 0xf3,0xc3
+L$8xchar:
+ addq $12,%rax
L$done:
.byte 0xf3,0xc3
.p2align 6
L$opts:
.byte 114,99,52,40,56,120,44,105,110,116,41,0
.byte 114,99,52,40,56,120,44,99,104,97,114,41,0
-.byte 114,99,52,40,49,120,44,99,104,97,114,41,0
+.byte 114,99,52,40,49,54,120,44,105,110,116,41,0
.byte 82,67,52,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.p2align 6
-
diff --git a/deps/openssl/asm/x64-macosx-gas/sha/sha1-x86_64.s b/deps/openssl/asm/x64-macosx-gas/sha/sha1-x86_64.s
index f9dc2568e..9bb9bf0f2 100644
--- a/deps/openssl/asm/x64-macosx-gas/sha/sha1-x86_64.s
+++ b/deps/openssl/asm/x64-macosx-gas/sha/sha1-x86_64.s
@@ -1,12 +1,23 @@
.text
+
+
.globl _sha1_block_data_order
.p2align 4
_sha1_block_data_order:
+ movl _OPENSSL_ia32cap_P+0(%rip),%r9d
+ movl _OPENSSL_ia32cap_P+4(%rip),%r8d
+ testl $512,%r8d
+ jz L$ialu
+ jmp _ssse3_shortcut
+
+.p2align 4
+L$ialu:
pushq %rbx
pushq %rbp
pushq %r12
+ pushq %r13
movq %rsp,%r11
movq %rdi,%r8
subq $72,%rsp
@@ -16,1268 +27,2466 @@ _sha1_block_data_order:
movq %r11,64(%rsp)
L$prologue:
- movl 0(%r8),%edx
- movl 4(%r8),%esi
- movl 8(%r8),%edi
- movl 12(%r8),%ebp
- movl 16(%r8),%r11d
-.p2align 2
+ movl 0(%r8),%esi
+ movl 4(%r8),%edi
+ movl 8(%r8),%r11d
+ movl 12(%r8),%r12d
+ movl 16(%r8),%r13d
+ jmp L$loop
+
+.p2align 4
L$loop:
- movl 0(%r9),%eax
- bswapl %eax
- movl %eax,0(%rsp)
- leal 1518500249(%rax,%r11,1),%r12d
- movl %edi,%ebx
- movl 4(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
- andl %esi,%ebx
- movl %eax,4(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
+ movl 0(%r9),%edx
+ bswapl %edx
+ movl %edx,0(%rsp)
+ movl %r11d,%eax
+ movl 4(%r9),%ebp
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r13,1),%r13d
+ andl %edi,%eax
+ movl %ebp,4(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 8(%r9),%edx
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r12,1),%r12d
+ andl %esi,%eax
+ movl %edx,8(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
roll $30,%esi
- addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
- movl %esi,%ebx
- movl 8(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,8(%rsp)
- addl %ebp,%r11d
- xorl %edi,%ebx
- roll $30,%edx
- addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 12(%r9),%eax
- movl %r11d,%edi
- xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
- andl %r12d,%ebx
- movl %eax,12(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 12(%r9),%ebp
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %ebp,12(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 16(%r9),%edx
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %edx,16(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
- movl %r12d,%ebx
- movl 16(%r9),%eax
- movl %ebp,%esi
- xorl %edx,%ebx
- bswapl %eax
- roll $5,%esi
- andl %r11d,%ebx
- movl %eax,16(%rsp)
- addl %esi,%edi
- xorl %edx,%ebx
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 20(%r9),%ebp
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %ebp,20(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
roll $30,%r11d
- addl %ebx,%edi
- leal 1518500249(%rax,%rdx,1),%esi
+ addl %eax,%esi
+ movl %r11d,%eax
+ movl 24(%r9),%edx
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r13,1),%r13d
+ andl %edi,%eax
+ movl %edx,24(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 28(%r9),%ebp
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r12,1),%r12d
+ andl %esi,%eax
+ movl %ebp,28(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
+ roll $30,%esi
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 32(%r9),%edx
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %edx,32(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 36(%r9),%ebp
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %ebp,36(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
+ roll $30,%r12d
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 40(%r9),%edx
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %edx,40(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
+ roll $30,%r11d
+ addl %eax,%esi
+ movl %r11d,%eax
+ movl 44(%r9),%ebp
+ movl %esi,%ecx
+ xorl %r12d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r13,1),%r13d
+ andl %edi,%eax
+ movl %ebp,44(%rsp)
+ addl %ecx,%r13d
+ xorl %r12d,%eax
+ roll $30,%edi
+ addl %eax,%r13d
+ movl %edi,%eax
+ movl 48(%r9),%edx
+ movl %r13d,%ecx
+ xorl %r11d,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%r12,1),%r12d
+ andl %esi,%eax
+ movl %edx,48(%rsp)
+ addl %ecx,%r12d
+ xorl %r11d,%eax
+ roll $30,%esi
+ addl %eax,%r12d
+ movl %esi,%eax
+ movl 52(%r9),%ebp
+ movl %r12d,%ecx
+ xorl %edi,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%r11,1),%r11d
+ andl %r13d,%eax
+ movl %ebp,52(%rsp)
+ addl %ecx,%r11d
+ xorl %edi,%eax
+ roll $30,%r13d
+ addl %eax,%r11d
+ movl %r13d,%eax
+ movl 56(%r9),%edx
+ movl %r11d,%ecx
+ xorl %esi,%eax
+ bswapl %edx
+ roll $5,%ecx
+ leal 1518500249(%rbp,%rdi,1),%edi
+ andl %r12d,%eax
+ movl %edx,56(%rsp)
+ addl %ecx,%edi
+ xorl %esi,%eax
+ roll $30,%r12d
+ addl %eax,%edi
+ movl %r12d,%eax
+ movl 60(%r9),%ebp
+ movl %edi,%ecx
+ xorl %r13d,%eax
+ bswapl %ebp
+ roll $5,%ecx
+ leal 1518500249(%rdx,%rsi,1),%esi
+ andl %r11d,%eax
+ movl %ebp,60(%rsp)
+ addl %ecx,%esi
+ xorl %r13d,%eax
+ roll $30,%r11d
+ addl %eax,%esi
+ movl 0(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ xorl 32(%rsp),%edx
+ andl %edi,%eax
+ leal 1518500249(%rbp,%r13,1),%r13d
+ xorl 52(%rsp),%edx
+ xorl %r12d,%eax
+ roll $1,%edx
+ addl %ecx,%r13d
+ roll $30,%edi
+ movl %edx,0(%rsp)
+ addl %eax,%r13d
+ movl 4(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ xorl 36(%rsp),%ebp
+ andl %esi,%eax
+ leal 1518500249(%rdx,%r12,1),%r12d
+ xorl 56(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $1,%ebp
+ addl %ecx,%r12d
+ roll $30,%esi
+ movl %ebp,4(%rsp)
+ addl %eax,%r12d
+ movl 8(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ xorl 40(%rsp),%edx
+ andl %r13d,%eax
+ leal 1518500249(%rbp,%r11,1),%r11d
+ xorl 60(%rsp),%edx
+ xorl %edi,%eax
+ roll $1,%edx
+ addl %ecx,%r11d
+ roll $30,%r13d
+ movl %edx,8(%rsp)
+ addl %eax,%r11d
+ movl 12(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ xorl 44(%rsp),%ebp
+ andl %r12d,%eax
+ leal 1518500249(%rdx,%rdi,1),%edi
+ xorl 0(%rsp),%ebp
+ xorl %esi,%eax
+ roll $1,%ebp
+ addl %ecx,%edi
+ roll $30,%r12d
+ movl %ebp,12(%rsp)
+ addl %eax,%edi
+ movl 16(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ xorl 48(%rsp),%edx
+ andl %r11d,%eax
+ leal 1518500249(%rbp,%rsi,1),%esi
+ xorl 4(%rsp),%edx
+ xorl %r13d,%eax
+ roll $1,%edx
+ addl %ecx,%esi
+ roll $30,%r11d
+ movl %edx,16(%rsp)
+ addl %eax,%esi
+ movl 20(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r13,1),%r13d
+ xorl 52(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 8(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 32(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r12,1),%r12d
+ xorl 56(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 12(%rsp),%edx
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 36(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r11,1),%r11d
+ xorl 60(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 16(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rdi,1),%edi
+ xorl 0(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 20(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 44(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rsi,1),%esi
+ xorl 4(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 24(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,36(%rsp)
+ movl 40(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 48(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r13,1),%r13d
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 28(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,40(%rsp)
+ movl 44(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 52(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r12,1),%r12d
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 32(%rsp),%ebp
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,44(%rsp)
+ movl 48(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 56(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r11,1),%r11d
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 36(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,48(%rsp)
+ movl 52(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rdi,1),%edi
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 40(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,52(%rsp)
+ movl 56(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 0(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rsi,1),%esi
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 44(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,56(%rsp)
+ movl 60(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r13,1),%r13d
+ xorl 28(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 48(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,60(%rsp)
+ movl 0(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r12,1),%r12d
+ xorl 32(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 52(%rsp),%edx
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,0(%rsp)
+ movl 4(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r11,1),%r11d
+ xorl 36(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 56(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,4(%rsp)
+ movl 8(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 16(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rdi,1),%edi
+ xorl 40(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 60(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,8(%rsp)
+ movl 12(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rsi,1),%esi
+ xorl 44(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 0(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,12(%rsp)
+ movl 16(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 24(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r13,1),%r13d
+ xorl 48(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 4(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,16(%rsp)
+ movl 20(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%r12,1),%r12d
+ xorl 52(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 8(%rsp),%ebp
+ roll $30,%esi
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 32(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%r11,1),%r11d
+ xorl 56(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 12(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 36(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rdx,%rdi,1),%edi
+ xorl 60(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 16(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal 1859775393(%rbp,%rsi,1),%esi
+ xorl 0(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 20(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %r11d,%eax
movl %r11d,%ebx
- movl 20(%r9),%eax
- movl %edi,%edx
- xorl %r12d,%ebx
- bswapl %eax
- roll $5,%edx
- andl %ebp,%ebx
- movl %eax,20(%rsp)
- addl %edx,%esi
+ xorl 44(%rsp),%ebp
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 4(%rsp),%ebp
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- leal 1518500249(%rax,%r12,1),%edx
- movl %ebp,%ebx
- movl 24(%r9),%eax
- movl %esi,%r12d
- xorl %r11d,%ebx
- bswapl %eax
- roll $5,%r12d
+ leal -1894007588(%rdx,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 24(%rsp),%ebp
+ addl %eax,%r13d
andl %edi,%ebx
- movl %eax,24(%rsp)
- addl %r12d,%edx
- xorl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- leal 1518500249(%rax,%r11,1),%r12d
+ movl %ebp,36(%rsp)
+ addl %ecx,%r13d
+ movl 40(%rsp),%edx
+ movl %edi,%eax
movl %edi,%ebx
- movl 28(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
+ xorl 48(%rsp),%edx
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r11d,%ebx
+ leal -1894007588(%rbp,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 28(%rsp),%edx
+ addl %eax,%r12d
andl %esi,%ebx
- movl %eax,28(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%edx
addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
+ roll $30,%esi
+ movl %edx,40(%rsp)
+ addl %ecx,%r12d
+ movl 44(%rsp),%ebp
+ movl %esi,%eax
movl %esi,%ebx
- movl 32(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,32(%rsp)
- addl %ebp,%r11d
+ xorl 52(%rsp),%ebp
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 12(%rsp),%ebp
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rdx,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 32(%rsp),%ebp
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%ebp
addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 36(%r9),%eax
- movl %r11d,%edi
+ roll $30,%r13d
+ movl %ebp,44(%rsp)
+ addl %ecx,%r11d
+ movl 48(%rsp),%edx
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 56(%rsp),%edx
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 16(%rsp),%edx
xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
+ leal -1894007588(%rbp,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 36(%rsp),%edx
+ addl %eax,%edi
andl %r12d,%ebx
- movl %eax,36(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ roll $1,%edx
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
+ movl %edx,48(%rsp)
+ addl %ecx,%edi
+ movl 52(%rsp),%ebp
+ movl %r12d,%eax
movl %r12d,%ebx
- movl 40(%r9),%eax
- movl %ebp,%esi
- xorl %edx,%ebx
- bswapl %eax
- roll $5,%esi
+ xorl 60(%rsp),%ebp
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %r13d,%ebx
+ leal -1894007588(%rdx,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 40(%rsp),%ebp
+ addl %eax,%esi
andl %r11d,%ebx
- movl %eax,40(%rsp)
- addl %esi,%edi
- xorl %edx,%ebx
+ roll $1,%ebp
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- leal 1518500249(%rax,%rdx,1),%esi
+ movl %ebp,52(%rsp)
+ addl %ecx,%esi
+ movl 56(%rsp),%edx
+ movl %r11d,%eax
movl %r11d,%ebx
- movl 44(%r9),%eax
- movl %edi,%edx
- xorl %r12d,%ebx
- bswapl %eax
- roll $5,%edx
- andl %ebp,%ebx
- movl %eax,44(%rsp)
- addl %edx,%esi
+ xorl 0(%rsp),%edx
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 24(%rsp),%edx
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- leal 1518500249(%rax,%r12,1),%edx
- movl %ebp,%ebx
- movl 48(%r9),%eax
- movl %esi,%r12d
- xorl %r11d,%ebx
- bswapl %eax
- roll $5,%r12d
+ leal -1894007588(%rbp,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 44(%rsp),%edx
+ addl %eax,%r13d
andl %edi,%ebx
- movl %eax,48(%rsp)
- addl %r12d,%edx
- xorl %r11d,%ebx
+ roll $1,%edx
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- leal 1518500249(%rax,%r11,1),%r12d
+ movl %edx,56(%rsp)
+ addl %ecx,%r13d
+ movl 60(%rsp),%ebp
+ movl %edi,%eax
movl %edi,%ebx
- movl 52(%r9),%eax
- movl %edx,%r11d
- xorl %ebp,%ebx
- bswapl %eax
- roll $5,%r11d
+ xorl 4(%rsp),%ebp
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %r11d,%ebx
+ leal -1894007588(%rdx,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 48(%rsp),%ebp
+ addl %eax,%r12d
andl %esi,%ebx
- movl %eax,52(%rsp)
- addl %r11d,%r12d
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%ebp
addl %ebx,%r12d
- leal 1518500249(%rax,%rbp,1),%r11d
+ roll $30,%esi
+ movl %ebp,60(%rsp)
+ addl %ecx,%r12d
+ movl 0(%rsp),%edx
+ movl %esi,%eax
movl %esi,%ebx
- movl 56(%r9),%eax
- movl %r12d,%ebp
- xorl %edi,%ebx
- bswapl %eax
- roll $5,%ebp
- andl %edx,%ebx
- movl %eax,56(%rsp)
- addl %ebp,%r11d
+ xorl 8(%rsp),%edx
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 32(%rsp),%edx
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rbp,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 52(%rsp),%edx
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%edx
addl %ebx,%r11d
- leal 1518500249(%rax,%rdi,1),%ebp
- movl %edx,%ebx
- movl 60(%r9),%eax
- movl %r11d,%edi
+ roll $30,%r13d
+ movl %edx,0(%rsp)
+ addl %ecx,%r11d
+ movl 4(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 12(%rsp),%ebp
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 36(%rsp),%ebp
xorl %esi,%ebx
- bswapl %eax
- roll $5,%edi
+ leal -1894007588(%rdx,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 56(%rsp),%ebp
+ addl %eax,%edi
andl %r12d,%ebx
- movl %eax,60(%rsp)
- addl %edi,%ebp
- xorl %esi,%ebx
+ roll $1,%ebp
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- leal 1518500249(%rax,%rsi,1),%edi
- movl 0(%rsp),%eax
+ movl %ebp,4(%rsp)
+ addl %ecx,%edi
+ movl 8(%rsp),%edx
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 8(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%esi
- xorl 32(%rsp),%eax
+ xorl 16(%rsp),%edx
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 40(%rsp),%edx
+ xorl %r13d,%ebx
+ leal -1894007588(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 60(%rsp),%edx
+ addl %eax,%esi
andl %r11d,%ebx
- addl %esi,%edi
- xorl 52(%rsp),%eax
- xorl %edx,%ebx
+ roll $1,%edx
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,0(%rsp)
- leal 1518500249(%rax,%rdx,1),%esi
- movl 4(%rsp),%eax
+ movl %edx,8(%rsp)
+ addl %ecx,%esi
+ movl 12(%rsp),%ebp
+ movl %r11d,%eax
movl %r11d,%ebx
- movl %edi,%edx
- xorl 12(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edx
- xorl 36(%rsp),%eax
- andl %ebp,%ebx
- addl %edx,%esi
- xorl 56(%rsp),%eax
+ xorl 20(%rsp),%ebp
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 44(%rsp),%ebp
xorl %r12d,%ebx
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,4(%rsp)
- leal 1518500249(%rax,%r12,1),%edx
- movl 8(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 16(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%r12d
- xorl 40(%rsp),%eax
+ leal -1894007588(%rdx,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 0(%rsp),%ebp
+ addl %eax,%r13d
andl %edi,%ebx
- addl %r12d,%edx
- xorl 60(%rsp),%eax
- xorl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,8(%rsp)
- leal 1518500249(%rax,%r11,1),%r12d
- movl 12(%rsp),%eax
+ movl %ebp,12(%rsp)
+ addl %ecx,%r13d
+ movl 16(%rsp),%edx
+ movl %edi,%eax
movl %edi,%ebx
- movl %edx,%r11d
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%r11d
- xorl 44(%rsp),%eax
+ xorl 24(%rsp),%edx
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 48(%rsp),%edx
+ xorl %r11d,%ebx
+ leal -1894007588(%rbp,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 4(%rsp),%edx
+ addl %eax,%r12d
andl %esi,%ebx
- addl %r11d,%r12d
- xorl 0(%rsp),%eax
- xorl %ebp,%ebx
- roll $30,%esi
+ roll $1,%edx
addl %ebx,%r12d
- roll $1,%eax
- movl %eax,12(%rsp)
- leal 1518500249(%rax,%rbp,1),%r11d
- movl 16(%rsp),%eax
+ roll $30,%esi
+ movl %edx,16(%rsp)
+ addl %ecx,%r12d
+ movl 20(%rsp),%ebp
+ movl %esi,%eax
movl %esi,%ebx
- movl %r12d,%ebp
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%ebp
- xorl 48(%rsp),%eax
- andl %edx,%ebx
- addl %ebp,%r11d
- xorl 4(%rsp),%eax
+ xorl 28(%rsp),%ebp
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 52(%rsp),%ebp
xorl %edi,%ebx
- roll $30,%edx
+ leal -1894007588(%rdx,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 8(%rsp),%ebp
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%ebp
addl %ebx,%r11d
- roll $1,%eax
- movl %eax,16(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 20(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 28(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 52(%rsp),%eax
+ roll $30,%r13d
+ movl %ebp,20(%rsp)
+ addl %ecx,%r11d
+ movl 24(%rsp),%edx
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 32(%rsp),%edx
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 56(%rsp),%edx
xorl %esi,%ebx
- addl %edi,%ebp
- xorl 8(%rsp),%eax
+ leal -1894007588(%rbp,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 12(%rsp),%edx
+ addl %eax,%edi
+ andl %r12d,%ebx
+ roll $1,%edx
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,20(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 24(%rsp),%eax
+ movl %edx,24(%rsp)
+ addl %ecx,%edi
+ movl 28(%rsp),%ebp
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 32(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 56(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 12(%rsp),%eax
+ xorl 36(%rsp),%ebp
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %r13d,%ebx
+ leal -1894007588(%rdx,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 16(%rsp),%ebp
+ addl %eax,%esi
+ andl %r11d,%ebx
+ roll $1,%ebp
+ addl %ebx,%esi
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,24(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 28(%rsp),%eax
+ movl %ebp,28(%rsp)
+ addl %ecx,%esi
+ movl 32(%rsp),%edx
+ movl %r11d,%eax
movl %r11d,%ebx
- movl %edi,%edx
- xorl 36(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 60(%rsp),%eax
+ xorl 40(%rsp),%edx
+ andl %r12d,%eax
+ movl %esi,%ecx
+ xorl 0(%rsp),%edx
xorl %r12d,%ebx
- addl %edx,%esi
- xorl 16(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,28(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 32(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 40(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 0(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 20(%rsp),%eax
+ leal -1894007588(%rbp,%r13,1),%r13d
+ roll $5,%ecx
+ xorl 20(%rsp),%edx
+ addl %eax,%r13d
+ andl %edi,%ebx
+ roll $1,%edx
+ addl %ebx,%r13d
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,32(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 36(%rsp),%eax
+ movl %edx,32(%rsp)
+ addl %ecx,%r13d
+ movl 36(%rsp),%ebp
+ movl %edi,%eax
movl %edi,%ebx
- movl %edx,%r11d
- xorl 44(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 4(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 24(%rsp),%eax
- roll $30,%esi
+ xorl 44(%rsp),%ebp
+ andl %r11d,%eax
+ movl %r13d,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %r11d,%ebx
+ leal -1894007588(%rdx,%r12,1),%r12d
+ roll $5,%ecx
+ xorl 24(%rsp),%ebp
+ addl %eax,%r12d
+ andl %esi,%ebx
+ roll $1,%ebp
addl %ebx,%r12d
- roll $1,%eax
- movl %eax,36(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 40(%rsp),%eax
+ roll $30,%esi
+ movl %ebp,36(%rsp)
+ addl %ecx,%r12d
+ movl 40(%rsp),%edx
+ movl %esi,%eax
movl %esi,%ebx
- movl %r12d,%ebp
- xorl 48(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 8(%rsp),%eax
+ xorl 48(%rsp),%edx
+ andl %edi,%eax
+ movl %r12d,%ecx
+ xorl 8(%rsp),%edx
xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 28(%rsp),%eax
- roll $30,%edx
+ leal -1894007588(%rbp,%r11,1),%r11d
+ roll $5,%ecx
+ xorl 28(%rsp),%edx
+ addl %eax,%r11d
+ andl %r13d,%ebx
+ roll $1,%edx
addl %ebx,%r11d
- roll $1,%eax
- movl %eax,40(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 44(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 52(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 12(%rsp),%eax
+ roll $30,%r13d
+ movl %edx,40(%rsp)
+ addl %ecx,%r11d
+ movl 44(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r13d,%ebx
+ xorl 52(%rsp),%ebp
+ andl %esi,%eax
+ movl %r11d,%ecx
+ xorl 12(%rsp),%ebp
xorl %esi,%ebx
- addl %edi,%ebp
- xorl 32(%rsp),%eax
+ leal -1894007588(%rdx,%rdi,1),%edi
+ roll $5,%ecx
+ xorl 32(%rsp),%ebp
+ addl %eax,%edi
+ andl %r12d,%ebx
+ roll $1,%ebp
+ addl %ebx,%edi
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,44(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 48(%rsp),%eax
+ movl %ebp,44(%rsp)
+ addl %ecx,%edi
+ movl 48(%rsp),%edx
+ movl %r12d,%eax
movl %r12d,%ebx
- movl %ebp,%esi
- xorl 56(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 16(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 36(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,48(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 52(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 60(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 20(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 40(%rsp),%eax
- roll $30,%ebp
+ xorl 56(%rsp),%edx
+ andl %r13d,%eax
+ movl %edi,%ecx
+ xorl 16(%rsp),%edx
+ xorl %r13d,%ebx
+ leal -1894007588(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl 36(%rsp),%edx
+ addl %eax,%esi
+ andl %r11d,%ebx
+ roll $1,%edx
addl %ebx,%esi
- roll $1,%eax
- movl %eax,52(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 56(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 0(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 24(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 44(%rsp),%eax
+ roll $30,%r11d
+ movl %edx,48(%rsp)
+ addl %ecx,%esi
+ movl 52(%rsp),%ebp
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r13,1),%r13d
+ xorl 20(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 40(%rsp),%ebp
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,56(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 60(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 4(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 28(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 48(%rsp),%eax
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,52(%rsp)
+ movl 56(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 0(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r12,1),%r12d
+ xorl 24(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 44(%rsp),%edx
roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,60(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 0(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 8(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 32(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 52(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,0(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 4(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 12(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 36(%rsp),%eax
- xorl %esi,%ebx
- addl %edi,%ebp
- xorl 56(%rsp),%eax
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,56(%rsp)
+ movl 60(%rsp),%ebp
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 4(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r11,1),%r11d
+ xorl 28(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 48(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,60(%rsp)
+ movl 0(%rsp),%edx
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 8(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rdi,1),%edi
+ xorl 32(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 52(%rsp),%edx
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,4(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 8(%rsp),%eax
- movl %r12d,%ebx
- movl %ebp,%esi
- xorl 16(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 40(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 60(%rsp),%eax
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,0(%rsp)
+ movl 4(%rsp),%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl 12(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rsi,1),%esi
+ xorl 36(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 56(%rsp),%ebp
roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,8(%rsp)
- leal 1859775393(%rax,%rdx,1),%esi
- movl 12(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- roll $5,%edx
- xorl 44(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 0(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,12(%rsp)
- leal 1859775393(%rax,%r12,1),%edx
- movl 16(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 48(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 4(%rsp),%eax
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,4(%rsp)
+ movl 8(%rsp),%edx
+ movl %r11d,%eax
+ movl %esi,%ecx
+ xorl 16(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r13,1),%r13d
+ xorl 40(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 60(%rsp),%edx
roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,16(%rsp)
- leal 1859775393(%rax,%r11,1),%r12d
- movl 20(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 28(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 52(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 8(%rsp),%eax
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,8(%rsp)
+ movl 12(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 20(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r12,1),%r12d
+ xorl 44(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 0(%rsp),%ebp
roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,20(%rsp)
- leal 1859775393(%rax,%rbp,1),%r11d
- movl 24(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 32(%rsp),%eax
- xorl %edx,%ebx
- roll $5,%ebp
- xorl 56(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 12(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,24(%rsp)
- leal 1859775393(%rax,%rdi,1),%ebp
- movl 28(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 36(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 60(%rsp),%eax
- xorl %esi,%ebx
- addl %edi,%ebp
- xorl 16(%rsp),%eax
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl %ebp,12(%rsp)
+ movl 16(%rsp),%edx
+ movl %esi,%eax
+ movl %r12d,%ecx
+ xorl 24(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r11,1),%r11d
+ xorl 48(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 4(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl %edx,16(%rsp)
+ movl 20(%rsp),%ebp
+ movl %r13d,%eax
+ movl %r11d,%ecx
+ xorl 28(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rdi,1),%edi
+ xorl 52(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 8(%rsp),%ebp
roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,28(%rsp)
- leal 1859775393(%rax,%rsi,1),%edi
- movl 32(%rsp),%eax
- movl %r12d,%ebx
- movl %ebp,%esi
- xorl 40(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 0(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 20(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,32(%rsp)
- leal -1894007588(%rax,%rdx,1),%esi
- movl 36(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 44(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 4(%rsp),%eax
- orl %r11d,%ecx
- roll $5,%edx
- xorl 24(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,36(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 40(%rsp),%eax
- movl %edi,%ebx
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %ebp,20(%rsp)
+ movl 24(%rsp),%edx
+ movl %r12d,%eax
movl %edi,%ecx
- xorl 48(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 8(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 28(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,40(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 44(%rsp),%eax
- movl %esi,%ebx
+ xorl 32(%rsp),%edx
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rsi,1),%esi
+ xorl 56(%rsp),%edx
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 12(%rsp),%edx
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%edx
+ movl %edx,24(%rsp)
+ movl 28(%rsp),%ebp
+ movl %r11d,%eax
movl %esi,%ecx
- xorl 52(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 12(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 32(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 36(%rsp),%ebp
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r13,1),%r13d
+ xorl 60(%rsp),%ebp
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 16(%rsp),%ebp
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%ebp
+ movl %ebp,28(%rsp)
+ movl 32(%rsp),%edx
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 40(%rsp),%edx
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r12,1),%r12d
+ xorl 0(%rsp),%edx
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 20(%rsp),%edx
roll $30,%esi
- movl %eax,44(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 48(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 56(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 16(%rsp),%eax
- orl %esi,%ecx
- roll $5,%ebp
- xorl 36(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,48(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 52(%rsp),%eax
- movl %r12d,%ebx
+ addl %eax,%r12d
+ roll $1,%edx
+ movl %edx,32(%rsp)
+ movl 36(%rsp),%ebp
+ movl %esi,%eax
movl %r12d,%ecx
- xorl 60(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 20(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 40(%rsp),%eax
- andl %esi,%ecx
- addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,52(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 56(%rsp),%eax
- movl %r11d,%ebx
+ xorl 44(%rsp),%ebp
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r11,1),%r11d
+ xorl 4(%rsp),%ebp
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 24(%rsp),%ebp
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%ebp
+ movl %ebp,36(%rsp)
+ movl 40(%rsp),%edx
+ movl %r13d,%eax
movl %r11d,%ecx
- xorl 0(%rsp),%eax
- movl %ebp,%esi
- andl %r12d,%ebx
- xorl 24(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 44(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r11d
- movl %eax,56(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 60(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 4(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 28(%rsp),%eax
- orl %r11d,%ecx
- roll $5,%edx
- xorl 48(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,60(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 0(%rsp),%eax
- movl %edi,%ebx
+ xorl 48(%rsp),%edx
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%rdi,1),%edi
+ xorl 8(%rsp),%edx
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 28(%rsp),%edx
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%edx
+ movl %edx,40(%rsp)
+ movl 44(%rsp),%ebp
+ movl %r12d,%eax
movl %edi,%ecx
- xorl 8(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 32(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 52(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,0(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 4(%rsp),%eax
- movl %esi,%ebx
+ xorl 52(%rsp),%ebp
+ xorl %r11d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rsi,1),%esi
+ xorl 12(%rsp),%ebp
+ xorl %r13d,%eax
+ addl %ecx,%esi
+ xorl 32(%rsp),%ebp
+ roll $30,%r11d
+ addl %eax,%esi
+ roll $1,%ebp
+ movl %ebp,44(%rsp)
+ movl 48(%rsp),%edx
+ movl %r11d,%eax
movl %esi,%ecx
- xorl 12(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 36(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 56(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 56(%rsp),%edx
+ xorl %edi,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r13,1),%r13d
+ xorl 16(%rsp),%edx
+ xorl %r12d,%eax
+ addl %ecx,%r13d
+ xorl 36(%rsp),%edx
+ roll $30,%edi
+ addl %eax,%r13d
+ roll $1,%edx
+ movl %edx,48(%rsp)
+ movl 52(%rsp),%ebp
+ movl %edi,%eax
+ movl %r13d,%ecx
+ xorl 60(%rsp),%ebp
+ xorl %esi,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%r12,1),%r12d
+ xorl 20(%rsp),%ebp
+ xorl %r11d,%eax
+ addl %ecx,%r12d
+ xorl 40(%rsp),%ebp
roll $30,%esi
- movl %eax,4(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 8(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 16(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 40(%rsp),%eax
- orl %esi,%ecx
- roll $5,%ebp
- xorl 60(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,8(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 12(%rsp),%eax
- movl %r12d,%ebx
+ addl %eax,%r12d
+ roll $1,%ebp
+ movl 56(%rsp),%edx
+ movl %esi,%eax
movl %r12d,%ecx
- xorl 20(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 44(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 0(%rsp),%eax
- andl %esi,%ecx
- addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,12(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 16(%rsp),%eax
- movl %r11d,%ebx
+ xorl 0(%rsp),%edx
+ xorl %r13d,%eax
+ roll $5,%ecx
+ leal -899497514(%rbp,%r11,1),%r11d
+ xorl 24(%rsp),%edx
+ xorl %edi,%eax
+ addl %ecx,%r11d
+ xorl 44(%rsp),%edx
+ roll $30,%r13d
+ addl %eax,%r11d
+ roll $1,%edx
+ movl 60(%rsp),%ebp
+ movl %r13d,%eax
movl %r11d,%ecx
- xorl 24(%rsp),%eax
- movl %ebp,%esi
- andl %r12d,%ebx
- xorl 48(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 4(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
+ xorl 4(%rsp),%ebp
+ xorl %r12d,%eax
+ roll $5,%ecx
+ leal -899497514(%rdx,%rdi,1),%edi
+ xorl 28(%rsp),%ebp
+ xorl %esi,%eax
+ addl %ecx,%edi
+ xorl 48(%rsp),%ebp
+ roll $30,%r12d
+ addl %eax,%edi
+ roll $1,%ebp
+ movl %r12d,%eax
+ movl %edi,%ecx
+ xorl %r11d,%eax
+ leal -899497514(%rbp,%rsi,1),%esi
+ roll $5,%ecx
+ xorl %r13d,%eax
+ addl %ecx,%esi
roll $30,%r11d
- movl %eax,16(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 20(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 28(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 52(%rsp),%eax
- orl %r11d,%ecx
+ addl %eax,%esi
+ addl 0(%r8),%esi
+ addl 4(%r8),%edi
+ addl 8(%r8),%r11d
+ addl 12(%r8),%r12d
+ addl 16(%r8),%r13d
+ movl %esi,0(%r8)
+ movl %edi,4(%r8)
+ movl %r11d,8(%r8)
+ movl %r12d,12(%r8)
+ movl %r13d,16(%r8)
+
+ subq $1,%r10
+ leaq 64(%r9),%r9
+ jnz L$loop
+
+ movq 64(%rsp),%rsi
+ movq (%rsi),%r13
+ movq 8(%rsi),%r12
+ movq 16(%rsi),%rbp
+ movq 24(%rsi),%rbx
+ leaq 32(%rsi),%rsp
+L$epilogue:
+ .byte 0xf3,0xc3
+
+
+.p2align 4
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+ pushq %rbx
+ pushq %rbp
+ pushq %r12
+ leaq -64(%rsp),%rsp
+ movq %rdi,%r8
+ movq %rsi,%r9
+ movq %rdx,%r10
+
+ shlq $6,%r10
+ addq %r9,%r10
+ leaq K_XX_XX(%rip),%r11
+
+ movl 0(%r8),%eax
+ movl 4(%r8),%ebx
+ movl 8(%r8),%ecx
+ movl 12(%r8),%edx
+ movl %ebx,%esi
+ movl 16(%r8),%ebp
+
+ movdqa 64(%r11),%xmm6
+ movdqa 0(%r11),%xmm9
+ movdqu 0(%r9),%xmm0
+ movdqu 16(%r9),%xmm1
+ movdqu 32(%r9),%xmm2
+ movdqu 48(%r9),%xmm3
+.byte 102,15,56,0,198
+ addq $64,%r9
+.byte 102,15,56,0,206
+.byte 102,15,56,0,214
+.byte 102,15,56,0,222
+ paddd %xmm9,%xmm0
+ paddd %xmm9,%xmm1
+ paddd %xmm9,%xmm2
+ movdqa %xmm0,0(%rsp)
+ psubd %xmm9,%xmm0
+ movdqa %xmm1,16(%rsp)
+ psubd %xmm9,%xmm1
+ movdqa %xmm2,32(%rsp)
+ psubd %xmm9,%xmm2
+ jmp L$oop_ssse3
+.p2align 4
+L$oop_ssse3:
+ movdqa %xmm1,%xmm4
+ addl 0(%rsp),%ebp
+ xorl %edx,%ecx
+ movdqa %xmm3,%xmm8
+.byte 102,15,58,15,224,8
+ movl %eax,%edi
+ roll $5,%eax
+ paddd %xmm3,%xmm9
+ andl %ecx,%esi
+ xorl %edx,%ecx
+ psrldq $4,%xmm8
+ xorl %edx,%esi
+ addl %eax,%ebp
+ pxor %xmm0,%xmm4
+ rorl $2,%ebx
+ addl %esi,%ebp
+ pxor %xmm2,%xmm8
+ addl 4(%rsp),%edx
+ xorl %ecx,%ebx
+ movl %ebp,%esi
+ roll $5,%ebp
+ pxor %xmm8,%xmm4
+ andl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa %xmm9,48(%rsp)
+ xorl %ecx,%edi
+ addl %ebp,%edx
+ movdqa %xmm4,%xmm10
+ movdqa %xmm4,%xmm8
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 8(%rsp),%ecx
+ xorl %ebx,%eax
+ pslldq $12,%xmm10
+ paddd %xmm4,%xmm4
+ movl %edx,%edi
roll $5,%edx
- xorl 8(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,20(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 24(%rsp),%eax
- movl %edi,%ebx
- movl %edi,%ecx
- xorl 32(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 56(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 12(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,24(%rsp)
- addl %ebx,%edx
- leal -1894007588(%rax,%r11,1),%r12d
- movl 28(%rsp),%eax
- movl %esi,%ebx
- movl %esi,%ecx
- xorl 36(%rsp),%eax
- movl %edx,%r11d
- andl %edi,%ebx
- xorl 60(%rsp),%eax
- orl %edi,%ecx
- roll $5,%r11d
- xorl 16(%rsp),%eax
- andl %ebp,%ecx
- addl %r11d,%r12d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%esi
- movl %eax,28(%rsp)
- addl %ebx,%r12d
- leal -1894007588(%rax,%rbp,1),%r11d
- movl 32(%rsp),%eax
- movl %edx,%ebx
- movl %edx,%ecx
- xorl 40(%rsp),%eax
- movl %r12d,%ebp
- andl %esi,%ebx
- xorl 0(%rsp),%eax
- orl %esi,%ecx
+ andl %eax,%esi
+ xorl %ebx,%eax
+ psrld $31,%xmm8
+ xorl %ebx,%esi
+ addl %edx,%ecx
+ movdqa %xmm10,%xmm9
+ rorl $7,%ebp
+ addl %esi,%ecx
+ psrld $30,%xmm10
+ por %xmm8,%xmm4
+ addl 12(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%esi
+ roll $5,%ecx
+ pslld $2,%xmm9
+ pxor %xmm10,%xmm4
+ andl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa 0(%r11),%xmm10
+ xorl %eax,%edi
+ addl %ecx,%ebx
+ pxor %xmm9,%xmm4
+ rorl $7,%edx
+ addl %edi,%ebx
+ movdqa %xmm2,%xmm5
+ addl 16(%rsp),%eax
+ xorl %ebp,%edx
+ movdqa %xmm4,%xmm9
+.byte 102,15,58,15,233,8
+ movl %ebx,%edi
+ roll $5,%ebx
+ paddd %xmm4,%xmm10
+ andl %edx,%esi
+ xorl %ebp,%edx
+ psrldq $4,%xmm9
+ xorl %ebp,%esi
+ addl %ebx,%eax
+ pxor %xmm1,%xmm5
+ rorl $7,%ecx
+ addl %esi,%eax
+ pxor %xmm3,%xmm9
+ addl 20(%rsp),%ebp
+ xorl %edx,%ecx
+ movl %eax,%esi
+ roll $5,%eax
+ pxor %xmm9,%xmm5
+ andl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa %xmm10,0(%rsp)
+ xorl %edx,%edi
+ addl %eax,%ebp
+ movdqa %xmm5,%xmm8
+ movdqa %xmm5,%xmm9
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 24(%rsp),%edx
+ xorl %ecx,%ebx
+ pslldq $12,%xmm8
+ paddd %xmm5,%xmm5
+ movl %ebp,%edi
roll $5,%ebp
- xorl 20(%rsp),%eax
- andl %edi,%ecx
- addl %ebp,%r11d
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edx
- movl %eax,32(%rsp)
- addl %ebx,%r11d
- leal -1894007588(%rax,%rdi,1),%ebp
- movl 36(%rsp),%eax
- movl %r12d,%ebx
- movl %r12d,%ecx
- xorl 44(%rsp),%eax
- movl %r11d,%edi
- andl %edx,%ebx
- xorl 4(%rsp),%eax
- orl %edx,%ecx
- roll $5,%edi
- xorl 24(%rsp),%eax
- andl %esi,%ecx
+ andl %ebx,%esi
+ xorl %ecx,%ebx
+ psrld $31,%xmm9
+ xorl %ecx,%esi
+ addl %ebp,%edx
+ movdqa %xmm8,%xmm10
+ rorl $7,%eax
+ addl %esi,%edx
+ psrld $30,%xmm8
+ por %xmm9,%xmm5
+ addl 28(%rsp),%ecx
+ xorl %ebx,%eax
+ movl %edx,%esi
+ roll $5,%edx
+ pslld $2,%xmm10
+ pxor %xmm8,%xmm5
+ andl %eax,%edi
+ xorl %ebx,%eax
+ movdqa 16(%r11),%xmm8
+ xorl %ebx,%edi
+ addl %edx,%ecx
+ pxor %xmm10,%xmm5
+ rorl $7,%ebp
+ addl %edi,%ecx
+ movdqa %xmm3,%xmm6
+ addl 32(%rsp),%ebx
+ xorl %eax,%ebp
+ movdqa %xmm5,%xmm10
+.byte 102,15,58,15,242,8
+ movl %ecx,%edi
+ roll $5,%ecx
+ paddd %xmm5,%xmm8
+ andl %ebp,%esi
+ xorl %eax,%ebp
+ psrldq $4,%xmm10
+ xorl %eax,%esi
+ addl %ecx,%ebx
+ pxor %xmm2,%xmm6
+ rorl $7,%edx
+ addl %esi,%ebx
+ pxor %xmm4,%xmm10
+ addl 36(%rsp),%eax
+ xorl %ebp,%edx
+ movl %ebx,%esi
+ roll $5,%ebx
+ pxor %xmm10,%xmm6
+ andl %edx,%edi
+ xorl %ebp,%edx
+ movdqa %xmm8,16(%rsp)
+ xorl %ebp,%edi
+ addl %ebx,%eax
+ movdqa %xmm6,%xmm9
+ movdqa %xmm6,%xmm10
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 40(%rsp),%ebp
+ xorl %edx,%ecx
+ pslldq $12,%xmm9
+ paddd %xmm6,%xmm6
+ movl %eax,%edi
+ roll $5,%eax
+ andl %ecx,%esi
+ xorl %edx,%ecx
+ psrld $31,%xmm10
+ xorl %edx,%esi
+ addl %eax,%ebp
+ movdqa %xmm9,%xmm8
+ rorl $7,%ebx
+ addl %esi,%ebp
+ psrld $30,%xmm9
+ por %xmm10,%xmm6
+ addl 44(%rsp),%edx
+ xorl %ecx,%ebx
+ movl %ebp,%esi
+ roll $5,%ebp
+ pslld $2,%xmm8
+ pxor %xmm9,%xmm6
+ andl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa 16(%r11),%xmm9
+ xorl %ecx,%edi
+ addl %ebp,%edx
+ pxor %xmm8,%xmm6
+ rorl $7,%eax
+ addl %edi,%edx
+ movdqa %xmm4,%xmm7
+ addl 48(%rsp),%ecx
+ xorl %ebx,%eax
+ movdqa %xmm6,%xmm8
+.byte 102,15,58,15,251,8
+ movl %edx,%edi
+ roll $5,%edx
+ paddd %xmm6,%xmm9
+ andl %eax,%esi
+ xorl %ebx,%eax
+ psrldq $4,%xmm8
+ xorl %ebx,%esi
+ addl %edx,%ecx
+ pxor %xmm3,%xmm7
+ rorl $7,%ebp
+ addl %esi,%ecx
+ pxor %xmm5,%xmm8
+ addl 52(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%esi
+ roll $5,%ecx
+ pxor %xmm8,%xmm7
+ andl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa %xmm9,32(%rsp)
+ xorl %eax,%edi
+ addl %ecx,%ebx
+ movdqa %xmm7,%xmm10
+ movdqa %xmm7,%xmm8
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 56(%rsp),%eax
+ xorl %ebp,%edx
+ pslldq $12,%xmm10
+ paddd %xmm7,%xmm7
+ movl %ebx,%edi
+ roll $5,%ebx
+ andl %edx,%esi
+ xorl %ebp,%edx
+ psrld $31,%xmm8
+ xorl %ebp,%esi
+ addl %ebx,%eax
+ movdqa %xmm10,%xmm9
+ rorl $7,%ecx
+ addl %esi,%eax
+ psrld $30,%xmm10
+ por %xmm8,%xmm7
+ addl 60(%rsp),%ebp
+ xorl %edx,%ecx
+ movl %eax,%esi
+ roll $5,%eax
+ pslld $2,%xmm9
+ pxor %xmm10,%xmm7
+ andl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa 16(%r11),%xmm10
+ xorl %edx,%edi
+ addl %eax,%ebp
+ pxor %xmm9,%xmm7
+ rorl $7,%ebx
addl %edi,%ebp
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r12d
- movl %eax,36(%rsp)
- addl %ebx,%ebp
- leal -1894007588(%rax,%rsi,1),%edi
- movl 40(%rsp),%eax
- movl %r11d,%ebx
- movl %r11d,%ecx
- xorl 48(%rsp),%eax
+ movdqa %xmm7,%xmm9
+ addl 0(%rsp),%edx
+ pxor %xmm4,%xmm0
+.byte 102,68,15,58,15,206,8
+ xorl %ecx,%ebx
+ movl %ebp,%edi
+ roll $5,%ebp
+ pxor %xmm1,%xmm0
+ andl %ebx,%esi
+ xorl %ecx,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm7,%xmm10
+ xorl %ecx,%esi
+ addl %ebp,%edx
+ pxor %xmm9,%xmm0
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 4(%rsp),%ecx
+ xorl %ebx,%eax
+ movdqa %xmm0,%xmm9
+ movdqa %xmm10,48(%rsp)
+ movl %edx,%esi
+ roll $5,%edx
+ andl %eax,%edi
+ xorl %ebx,%eax
+ pslld $2,%xmm0
+ xorl %ebx,%edi
+ addl %edx,%ecx
+ psrld $30,%xmm9
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 8(%rsp),%ebx
+ xorl %eax,%ebp
+ movl %ecx,%edi
+ roll $5,%ecx
+ por %xmm9,%xmm0
+ andl %ebp,%esi
+ xorl %eax,%ebp
+ movdqa %xmm0,%xmm10
+ xorl %eax,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 12(%rsp),%eax
+ xorl %ebp,%edx
+ movl %ebx,%esi
+ roll $5,%ebx
+ andl %edx,%edi
+ xorl %ebp,%edx
+ xorl %ebp,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 16(%rsp),%ebp
+ pxor %xmm5,%xmm1
+.byte 102,68,15,58,15,215,8
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ pxor %xmm2,%xmm1
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ movdqa %xmm8,%xmm9
+ paddd %xmm0,%xmm8
+ rorl $7,%ebx
+ addl %esi,%ebp
+ pxor %xmm10,%xmm1
+ addl 20(%rsp),%edx
+ xorl %ecx,%edi
movl %ebp,%esi
- andl %r12d,%ebx
- xorl 8(%rsp),%eax
- orl %r12d,%ecx
- roll $5,%esi
- xorl 28(%rsp),%eax
- andl %edx,%ecx
- addl %esi,%edi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%r11d
- movl %eax,40(%rsp)
- addl %ebx,%edi
- leal -1894007588(%rax,%rdx,1),%esi
- movl 44(%rsp),%eax
- movl %ebp,%ebx
- movl %ebp,%ecx
- xorl 52(%rsp),%eax
- movl %edi,%edx
- andl %r11d,%ebx
- xorl 12(%rsp),%eax
- orl %r11d,%ecx
+ roll $5,%ebp
+ movdqa %xmm1,%xmm10
+ movdqa %xmm8,0(%rsp)
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ pslld $2,%xmm1
+ addl 24(%rsp),%ecx
+ xorl %ebx,%esi
+ psrld $30,%xmm10
+ movl %edx,%edi
roll $5,%edx
- xorl 32(%rsp),%eax
- andl %r12d,%ecx
- addl %edx,%esi
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%ebp
- movl %eax,44(%rsp)
- addl %ebx,%esi
- leal -1894007588(%rax,%r12,1),%edx
- movl 48(%rsp),%eax
- movl %edi,%ebx
- movl %edi,%ecx
- xorl 56(%rsp),%eax
- movl %esi,%r12d
- andl %ebp,%ebx
- xorl 16(%rsp),%eax
- orl %ebp,%ecx
- roll $5,%r12d
- xorl 36(%rsp),%eax
- andl %r11d,%ecx
- addl %r12d,%edx
- roll $1,%eax
- orl %ecx,%ebx
- roll $30,%edi
- movl %eax,48(%rsp)
- addl %ebx,%edx
- leal -899497514(%rax,%r11,1),%r12d
- movl 52(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 60(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 20(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 40(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,52(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 56(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 0(%rsp),%eax
- xorl %edx,%ebx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ por %xmm10,%xmm1
+ addl 28(%rsp),%ebx
+ xorl %eax,%edi
+ movdqa %xmm1,%xmm8
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 32(%rsp),%eax
+ pxor %xmm6,%xmm2
+.byte 102,68,15,58,15,192,8
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ pxor %xmm3,%xmm2
+ xorl %edx,%esi
+ addl %ebx,%eax
+ movdqa 32(%r11),%xmm10
+ paddd %xmm1,%xmm9
+ rorl $7,%ecx
+ addl %esi,%eax
+ pxor %xmm8,%xmm2
+ addl 36(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ movdqa %xmm2,%xmm8
+ movdqa %xmm9,16(%rsp)
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ pslld $2,%xmm2
+ addl 40(%rsp),%edx
+ xorl %ecx,%esi
+ psrld $30,%xmm8
+ movl %ebp,%edi
roll $5,%ebp
- xorl 24(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 44(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,56(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 60(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 4(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 28(%rsp),%eax
- xorl %esi,%ebx
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ por %xmm8,%xmm2
+ addl 44(%rsp),%ecx
+ xorl %ebx,%edi
+ movdqa %xmm2,%xmm9
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 48(%rsp),%ebx
+ pxor %xmm7,%xmm3
+.byte 102,68,15,58,15,201,8
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ pxor %xmm4,%xmm3
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm2,%xmm10
+ rorl $7,%edx
+ addl %esi,%ebx
+ pxor %xmm9,%xmm3
+ addl 52(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ movdqa %xmm3,%xmm9
+ movdqa %xmm10,32(%rsp)
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ pslld $2,%xmm3
+ addl 56(%rsp),%ebp
+ xorl %edx,%esi
+ psrld $30,%xmm9
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ por %xmm9,%xmm3
+ addl 60(%rsp),%edx
+ xorl %ecx,%edi
+ movdqa %xmm3,%xmm10
+ movl %ebp,%esi
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 0(%rsp),%ecx
+ pxor %xmm0,%xmm4
+.byte 102,68,15,58,15,210,8
+ xorl %ebx,%esi
+ movl %edx,%edi
+ roll $5,%edx
+ pxor %xmm5,%xmm4
+ xorl %eax,%esi
+ addl %edx,%ecx
+ movdqa %xmm8,%xmm9
+ paddd %xmm3,%xmm8
+ rorl $7,%ebp
+ addl %esi,%ecx
+ pxor %xmm10,%xmm4
+ addl 4(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ movdqa %xmm4,%xmm10
+ movdqa %xmm8,48(%rsp)
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ pslld $2,%xmm4
+ addl 8(%rsp),%eax
+ xorl %ebp,%esi
+ psrld $30,%xmm10
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ por %xmm10,%xmm4
+ addl 12(%rsp),%ebp
+ xorl %edx,%edi
+ movdqa %xmm4,%xmm8
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 48(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,60(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 0(%rsp),%eax
- movl %r12d,%ebx
+ addl 16(%rsp),%edx
+ pxor %xmm1,%xmm5
+.byte 102,68,15,58,15,195,8
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ pxor %xmm6,%xmm5
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ movdqa %xmm9,%xmm10
+ paddd %xmm4,%xmm9
+ rorl $7,%eax
+ addl %esi,%edx
+ pxor %xmm8,%xmm5
+ addl 20(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ movdqa %xmm5,%xmm8
+ movdqa %xmm9,0(%rsp)
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ pslld $2,%xmm5
+ addl 24(%rsp),%ebx
+ xorl %eax,%esi
+ psrld $30,%xmm8
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ por %xmm8,%xmm5
+ addl 28(%rsp),%eax
+ xorl %ebp,%edi
+ movdqa %xmm5,%xmm9
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ movl %ecx,%edi
+ pxor %xmm2,%xmm6
+.byte 102,68,15,58,15,204,8
+ xorl %edx,%ecx
+ addl 32(%rsp),%ebp
+ andl %edx,%edi
+ pxor %xmm7,%xmm6
+ andl %ecx,%esi
+ rorl $7,%ebx
+ movdqa %xmm10,%xmm8
+ paddd %xmm5,%xmm10
+ addl %edi,%ebp
+ movl %eax,%edi
+ pxor %xmm9,%xmm6
+ roll $5,%eax
+ addl %esi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movdqa %xmm6,%xmm9
+ movdqa %xmm10,16(%rsp)
+ movl %ebx,%esi
+ xorl %ecx,%ebx
+ addl 36(%rsp),%edx
+ andl %ecx,%esi
+ pslld $2,%xmm6
+ andl %ebx,%edi
+ rorl $7,%eax
+ psrld $30,%xmm9
+ addl %esi,%edx
movl %ebp,%esi
- xorl 8(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 32(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 52(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,0(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 4(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 12(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ addl %edi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ por %xmm9,%xmm6
+ movl %eax,%edi
+ xorl %ebx,%eax
+ movdqa %xmm6,%xmm10
+ addl 40(%rsp),%ecx
+ andl %ebx,%edi
+ andl %eax,%esi
+ rorl $7,%ebp
+ addl %edi,%ecx
+ movl %edx,%edi
roll $5,%edx
- xorl 36(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 56(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,4(%rsp)
- leal -899497514(%rax,%r12,1),%edx
- movl 8(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 16(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 40(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 60(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,8(%rsp)
- leal -899497514(%rax,%r11,1),%r12d
- movl 12(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 20(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 44(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 0(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,12(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 16(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 24(%rsp),%eax
- xorl %edx,%ebx
+ addl %esi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movl %ebp,%esi
+ xorl %eax,%ebp
+ addl 44(%rsp),%ebx
+ andl %eax,%esi
+ andl %ebp,%edi
+ rorl $7,%edx
+ addl %esi,%ebx
+ movl %ecx,%esi
+ roll $5,%ecx
+ addl %edi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movl %edx,%edi
+ pxor %xmm3,%xmm7
+.byte 102,68,15,58,15,213,8
+ xorl %ebp,%edx
+ addl 48(%rsp),%eax
+ andl %ebp,%edi
+ pxor %xmm0,%xmm7
+ andl %edx,%esi
+ rorl $7,%ecx
+ movdqa 48(%r11),%xmm9
+ paddd %xmm6,%xmm8
+ addl %edi,%eax
+ movl %ebx,%edi
+ pxor %xmm10,%xmm7
+ roll $5,%ebx
+ addl %esi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ movdqa %xmm7,%xmm10
+ movdqa %xmm8,32(%rsp)
+ movl %ecx,%esi
+ xorl %edx,%ecx
+ addl 52(%rsp),%ebp
+ andl %edx,%esi
+ pslld $2,%xmm7
+ andl %ecx,%edi
+ rorl $7,%ebx
+ psrld $30,%xmm10
+ addl %esi,%ebp
+ movl %eax,%esi
+ roll $5,%eax
+ addl %edi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ por %xmm10,%xmm7
+ movl %ebx,%edi
+ xorl %ecx,%ebx
+ movdqa %xmm7,%xmm8
+ addl 56(%rsp),%edx
+ andl %ecx,%edi
+ andl %ebx,%esi
+ rorl $7,%eax
+ addl %edi,%edx
+ movl %ebp,%edi
roll $5,%ebp
- xorl 48(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 4(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,16(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 20(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 28(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 52(%rsp),%eax
- xorl %esi,%ebx
+ addl %esi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movl %eax,%esi
+ xorl %ebx,%eax
+ addl 60(%rsp),%ecx
+ andl %ebx,%esi
+ andl %eax,%edi
+ rorl $7,%ebp
+ addl %esi,%ecx
+ movl %edx,%esi
+ roll $5,%edx
+ addl %edi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movl %ebp,%edi
+ pxor %xmm4,%xmm0
+.byte 102,68,15,58,15,198,8
+ xorl %eax,%ebp
+ addl 0(%rsp),%ebx
+ andl %eax,%edi
+ pxor %xmm1,%xmm0
+ andl %ebp,%esi
+ rorl $7,%edx
+ movdqa %xmm9,%xmm10
+ paddd %xmm7,%xmm9
+ addl %edi,%ebx
+ movl %ecx,%edi
+ pxor %xmm8,%xmm0
+ roll $5,%ecx
+ addl %esi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movdqa %xmm0,%xmm8
+ movdqa %xmm9,48(%rsp)
+ movl %edx,%esi
+ xorl %ebp,%edx
+ addl 4(%rsp),%eax
+ andl %ebp,%esi
+ pslld $2,%xmm0
+ andl %edx,%edi
+ rorl $7,%ecx
+ psrld $30,%xmm8
+ addl %esi,%eax
+ movl %ebx,%esi
+ roll $5,%ebx
+ addl %edi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ por %xmm8,%xmm0
+ movl %ecx,%edi
+ xorl %edx,%ecx
+ movdqa %xmm0,%xmm9
+ addl 8(%rsp),%ebp
+ andl %edx,%edi
+ andl %ecx,%esi
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 8(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,20(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 24(%rsp),%eax
- movl %r12d,%ebx
+ movl %eax,%edi
+ roll $5,%eax
+ addl %esi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movl %ebx,%esi
+ xorl %ecx,%ebx
+ addl 12(%rsp),%edx
+ andl %ecx,%esi
+ andl %ebx,%edi
+ rorl $7,%eax
+ addl %esi,%edx
movl %ebp,%esi
- xorl 32(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 56(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 12(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,24(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 28(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 36(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ addl %edi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movl %eax,%edi
+ pxor %xmm5,%xmm1
+.byte 102,68,15,58,15,207,8
+ xorl %ebx,%eax
+ addl 16(%rsp),%ecx
+ andl %ebx,%edi
+ pxor %xmm2,%xmm1
+ andl %eax,%esi
+ rorl $7,%ebp
+ movdqa %xmm10,%xmm8
+ paddd %xmm0,%xmm10
+ addl %edi,%ecx
+ movl %edx,%edi
+ pxor %xmm9,%xmm1
roll $5,%edx
- xorl 60(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 16(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- movl %eax,28(%rsp)
- leal -899497514(%rax,%r12,1),%edx
- movl 32(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 40(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 0(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 20(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- movl %eax,32(%rsp)
- leal -899497514(%rax,%r11,1),%r12d
- movl 36(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 44(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 4(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 24(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- movl %eax,36(%rsp)
- leal -899497514(%rax,%rbp,1),%r11d
- movl 40(%rsp),%eax
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl 48(%rsp),%eax
- xorl %edx,%ebx
+ addl %esi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ movdqa %xmm1,%xmm9
+ movdqa %xmm10,0(%rsp)
+ movl %ebp,%esi
+ xorl %eax,%ebp
+ addl 20(%rsp),%ebx
+ andl %eax,%esi
+ pslld $2,%xmm1
+ andl %ebp,%edi
+ rorl $7,%edx
+ psrld $30,%xmm9
+ addl %esi,%ebx
+ movl %ecx,%esi
+ roll $5,%ecx
+ addl %edi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ por %xmm9,%xmm1
+ movl %edx,%edi
+ xorl %ebp,%edx
+ movdqa %xmm1,%xmm10
+ addl 24(%rsp),%eax
+ andl %ebp,%edi
+ andl %edx,%esi
+ rorl $7,%ecx
+ addl %edi,%eax
+ movl %ebx,%edi
+ roll $5,%ebx
+ addl %esi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ movl %ecx,%esi
+ xorl %edx,%ecx
+ addl 28(%rsp),%ebp
+ andl %edx,%esi
+ andl %ecx,%edi
+ rorl $7,%ebx
+ addl %esi,%ebp
+ movl %eax,%esi
+ roll $5,%eax
+ addl %edi,%ebp
+ xorl %edx,%ecx
+ addl %eax,%ebp
+ movl %ebx,%edi
+ pxor %xmm6,%xmm2
+.byte 102,68,15,58,15,208,8
+ xorl %ecx,%ebx
+ addl 32(%rsp),%edx
+ andl %ecx,%edi
+ pxor %xmm3,%xmm2
+ andl %ebx,%esi
+ rorl $7,%eax
+ movdqa %xmm8,%xmm9
+ paddd %xmm1,%xmm8
+ addl %edi,%edx
+ movl %ebp,%edi
+ pxor %xmm10,%xmm2
roll $5,%ebp
- xorl 8(%rsp),%eax
- xorl %edi,%ebx
- addl %ebp,%r11d
- xorl 28(%rsp),%eax
- roll $30,%edx
- addl %ebx,%r11d
- roll $1,%eax
- movl %eax,40(%rsp)
- leal -899497514(%rax,%rdi,1),%ebp
- movl 44(%rsp),%eax
- movl %edx,%ebx
- movl %r11d,%edi
- xorl 52(%rsp),%eax
- xorl %r12d,%ebx
- roll $5,%edi
- xorl 12(%rsp),%eax
- xorl %esi,%ebx
+ addl %esi,%edx
+ xorl %ecx,%ebx
+ addl %ebp,%edx
+ movdqa %xmm2,%xmm10
+ movdqa %xmm8,16(%rsp)
+ movl %eax,%esi
+ xorl %ebx,%eax
+ addl 36(%rsp),%ecx
+ andl %ebx,%esi
+ pslld $2,%xmm2
+ andl %eax,%edi
+ rorl $7,%ebp
+ psrld $30,%xmm10
+ addl %esi,%ecx
+ movl %edx,%esi
+ roll $5,%edx
+ addl %edi,%ecx
+ xorl %ebx,%eax
+ addl %edx,%ecx
+ por %xmm10,%xmm2
+ movl %ebp,%edi
+ xorl %eax,%ebp
+ movdqa %xmm2,%xmm8
+ addl 40(%rsp),%ebx
+ andl %eax,%edi
+ andl %ebp,%esi
+ rorl $7,%edx
+ addl %edi,%ebx
+ movl %ecx,%edi
+ roll $5,%ecx
+ addl %esi,%ebx
+ xorl %eax,%ebp
+ addl %ecx,%ebx
+ movl %edx,%esi
+ xorl %ebp,%edx
+ addl 44(%rsp),%eax
+ andl %ebp,%esi
+ andl %edx,%edi
+ rorl $7,%ecx
+ addl %esi,%eax
+ movl %ebx,%esi
+ roll $5,%ebx
+ addl %edi,%eax
+ xorl %ebp,%edx
+ addl %ebx,%eax
+ addl 48(%rsp),%ebp
+ pxor %xmm7,%xmm3
+.byte 102,68,15,58,15,193,8
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ pxor %xmm4,%xmm3
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ movdqa %xmm9,%xmm10
+ paddd %xmm2,%xmm9
+ rorl $7,%ebx
+ addl %esi,%ebp
+ pxor %xmm8,%xmm3
+ addl 52(%rsp),%edx
+ xorl %ecx,%edi
+ movl %ebp,%esi
+ roll $5,%ebp
+ movdqa %xmm3,%xmm8
+ movdqa %xmm9,32(%rsp)
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ pslld $2,%xmm3
+ addl 56(%rsp),%ecx
+ xorl %ebx,%esi
+ psrld $30,%xmm8
+ movl %edx,%edi
+ roll $5,%edx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ por %xmm8,%xmm3
+ addl 60(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 0(%rsp),%eax
+ paddd %xmm3,%xmm10
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ movdqa %xmm10,48(%rsp)
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 4(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
addl %edi,%ebp
- xorl 32(%rsp),%eax
- roll $30,%r12d
- addl %ebx,%ebp
- roll $1,%eax
- movl %eax,44(%rsp)
- leal -899497514(%rax,%rsi,1),%edi
- movl 48(%rsp),%eax
- movl %r12d,%ebx
+ addl 8(%rsp),%edx
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 12(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ cmpq %r10,%r9
+ je L$done_ssse3
+ movdqa 64(%r11),%xmm6
+ movdqa 0(%r11),%xmm9
+ movdqu 0(%r9),%xmm0
+ movdqu 16(%r9),%xmm1
+ movdqu 32(%r9),%xmm2
+ movdqu 48(%r9),%xmm3
+.byte 102,15,56,0,198
+ addq $64,%r9
+ addl 16(%rsp),%ebx
+ xorl %eax,%esi
+.byte 102,15,56,0,206
+ movl %ecx,%edi
+ roll $5,%ecx
+ paddd %xmm9,%xmm0
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ movdqa %xmm0,0(%rsp)
+ addl 20(%rsp),%eax
+ xorl %ebp,%edi
+ psubd %xmm9,%xmm0
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 24(%rsp),%ebp
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ addl 28(%rsp),%edx
+ xorl %ecx,%edi
movl %ebp,%esi
- xorl 56(%rsp),%eax
- xorl %r11d,%ebx
- roll $5,%esi
- xorl 16(%rsp),%eax
- xorl %edx,%ebx
- addl %esi,%edi
- xorl 36(%rsp),%eax
- roll $30,%r11d
- addl %ebx,%edi
- roll $1,%eax
- movl %eax,48(%rsp)
- leal -899497514(%rax,%rdx,1),%esi
- movl 52(%rsp),%eax
- movl %r11d,%ebx
- movl %edi,%edx
- xorl 60(%rsp),%eax
- xorl %ebp,%ebx
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 32(%rsp),%ecx
+ xorl %ebx,%esi
+.byte 102,15,56,0,214
+ movl %edx,%edi
roll $5,%edx
- xorl 20(%rsp),%eax
- xorl %r12d,%ebx
- addl %edx,%esi
- xorl 40(%rsp),%eax
- roll $30,%ebp
- addl %ebx,%esi
- roll $1,%eax
- leal -899497514(%rax,%r12,1),%edx
- movl 56(%rsp),%eax
- movl %ebp,%ebx
- movl %esi,%r12d
- xorl 0(%rsp),%eax
- xorl %edi,%ebx
- roll $5,%r12d
- xorl 24(%rsp),%eax
- xorl %r11d,%ebx
- addl %r12d,%edx
- xorl 44(%rsp),%eax
- roll $30,%edi
- addl %ebx,%edx
- roll $1,%eax
- leal -899497514(%rax,%r11,1),%r12d
- movl 60(%rsp),%eax
- movl %edi,%ebx
- movl %edx,%r11d
- xorl 4(%rsp),%eax
- xorl %esi,%ebx
- roll $5,%r11d
- xorl 28(%rsp),%eax
- xorl %ebp,%ebx
- addl %r11d,%r12d
- xorl 48(%rsp),%eax
- roll $30,%esi
- addl %ebx,%r12d
- roll $1,%eax
- leal -899497514(%rax,%rbp,1),%r11d
- movl %esi,%ebx
- movl %r12d,%ebp
- xorl %edx,%ebx
+ paddd %xmm9,%xmm1
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ movdqa %xmm1,16(%rsp)
+ addl 36(%rsp),%ebx
+ xorl %eax,%edi
+ psubd %xmm9,%xmm1
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 40(%rsp),%eax
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 44(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 48(%rsp),%edx
+ xorl %ecx,%esi
+.byte 102,15,56,0,222
+ movl %ebp,%edi
roll $5,%ebp
- xorl %edi,%ebx
- addl %ebp,%r11d
- roll $30,%edx
- addl %ebx,%r11d
- addl 0(%r8),%r11d
- addl 4(%r8),%r12d
- addl 8(%r8),%edx
- addl 12(%r8),%esi
- addl 16(%r8),%edi
- movl %r11d,0(%r8)
- movl %r12d,4(%r8)
- movl %edx,8(%r8)
- movl %esi,12(%r8)
- movl %edi,16(%r8)
-
- xchgl %r11d,%edx
- xchgl %r12d,%esi
- xchgl %r11d,%edi
- xchgl %r12d,%ebp
+ paddd %xmm9,%xmm2
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ movdqa %xmm2,32(%rsp)
+ addl 52(%rsp),%ecx
+ xorl %ebx,%edi
+ psubd %xmm9,%xmm2
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 56(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 60(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 0(%r8),%eax
+ addl 4(%r8),%esi
+ addl 8(%r8),%ecx
+ addl 12(%r8),%edx
+ movl %eax,0(%r8)
+ addl 16(%r8),%ebp
+ movl %esi,4(%r8)
+ movl %esi,%ebx
+ movl %ecx,8(%r8)
+ movl %edx,12(%r8)
+ movl %ebp,16(%r8)
+ jmp L$oop_ssse3
- leaq 64(%r9),%r9
- subq $1,%r10
- jnz L$loop
- movq 64(%rsp),%rsi
- movq (%rsi),%r12
+.p2align 4
+L$done_ssse3:
+ addl 16(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 20(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 24(%rsp),%ebp
+ xorl %edx,%esi
+ movl %eax,%edi
+ roll $5,%eax
+ xorl %ecx,%esi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %esi,%ebp
+ addl 28(%rsp),%edx
+ xorl %ecx,%edi
+ movl %ebp,%esi
+ roll $5,%ebp
+ xorl %ebx,%edi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %edi,%edx
+ addl 32(%rsp),%ecx
+ xorl %ebx,%esi
+ movl %edx,%edi
+ roll $5,%edx
+ xorl %eax,%esi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %esi,%ecx
+ addl 36(%rsp),%ebx
+ xorl %eax,%edi
+ movl %ecx,%esi
+ roll $5,%ecx
+ xorl %ebp,%edi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %edi,%ebx
+ addl 40(%rsp),%eax
+ xorl %ebp,%esi
+ movl %ebx,%edi
+ roll $5,%ebx
+ xorl %edx,%esi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %esi,%eax
+ addl 44(%rsp),%ebp
+ xorl %edx,%edi
+ movl %eax,%esi
+ roll $5,%eax
+ xorl %ecx,%edi
+ addl %eax,%ebp
+ rorl $7,%ebx
+ addl %edi,%ebp
+ addl 48(%rsp),%edx
+ xorl %ecx,%esi
+ movl %ebp,%edi
+ roll $5,%ebp
+ xorl %ebx,%esi
+ addl %ebp,%edx
+ rorl $7,%eax
+ addl %esi,%edx
+ addl 52(%rsp),%ecx
+ xorl %ebx,%edi
+ movl %edx,%esi
+ roll $5,%edx
+ xorl %eax,%edi
+ addl %edx,%ecx
+ rorl $7,%ebp
+ addl %edi,%ecx
+ addl 56(%rsp),%ebx
+ xorl %eax,%esi
+ movl %ecx,%edi
+ roll $5,%ecx
+ xorl %ebp,%esi
+ addl %ecx,%ebx
+ rorl $7,%edx
+ addl %esi,%ebx
+ addl 60(%rsp),%eax
+ xorl %ebp,%edi
+ movl %ebx,%esi
+ roll $5,%ebx
+ xorl %edx,%edi
+ addl %ebx,%eax
+ rorl $7,%ecx
+ addl %edi,%eax
+ addl 0(%r8),%eax
+ addl 4(%r8),%esi
+ addl 8(%r8),%ecx
+ movl %eax,0(%r8)
+ addl 12(%r8),%edx
+ movl %esi,4(%r8)
+ addl 16(%r8),%ebp
+ movl %ecx,8(%r8)
+ movl %edx,12(%r8)
+ movl %ebp,16(%r8)
+ leaq 64(%rsp),%rsi
+ movq 0(%rsi),%r12
movq 8(%rsi),%rbp
movq 16(%rsi),%rbx
leaq 24(%rsi),%rsp
-L$epilogue:
+L$epilogue_ssse3:
.byte 0xf3,0xc3
+.p2align 6
+K_XX_XX:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999
+
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+
+.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+
.byte 83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
-.p2align 4
+.p2align 6
diff --git a/deps/openssl/asm/x64-macosx-gas/sha/sha512-x86_64.s b/deps/openssl/asm/x64-macosx-gas/sha/sha512-x86_64.s
index 73c499030..dda5a96e9 100644
--- a/deps/openssl/asm/x64-macosx-gas/sha/sha512-x86_64.s
+++ b/deps/openssl/asm/x64-macosx-gas/sha/sha512-x86_64.s
@@ -38,1880 +38,1688 @@ L$prologue:
L$loop:
xorq %rdi,%rdi
movl 0(%rsi),%r12d
- bswapl %r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %eax,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,0(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,0(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
+
movl 4(%rsi),%r12d
- bswapl %r12d
movl %edx,%r13d
- movl %edx,%r14d
+ movl %r11d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,4(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,4(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
+
movl 8(%rsi),%r12d
- bswapl %r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %r10d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,8(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,8(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
+
movl 12(%rsi),%r12d
- bswapl %r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %r9d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,12(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,12(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
+
movl 16(%rsi),%r12d
- bswapl %r12d
movl %eax,%r13d
- movl %eax,%r14d
+ movl %r8d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,16(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,16(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
+
movl 20(%rsi),%r12d
- bswapl %r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %edx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,20(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,20(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
+
movl 24(%rsi),%r12d
- bswapl %r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %ecx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,24(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,24(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
+
movl 28(%rsi),%r12d
- bswapl %r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %ebx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,28(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,28(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
movl 32(%rsi),%r12d
- bswapl %r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %eax,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,32(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,32(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
+
movl 36(%rsi),%r12d
- bswapl %r12d
movl %edx,%r13d
- movl %edx,%r14d
+ movl %r11d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,36(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,36(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
+
movl 40(%rsi),%r12d
- bswapl %r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %r10d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,40(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,40(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
+
movl 44(%rsi),%r12d
- bswapl %r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %r9d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,44(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,44(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
+
movl 48(%rsi),%r12d
- bswapl %r12d
movl %eax,%r13d
- movl %eax,%r14d
+ movl %r8d,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,48(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,48(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
+
movl 52(%rsi),%r12d
- bswapl %r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %edx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,52(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,52(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
+
movl 56(%rsi),%r12d
- bswapl %r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %ecx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,56(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,56(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
+
movl 60(%rsi),%r12d
- bswapl %r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %ebx,%r14d
+ bswapl %r12d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,60(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,60(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
jmp L$rounds_16_xx
.p2align 4
L$rounds_16_xx:
movl 4(%rsp),%r13d
- movl 56(%rsp),%r12d
-
- movl %r13d,%r15d
+ movl 56(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 36(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 36(%rsp),%r12d
+ xorl %r15d,%r14d
addl 0(%rsp),%r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ addl %r14d,%r12d
+ movl %eax,%r14d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,0(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,0(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
- movl 8(%rsp),%r13d
- movl 60(%rsp),%r12d
- movl %r13d,%r15d
+ movl 8(%rsp),%r13d
+ movl 60(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 40(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 40(%rsp),%r12d
+ xorl %r15d,%r14d
addl 4(%rsp),%r12d
movl %edx,%r13d
- movl %edx,%r14d
+ addl %r14d,%r12d
+ movl %r11d,%r14d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,4(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,4(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
- movl 12(%rsp),%r13d
- movl 0(%rsp),%r12d
- movl %r13d,%r15d
+ movl 12(%rsp),%r13d
+ movl 0(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 44(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 44(%rsp),%r12d
+ xorl %r15d,%r14d
addl 8(%rsp),%r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ addl %r14d,%r12d
+ movl %r10d,%r14d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,8(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,8(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
- movl 16(%rsp),%r13d
- movl 4(%rsp),%r12d
- movl %r13d,%r15d
+ movl 16(%rsp),%r13d
+ movl 4(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 48(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 48(%rsp),%r12d
+ xorl %r15d,%r14d
addl 12(%rsp),%r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ addl %r14d,%r12d
+ movl %r9d,%r14d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,12(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,12(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
- movl 20(%rsp),%r13d
- movl 8(%rsp),%r12d
- movl %r13d,%r15d
+ movl 20(%rsp),%r13d
+ movl 8(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 52(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 52(%rsp),%r12d
+ xorl %r15d,%r14d
addl 16(%rsp),%r12d
movl %eax,%r13d
- movl %eax,%r14d
+ addl %r14d,%r12d
+ movl %r8d,%r14d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,16(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,16(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
- movl 24(%rsp),%r13d
- movl 12(%rsp),%r12d
- movl %r13d,%r15d
+ movl 24(%rsp),%r13d
+ movl 12(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 56(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 56(%rsp),%r12d
+ xorl %r15d,%r14d
addl 20(%rsp),%r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ addl %r14d,%r12d
+ movl %edx,%r14d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,20(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,20(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
- movl 28(%rsp),%r13d
- movl 16(%rsp),%r12d
- movl %r13d,%r15d
+ movl 28(%rsp),%r13d
+ movl 16(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 60(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 60(%rsp),%r12d
+ xorl %r15d,%r14d
addl 24(%rsp),%r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ addl %r14d,%r12d
+ movl %ecx,%r14d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,24(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,24(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
- movl 32(%rsp),%r13d
- movl 20(%rsp),%r12d
- movl %r13d,%r15d
+ movl 32(%rsp),%r13d
+ movl 20(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 0(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 0(%rsp),%r12d
+ xorl %r15d,%r14d
addl 28(%rsp),%r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ addl %r14d,%r12d
+ movl %ebx,%r14d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,28(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,28(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
- movl 36(%rsp),%r13d
- movl 24(%rsp),%r12d
- movl %r13d,%r15d
+ movl 36(%rsp),%r13d
+ movl 24(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 4(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 4(%rsp),%r12d
+ xorl %r15d,%r14d
addl 32(%rsp),%r12d
movl %r8d,%r13d
- movl %r8d,%r14d
+ addl %r14d,%r12d
+ movl %eax,%r14d
+ rorl $14,%r13d
movl %r9d,%r15d
+ movl %r12d,32(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r11d,%r12d
+ xorl %eax,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r8d,%r15d
- movl %r12d,32(%rsp)
+ movl %ebx,%r11d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r8d,%r13d
xorl %r10d,%r15d
- addl %r11d,%r12d
-
- movl %eax,%r11d
- addl %r13d,%r12d
+ xorl %ecx,%r11d
+ xorl %eax,%r14d
addl %r15d,%r12d
- movl %eax,%r13d
- movl %eax,%r14d
+ movl %ebx,%r15d
- rorl $2,%r11d
- rorl $13,%r13d
- movl %eax,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %eax,%r11d
+ andl %ecx,%r15d
- xorl %r13d,%r11d
- rorl $9,%r13d
- orl %ecx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r11d
- xorl %r13d,%r11d
- andl %ecx,%r15d
addl %r12d,%edx
-
- andl %ebx,%r14d
addl %r12d,%r11d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r11d
- movl 40(%rsp),%r13d
- movl 28(%rsp),%r12d
- movl %r13d,%r15d
+ movl 40(%rsp),%r13d
+ movl 28(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 8(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 8(%rsp),%r12d
+ xorl %r15d,%r14d
addl 36(%rsp),%r12d
movl %edx,%r13d
- movl %edx,%r14d
+ addl %r14d,%r12d
+ movl %r11d,%r14d
+ rorl $14,%r13d
movl %r8d,%r15d
+ movl %r12d,36(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r10d,%r12d
+ xorl %r11d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %edx,%r15d
- movl %r12d,36(%rsp)
+ movl %eax,%r10d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %edx,%r13d
xorl %r9d,%r15d
- addl %r10d,%r12d
-
- movl %r11d,%r10d
- addl %r13d,%r12d
+ xorl %ebx,%r10d
+ xorl %r11d,%r14d
addl %r15d,%r12d
- movl %r11d,%r13d
- movl %r11d,%r14d
+ movl %eax,%r15d
- rorl $2,%r10d
- rorl $13,%r13d
- movl %r11d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r11d,%r10d
+ andl %ebx,%r15d
- xorl %r13d,%r10d
- rorl $9,%r13d
- orl %ebx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r10d
- xorl %r13d,%r10d
- andl %ebx,%r15d
addl %r12d,%ecx
-
- andl %eax,%r14d
addl %r12d,%r10d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r10d
- movl 44(%rsp),%r13d
- movl 32(%rsp),%r12d
- movl %r13d,%r15d
+ movl 44(%rsp),%r13d
+ movl 32(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 12(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 12(%rsp),%r12d
+ xorl %r15d,%r14d
addl 40(%rsp),%r12d
movl %ecx,%r13d
- movl %ecx,%r14d
+ addl %r14d,%r12d
+ movl %r10d,%r14d
+ rorl $14,%r13d
movl %edx,%r15d
+ movl %r12d,40(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r9d,%r12d
+ xorl %r10d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ecx,%r15d
- movl %r12d,40(%rsp)
+ movl %r11d,%r9d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ecx,%r13d
xorl %r8d,%r15d
- addl %r9d,%r12d
-
- movl %r10d,%r9d
- addl %r13d,%r12d
+ xorl %eax,%r9d
+ xorl %r10d,%r14d
addl %r15d,%r12d
- movl %r10d,%r13d
- movl %r10d,%r14d
+ movl %r11d,%r15d
- rorl $2,%r9d
- rorl $13,%r13d
- movl %r10d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r10d,%r9d
+ andl %eax,%r15d
- xorl %r13d,%r9d
- rorl $9,%r13d
- orl %eax,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r9d
- xorl %r13d,%r9d
- andl %eax,%r15d
addl %r12d,%ebx
-
- andl %r11d,%r14d
addl %r12d,%r9d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r9d
- movl 48(%rsp),%r13d
- movl 36(%rsp),%r12d
- movl %r13d,%r15d
+ movl 48(%rsp),%r13d
+ movl 36(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 16(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 16(%rsp),%r12d
+ xorl %r15d,%r14d
addl 44(%rsp),%r12d
movl %ebx,%r13d
- movl %ebx,%r14d
+ addl %r14d,%r12d
+ movl %r9d,%r14d
+ rorl $14,%r13d
movl %ecx,%r15d
+ movl %r12d,44(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %r8d,%r12d
+ xorl %r9d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %ebx,%r15d
- movl %r12d,44(%rsp)
+ movl %r10d,%r8d
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %ebx,%r13d
xorl %edx,%r15d
- addl %r8d,%r12d
-
- movl %r9d,%r8d
- addl %r13d,%r12d
+ xorl %r11d,%r8d
+ xorl %r9d,%r14d
addl %r15d,%r12d
- movl %r9d,%r13d
- movl %r9d,%r14d
+ movl %r10d,%r15d
- rorl $2,%r8d
- rorl $13,%r13d
- movl %r9d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r9d,%r8d
+ andl %r11d,%r15d
- xorl %r13d,%r8d
- rorl $9,%r13d
- orl %r11d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%r8d
- xorl %r13d,%r8d
- andl %r11d,%r15d
addl %r12d,%eax
-
- andl %r10d,%r14d
addl %r12d,%r8d
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%r8d
- movl 52(%rsp),%r13d
- movl 40(%rsp),%r12d
- movl %r13d,%r15d
+ movl 52(%rsp),%r13d
+ movl 40(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 20(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 20(%rsp),%r12d
+ xorl %r15d,%r14d
addl 48(%rsp),%r12d
movl %eax,%r13d
- movl %eax,%r14d
+ addl %r14d,%r12d
+ movl %r8d,%r14d
+ rorl $14,%r13d
movl %ebx,%r15d
+ movl %r12d,48(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %edx,%r12d
+ xorl %r8d,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %eax,%r15d
- movl %r12d,48(%rsp)
+ movl %r9d,%edx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %eax,%r13d
xorl %ecx,%r15d
- addl %edx,%r12d
-
- movl %r8d,%edx
- addl %r13d,%r12d
+ xorl %r10d,%edx
+ xorl %r8d,%r14d
addl %r15d,%r12d
- movl %r8d,%r13d
- movl %r8d,%r14d
+ movl %r9d,%r15d
- rorl $2,%edx
- rorl $13,%r13d
- movl %r8d,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %r8d,%edx
+ andl %r10d,%r15d
- xorl %r13d,%edx
- rorl $9,%r13d
- orl %r10d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%edx
- xorl %r13d,%edx
- andl %r10d,%r15d
addl %r12d,%r11d
-
- andl %r9d,%r14d
addl %r12d,%edx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%edx
- movl 56(%rsp),%r13d
- movl 44(%rsp),%r12d
- movl %r13d,%r15d
+ movl 56(%rsp),%r13d
+ movl 44(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 24(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 24(%rsp),%r12d
+ xorl %r15d,%r14d
addl 52(%rsp),%r12d
movl %r11d,%r13d
- movl %r11d,%r14d
+ addl %r14d,%r12d
+ movl %edx,%r14d
+ rorl $14,%r13d
movl %eax,%r15d
+ movl %r12d,52(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ecx,%r12d
+ xorl %edx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r11d,%r15d
- movl %r12d,52(%rsp)
+ movl %r8d,%ecx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r11d,%r13d
xorl %ebx,%r15d
- addl %ecx,%r12d
-
- movl %edx,%ecx
- addl %r13d,%r12d
+ xorl %r9d,%ecx
+ xorl %edx,%r14d
addl %r15d,%r12d
- movl %edx,%r13d
- movl %edx,%r14d
+ movl %r8d,%r15d
- rorl $2,%ecx
- rorl $13,%r13d
- movl %edx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %edx,%ecx
+ andl %r9d,%r15d
- xorl %r13d,%ecx
- rorl $9,%r13d
- orl %r9d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ecx
- xorl %r13d,%ecx
- andl %r9d,%r15d
addl %r12d,%r10d
-
- andl %r8d,%r14d
addl %r12d,%ecx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ecx
- movl 60(%rsp),%r13d
- movl 48(%rsp),%r12d
- movl %r13d,%r15d
+ movl 60(%rsp),%r13d
+ movl 48(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
- xorl %r15d,%r13d
- movl %r12d,%r14d
-
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 28(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 28(%rsp),%r12d
+ xorl %r15d,%r14d
addl 56(%rsp),%r12d
movl %r10d,%r13d
- movl %r10d,%r14d
+ addl %r14d,%r12d
+ movl %ecx,%r14d
+ rorl $14,%r13d
movl %r11d,%r15d
+ movl %r12d,56(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %ebx,%r12d
+ xorl %ecx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r10d,%r15d
- movl %r12d,56(%rsp)
+ movl %edx,%ebx
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r10d,%r13d
xorl %eax,%r15d
- addl %ebx,%r12d
-
- movl %ecx,%ebx
- addl %r13d,%r12d
+ xorl %r8d,%ebx
+ xorl %ecx,%r14d
addl %r15d,%r12d
- movl %ecx,%r13d
- movl %ecx,%r14d
+ movl %edx,%r15d
- rorl $2,%ebx
- rorl $13,%r13d
- movl %ecx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ecx,%ebx
+ andl %r8d,%r15d
- xorl %r13d,%ebx
- rorl $9,%r13d
- orl %r8d,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%ebx
- xorl %r13d,%ebx
- andl %r8d,%r15d
addl %r12d,%r9d
-
- andl %edx,%r14d
addl %r12d,%ebx
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%ebx
- movl 0(%rsp),%r13d
- movl 52(%rsp),%r12d
- movl %r13d,%r15d
+ movl 0(%rsp),%r13d
+ movl 52(%rsp),%r14d
+ movl %r13d,%r12d
+ movl %r14d,%r15d
+ rorl $11,%r12d
+ xorl %r13d,%r12d
shrl $3,%r13d
- rorl $7,%r15d
-
- xorl %r15d,%r13d
- rorl $11,%r15d
-
- xorl %r15d,%r13d
- movl %r12d,%r14d
- shrl $10,%r12d
- rorl $17,%r14d
-
- xorl %r14d,%r12d
- rorl $2,%r14d
+ rorl $7,%r12d
+ xorl %r12d,%r13d
+ movl 32(%rsp),%r12d
- xorl %r14d,%r12d
+ rorl $2,%r15d
+ xorl %r14d,%r15d
+ shrl $10,%r14d
+ rorl $17,%r15d
addl %r13d,%r12d
-
- addl 32(%rsp),%r12d
+ xorl %r15d,%r14d
addl 60(%rsp),%r12d
movl %r9d,%r13d
- movl %r9d,%r14d
+ addl %r14d,%r12d
+ movl %ebx,%r14d
+ rorl $14,%r13d
movl %r10d,%r15d
+ movl %r12d,60(%rsp)
- rorl $6,%r13d
- rorl $11,%r14d
+ rorl $9,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- xorl %r14d,%r13d
- rorl $14,%r14d
+ rorl $5,%r13d
+ addl %eax,%r12d
+ xorl %ebx,%r14d
+
+ addl (%rbp,%rdi,4),%r12d
andl %r9d,%r15d
- movl %r12d,60(%rsp)
+ movl %ecx,%eax
- xorl %r14d,%r13d
+ rorl $11,%r14d
+ xorl %r9d,%r13d
xorl %r11d,%r15d
- addl %eax,%r12d
-
- movl %ebx,%eax
- addl %r13d,%r12d
+ xorl %edx,%eax
+ xorl %ebx,%r14d
addl %r15d,%r12d
- movl %ebx,%r13d
- movl %ebx,%r14d
+ movl %ecx,%r15d
- rorl $2,%eax
- rorl $13,%r13d
- movl %ebx,%r15d
- addl (%rbp,%rdi,4),%r12d
+ rorl $6,%r13d
+ andl %ebx,%eax
+ andl %edx,%r15d
- xorl %r13d,%eax
- rorl $9,%r13d
- orl %edx,%r14d
+ rorl $2,%r14d
+ addl %r13d,%r12d
+ addl %r15d,%eax
- xorl %r13d,%eax
- andl %edx,%r15d
addl %r12d,%r8d
-
- andl %ecx,%r14d
addl %r12d,%eax
-
- orl %r15d,%r14d
leaq 1(%rdi),%rdi
-
addl %r14d,%eax
+
cmpq $64,%rdi
jb L$rounds_16_xx
diff --git a/deps/openssl/asm/x64-macosx-gas/x86_64cpuid.s b/deps/openssl/asm/x64-macosx-gas/x86_64cpuid.s
index a1670e38e..21e8a8fc2 100644
--- a/deps/openssl/asm/x64-macosx-gas/x86_64cpuid.s
+++ b/deps/openssl/asm/x64-macosx-gas/x86_64cpuid.s
@@ -1,8 +1,12 @@
+.private_extern _OPENSSL_cpuid_setup
.mod_init_func
.p2align 3
.quad _OPENSSL_cpuid_setup
+.private_extern _OPENSSL_ia32cap_P
+.comm _OPENSSL_ia32cap_P,8,2
+
.text
@@ -68,7 +72,15 @@ _OPENSSL_ia32_cpuid:
movl $2147483648,%eax
cpuid
- cmpl $2147483656,%eax
+ cmpl $2147483649,%eax
+ jb L$intel
+ movl %eax,%r10d
+ movl $2147483649,%eax
+ cpuid
+ orl %ecx,%r9d
+ andl $2049,%r9d
+
+ cmpl $2147483656,%r10d
jb L$intel
movl $2147483656,%eax
@@ -79,12 +91,12 @@ _OPENSSL_ia32_cpuid:
movl $1,%eax
cpuid
btl $28,%edx
- jnc L$done
+ jnc L$generic
shrl $16,%ebx
cmpb %r10b,%bl
- ja L$done
+ ja L$generic
andl $4026531839,%edx
- jmp L$done
+ jmp L$generic
L$intel:
cmpl $4,%r11d
@@ -101,30 +113,48 @@ L$intel:
L$nocacheinfo:
movl $1,%eax
cpuid
+ andl $3220176895,%edx
cmpl $0,%r9d
jne L$notintel
- orl $1048576,%edx
+ orl $1073741824,%edx
andb $15,%ah
cmpb $15,%ah
- je L$notintel
- orl $1073741824,%edx
+ jne L$notintel
+ orl $1048576,%edx
L$notintel:
btl $28,%edx
- jnc L$done
+ jnc L$generic
andl $4026531839,%edx
cmpl $0,%r10d
- je L$done
+ je L$generic
orl $268435456,%edx
shrl $16,%ebx
cmpb $1,%bl
- ja L$done
+ ja L$generic
andl $4026531839,%edx
+L$generic:
+ andl $2048,%r9d
+ andl $4294965247,%ecx
+ orl %ecx,%r9d
+
+ movl %edx,%r10d
+ btl $27,%r9d
+ jnc L$clear_avx
+ xorl %ecx,%ecx
+.byte 0x0f,0x01,0xd0
+
+ andl $6,%eax
+ cmpl $6,%eax
+ je L$done
+L$clear_avx:
+ movl $4026525695,%eax
+ andl %eax,%r9d
L$done:
- shlq $32,%rcx
- movl %edx,%eax
+ shlq $32,%r9
+ movl %r10d,%eax
movq %r8,%rbx
- orq %rcx,%rax
+ orq %r9,%rax
.byte 0xf3,0xc3
@@ -193,3 +223,16 @@ _OPENSSL_wipe_cpu:
leaq 8(%rsp),%rax
.byte 0xf3,0xc3
+.globl _OPENSSL_ia32_rdrand
+
+.p2align 4
+_OPENSSL_ia32_rdrand:
+ movl $8,%ecx
+L$oop_rdrand:
+.byte 72,15,199,240
+ jc L$break_rdrand
+ loop L$oop_rdrand
+L$break_rdrand:
+ cmpq $0,%rax
+ cmoveq %rcx,%rax
+ .byte 0xf3,0xc3
diff --git a/deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm b/deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm
index 2c590b94f..b9f6fd081 100644
--- a/deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm
@@ -333,6 +333,9 @@ _x86_64_AES_encrypt_compact ENDP
PUBLIC AES_encrypt
ALIGN 16
+PUBLIC asm_AES_encrypt
+
+asm_AES_encrypt::
AES_encrypt PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
@@ -792,6 +795,9 @@ _x86_64_AES_decrypt_compact ENDP
PUBLIC AES_decrypt
ALIGN 16
+PUBLIC asm_AES_decrypt
+
+asm_AES_decrypt::
AES_decrypt PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
@@ -867,14 +873,14 @@ $L$dec_epilogue::
DB 0F3h,0C3h ;repret
$L$SEH_end_AES_decrypt::
AES_decrypt ENDP
-PUBLIC AES_set_encrypt_key
+PUBLIC private_AES_set_encrypt_key
ALIGN 16
-AES_set_encrypt_key PROC PUBLIC
+private_AES_set_encrypt_key PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
mov rax,rsp
-$L$SEH_begin_AES_set_encrypt_key::
+$L$SEH_begin_private_AES_set_encrypt_key::
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
@@ -902,8 +908,8 @@ $L$enc_key_epilogue::
mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
mov rsi,QWORD PTR[16+rsp]
DB 0F3h,0C3h ;repret
-$L$SEH_end_AES_set_encrypt_key::
-AES_set_encrypt_key ENDP
+$L$SEH_end_private_AES_set_encrypt_key::
+private_AES_set_encrypt_key ENDP
ALIGN 16
@@ -1145,14 +1151,14 @@ $L$exit::
DB 0f3h,0c3h
_x86_64_AES_set_encrypt_key ENDP
-PUBLIC AES_set_decrypt_key
+PUBLIC private_AES_set_decrypt_key
ALIGN 16
-AES_set_decrypt_key PROC PUBLIC
+private_AES_set_decrypt_key PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
mov rax,rsp
-$L$SEH_begin_AES_set_decrypt_key::
+$L$SEH_begin_private_AES_set_decrypt_key::
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
@@ -1342,12 +1348,15 @@ $L$dec_key_epilogue::
mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
mov rsi,QWORD PTR[16+rsp]
DB 0F3h,0C3h ;repret
-$L$SEH_end_AES_set_decrypt_key::
-AES_set_decrypt_key ENDP
+$L$SEH_end_private_AES_set_decrypt_key::
+private_AES_set_decrypt_key ENDP
PUBLIC AES_cbc_encrypt
ALIGN 16
EXTERN OPENSSL_ia32cap_P:NEAR
+PUBLIC asm_AES_cbc_encrypt
+
+asm_AES_cbc_encrypt::
AES_cbc_encrypt PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
@@ -2842,13 +2851,13 @@ ALIGN 4
DD imagerel $L$SEH_end_AES_decrypt
DD imagerel $L$SEH_info_AES_decrypt
- DD imagerel $L$SEH_begin_AES_set_encrypt_key
- DD imagerel $L$SEH_end_AES_set_encrypt_key
- DD imagerel $L$SEH_info_AES_set_encrypt_key
+ DD imagerel $L$SEH_begin_private_AES_set_encrypt_key
+ DD imagerel $L$SEH_end_private_AES_set_encrypt_key
+ DD imagerel $L$SEH_info_private_AES_set_encrypt_key
- DD imagerel $L$SEH_begin_AES_set_decrypt_key
- DD imagerel $L$SEH_end_AES_set_decrypt_key
- DD imagerel $L$SEH_info_AES_set_decrypt_key
+ DD imagerel $L$SEH_begin_private_AES_set_decrypt_key
+ DD imagerel $L$SEH_end_private_AES_set_decrypt_key
+ DD imagerel $L$SEH_info_private_AES_set_decrypt_key
DD imagerel $L$SEH_begin_AES_cbc_encrypt
DD imagerel $L$SEH_end_AES_cbc_encrypt
@@ -2867,12 +2876,12 @@ DB 9,0,0,0
DD imagerel block_se_handler
DD imagerel $L$dec_prologue,imagerel $L$dec_epilogue
-$L$SEH_info_AES_set_encrypt_key::
+$L$SEH_info_private_AES_set_encrypt_key::
DB 9,0,0,0
DD imagerel key_se_handler
DD imagerel $L$enc_key_prologue,imagerel $L$enc_key_epilogue
-$L$SEH_info_AES_set_decrypt_key::
+$L$SEH_info_private_AES_set_decrypt_key::
DB 9,0,0,0
DD imagerel key_se_handler
DD imagerel $L$dec_key_prologue,imagerel $L$dec_key_epilogue
diff --git a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm
index 9e54d8895..f4518aa3b 100644
--- a/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm
+++ b/deps/openssl/asm/x64-win32-masm/bn/x86_64-mont.asm
@@ -17,6 +17,16 @@ $L$SEH_begin_bn_mul_mont::
mov r9,QWORD PTR[48+rsp]
+ test r9d,3
+ jnz $L$mul_enter
+ cmp r9d,8
+ jb $L$mul_enter
+ cmp rdx,rsi
+ jne $L$mul4x_enter
+ jmp $L$sqr4x_enter
+
+ALIGN 16
+$L$mul_enter::
push rbx
push rbp
push r12
@@ -32,48 +42,63 @@ $L$SEH_begin_bn_mul_mont::
and rsp,-1024
mov QWORD PTR[8+r9*8+rsp],r11
-$L$prologue::
+$L$mul_body::
mov r12,rdx
-
mov r8,QWORD PTR[r8]
+ mov rbx,QWORD PTR[r12]
+ mov rax,QWORD PTR[rsi]
xor r14,r14
xor r15,r15
- mov rbx,QWORD PTR[r12]
- mov rax,QWORD PTR[rsi]
+ mov rbp,r8
mul rbx
mov r10,rax
- mov r11,rdx
+ mov rax,QWORD PTR[rcx]
- imul rax,r8
- mov rbp,rax
+ imul rbp,r10
+ mov r11,rdx
- mul QWORD PTR[rcx]
- add rax,r10
+ mul rbp
+ add r10,rax
+ mov rax,QWORD PTR[8+rsi]
adc rdx,0
mov r13,rdx
lea r15,QWORD PTR[1+r15]
+ jmp $L$1st_enter
+
+ALIGN 16
$L$1st::
+ add r13,rax
mov rax,QWORD PTR[r15*8+rsi]
- mul rbx
- add rax,r11
adc rdx,0
- mov r10,rax
+ add r13,r11
+ mov r11,r10
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],r13
+ mov r13,rdx
+
+$L$1st_enter::
+ mul rbx
+ add r11,rax
mov rax,QWORD PTR[r15*8+rcx]
- mov r11,rdx
+ adc rdx,0
+ lea r15,QWORD PTR[1+r15]
+ mov r10,rdx
mul rbp
- add rax,r13
- lea r15,QWORD PTR[1+r15]
+ cmp r15,r9
+ jne $L$1st
+
+ add r13,rax
+ mov rax,QWORD PTR[rsi]
adc rdx,0
- add rax,r10
+ add r13,r11
adc rdx,0
- mov QWORD PTR[((-16))+r15*8+rsp],rax
- cmp r15,r9
+ mov QWORD PTR[((-16))+r15*8+rsp],r13
mov r13,rdx
- jl $L$1st
+ mov r11,r10
xor rdx,rdx
add r13,r11
@@ -82,50 +107,64 @@ $L$1st::
mov QWORD PTR[r9*8+rsp],rdx
lea r14,QWORD PTR[1+r14]
-ALIGN 4
+ jmp $L$outer
+ALIGN 16
$L$outer::
- xor r15,r15
-
mov rbx,QWORD PTR[r14*8+r12]
- mov rax,QWORD PTR[rsi]
+ xor r15,r15
+ mov rbp,r8
+ mov r10,QWORD PTR[rsp]
mul rbx
- add rax,QWORD PTR[rsp]
+ add r10,rax
+ mov rax,QWORD PTR[rcx]
adc rdx,0
- mov r10,rax
- mov r11,rdx
- imul rax,r8
- mov rbp,rax
+ imul rbp,r10
+ mov r11,rdx
- mul QWORD PTR[r15*8+rcx]
- add rax,r10
- mov r10,QWORD PTR[8+rsp]
+ mul rbp
+ add r10,rax
+ mov rax,QWORD PTR[8+rsi]
adc rdx,0
+ mov r10,QWORD PTR[8+rsp]
mov r13,rdx
lea r15,QWORD PTR[1+r15]
-ALIGN 4
+ jmp $L$inner_enter
+
+ALIGN 16
$L$inner::
+ add r13,rax
mov rax,QWORD PTR[r15*8+rsi]
- mul rbx
- add rax,r11
adc rdx,0
- add r10,rax
+ add r13,r10
+ mov r10,QWORD PTR[r15*8+rsp]
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],r13
+ mov r13,rdx
+
+$L$inner_enter::
+ mul rbx
+ add r11,rax
mov rax,QWORD PTR[r15*8+rcx]
adc rdx,0
+ add r10,r11
mov r11,rdx
+ adc r11,0
+ lea r15,QWORD PTR[1+r15]
mul rbp
- add rax,r13
- lea r15,QWORD PTR[1+r15]
- adc rdx,0
- add rax,r10
+ cmp r15,r9
+ jne $L$inner
+
+ add r13,rax
+ mov rax,QWORD PTR[rsi]
adc rdx,0
+ add r13,r10
mov r10,QWORD PTR[r15*8+rsp]
- cmp r15,r9
- mov QWORD PTR[((-16))+r15*8+rsp],rax
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],r13
mov r13,rdx
- jl $L$inner
xor rdx,rdx
add r13,r11
@@ -139,34 +178,35 @@ $L$inner::
cmp r14,r9
jl $L$outer
- lea rsi,QWORD PTR[rsp]
- lea r15,QWORD PTR[((-1))+r9]
-
- mov rax,QWORD PTR[rsi]
xor r14,r14
+ mov rax,QWORD PTR[rsp]
+ lea rsi,QWORD PTR[rsp]
+ mov r15,r9
jmp $L$sub
ALIGN 16
$L$sub:: sbb rax,QWORD PTR[r14*8+rcx]
mov QWORD PTR[r14*8+rdi],rax
- dec r15
mov rax,QWORD PTR[8+r14*8+rsi]
lea r14,QWORD PTR[1+r14]
- jge $L$sub
+ dec r15
+ jnz $L$sub
sbb rax,0
+ xor r14,r14
and rsi,rax
not rax
mov rcx,rdi
and rcx,rax
- lea r15,QWORD PTR[((-1))+r9]
+ mov r15,r9
or rsi,rcx
ALIGN 16
$L$copy::
- mov rax,QWORD PTR[r15*8+rsi]
- mov QWORD PTR[r15*8+rdi],rax
- mov QWORD PTR[r15*8+rsp],r14
- dec r15
- jge $L$copy
+ mov rax,QWORD PTR[r14*8+rsi]
+ mov QWORD PTR[r14*8+rsp],r14
+ mov QWORD PTR[r14*8+rdi],rax
+ lea r14,QWORD PTR[1+r14]
+ sub r15,1
+ jnz $L$copy
mov rsi,QWORD PTR[8+r9*8+rsp]
mov rax,1
@@ -177,12 +217,1205 @@ $L$copy::
mov rbp,QWORD PTR[32+rsi]
mov rbx,QWORD PTR[40+rsi]
lea rsp,QWORD PTR[48+rsi]
-$L$epilogue::
+$L$mul_epilogue::
mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
mov rsi,QWORD PTR[16+rsp]
DB 0F3h,0C3h ;repret
$L$SEH_end_bn_mul_mont::
bn_mul_mont ENDP
+
+ALIGN 16
+bn_mul4x_mont PROC PRIVATE
+ mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
+ mov QWORD PTR[16+rsp],rsi
+ mov rax,rsp
+$L$SEH_begin_bn_mul4x_mont::
+ mov rdi,rcx
+ mov rsi,rdx
+ mov rdx,r8
+ mov rcx,r9
+ mov r8,QWORD PTR[40+rsp]
+ mov r9,QWORD PTR[48+rsp]
+
+
+$L$mul4x_enter::
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+
+ mov r9d,r9d
+ lea r10,QWORD PTR[4+r9]
+ mov r11,rsp
+ neg r10
+ lea rsp,QWORD PTR[r10*8+rsp]
+ and rsp,-1024
+
+ mov QWORD PTR[8+r9*8+rsp],r11
+$L$mul4x_body::
+ mov QWORD PTR[16+r9*8+rsp],rdi
+ mov r12,rdx
+ mov r8,QWORD PTR[r8]
+ mov rbx,QWORD PTR[r12]
+ mov rax,QWORD PTR[rsi]
+
+ xor r14,r14
+ xor r15,r15
+
+ mov rbp,r8
+ mul rbx
+ mov r10,rax
+ mov rax,QWORD PTR[rcx]
+
+ imul rbp,r10
+ mov r11,rdx
+
+ mul rbp
+ add r10,rax
+ mov rax,QWORD PTR[8+rsi]
+ adc rdx,0
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[8+rcx]
+ adc rdx,0
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[16+rsi]
+ adc rdx,0
+ add rdi,r11
+ lea r15,QWORD PTR[4+r15]
+ adc rdx,0
+ mov QWORD PTR[rsp],rdi
+ mov r13,rdx
+ jmp $L$1st4x
+ALIGN 16
+$L$1st4x::
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rcx]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-24))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rcx]
+ adc rdx,0
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[r15*8+rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],rdi
+ mov r13,rdx
+
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[r15*8+rcx]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[8+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-8))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[8+r15*8+rcx]
+ adc rdx,0
+ lea r15,QWORD PTR[4+r15]
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-32))+r15*8+rsp],rdi
+ mov r13,rdx
+ cmp r15,r9
+ jl $L$1st4x
+
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rcx]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-24))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rcx]
+ adc rdx,0
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],rdi
+ mov r13,rdx
+
+ xor rdi,rdi
+ add r13,r10
+ adc rdi,0
+ mov QWORD PTR[((-8))+r15*8+rsp],r13
+ mov QWORD PTR[r15*8+rsp],rdi
+
+ lea r14,QWORD PTR[1+r14]
+ALIGN 4
+$L$outer4x::
+ mov rbx,QWORD PTR[r14*8+r12]
+ xor r15,r15
+ mov r10,QWORD PTR[rsp]
+ mov rbp,r8
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[rcx]
+ adc rdx,0
+
+ imul rbp,r10
+ mov r11,rdx
+
+ mul rbp
+ add r10,rax
+ mov rax,QWORD PTR[8+rsi]
+ adc rdx,0
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[8+rcx]
+ adc rdx,0
+ add r11,QWORD PTR[8+rsp]
+ adc rdx,0
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[16+rsi]
+ adc rdx,0
+ add rdi,r11
+ lea r15,QWORD PTR[4+r15]
+ adc rdx,0
+ mov QWORD PTR[rsp],rdi
+ mov r13,rdx
+ jmp $L$inner4x
+ALIGN 16
+$L$inner4x::
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rcx]
+ adc rdx,0
+ add r10,QWORD PTR[((-16))+r15*8+rsp]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-24))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rcx]
+ adc rdx,0
+ add r11,QWORD PTR[((-8))+r15*8+rsp]
+ adc rdx,0
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[r15*8+rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],rdi
+ mov r13,rdx
+
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[r15*8+rcx]
+ adc rdx,0
+ add r10,QWORD PTR[r15*8+rsp]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[8+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-8))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[8+r15*8+rcx]
+ adc rdx,0
+ add r11,QWORD PTR[8+r15*8+rsp]
+ adc rdx,0
+ lea r15,QWORD PTR[4+r15]
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-32))+r15*8+rsp],rdi
+ mov r13,rdx
+ cmp r15,r9
+ jl $L$inner4x
+
+ mul rbx
+ add r10,rax
+ mov rax,QWORD PTR[((-16))+r15*8+rcx]
+ adc rdx,0
+ add r10,QWORD PTR[((-16))+r15*8+rsp]
+ adc rdx,0
+ mov r11,rdx
+
+ mul rbp
+ add r13,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rsi]
+ adc rdx,0
+ add r13,r10
+ adc rdx,0
+ mov QWORD PTR[((-24))+r15*8+rsp],r13
+ mov rdi,rdx
+
+ mul rbx
+ add r11,rax
+ mov rax,QWORD PTR[((-8))+r15*8+rcx]
+ adc rdx,0
+ add r11,QWORD PTR[((-8))+r15*8+rsp]
+ adc rdx,0
+ lea r14,QWORD PTR[1+r14]
+ mov r10,rdx
+
+ mul rbp
+ add rdi,rax
+ mov rax,QWORD PTR[rsi]
+ adc rdx,0
+ add rdi,r11
+ adc rdx,0
+ mov QWORD PTR[((-16))+r15*8+rsp],rdi
+ mov r13,rdx
+
+ xor rdi,rdi
+ add r13,r10
+ adc rdi,0
+ add r13,QWORD PTR[r9*8+rsp]
+ adc rdi,0
+ mov QWORD PTR[((-8))+r15*8+rsp],r13
+ mov QWORD PTR[r15*8+rsp],rdi
+
+ cmp r14,r9
+ jl $L$outer4x
+ mov rdi,QWORD PTR[16+r9*8+rsp]
+ mov rax,QWORD PTR[rsp]
+ pxor xmm0,xmm0
+ mov rdx,QWORD PTR[8+rsp]
+ shr r9,2
+ lea rsi,QWORD PTR[rsp]
+ xor r14,r14
+
+ sub rax,QWORD PTR[rcx]
+ mov rbx,QWORD PTR[16+rsi]
+ mov rbp,QWORD PTR[24+rsi]
+ sbb rdx,QWORD PTR[8+rcx]
+ lea r15,QWORD PTR[((-1))+r9]
+ jmp $L$sub4x
+ALIGN 16
+$L$sub4x::
+ mov QWORD PTR[r14*8+rdi],rax
+ mov QWORD PTR[8+r14*8+rdi],rdx
+ sbb rbx,QWORD PTR[16+r14*8+rcx]
+ mov rax,QWORD PTR[32+r14*8+rsi]
+ mov rdx,QWORD PTR[40+r14*8+rsi]
+ sbb rbp,QWORD PTR[24+r14*8+rcx]
+ mov QWORD PTR[16+r14*8+rdi],rbx
+ mov QWORD PTR[24+r14*8+rdi],rbp
+ sbb rax,QWORD PTR[32+r14*8+rcx]
+ mov rbx,QWORD PTR[48+r14*8+rsi]
+ mov rbp,QWORD PTR[56+r14*8+rsi]
+ sbb rdx,QWORD PTR[40+r14*8+rcx]
+ lea r14,QWORD PTR[4+r14]
+ dec r15
+ jnz $L$sub4x
+
+ mov QWORD PTR[r14*8+rdi],rax
+ mov rax,QWORD PTR[32+r14*8+rsi]
+ sbb rbx,QWORD PTR[16+r14*8+rcx]
+ mov QWORD PTR[8+r14*8+rdi],rdx
+ sbb rbp,QWORD PTR[24+r14*8+rcx]
+ mov QWORD PTR[16+r14*8+rdi],rbx
+
+ sbb rax,0
+ mov QWORD PTR[24+r14*8+rdi],rbp
+ xor r14,r14
+ and rsi,rax
+ not rax
+ mov rcx,rdi
+ and rcx,rax
+ lea r15,QWORD PTR[((-1))+r9]
+ or rsi,rcx
+
+ movdqu xmm1,XMMWORD PTR[rsi]
+ movdqa XMMWORD PTR[rsp],xmm0
+ movdqu XMMWORD PTR[rdi],xmm1
+ jmp $L$copy4x
+ALIGN 16
+$L$copy4x::
+ movdqu xmm2,XMMWORD PTR[16+r14*1+rsi]
+ movdqu xmm1,XMMWORD PTR[32+r14*1+rsi]
+ movdqa XMMWORD PTR[16+r14*1+rsp],xmm0
+ movdqu XMMWORD PTR[16+r14*1+rdi],xmm2
+ movdqa XMMWORD PTR[32+r14*1+rsp],xmm0
+ movdqu XMMWORD PTR[32+r14*1+rdi],xmm1
+ lea r14,QWORD PTR[32+r14]
+ dec r15
+ jnz $L$copy4x
+
+ shl r9,2
+ movdqu xmm2,XMMWORD PTR[16+r14*1+rsi]
+ movdqa XMMWORD PTR[16+r14*1+rsp],xmm0
+ movdqu XMMWORD PTR[16+r14*1+rdi],xmm2
+ mov rsi,QWORD PTR[8+r9*8+rsp]
+ mov rax,1
+ mov r15,QWORD PTR[rsi]
+ mov r14,QWORD PTR[8+rsi]
+ mov r13,QWORD PTR[16+rsi]
+ mov r12,QWORD PTR[24+rsi]
+ mov rbp,QWORD PTR[32+rsi]
+ mov rbx,QWORD PTR[40+rsi]
+ lea rsp,QWORD PTR[48+rsi]
+$L$mul4x_epilogue::
+ mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
+ mov rsi,QWORD PTR[16+rsp]
+ DB 0F3h,0C3h ;repret
+$L$SEH_end_bn_mul4x_mont::
+bn_mul4x_mont ENDP
+
+ALIGN 16
+bn_sqr4x_mont PROC PRIVATE
+ mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
+ mov QWORD PTR[16+rsp],rsi
+ mov rax,rsp
+$L$SEH_begin_bn_sqr4x_mont::
+ mov rdi,rcx
+ mov rsi,rdx
+ mov rdx,r8
+ mov rcx,r9
+ mov r8,QWORD PTR[40+rsp]
+ mov r9,QWORD PTR[48+rsp]
+
+
+$L$sqr4x_enter::
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+
+ shl r9d,3
+ xor r10,r10
+ mov r11,rsp
+ sub r10,r9
+ mov r8,QWORD PTR[r8]
+ lea rsp,QWORD PTR[((-72))+r10*2+rsp]
+ and rsp,-1024
+
+
+
+
+
+
+
+
+
+
+
+ mov QWORD PTR[32+rsp],rdi
+ mov QWORD PTR[40+rsp],rcx
+ mov QWORD PTR[48+rsp],r8
+ mov QWORD PTR[56+rsp],r11
+$L$sqr4x_body::
+
+
+
+
+
+
+
+ lea rbp,QWORD PTR[32+r10]
+ lea rsi,QWORD PTR[r9*1+rsi]
+
+ mov rcx,r9
+
+
+ mov r14,QWORD PTR[((-32))+rbp*1+rsi]
+ lea rdi,QWORD PTR[64+r9*2+rsp]
+ mov rax,QWORD PTR[((-24))+rbp*1+rsi]
+ lea rdi,QWORD PTR[((-32))+rbp*1+rdi]
+ mov rbx,QWORD PTR[((-16))+rbp*1+rsi]
+ mov r15,rax
+
+ mul r14
+ mov r10,rax
+ mov rax,rbx
+ mov r11,rdx
+ mov QWORD PTR[((-24))+rbp*1+rdi],r10
+
+ xor r10,r10
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[((-16))+rbp*1+rdi],r11
+
+ lea rcx,QWORD PTR[((-16))+rbp]
+
+
+ mov rbx,QWORD PTR[8+rcx*1+rsi]
+ mul r15
+ mov r12,rax
+ mov rax,rbx
+ mov r13,rdx
+
+ xor r11,r11
+ add r10,r12
+ lea rcx,QWORD PTR[16+rcx]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-8))+rcx*1+rdi],r10
+ jmp $L$sqr4x_1st
+
+ALIGN 16
+$L$sqr4x_1st::
+ mov rbx,QWORD PTR[rcx*1+rsi]
+ xor r12,r12
+ mul r15
+ add r13,rax
+ mov rax,rbx
+ adc r12,rdx
+
+ xor r10,r10
+ add r11,r13
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[rcx*1+rdi],r11
+
+
+ mov rbx,QWORD PTR[8+rcx*1+rsi]
+ xor r13,r13
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+
+ xor r11,r11
+ add r10,r12
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[8+rcx*1+rdi],r10
+
+ mov rbx,QWORD PTR[16+rcx*1+rsi]
+ xor r12,r12
+ mul r15
+ add r13,rax
+ mov rax,rbx
+ adc r12,rdx
+
+ xor r10,r10
+ add r11,r13
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[16+rcx*1+rdi],r11
+
+
+ mov rbx,QWORD PTR[24+rcx*1+rsi]
+ xor r13,r13
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+
+ xor r11,r11
+ add r10,r12
+ lea rcx,QWORD PTR[32+rcx]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-8))+rcx*1+rdi],r10
+
+ cmp rcx,0
+ jne $L$sqr4x_1st
+
+ xor r12,r12
+ add r13,r11
+ adc r12,0
+ mul r15
+ add r13,rax
+ adc r12,rdx
+
+ mov QWORD PTR[rdi],r13
+ lea rbp,QWORD PTR[16+rbp]
+ mov QWORD PTR[8+rdi],r12
+ jmp $L$sqr4x_outer
+
+ALIGN 16
+$L$sqr4x_outer::
+ mov r14,QWORD PTR[((-32))+rbp*1+rsi]
+ lea rdi,QWORD PTR[64+r9*2+rsp]
+ mov rax,QWORD PTR[((-24))+rbp*1+rsi]
+ lea rdi,QWORD PTR[((-32))+rbp*1+rdi]
+ mov rbx,QWORD PTR[((-16))+rbp*1+rsi]
+ mov r15,rax
+
+ mov r10,QWORD PTR[((-24))+rbp*1+rdi]
+ xor r11,r11
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-24))+rbp*1+rdi],r10
+
+ xor r10,r10
+ add r11,QWORD PTR[((-16))+rbp*1+rdi]
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[((-16))+rbp*1+rdi],r11
+
+ lea rcx,QWORD PTR[((-16))+rbp]
+ xor r12,r12
+
+
+ mov rbx,QWORD PTR[8+rcx*1+rsi]
+ xor r13,r13
+ add r12,QWORD PTR[8+rcx*1+rdi]
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+
+ xor r11,r11
+ add r10,r12
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[8+rcx*1+rdi],r10
+
+ lea rcx,QWORD PTR[16+rcx]
+ jmp $L$sqr4x_inner
+
+ALIGN 16
+$L$sqr4x_inner::
+ mov rbx,QWORD PTR[rcx*1+rsi]
+ xor r12,r12
+ add r13,QWORD PTR[rcx*1+rdi]
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,rbx
+ adc r12,rdx
+
+ xor r10,r10
+ add r11,r13
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[rcx*1+rdi],r11
+
+ mov rbx,QWORD PTR[8+rcx*1+rsi]
+ xor r13,r13
+ add r12,QWORD PTR[8+rcx*1+rdi]
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+
+ xor r11,r11
+ add r10,r12
+ lea rcx,QWORD PTR[16+rcx]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-8))+rcx*1+rdi],r10
+
+ cmp rcx,0
+ jne $L$sqr4x_inner
+
+ xor r12,r12
+ add r13,r11
+ adc r12,0
+ mul r15
+ add r13,rax
+ adc r12,rdx
+
+ mov QWORD PTR[rdi],r13
+ mov QWORD PTR[8+rdi],r12
+
+ add rbp,16
+ jnz $L$sqr4x_outer
+
+
+ mov r14,QWORD PTR[((-32))+rsi]
+ lea rdi,QWORD PTR[64+r9*2+rsp]
+ mov rax,QWORD PTR[((-24))+rsi]
+ lea rdi,QWORD PTR[((-32))+rbp*1+rdi]
+ mov rbx,QWORD PTR[((-16))+rsi]
+ mov r15,rax
+
+ xor r11,r11
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-24))+rdi],r10
+
+ xor r10,r10
+ add r11,r13
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ mov QWORD PTR[((-16))+rdi],r11
+
+ mov rbx,QWORD PTR[((-8))+rsi]
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc rdx,0
+
+ xor r11,r11
+ add r10,r12
+ mov r13,rdx
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,rbx
+ adc r11,rdx
+ mov QWORD PTR[((-8))+rdi],r10
+
+ xor r12,r12
+ add r13,r11
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,QWORD PTR[((-16))+rsi]
+ adc r12,rdx
+
+ mov QWORD PTR[rdi],r13
+ mov QWORD PTR[8+rdi],r12
+
+ mul rbx
+ add rbp,16
+ xor r14,r14
+ sub rbp,r9
+ xor r15,r15
+
+ add rax,r12
+ adc rdx,0
+ mov QWORD PTR[8+rdi],rax
+ mov QWORD PTR[16+rdi],rdx
+ mov QWORD PTR[24+rdi],r15
+
+ mov rax,QWORD PTR[((-16))+rbp*1+rsi]
+ lea rdi,QWORD PTR[64+r9*2+rsp]
+ xor r10,r10
+ mov r11,QWORD PTR[((-24))+rbp*2+rdi]
+
+ lea r12,QWORD PTR[r10*2+r14]
+ shr r10,63
+ lea r13,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r13,r10
+ mov r10,QWORD PTR[((-16))+rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[((-8))+rbp*2+rdi]
+ adc r12,rax
+ mov rax,QWORD PTR[((-8))+rbp*1+rsi]
+ mov QWORD PTR[((-32))+rbp*2+rdi],r12
+ adc r13,rdx
+
+ lea rbx,QWORD PTR[r10*2+r14]
+ mov QWORD PTR[((-24))+rbp*2+rdi],r13
+ sbb r15,r15
+ shr r10,63
+ lea r8,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r8,r10
+ mov r10,QWORD PTR[rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[8+rbp*2+rdi]
+ adc rbx,rax
+ mov rax,QWORD PTR[rbp*1+rsi]
+ mov QWORD PTR[((-16))+rbp*2+rdi],rbx
+ adc r8,rdx
+ lea rbp,QWORD PTR[16+rbp]
+ mov QWORD PTR[((-40))+rbp*2+rdi],r8
+ sbb r15,r15
+ jmp $L$sqr4x_shift_n_add
+
+ALIGN 16
+$L$sqr4x_shift_n_add::
+ lea r12,QWORD PTR[r10*2+r14]
+ shr r10,63
+ lea r13,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r13,r10
+ mov r10,QWORD PTR[((-16))+rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[((-8))+rbp*2+rdi]
+ adc r12,rax
+ mov rax,QWORD PTR[((-8))+rbp*1+rsi]
+ mov QWORD PTR[((-32))+rbp*2+rdi],r12
+ adc r13,rdx
+
+ lea rbx,QWORD PTR[r10*2+r14]
+ mov QWORD PTR[((-24))+rbp*2+rdi],r13
+ sbb r15,r15
+ shr r10,63
+ lea r8,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r8,r10
+ mov r10,QWORD PTR[rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[8+rbp*2+rdi]
+ adc rbx,rax
+ mov rax,QWORD PTR[rbp*1+rsi]
+ mov QWORD PTR[((-16))+rbp*2+rdi],rbx
+ adc r8,rdx
+
+ lea r12,QWORD PTR[r10*2+r14]
+ mov QWORD PTR[((-8))+rbp*2+rdi],r8
+ sbb r15,r15
+ shr r10,63
+ lea r13,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r13,r10
+ mov r10,QWORD PTR[16+rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[24+rbp*2+rdi]
+ adc r12,rax
+ mov rax,QWORD PTR[8+rbp*1+rsi]
+ mov QWORD PTR[rbp*2+rdi],r12
+ adc r13,rdx
+
+ lea rbx,QWORD PTR[r10*2+r14]
+ mov QWORD PTR[8+rbp*2+rdi],r13
+ sbb r15,r15
+ shr r10,63
+ lea r8,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r8,r10
+ mov r10,QWORD PTR[32+rbp*2+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[40+rbp*2+rdi]
+ adc rbx,rax
+ mov rax,QWORD PTR[16+rbp*1+rsi]
+ mov QWORD PTR[16+rbp*2+rdi],rbx
+ adc r8,rdx
+ mov QWORD PTR[24+rbp*2+rdi],r8
+ sbb r15,r15
+ add rbp,32
+ jnz $L$sqr4x_shift_n_add
+
+ lea r12,QWORD PTR[r10*2+r14]
+ shr r10,63
+ lea r13,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r13,r10
+ mov r10,QWORD PTR[((-16))+rdi]
+ mov r14,r11
+ mul rax
+ neg r15
+ mov r11,QWORD PTR[((-8))+rdi]
+ adc r12,rax
+ mov rax,QWORD PTR[((-8))+rsi]
+ mov QWORD PTR[((-32))+rdi],r12
+ adc r13,rdx
+
+ lea rbx,QWORD PTR[r10*2+r14]
+ mov QWORD PTR[((-24))+rdi],r13
+ sbb r15,r15
+ shr r10,63
+ lea r8,QWORD PTR[r11*2+rcx]
+ shr r11,63
+ or r8,r10
+ mul rax
+ neg r15
+ adc rbx,rax
+ adc r8,rdx
+ mov QWORD PTR[((-16))+rdi],rbx
+ mov QWORD PTR[((-8))+rdi],r8
+ mov rsi,QWORD PTR[40+rsp]
+ mov r8,QWORD PTR[48+rsp]
+ xor rcx,rcx
+ mov QWORD PTR[rsp],r9
+ sub rcx,r9
+ mov r10,QWORD PTR[64+rsp]
+ mov r14,r8
+ lea rax,QWORD PTR[64+r9*2+rsp]
+ lea rdi,QWORD PTR[64+r9*1+rsp]
+ mov QWORD PTR[8+rsp],rax
+ lea rsi,QWORD PTR[r9*1+rsi]
+ xor rbp,rbp
+
+ mov rax,QWORD PTR[rcx*1+rsi]
+ mov r9,QWORD PTR[8+rcx*1+rsi]
+ imul r14,r10
+ mov rbx,rax
+ jmp $L$sqr4x_mont_outer
+
+ALIGN 16
+$L$sqr4x_mont_outer::
+ xor r11,r11
+ mul r14
+ add r10,rax
+ mov rax,r9
+ adc r11,rdx
+ mov r15,r8
+
+ xor r10,r10
+ add r11,QWORD PTR[8+rcx*1+rdi]
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+
+ imul r15,r11
+
+ mov rbx,QWORD PTR[16+rcx*1+rsi]
+ xor r13,r13
+ add r12,r11
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+ mov QWORD PTR[8+rcx*1+rdi],r12
+
+ xor r11,r11
+ add r10,QWORD PTR[16+rcx*1+rdi]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,r9
+ adc r11,rdx
+
+ mov r9,QWORD PTR[24+rcx*1+rsi]
+ xor r12,r12
+ add r13,r10
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,r9
+ adc r12,rdx
+ mov QWORD PTR[16+rcx*1+rdi],r13
+
+ xor r10,r10
+ add r11,QWORD PTR[24+rcx*1+rdi]
+ lea rcx,QWORD PTR[32+rcx]
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ jmp $L$sqr4x_mont_inner
+
+ALIGN 16
+$L$sqr4x_mont_inner::
+ mov rbx,QWORD PTR[rcx*1+rsi]
+ xor r13,r13
+ add r12,r11
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+ mov QWORD PTR[((-8))+rcx*1+rdi],r12
+
+ xor r11,r11
+ add r10,QWORD PTR[rcx*1+rdi]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,r9
+ adc r11,rdx
+
+ mov r9,QWORD PTR[8+rcx*1+rsi]
+ xor r12,r12
+ add r13,r10
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,r9
+ adc r12,rdx
+ mov QWORD PTR[rcx*1+rdi],r13
+
+ xor r10,r10
+ add r11,QWORD PTR[8+rcx*1+rdi]
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+
+
+ mov rbx,QWORD PTR[16+rcx*1+rsi]
+ xor r13,r13
+ add r12,r11
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,rbx
+ adc r13,rdx
+ mov QWORD PTR[8+rcx*1+rdi],r12
+
+ xor r11,r11
+ add r10,QWORD PTR[16+rcx*1+rdi]
+ adc r11,0
+ mul r14
+ add r10,rax
+ mov rax,r9
+ adc r11,rdx
+
+ mov r9,QWORD PTR[24+rcx*1+rsi]
+ xor r12,r12
+ add r13,r10
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,r9
+ adc r12,rdx
+ mov QWORD PTR[16+rcx*1+rdi],r13
+
+ xor r10,r10
+ add r11,QWORD PTR[24+rcx*1+rdi]
+ lea rcx,QWORD PTR[32+rcx]
+ adc r10,0
+ mul r14
+ add r11,rax
+ mov rax,rbx
+ adc r10,rdx
+ cmp rcx,0
+ jne $L$sqr4x_mont_inner
+
+ sub rcx,QWORD PTR[rsp]
+ mov r14,r8
+
+ xor r13,r13
+ add r12,r11
+ adc r13,0
+ mul r15
+ add r12,rax
+ mov rax,r9
+ adc r13,rdx
+ mov QWORD PTR[((-8))+rdi],r12
+
+ xor r11,r11
+ add r10,QWORD PTR[rdi]
+ adc r11,0
+ mov rbx,QWORD PTR[rcx*1+rsi]
+ add r10,rbp
+ adc r11,0
+
+ imul r14,QWORD PTR[16+rcx*1+rdi]
+ xor r12,r12
+ mov r9,QWORD PTR[8+rcx*1+rsi]
+ add r13,r10
+ mov r10,QWORD PTR[16+rcx*1+rdi]
+ adc r12,0
+ mul r15
+ add r13,rax
+ mov rax,rbx
+ adc r12,rdx
+ mov QWORD PTR[rdi],r13
+
+ xor rbp,rbp
+ add r12,QWORD PTR[8+rdi]
+ adc rbp,rbp
+ add r12,r11
+ lea rdi,QWORD PTR[16+rdi]
+ adc rbp,0
+ mov QWORD PTR[((-8))+rdi],r12
+ cmp rdi,QWORD PTR[8+rsp]
+ jb $L$sqr4x_mont_outer
+
+ mov r9,QWORD PTR[rsp]
+ mov QWORD PTR[rdi],rbp
+ mov rax,QWORD PTR[64+r9*1+rsp]
+ lea rbx,QWORD PTR[64+r9*1+rsp]
+ mov rsi,QWORD PTR[40+rsp]
+ shr r9,5
+ mov rdx,QWORD PTR[8+rbx]
+ xor rbp,rbp
+
+ mov rdi,QWORD PTR[32+rsp]
+ sub rax,QWORD PTR[rsi]
+ mov r10,QWORD PTR[16+rbx]
+ mov r11,QWORD PTR[24+rbx]
+ sbb rdx,QWORD PTR[8+rsi]
+ lea rcx,QWORD PTR[((-1))+r9]
+ jmp $L$sqr4x_sub
+ALIGN 16
+$L$sqr4x_sub::
+ mov QWORD PTR[rbp*8+rdi],rax
+ mov QWORD PTR[8+rbp*8+rdi],rdx
+ sbb r10,QWORD PTR[16+rbp*8+rsi]
+ mov rax,QWORD PTR[32+rbp*8+rbx]
+ mov rdx,QWORD PTR[40+rbp*8+rbx]
+ sbb r11,QWORD PTR[24+rbp*8+rsi]
+ mov QWORD PTR[16+rbp*8+rdi],r10
+ mov QWORD PTR[24+rbp*8+rdi],r11
+ sbb rax,QWORD PTR[32+rbp*8+rsi]
+ mov r10,QWORD PTR[48+rbp*8+rbx]
+ mov r11,QWORD PTR[56+rbp*8+rbx]
+ sbb rdx,QWORD PTR[40+rbp*8+rsi]
+ lea rbp,QWORD PTR[4+rbp]
+ dec rcx
+ jnz $L$sqr4x_sub
+
+ mov QWORD PTR[rbp*8+rdi],rax
+ mov rax,QWORD PTR[32+rbp*8+rbx]
+ sbb r10,QWORD PTR[16+rbp*8+rsi]
+ mov QWORD PTR[8+rbp*8+rdi],rdx
+ sbb r11,QWORD PTR[24+rbp*8+rsi]
+ mov QWORD PTR[16+rbp*8+rdi],r10
+
+ sbb rax,0
+ mov QWORD PTR[24+rbp*8+rdi],r11
+ xor rbp,rbp
+ and rbx,rax
+ not rax
+ mov rsi,rdi
+ and rsi,rax
+ lea rcx,QWORD PTR[((-1))+r9]
+ or rbx,rsi
+
+ pxor xmm0,xmm0
+ lea rsi,QWORD PTR[64+r9*8+rsp]
+ movdqu xmm1,XMMWORD PTR[rbx]
+ lea rsi,QWORD PTR[r9*8+rsi]
+ movdqa XMMWORD PTR[64+rsp],xmm0
+ movdqa XMMWORD PTR[rsi],xmm0
+ movdqu XMMWORD PTR[rdi],xmm1
+ jmp $L$sqr4x_copy
+ALIGN 16
+$L$sqr4x_copy::
+ movdqu xmm2,XMMWORD PTR[16+rbp*1+rbx]
+ movdqu xmm1,XMMWORD PTR[32+rbp*1+rbx]
+ movdqa XMMWORD PTR[80+rbp*1+rsp],xmm0
+ movdqa XMMWORD PTR[96+rbp*1+rsp],xmm0
+ movdqa XMMWORD PTR[16+rbp*1+rsi],xmm0
+ movdqa XMMWORD PTR[32+rbp*1+rsi],xmm0
+ movdqu XMMWORD PTR[16+rbp*1+rdi],xmm2
+ movdqu XMMWORD PTR[32+rbp*1+rdi],xmm1
+ lea rbp,QWORD PTR[32+rbp]
+ dec rcx
+ jnz $L$sqr4x_copy
+
+ movdqu xmm2,XMMWORD PTR[16+rbp*1+rbx]
+ movdqa XMMWORD PTR[80+rbp*1+rsp],xmm0
+ movdqa XMMWORD PTR[16+rbp*1+rsi],xmm0
+ movdqu XMMWORD PTR[16+rbp*1+rdi],xmm2
+ mov rsi,QWORD PTR[56+rsp]
+ mov rax,1
+ mov r15,QWORD PTR[rsi]
+ mov r14,QWORD PTR[8+rsi]
+ mov r13,QWORD PTR[16+rsi]
+ mov r12,QWORD PTR[24+rsi]
+ mov rbp,QWORD PTR[32+rsi]
+ mov rbx,QWORD PTR[40+rsi]
+ lea rsp,QWORD PTR[48+rsi]
+$L$sqr4x_epilogue::
+ mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
+ mov rsi,QWORD PTR[16+rsp]
+ DB 0F3h,0C3h ;repret
+$L$SEH_end_bn_sqr4x_mont::
+bn_sqr4x_mont ENDP
DB 77,111,110,116,103,111,109,101,114,121,32,77,117,108,116,105
DB 112,108,105,99,97,116,105,111,110,32,102,111,114,32,120,56
DB 54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83
@@ -192,7 +1425,7 @@ ALIGN 16
EXTERN __imp_RtlVirtualUnwind:NEAR
ALIGN 16
-se_handler PROC PRIVATE
+mul_handler PROC PRIVATE
push rsi
push rdi
push rbx
@@ -207,15 +1440,20 @@ se_handler PROC PRIVATE
mov rax,QWORD PTR[120+r8]
mov rbx,QWORD PTR[248+r8]
- lea r10,QWORD PTR[$L$prologue]
+ mov rsi,QWORD PTR[8+r9]
+ mov r11,QWORD PTR[56+r9]
+
+ mov r10d,DWORD PTR[r11]
+ lea r10,QWORD PTR[r10*1+rsi]
cmp rbx,r10
- jb $L$in_prologue
+ jb $L$common_seh_tail
mov rax,QWORD PTR[152+r8]
- lea r10,QWORD PTR[$L$epilogue]
+ mov r10d,DWORD PTR[4+r11]
+ lea r10,QWORD PTR[r10*1+rsi]
cmp rbx,r10
- jae $L$in_prologue
+ jae $L$common_seh_tail
mov r10,QWORD PTR[192+r8]
mov rax,QWORD PTR[8+r10*8+rax]
@@ -234,7 +1472,53 @@ se_handler PROC PRIVATE
mov QWORD PTR[232+r8],r14
mov QWORD PTR[240+r8],r15
-$L$in_prologue::
+ jmp $L$common_seh_tail
+mul_handler ENDP
+
+
+ALIGN 16
+sqr_handler PROC PRIVATE
+ push rsi
+ push rdi
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+ pushfq
+ sub rsp,64
+
+ mov rax,QWORD PTR[120+r8]
+ mov rbx,QWORD PTR[248+r8]
+
+ lea r10,QWORD PTR[$L$sqr4x_body]
+ cmp rbx,r10
+ jb $L$common_seh_tail
+
+ mov rax,QWORD PTR[152+r8]
+
+ lea r10,QWORD PTR[$L$sqr4x_epilogue]
+ cmp rbx,r10
+ jae $L$common_seh_tail
+
+ mov rax,QWORD PTR[56+rax]
+ lea rax,QWORD PTR[48+rax]
+
+ mov rbx,QWORD PTR[((-8))+rax]
+ mov rbp,QWORD PTR[((-16))+rax]
+ mov r12,QWORD PTR[((-24))+rax]
+ mov r13,QWORD PTR[((-32))+rax]
+ mov r14,QWORD PTR[((-40))+rax]
+ mov r15,QWORD PTR[((-48))+rax]
+ mov QWORD PTR[144+r8],rbx
+ mov QWORD PTR[160+r8],rbp
+ mov QWORD PTR[216+r8],r12
+ mov QWORD PTR[224+r8],r13
+ mov QWORD PTR[232+r8],r14
+ mov QWORD PTR[240+r8],r15
+
+$L$common_seh_tail::
mov rdi,QWORD PTR[8+rax]
mov rsi,QWORD PTR[16+rax]
mov QWORD PTR[152+r8],rax
@@ -273,7 +1557,7 @@ $L$in_prologue::
pop rdi
pop rsi
DB 0F3h,0C3h ;repret
-se_handler ENDP
+sqr_handler ENDP
.text$ ENDS
.pdata SEGMENT READONLY ALIGN(4)
@@ -282,12 +1566,30 @@ ALIGN 4
DD imagerel $L$SEH_end_bn_mul_mont
DD imagerel $L$SEH_info_bn_mul_mont
+ DD imagerel $L$SEH_begin_bn_mul4x_mont
+ DD imagerel $L$SEH_end_bn_mul4x_mont
+ DD imagerel $L$SEH_info_bn_mul4x_mont
+
+ DD imagerel $L$SEH_begin_bn_sqr4x_mont
+ DD imagerel $L$SEH_end_bn_sqr4x_mont
+ DD imagerel $L$SEH_info_bn_sqr4x_mont
+
.pdata ENDS
.xdata SEGMENT READONLY ALIGN(8)
ALIGN 8
$L$SEH_info_bn_mul_mont::
DB 9,0,0,0
- DD imagerel se_handler
+ DD imagerel mul_handler
+ DD imagerel $L$mul_body,imagerel $L$mul_epilogue
+
+$L$SEH_info_bn_mul4x_mont::
+DB 9,0,0,0
+ DD imagerel mul_handler
+ DD imagerel $L$mul4x_body,imagerel $L$mul4x_epilogue
+
+$L$SEH_info_bn_sqr4x_mont::
+DB 9,0,0,0
+ DD imagerel sqr_handler
.xdata ENDS
END
diff --git a/deps/openssl/asm/x64-win32-masm/camellia/cmll-x86_64.asm b/deps/openssl/asm/x64-win32-masm/camellia/cmll-x86_64.asm
index a5913da92..0ea789b6a 100644
--- a/deps/openssl/asm/x64-win32-masm/camellia/cmll-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/camellia/cmll-x86_64.asm
@@ -250,7 +250,7 @@ $L$eloop::
xor r8d,ecx
xor r9d,ecx
xor r9d,edx
- lea r14,QWORD PTR[((16*4))+r14]
+ lea r14,QWORD PTR[64+r14]
cmp r14,r15
mov edx,DWORD PTR[8+r14]
mov ecx,DWORD PTR[12+r14]
@@ -533,7 +533,7 @@ $L$dloop::
xor r8d,ecx
xor r9d,ecx
xor r9d,edx
- lea r14,QWORD PTR[((-16*4))+r14]
+ lea r14,QWORD PTR[((-64))+r14]
cmp r14,r15
mov edx,DWORD PTR[r14]
mov ecx,DWORD PTR[4+r14]
diff --git a/deps/openssl/asm/x64-win32-masm/md5/md5-x86_64.asm b/deps/openssl/asm/x64-win32-masm/md5/md5-x86_64.asm
index 34305c687..8ddad41c8 100644
--- a/deps/openssl/asm/x64-win32-masm/md5/md5-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/md5/md5-x86_64.asm
@@ -27,10 +27,10 @@ $L$prologue::
mov rbp,rdi
shl rdx,6
lea rdi,QWORD PTR[rdx*1+rsi]
- mov eax,DWORD PTR[((0*4))+rbp]
- mov ebx,DWORD PTR[((1*4))+rbp]
- mov ecx,DWORD PTR[((2*4))+rbp]
- mov edx,DWORD PTR[((3*4))+rbp]
+ mov eax,DWORD PTR[rbp]
+ mov ebx,DWORD PTR[4+rbp]
+ mov ecx,DWORD PTR[8+rbp]
+ mov edx,DWORD PTR[12+rbp]
@@ -48,160 +48,160 @@ $L$loop::
mov r9d,ebx
mov r14d,ecx
mov r15d,edx
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
mov r11d,edx
xor r11d,ecx
- lea eax,DWORD PTR[0d76aa478h+r10*1+rax]
+ lea eax,DWORD PTR[((-680876936))+r10*1+rax]
and r11d,ebx
xor r11d,edx
- mov r10d,DWORD PTR[((1*4))+rsi]
+ mov r10d,DWORD PTR[4+rsi]
add eax,r11d
rol eax,7
mov r11d,ecx
add eax,ebx
xor r11d,ebx
- lea edx,DWORD PTR[0e8c7b756h+r10*1+rdx]
+ lea edx,DWORD PTR[((-389564586))+r10*1+rdx]
and r11d,eax
xor r11d,ecx
- mov r10d,DWORD PTR[((2*4))+rsi]
+ mov r10d,DWORD PTR[8+rsi]
add edx,r11d
rol edx,12
mov r11d,ebx
add edx,eax
xor r11d,eax
- lea ecx,DWORD PTR[0242070dbh+r10*1+rcx]
+ lea ecx,DWORD PTR[606105819+r10*1+rcx]
and r11d,edx
xor r11d,ebx
- mov r10d,DWORD PTR[((3*4))+rsi]
+ mov r10d,DWORD PTR[12+rsi]
add ecx,r11d
rol ecx,17
mov r11d,eax
add ecx,edx
xor r11d,edx
- lea ebx,DWORD PTR[0c1bdceeeh+r10*1+rbx]
+ lea ebx,DWORD PTR[((-1044525330))+r10*1+rbx]
and r11d,ecx
xor r11d,eax
- mov r10d,DWORD PTR[((4*4))+rsi]
+ mov r10d,DWORD PTR[16+rsi]
add ebx,r11d
rol ebx,22
mov r11d,edx
add ebx,ecx
xor r11d,ecx
- lea eax,DWORD PTR[0f57c0fafh+r10*1+rax]
+ lea eax,DWORD PTR[((-176418897))+r10*1+rax]
and r11d,ebx
xor r11d,edx
- mov r10d,DWORD PTR[((5*4))+rsi]
+ mov r10d,DWORD PTR[20+rsi]
add eax,r11d
rol eax,7
mov r11d,ecx
add eax,ebx
xor r11d,ebx
- lea edx,DWORD PTR[04787c62ah+r10*1+rdx]
+ lea edx,DWORD PTR[1200080426+r10*1+rdx]
and r11d,eax
xor r11d,ecx
- mov r10d,DWORD PTR[((6*4))+rsi]
+ mov r10d,DWORD PTR[24+rsi]
add edx,r11d
rol edx,12
mov r11d,ebx
add edx,eax
xor r11d,eax
- lea ecx,DWORD PTR[0a8304613h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-1473231341))+r10*1+rcx]
and r11d,edx
xor r11d,ebx
- mov r10d,DWORD PTR[((7*4))+rsi]
+ mov r10d,DWORD PTR[28+rsi]
add ecx,r11d
rol ecx,17
mov r11d,eax
add ecx,edx
xor r11d,edx
- lea ebx,DWORD PTR[0fd469501h+r10*1+rbx]
+ lea ebx,DWORD PTR[((-45705983))+r10*1+rbx]
and r11d,ecx
xor r11d,eax
- mov r10d,DWORD PTR[((8*4))+rsi]
+ mov r10d,DWORD PTR[32+rsi]
add ebx,r11d
rol ebx,22
mov r11d,edx
add ebx,ecx
xor r11d,ecx
- lea eax,DWORD PTR[0698098d8h+r10*1+rax]
+ lea eax,DWORD PTR[1770035416+r10*1+rax]
and r11d,ebx
xor r11d,edx
- mov r10d,DWORD PTR[((9*4))+rsi]
+ mov r10d,DWORD PTR[36+rsi]
add eax,r11d
rol eax,7
mov r11d,ecx
add eax,ebx
xor r11d,ebx
- lea edx,DWORD PTR[08b44f7afh+r10*1+rdx]
+ lea edx,DWORD PTR[((-1958414417))+r10*1+rdx]
and r11d,eax
xor r11d,ecx
- mov r10d,DWORD PTR[((10*4))+rsi]
+ mov r10d,DWORD PTR[40+rsi]
add edx,r11d
rol edx,12
mov r11d,ebx
add edx,eax
xor r11d,eax
- lea ecx,DWORD PTR[0ffff5bb1h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-42063))+r10*1+rcx]
and r11d,edx
xor r11d,ebx
- mov r10d,DWORD PTR[((11*4))+rsi]
+ mov r10d,DWORD PTR[44+rsi]
add ecx,r11d
rol ecx,17
mov r11d,eax
add ecx,edx
xor r11d,edx
- lea ebx,DWORD PTR[0895cd7beh+r10*1+rbx]
+ lea ebx,DWORD PTR[((-1990404162))+r10*1+rbx]
and r11d,ecx
xor r11d,eax
- mov r10d,DWORD PTR[((12*4))+rsi]
+ mov r10d,DWORD PTR[48+rsi]
add ebx,r11d
rol ebx,22
mov r11d,edx
add ebx,ecx
xor r11d,ecx
- lea eax,DWORD PTR[06b901122h+r10*1+rax]
+ lea eax,DWORD PTR[1804603682+r10*1+rax]
and r11d,ebx
xor r11d,edx
- mov r10d,DWORD PTR[((13*4))+rsi]
+ mov r10d,DWORD PTR[52+rsi]
add eax,r11d
rol eax,7
mov r11d,ecx
add eax,ebx
xor r11d,ebx
- lea edx,DWORD PTR[0fd987193h+r10*1+rdx]
+ lea edx,DWORD PTR[((-40341101))+r10*1+rdx]
and r11d,eax
xor r11d,ecx
- mov r10d,DWORD PTR[((14*4))+rsi]
+ mov r10d,DWORD PTR[56+rsi]
add edx,r11d
rol edx,12
mov r11d,ebx
add edx,eax
xor r11d,eax
- lea ecx,DWORD PTR[0a679438eh+r10*1+rcx]
+ lea ecx,DWORD PTR[((-1502002290))+r10*1+rcx]
and r11d,edx
xor r11d,ebx
- mov r10d,DWORD PTR[((15*4))+rsi]
+ mov r10d,DWORD PTR[60+rsi]
add ecx,r11d
rol ecx,17
mov r11d,eax
add ecx,edx
xor r11d,edx
- lea ebx,DWORD PTR[049b40821h+r10*1+rbx]
+ lea ebx,DWORD PTR[1236535329+r10*1+rbx]
and r11d,ecx
xor r11d,eax
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
add ebx,r11d
rol ebx,22
mov r11d,edx
add ebx,ecx
- mov r10d,DWORD PTR[((1*4))+rsi]
+ mov r10d,DWORD PTR[4+rsi]
mov r11d,edx
mov r12d,edx
not r11d
- lea eax,DWORD PTR[0f61e2562h+r10*1+rax]
+ lea eax,DWORD PTR[((-165796510))+r10*1+rax]
and r12d,ebx
and r11d,ecx
- mov r10d,DWORD PTR[((6*4))+rsi]
+ mov r10d,DWORD PTR[24+rsi]
or r12d,r11d
mov r11d,ecx
add eax,r12d
@@ -209,10 +209,10 @@ $L$loop::
rol eax,5
add eax,ebx
not r11d
- lea edx,DWORD PTR[0c040b340h+r10*1+rdx]
+ lea edx,DWORD PTR[((-1069501632))+r10*1+rdx]
and r12d,eax
and r11d,ebx
- mov r10d,DWORD PTR[((11*4))+rsi]
+ mov r10d,DWORD PTR[44+rsi]
or r12d,r11d
mov r11d,ebx
add edx,r12d
@@ -220,10 +220,10 @@ $L$loop::
rol edx,9
add edx,eax
not r11d
- lea ecx,DWORD PTR[0265e5a51h+r10*1+rcx]
+ lea ecx,DWORD PTR[643717713+r10*1+rcx]
and r12d,edx
and r11d,eax
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
or r12d,r11d
mov r11d,eax
add ecx,r12d
@@ -231,10 +231,10 @@ $L$loop::
rol ecx,14
add ecx,edx
not r11d
- lea ebx,DWORD PTR[0e9b6c7aah+r10*1+rbx]
+ lea ebx,DWORD PTR[((-373897302))+r10*1+rbx]
and r12d,ecx
and r11d,edx
- mov r10d,DWORD PTR[((5*4))+rsi]
+ mov r10d,DWORD PTR[20+rsi]
or r12d,r11d
mov r11d,edx
add ebx,r12d
@@ -242,10 +242,10 @@ $L$loop::
rol ebx,20
add ebx,ecx
not r11d
- lea eax,DWORD PTR[0d62f105dh+r10*1+rax]
+ lea eax,DWORD PTR[((-701558691))+r10*1+rax]
and r12d,ebx
and r11d,ecx
- mov r10d,DWORD PTR[((10*4))+rsi]
+ mov r10d,DWORD PTR[40+rsi]
or r12d,r11d
mov r11d,ecx
add eax,r12d
@@ -253,10 +253,10 @@ $L$loop::
rol eax,5
add eax,ebx
not r11d
- lea edx,DWORD PTR[02441453h+r10*1+rdx]
+ lea edx,DWORD PTR[38016083+r10*1+rdx]
and r12d,eax
and r11d,ebx
- mov r10d,DWORD PTR[((15*4))+rsi]
+ mov r10d,DWORD PTR[60+rsi]
or r12d,r11d
mov r11d,ebx
add edx,r12d
@@ -264,10 +264,10 @@ $L$loop::
rol edx,9
add edx,eax
not r11d
- lea ecx,DWORD PTR[0d8a1e681h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-660478335))+r10*1+rcx]
and r12d,edx
and r11d,eax
- mov r10d,DWORD PTR[((4*4))+rsi]
+ mov r10d,DWORD PTR[16+rsi]
or r12d,r11d
mov r11d,eax
add ecx,r12d
@@ -275,10 +275,10 @@ $L$loop::
rol ecx,14
add ecx,edx
not r11d
- lea ebx,DWORD PTR[0e7d3fbc8h+r10*1+rbx]
+ lea ebx,DWORD PTR[((-405537848))+r10*1+rbx]
and r12d,ecx
and r11d,edx
- mov r10d,DWORD PTR[((9*4))+rsi]
+ mov r10d,DWORD PTR[36+rsi]
or r12d,r11d
mov r11d,edx
add ebx,r12d
@@ -286,10 +286,10 @@ $L$loop::
rol ebx,20
add ebx,ecx
not r11d
- lea eax,DWORD PTR[021e1cde6h+r10*1+rax]
+ lea eax,DWORD PTR[568446438+r10*1+rax]
and r12d,ebx
and r11d,ecx
- mov r10d,DWORD PTR[((14*4))+rsi]
+ mov r10d,DWORD PTR[56+rsi]
or r12d,r11d
mov r11d,ecx
add eax,r12d
@@ -297,10 +297,10 @@ $L$loop::
rol eax,5
add eax,ebx
not r11d
- lea edx,DWORD PTR[0c33707d6h+r10*1+rdx]
+ lea edx,DWORD PTR[((-1019803690))+r10*1+rdx]
and r12d,eax
and r11d,ebx
- mov r10d,DWORD PTR[((3*4))+rsi]
+ mov r10d,DWORD PTR[12+rsi]
or r12d,r11d
mov r11d,ebx
add edx,r12d
@@ -308,10 +308,10 @@ $L$loop::
rol edx,9
add edx,eax
not r11d
- lea ecx,DWORD PTR[0f4d50d87h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-187363961))+r10*1+rcx]
and r12d,edx
and r11d,eax
- mov r10d,DWORD PTR[((8*4))+rsi]
+ mov r10d,DWORD PTR[32+rsi]
or r12d,r11d
mov r11d,eax
add ecx,r12d
@@ -319,10 +319,10 @@ $L$loop::
rol ecx,14
add ecx,edx
not r11d
- lea ebx,DWORD PTR[0455a14edh+r10*1+rbx]
+ lea ebx,DWORD PTR[1163531501+r10*1+rbx]
and r12d,ecx
and r11d,edx
- mov r10d,DWORD PTR[((13*4))+rsi]
+ mov r10d,DWORD PTR[52+rsi]
or r12d,r11d
mov r11d,edx
add ebx,r12d
@@ -330,10 +330,10 @@ $L$loop::
rol ebx,20
add ebx,ecx
not r11d
- lea eax,DWORD PTR[0a9e3e905h+r10*1+rax]
+ lea eax,DWORD PTR[((-1444681467))+r10*1+rax]
and r12d,ebx
and r11d,ecx
- mov r10d,DWORD PTR[((2*4))+rsi]
+ mov r10d,DWORD PTR[8+rsi]
or r12d,r11d
mov r11d,ecx
add eax,r12d
@@ -341,10 +341,10 @@ $L$loop::
rol eax,5
add eax,ebx
not r11d
- lea edx,DWORD PTR[0fcefa3f8h+r10*1+rdx]
+ lea edx,DWORD PTR[((-51403784))+r10*1+rdx]
and r12d,eax
and r11d,ebx
- mov r10d,DWORD PTR[((7*4))+rsi]
+ mov r10d,DWORD PTR[28+rsi]
or r12d,r11d
mov r11d,ebx
add edx,r12d
@@ -352,10 +352,10 @@ $L$loop::
rol edx,9
add edx,eax
not r11d
- lea ecx,DWORD PTR[0676f02d9h+r10*1+rcx]
+ lea ecx,DWORD PTR[1735328473+r10*1+rcx]
and r12d,edx
and r11d,eax
- mov r10d,DWORD PTR[((12*4))+rsi]
+ mov r10d,DWORD PTR[48+rsi]
or r12d,r11d
mov r11d,eax
add ecx,r12d
@@ -363,289 +363,289 @@ $L$loop::
rol ecx,14
add ecx,edx
not r11d
- lea ebx,DWORD PTR[08d2a4c8ah+r10*1+rbx]
+ lea ebx,DWORD PTR[((-1926607734))+r10*1+rbx]
and r12d,ecx
and r11d,edx
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
or r12d,r11d
mov r11d,edx
add ebx,r12d
mov r12d,edx
rol ebx,20
add ebx,ecx
- mov r10d,DWORD PTR[((5*4))+rsi]
+ mov r10d,DWORD PTR[20+rsi]
mov r11d,ecx
- lea eax,DWORD PTR[0fffa3942h+r10*1+rax]
- mov r10d,DWORD PTR[((8*4))+rsi]
+ lea eax,DWORD PTR[((-378558))+r10*1+rax]
+ mov r10d,DWORD PTR[32+rsi]
xor r11d,edx
xor r11d,ebx
add eax,r11d
rol eax,4
mov r11d,ebx
add eax,ebx
- lea edx,DWORD PTR[08771f681h+r10*1+rdx]
- mov r10d,DWORD PTR[((11*4))+rsi]
+ lea edx,DWORD PTR[((-2022574463))+r10*1+rdx]
+ mov r10d,DWORD PTR[44+rsi]
xor r11d,ecx
xor r11d,eax
add edx,r11d
rol edx,11
mov r11d,eax
add edx,eax
- lea ecx,DWORD PTR[06d9d6122h+r10*1+rcx]
- mov r10d,DWORD PTR[((14*4))+rsi]
+ lea ecx,DWORD PTR[1839030562+r10*1+rcx]
+ mov r10d,DWORD PTR[56+rsi]
xor r11d,ebx
xor r11d,edx
add ecx,r11d
rol ecx,16
mov r11d,edx
add ecx,edx
- lea ebx,DWORD PTR[0fde5380ch+r10*1+rbx]
- mov r10d,DWORD PTR[((1*4))+rsi]
+ lea ebx,DWORD PTR[((-35309556))+r10*1+rbx]
+ mov r10d,DWORD PTR[4+rsi]
xor r11d,eax
xor r11d,ecx
add ebx,r11d
rol ebx,23
mov r11d,ecx
add ebx,ecx
- lea eax,DWORD PTR[0a4beea44h+r10*1+rax]
- mov r10d,DWORD PTR[((4*4))+rsi]
+ lea eax,DWORD PTR[((-1530992060))+r10*1+rax]
+ mov r10d,DWORD PTR[16+rsi]
xor r11d,edx
xor r11d,ebx
add eax,r11d
rol eax,4
mov r11d,ebx
add eax,ebx
- lea edx,DWORD PTR[04bdecfa9h+r10*1+rdx]
- mov r10d,DWORD PTR[((7*4))+rsi]
+ lea edx,DWORD PTR[1272893353+r10*1+rdx]
+ mov r10d,DWORD PTR[28+rsi]
xor r11d,ecx
xor r11d,eax
add edx,r11d
rol edx,11
mov r11d,eax
add edx,eax
- lea ecx,DWORD PTR[0f6bb4b60h+r10*1+rcx]
- mov r10d,DWORD PTR[((10*4))+rsi]
+ lea ecx,DWORD PTR[((-155497632))+r10*1+rcx]
+ mov r10d,DWORD PTR[40+rsi]
xor r11d,ebx
xor r11d,edx
add ecx,r11d
rol ecx,16
mov r11d,edx
add ecx,edx
- lea ebx,DWORD PTR[0bebfbc70h+r10*1+rbx]
- mov r10d,DWORD PTR[((13*4))+rsi]
+ lea ebx,DWORD PTR[((-1094730640))+r10*1+rbx]
+ mov r10d,DWORD PTR[52+rsi]
xor r11d,eax
xor r11d,ecx
add ebx,r11d
rol ebx,23
mov r11d,ecx
add ebx,ecx
- lea eax,DWORD PTR[0289b7ec6h+r10*1+rax]
- mov r10d,DWORD PTR[((0*4))+rsi]
+ lea eax,DWORD PTR[681279174+r10*1+rax]
+ mov r10d,DWORD PTR[rsi]
xor r11d,edx
xor r11d,ebx
add eax,r11d
rol eax,4
mov r11d,ebx
add eax,ebx
- lea edx,DWORD PTR[0eaa127fah+r10*1+rdx]
- mov r10d,DWORD PTR[((3*4))+rsi]
+ lea edx,DWORD PTR[((-358537222))+r10*1+rdx]
+ mov r10d,DWORD PTR[12+rsi]
xor r11d,ecx
xor r11d,eax
add edx,r11d
rol edx,11
mov r11d,eax
add edx,eax
- lea ecx,DWORD PTR[0d4ef3085h+r10*1+rcx]
- mov r10d,DWORD PTR[((6*4))+rsi]
+ lea ecx,DWORD PTR[((-722521979))+r10*1+rcx]
+ mov r10d,DWORD PTR[24+rsi]
xor r11d,ebx
xor r11d,edx
add ecx,r11d
rol ecx,16
mov r11d,edx
add ecx,edx
- lea ebx,DWORD PTR[04881d05h+r10*1+rbx]
- mov r10d,DWORD PTR[((9*4))+rsi]
+ lea ebx,DWORD PTR[76029189+r10*1+rbx]
+ mov r10d,DWORD PTR[36+rsi]
xor r11d,eax
xor r11d,ecx
add ebx,r11d
rol ebx,23
mov r11d,ecx
add ebx,ecx
- lea eax,DWORD PTR[0d9d4d039h+r10*1+rax]
- mov r10d,DWORD PTR[((12*4))+rsi]
+ lea eax,DWORD PTR[((-640364487))+r10*1+rax]
+ mov r10d,DWORD PTR[48+rsi]
xor r11d,edx
xor r11d,ebx
add eax,r11d
rol eax,4
mov r11d,ebx
add eax,ebx
- lea edx,DWORD PTR[0e6db99e5h+r10*1+rdx]
- mov r10d,DWORD PTR[((15*4))+rsi]
+ lea edx,DWORD PTR[((-421815835))+r10*1+rdx]
+ mov r10d,DWORD PTR[60+rsi]
xor r11d,ecx
xor r11d,eax
add edx,r11d
rol edx,11
mov r11d,eax
add edx,eax
- lea ecx,DWORD PTR[01fa27cf8h+r10*1+rcx]
- mov r10d,DWORD PTR[((2*4))+rsi]
+ lea ecx,DWORD PTR[530742520+r10*1+rcx]
+ mov r10d,DWORD PTR[8+rsi]
xor r11d,ebx
xor r11d,edx
add ecx,r11d
rol ecx,16
mov r11d,edx
add ecx,edx
- lea ebx,DWORD PTR[0c4ac5665h+r10*1+rbx]
- mov r10d,DWORD PTR[((0*4))+rsi]
+ lea ebx,DWORD PTR[((-995338651))+r10*1+rbx]
+ mov r10d,DWORD PTR[rsi]
xor r11d,eax
xor r11d,ecx
add ebx,r11d
rol ebx,23
mov r11d,ecx
add ebx,ecx
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
mov r11d,0ffffffffh
xor r11d,edx
- lea eax,DWORD PTR[0f4292244h+r10*1+rax]
+ lea eax,DWORD PTR[((-198630844))+r10*1+rax]
or r11d,ebx
xor r11d,ecx
add eax,r11d
- mov r10d,DWORD PTR[((7*4))+rsi]
+ mov r10d,DWORD PTR[28+rsi]
mov r11d,0ffffffffh
rol eax,6
xor r11d,ecx
add eax,ebx
- lea edx,DWORD PTR[0432aff97h+r10*1+rdx]
+ lea edx,DWORD PTR[1126891415+r10*1+rdx]
or r11d,eax
xor r11d,ebx
add edx,r11d
- mov r10d,DWORD PTR[((14*4))+rsi]
+ mov r10d,DWORD PTR[56+rsi]
mov r11d,0ffffffffh
rol edx,10
xor r11d,ebx
add edx,eax
- lea ecx,DWORD PTR[0ab9423a7h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-1416354905))+r10*1+rcx]
or r11d,edx
xor r11d,eax
add ecx,r11d
- mov r10d,DWORD PTR[((5*4))+rsi]
+ mov r10d,DWORD PTR[20+rsi]
mov r11d,0ffffffffh
rol ecx,15
xor r11d,eax
add ecx,edx
- lea ebx,DWORD PTR[0fc93a039h+r10*1+rbx]
+ lea ebx,DWORD PTR[((-57434055))+r10*1+rbx]
or r11d,ecx
xor r11d,edx
add ebx,r11d
- mov r10d,DWORD PTR[((12*4))+rsi]
+ mov r10d,DWORD PTR[48+rsi]
mov r11d,0ffffffffh
rol ebx,21
xor r11d,edx
add ebx,ecx
- lea eax,DWORD PTR[0655b59c3h+r10*1+rax]
+ lea eax,DWORD PTR[1700485571+r10*1+rax]
or r11d,ebx
xor r11d,ecx
add eax,r11d
- mov r10d,DWORD PTR[((3*4))+rsi]
+ mov r10d,DWORD PTR[12+rsi]
mov r11d,0ffffffffh
rol eax,6
xor r11d,ecx
add eax,ebx
- lea edx,DWORD PTR[08f0ccc92h+r10*1+rdx]
+ lea edx,DWORD PTR[((-1894986606))+r10*1+rdx]
or r11d,eax
xor r11d,ebx
add edx,r11d
- mov r10d,DWORD PTR[((10*4))+rsi]
+ mov r10d,DWORD PTR[40+rsi]
mov r11d,0ffffffffh
rol edx,10
xor r11d,ebx
add edx,eax
- lea ecx,DWORD PTR[0ffeff47dh+r10*1+rcx]
+ lea ecx,DWORD PTR[((-1051523))+r10*1+rcx]
or r11d,edx
xor r11d,eax
add ecx,r11d
- mov r10d,DWORD PTR[((1*4))+rsi]
+ mov r10d,DWORD PTR[4+rsi]
mov r11d,0ffffffffh
rol ecx,15
xor r11d,eax
add ecx,edx
- lea ebx,DWORD PTR[085845dd1h+r10*1+rbx]
+ lea ebx,DWORD PTR[((-2054922799))+r10*1+rbx]
or r11d,ecx
xor r11d,edx
add ebx,r11d
- mov r10d,DWORD PTR[((8*4))+rsi]
+ mov r10d,DWORD PTR[32+rsi]
mov r11d,0ffffffffh
rol ebx,21
xor r11d,edx
add ebx,ecx
- lea eax,DWORD PTR[06fa87e4fh+r10*1+rax]
+ lea eax,DWORD PTR[1873313359+r10*1+rax]
or r11d,ebx
xor r11d,ecx
add eax,r11d
- mov r10d,DWORD PTR[((15*4))+rsi]
+ mov r10d,DWORD PTR[60+rsi]
mov r11d,0ffffffffh
rol eax,6
xor r11d,ecx
add eax,ebx
- lea edx,DWORD PTR[0fe2ce6e0h+r10*1+rdx]
+ lea edx,DWORD PTR[((-30611744))+r10*1+rdx]
or r11d,eax
xor r11d,ebx
add edx,r11d
- mov r10d,DWORD PTR[((6*4))+rsi]
+ mov r10d,DWORD PTR[24+rsi]
mov r11d,0ffffffffh
rol edx,10
xor r11d,ebx
add edx,eax
- lea ecx,DWORD PTR[0a3014314h+r10*1+rcx]
+ lea ecx,DWORD PTR[((-1560198380))+r10*1+rcx]
or r11d,edx
xor r11d,eax
add ecx,r11d
- mov r10d,DWORD PTR[((13*4))+rsi]
+ mov r10d,DWORD PTR[52+rsi]
mov r11d,0ffffffffh
rol ecx,15
xor r11d,eax
add ecx,edx
- lea ebx,DWORD PTR[04e0811a1h+r10*1+rbx]
+ lea ebx,DWORD PTR[1309151649+r10*1+rbx]
or r11d,ecx
xor r11d,edx
add ebx,r11d
- mov r10d,DWORD PTR[((4*4))+rsi]
+ mov r10d,DWORD PTR[16+rsi]
mov r11d,0ffffffffh
rol ebx,21
xor r11d,edx
add ebx,ecx
- lea eax,DWORD PTR[0f7537e82h+r10*1+rax]
+ lea eax,DWORD PTR[((-145523070))+r10*1+rax]
or r11d,ebx
xor r11d,ecx
add eax,r11d
- mov r10d,DWORD PTR[((11*4))+rsi]
+ mov r10d,DWORD PTR[44+rsi]
mov r11d,0ffffffffh
rol eax,6
xor r11d,ecx
add eax,ebx
- lea edx,DWORD PTR[0bd3af235h+r10*1+rdx]
+ lea edx,DWORD PTR[((-1120210379))+r10*1+rdx]
or r11d,eax
xor r11d,ebx
add edx,r11d
- mov r10d,DWORD PTR[((2*4))+rsi]
+ mov r10d,DWORD PTR[8+rsi]
mov r11d,0ffffffffh
rol edx,10
xor r11d,ebx
add edx,eax
- lea ecx,DWORD PTR[02ad7d2bbh+r10*1+rcx]
+ lea ecx,DWORD PTR[718787259+r10*1+rcx]
or r11d,edx
xor r11d,eax
add ecx,r11d
- mov r10d,DWORD PTR[((9*4))+rsi]
+ mov r10d,DWORD PTR[36+rsi]
mov r11d,0ffffffffh
rol ecx,15
xor r11d,eax
add ecx,edx
- lea ebx,DWORD PTR[0eb86d391h+r10*1+rbx]
+ lea ebx,DWORD PTR[((-343485551))+r10*1+rbx]
or r11d,ecx
xor r11d,edx
add ebx,r11d
- mov r10d,DWORD PTR[((0*4))+rsi]
+ mov r10d,DWORD PTR[rsi]
mov r11d,0ffffffffh
rol ebx,21
xor r11d,edx
@@ -664,10 +664,10 @@ $L$loop::
$L$end::
- mov DWORD PTR[((0*4))+rbp],eax
- mov DWORD PTR[((1*4))+rbp],ebx
- mov DWORD PTR[((2*4))+rbp],ecx
- mov DWORD PTR[((3*4))+rbp],edx
+ mov DWORD PTR[rbp],eax
+ mov DWORD PTR[4+rbp],ebx
+ mov DWORD PTR[8+rbp],ecx
+ mov DWORD PTR[12+rbp],edx
mov r15,QWORD PTR[rsp]
mov r14,QWORD PTR[8+rsp]
diff --git a/deps/openssl/asm/x64-win32-masm/rc4/rc4-x86_64.asm b/deps/openssl/asm/x64-win32-masm/rc4/rc4-x86_64.asm
index f508fa667..aea304fba 100644
--- a/deps/openssl/asm/x64-win32-masm/rc4/rc4-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/rc4/rc4-x86_64.asm
@@ -1,5 +1,6 @@
OPTION DOTNAME
.text$ SEGMENT ALIGN(64) 'CODE'
+EXTERN OPENSSL_ia32cap_P:NEAR
PUBLIC RC4
@@ -24,316 +25,511 @@ $L$entry::
push r12
push r13
$L$prologue::
+ mov r11,rsi
+ mov r12,rdx
+ mov r13,rcx
+ xor r10,r10
+ xor rcx,rcx
- add rdi,8
- mov r8d,DWORD PTR[((-8))+rdi]
- mov r12d,DWORD PTR[((-4))+rdi]
+ lea rdi,QWORD PTR[8+rdi]
+ mov r10b,BYTE PTR[((-8))+rdi]
+ mov cl,BYTE PTR[((-4))+rdi]
cmp DWORD PTR[256+rdi],-1
je $L$RC4_CHAR
- inc r8b
- mov r9d,DWORD PTR[r8*4+rdi]
- test rsi,-8
- jz $L$loop1
- jmp $L$loop8
-ALIGN 16
-$L$loop8::
- add r12b,r9b
- mov r10,r8
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
- inc r10b
- mov r11d,DWORD PTR[r10*4+rdi]
- cmp r12,r10
- mov DWORD PTR[r12*4+rdi],r9d
- cmove r11,r9
- mov DWORD PTR[r8*4+rdi],r13d
- add r13b,r9b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r11b
- mov r8,r10
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
- inc r8b
- mov r9d,DWORD PTR[r8*4+rdi]
- cmp r12,r8
- mov DWORD PTR[r12*4+rdi],r11d
- cmove r9,r11
- mov DWORD PTR[r10*4+rdi],r13d
- add r13b,r11b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r9b
- mov r10,r8
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
+ mov r8d,DWORD PTR[OPENSSL_ia32cap_P]
+ xor rbx,rbx
inc r10b
- mov r11d,DWORD PTR[r10*4+rdi]
- cmp r12,r10
- mov DWORD PTR[r12*4+rdi],r9d
- cmove r11,r9
- mov DWORD PTR[r8*4+rdi],r13d
- add r13b,r9b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r11b
- mov r8,r10
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
- inc r8b
- mov r9d,DWORD PTR[r8*4+rdi]
- cmp r12,r8
- mov DWORD PTR[r12*4+rdi],r11d
- cmove r9,r11
- mov DWORD PTR[r10*4+rdi],r13d
- add r13b,r11b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r9b
- mov r10,r8
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
+ sub rbx,r10
+ sub r13,r12
+ mov eax,DWORD PTR[r10*4+rdi]
+ test r11,-16
+ jz $L$loop1
+ bt r8d,30
+ jc $L$intel
+ and rbx,7
+ lea rsi,QWORD PTR[1+r10]
+ jz $L$oop8
+ sub r11,rbx
+$L$oop8_warmup::
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov DWORD PTR[r10*4+rdi],edx
+ add al,dl
inc r10b
- mov r11d,DWORD PTR[r10*4+rdi]
- cmp r12,r10
- mov DWORD PTR[r12*4+rdi],r9d
- cmove r11,r9
- mov DWORD PTR[r8*4+rdi],r13d
- add r13b,r9b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r11b
- mov r8,r10
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
- inc r8b
- mov r9d,DWORD PTR[r8*4+rdi]
- cmp r12,r8
- mov DWORD PTR[r12*4+rdi],r11d
- cmove r9,r11
- mov DWORD PTR[r10*4+rdi],r13d
- add r13b,r11b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r9b
- mov r10,r8
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
+ mov edx,DWORD PTR[rax*4+rdi]
+ mov eax,DWORD PTR[r10*4+rdi]
+ xor dl,BYTE PTR[r12]
+ mov BYTE PTR[r12*1+r13],dl
+ lea r12,QWORD PTR[1+r12]
+ dec rbx
+ jnz $L$oop8_warmup
+
+ lea rsi,QWORD PTR[1+r10]
+ jmp $L$oop8
+ALIGN 16
+$L$oop8::
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov ebx,DWORD PTR[rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[r10*4+rdi],edx
+ add dl,al
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,bl
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ mov eax,DWORD PTR[4+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[4+r10*4+rdi],edx
+ add dl,bl
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov ebx,DWORD PTR[8+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[8+r10*4+rdi],edx
+ add dl,al
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,bl
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ mov eax,DWORD PTR[12+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[12+r10*4+rdi],edx
+ add dl,bl
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov ebx,DWORD PTR[16+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[16+r10*4+rdi],edx
+ add dl,al
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,bl
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ mov eax,DWORD PTR[20+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[20+r10*4+rdi],edx
+ add dl,bl
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov ebx,DWORD PTR[24+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[24+r10*4+rdi],edx
+ add dl,al
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add sil,8
+ add cl,bl
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ mov eax,DWORD PTR[((-4))+rsi*4+rdi]
+ ror r8,8
+ mov DWORD PTR[28+r10*4+rdi],edx
+ add dl,bl
+ mov r8b,BYTE PTR[rdx*4+rdi]
+ add r10b,8
+ ror r8,8
+ sub r11,8
+
+ xor r8,QWORD PTR[r12]
+ mov QWORD PTR[r12*1+r13],r8
+ lea r12,QWORD PTR[8+r12]
+
+ test r11,-8
+ jnz $L$oop8
+ cmp r11,0
+ jne $L$loop1
+ jmp $L$exit
+
+ALIGN 16
+$L$intel::
+ test r11,-32
+ jz $L$loop1
+ and rbx,15
+ jz $L$oop16_is_hot
+ sub r11,rbx
+$L$oop16_warmup::
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov DWORD PTR[r10*4+rdi],edx
+ add al,dl
inc r10b
- mov r11d,DWORD PTR[r10*4+rdi]
- cmp r12,r10
- mov DWORD PTR[r12*4+rdi],r9d
- cmove r11,r9
- mov DWORD PTR[r8*4+rdi],r13d
- add r13b,r9b
- mov al,BYTE PTR[r13*4+rdi]
- add r12b,r11b
- mov r8,r10
- mov r13d,DWORD PTR[r12*4+rdi]
- ror rax,8
- inc r8b
- mov r9d,DWORD PTR[r8*4+rdi]
- cmp r12,r8
- mov DWORD PTR[r12*4+rdi],r11d
- cmove r9,r11
- mov DWORD PTR[r10*4+rdi],r13d
- add r13b,r11b
- mov al,BYTE PTR[r13*4+rdi]
- ror rax,8
- sub rsi,8
-
- xor rax,QWORD PTR[rdx]
- add rdx,8
- mov QWORD PTR[rcx],rax
- add rcx,8
-
- test rsi,-8
- jnz $L$loop8
- cmp rsi,0
+ mov edx,DWORD PTR[rax*4+rdi]
+ mov eax,DWORD PTR[r10*4+rdi]
+ xor dl,BYTE PTR[r12]
+ mov BYTE PTR[r12*1+r13],dl
+ lea r12,QWORD PTR[1+r12]
+ dec rbx
+ jnz $L$oop16_warmup
+
+ mov rbx,rcx
+ xor rcx,rcx
+ mov cl,bl
+
+$L$oop16_is_hot::
+ lea rsi,QWORD PTR[r10*4+rdi]
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ pxor xmm0,xmm0
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[4+rsi]
+ movzx eax,al
+ mov DWORD PTR[rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],0
+ jmp $L$oop16_enter
+ALIGN 16
+$L$oop16::
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ pxor xmm2,xmm0
+ psllq xmm1,8
+ pxor xmm0,xmm0
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[4+rsi]
+ movzx eax,al
+ mov DWORD PTR[rsi],edx
+ pxor xmm2,xmm1
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],0
+ movdqu XMMWORD PTR[r12*1+r13],xmm2
+ lea r12,QWORD PTR[16+r12]
+$L$oop16_enter::
+ mov edx,DWORD PTR[rcx*4+rdi]
+ pxor xmm1,xmm1
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[8+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[4+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],0
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[12+rsi]
+ movzx eax,al
+ mov DWORD PTR[8+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],1
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[16+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[12+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],1
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[20+rsi]
+ movzx eax,al
+ mov DWORD PTR[16+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],2
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[24+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[20+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],2
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[28+rsi]
+ movzx eax,al
+ mov DWORD PTR[24+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],3
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[32+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[28+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],3
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[36+rsi]
+ movzx eax,al
+ mov DWORD PTR[32+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],4
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[40+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[36+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],4
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[44+rsi]
+ movzx eax,al
+ mov DWORD PTR[40+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],5
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[48+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[44+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],5
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[52+rsi]
+ movzx eax,al
+ mov DWORD PTR[48+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],6
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ mov eax,DWORD PTR[56+rsi]
+ movzx ebx,bl
+ mov DWORD PTR[52+rsi],edx
+ add cl,al
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],6
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ add al,dl
+ mov ebx,DWORD PTR[60+rsi]
+ movzx eax,al
+ mov DWORD PTR[56+rsi],edx
+ add cl,bl
+ pinsrw xmm0,WORD PTR[rax*4+rdi],7
+ add r10b,16
+ movdqu xmm2,XMMWORD PTR[r12]
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],ebx
+ add bl,dl
+ movzx ebx,bl
+ mov DWORD PTR[60+rsi],edx
+ lea rsi,QWORD PTR[r10*4+rdi]
+ pinsrw xmm1,WORD PTR[rbx*4+rdi],7
+ mov eax,DWORD PTR[rsi]
+ mov rbx,rcx
+ xor rcx,rcx
+ sub r11,16
+ mov cl,bl
+ test r11,-16
+ jnz $L$oop16
+
+ psllq xmm1,8
+ pxor xmm2,xmm0
+ pxor xmm2,xmm1
+ movdqu XMMWORD PTR[r12*1+r13],xmm2
+ lea r12,QWORD PTR[16+r12]
+
+ cmp r11,0
jne $L$loop1
jmp $L$exit
ALIGN 16
$L$loop1::
- add r12b,r9b
- mov r13d,DWORD PTR[r12*4+rdi]
- mov DWORD PTR[r12*4+rdi],r9d
- mov DWORD PTR[r8*4+rdi],r13d
- add r9b,r13b
- inc r8b
- mov r13d,DWORD PTR[r9*4+rdi]
- mov r9d,DWORD PTR[r8*4+rdi]
- xor r13b,BYTE PTR[rdx]
- inc rdx
- mov BYTE PTR[rcx],r13b
- inc rcx
- dec rsi
+ add cl,al
+ mov edx,DWORD PTR[rcx*4+rdi]
+ mov DWORD PTR[rcx*4+rdi],eax
+ mov DWORD PTR[r10*4+rdi],edx
+ add al,dl
+ inc r10b
+ mov edx,DWORD PTR[rax*4+rdi]
+ mov eax,DWORD PTR[r10*4+rdi]
+ xor dl,BYTE PTR[r12]
+ mov BYTE PTR[r12*1+r13],dl
+ lea r12,QWORD PTR[1+r12]
+ dec r11
jnz $L$loop1
jmp $L$exit
ALIGN 16
$L$RC4_CHAR::
- add r8b,1
- movzx r9d,BYTE PTR[r8*1+rdi]
- test rsi,-8
+ add r10b,1
+ movzx eax,BYTE PTR[r10*1+rdi]
+ test r11,-8
jz $L$cloop1
- cmp DWORD PTR[260+rdi],0
- jnz $L$cloop1
jmp $L$cloop8
ALIGN 16
$L$cloop8::
- mov eax,DWORD PTR[rdx]
- mov ebx,DWORD PTR[4+rdx]
- add r12b,r9b
- lea r10,QWORD PTR[1+r8]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r10d,r10b
- movzx r11d,BYTE PTR[r10*1+rdi]
- mov BYTE PTR[r12*1+rdi],r9b
- cmp r12,r10
- mov BYTE PTR[r8*1+rdi],r13b
+ mov r8d,DWORD PTR[r12]
+ mov r9d,DWORD PTR[4+r12]
+ add cl,al
+ lea rsi,QWORD PTR[1+r10]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx esi,sil
+ movzx ebx,BYTE PTR[rsi*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],al
+ cmp rcx,rsi
+ mov BYTE PTR[r10*1+rdi],dl
jne $L$cmov0
- mov r11,r9
+ mov rbx,rax
$L$cmov0::
- add r13b,r9b
- xor al,BYTE PTR[r13*1+rdi]
- ror eax,8
- add r12b,r11b
- lea r8,QWORD PTR[1+r10]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r8d,r8b
- movzx r9d,BYTE PTR[r8*1+rdi]
- mov BYTE PTR[r12*1+rdi],r11b
- cmp r12,r8
- mov BYTE PTR[r10*1+rdi],r13b
+ add dl,al
+ xor r8b,BYTE PTR[rdx*1+rdi]
+ ror r8d,8
+ add cl,bl
+ lea r10,QWORD PTR[1+rsi]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx r10d,r10b
+ movzx eax,BYTE PTR[r10*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],bl
+ cmp rcx,r10
+ mov BYTE PTR[rsi*1+rdi],dl
jne $L$cmov1
- mov r9,r11
+ mov rax,rbx
$L$cmov1::
- add r13b,r11b
- xor al,BYTE PTR[r13*1+rdi]
- ror eax,8
- add r12b,r9b
- lea r10,QWORD PTR[1+r8]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r10d,r10b
- movzx r11d,BYTE PTR[r10*1+rdi]
- mov BYTE PTR[r12*1+rdi],r9b
- cmp r12,r10
- mov BYTE PTR[r8*1+rdi],r13b
+ add dl,bl
+ xor r8b,BYTE PTR[rdx*1+rdi]
+ ror r8d,8
+ add cl,al
+ lea rsi,QWORD PTR[1+r10]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx esi,sil
+ movzx ebx,BYTE PTR[rsi*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],al
+ cmp rcx,rsi
+ mov BYTE PTR[r10*1+rdi],dl
jne $L$cmov2
- mov r11,r9
+ mov rbx,rax
$L$cmov2::
- add r13b,r9b
- xor al,BYTE PTR[r13*1+rdi]
- ror eax,8
- add r12b,r11b
- lea r8,QWORD PTR[1+r10]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r8d,r8b
- movzx r9d,BYTE PTR[r8*1+rdi]
- mov BYTE PTR[r12*1+rdi],r11b
- cmp r12,r8
- mov BYTE PTR[r10*1+rdi],r13b
+ add dl,al
+ xor r8b,BYTE PTR[rdx*1+rdi]
+ ror r8d,8
+ add cl,bl
+ lea r10,QWORD PTR[1+rsi]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx r10d,r10b
+ movzx eax,BYTE PTR[r10*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],bl
+ cmp rcx,r10
+ mov BYTE PTR[rsi*1+rdi],dl
jne $L$cmov3
- mov r9,r11
+ mov rax,rbx
$L$cmov3::
- add r13b,r11b
- xor al,BYTE PTR[r13*1+rdi]
- ror eax,8
- add r12b,r9b
- lea r10,QWORD PTR[1+r8]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r10d,r10b
- movzx r11d,BYTE PTR[r10*1+rdi]
- mov BYTE PTR[r12*1+rdi],r9b
- cmp r12,r10
- mov BYTE PTR[r8*1+rdi],r13b
+ add dl,bl
+ xor r8b,BYTE PTR[rdx*1+rdi]
+ ror r8d,8
+ add cl,al
+ lea rsi,QWORD PTR[1+r10]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx esi,sil
+ movzx ebx,BYTE PTR[rsi*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],al
+ cmp rcx,rsi
+ mov BYTE PTR[r10*1+rdi],dl
jne $L$cmov4
- mov r11,r9
+ mov rbx,rax
$L$cmov4::
- add r13b,r9b
- xor bl,BYTE PTR[r13*1+rdi]
- ror ebx,8
- add r12b,r11b
- lea r8,QWORD PTR[1+r10]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r8d,r8b
- movzx r9d,BYTE PTR[r8*1+rdi]
- mov BYTE PTR[r12*1+rdi],r11b
- cmp r12,r8
- mov BYTE PTR[r10*1+rdi],r13b
+ add dl,al
+ xor r9b,BYTE PTR[rdx*1+rdi]
+ ror r9d,8
+ add cl,bl
+ lea r10,QWORD PTR[1+rsi]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx r10d,r10b
+ movzx eax,BYTE PTR[r10*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],bl
+ cmp rcx,r10
+ mov BYTE PTR[rsi*1+rdi],dl
jne $L$cmov5
- mov r9,r11
+ mov rax,rbx
$L$cmov5::
- add r13b,r11b
- xor bl,BYTE PTR[r13*1+rdi]
- ror ebx,8
- add r12b,r9b
- lea r10,QWORD PTR[1+r8]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r10d,r10b
- movzx r11d,BYTE PTR[r10*1+rdi]
- mov BYTE PTR[r12*1+rdi],r9b
- cmp r12,r10
- mov BYTE PTR[r8*1+rdi],r13b
+ add dl,bl
+ xor r9b,BYTE PTR[rdx*1+rdi]
+ ror r9d,8
+ add cl,al
+ lea rsi,QWORD PTR[1+r10]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx esi,sil
+ movzx ebx,BYTE PTR[rsi*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],al
+ cmp rcx,rsi
+ mov BYTE PTR[r10*1+rdi],dl
jne $L$cmov6
- mov r11,r9
+ mov rbx,rax
$L$cmov6::
- add r13b,r9b
- xor bl,BYTE PTR[r13*1+rdi]
- ror ebx,8
- add r12b,r11b
- lea r8,QWORD PTR[1+r10]
- movzx r13d,BYTE PTR[r12*1+rdi]
- movzx r8d,r8b
- movzx r9d,BYTE PTR[r8*1+rdi]
- mov BYTE PTR[r12*1+rdi],r11b
- cmp r12,r8
- mov BYTE PTR[r10*1+rdi],r13b
+ add dl,al
+ xor r9b,BYTE PTR[rdx*1+rdi]
+ ror r9d,8
+ add cl,bl
+ lea r10,QWORD PTR[1+rsi]
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ movzx r10d,r10b
+ movzx eax,BYTE PTR[r10*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],bl
+ cmp rcx,r10
+ mov BYTE PTR[rsi*1+rdi],dl
jne $L$cmov7
- mov r9,r11
+ mov rax,rbx
$L$cmov7::
- add r13b,r11b
- xor bl,BYTE PTR[r13*1+rdi]
- ror ebx,8
- lea rsi,QWORD PTR[((-8))+rsi]
- mov DWORD PTR[rcx],eax
- lea rdx,QWORD PTR[8+rdx]
- mov DWORD PTR[4+rcx],ebx
- lea rcx,QWORD PTR[8+rcx]
-
- test rsi,-8
+ add dl,bl
+ xor r9b,BYTE PTR[rdx*1+rdi]
+ ror r9d,8
+ lea r11,QWORD PTR[((-8))+r11]
+ mov DWORD PTR[r13],r8d
+ lea r12,QWORD PTR[8+r12]
+ mov DWORD PTR[4+r13],r9d
+ lea r13,QWORD PTR[8+r13]
+
+ test r11,-8
jnz $L$cloop8
- cmp rsi,0
+ cmp r11,0
jne $L$cloop1
jmp $L$exit
ALIGN 16
$L$cloop1::
- add r12b,r9b
- movzx r13d,BYTE PTR[r12*1+rdi]
- mov BYTE PTR[r12*1+rdi],r9b
- mov BYTE PTR[r8*1+rdi],r13b
- add r13b,r9b
- add r8b,1
- movzx r13d,r13b
- movzx r8d,r8b
- movzx r13d,BYTE PTR[r13*1+rdi]
- movzx r9d,BYTE PTR[r8*1+rdi]
- xor r13b,BYTE PTR[rdx]
- lea rdx,QWORD PTR[1+rdx]
- mov BYTE PTR[rcx],r13b
- lea rcx,QWORD PTR[1+rcx]
- sub rsi,1
+ add cl,al
+ movzx ecx,cl
+ movzx edx,BYTE PTR[rcx*1+rdi]
+ mov BYTE PTR[rcx*1+rdi],al
+ mov BYTE PTR[r10*1+rdi],dl
+ add dl,al
+ add r10b,1
+ movzx edx,dl
+ movzx r10d,r10b
+ movzx edx,BYTE PTR[rdx*1+rdi]
+ movzx eax,BYTE PTR[r10*1+rdi]
+ xor dl,BYTE PTR[r12]
+ lea r12,QWORD PTR[1+r12]
+ mov BYTE PTR[r13],dl
+ lea r13,QWORD PTR[1+r13]
+ sub r11,1
jnz $L$cloop1
jmp $L$exit
ALIGN 16
$L$exit::
- sub r8b,1
- mov DWORD PTR[((-8))+rdi],r8d
- mov DWORD PTR[((-4))+rdi],r12d
+ sub r10b,1
+ mov DWORD PTR[((-8))+rdi],r10d
+ mov DWORD PTR[((-4))+rdi],ecx
mov r13,QWORD PTR[rsp]
mov r12,QWORD PTR[8+rsp]
@@ -345,15 +541,14 @@ $L$epilogue::
DB 0F3h,0C3h ;repret
$L$SEH_end_RC4::
RC4 ENDP
-EXTERN OPENSSL_ia32cap_P:NEAR
-PUBLIC RC4_set_key
+PUBLIC private_RC4_set_key
ALIGN 16
-RC4_set_key PROC PUBLIC
+private_RC4_set_key PROC PUBLIC
mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
mov QWORD PTR[16+rsp],rsi
mov rax,rsp
-$L$SEH_begin_RC4_set_key::
+$L$SEH_begin_private_RC4_set_key::
mov rdi,rcx
mov rsi,rdx
mov rdx,r8
@@ -370,11 +565,8 @@ $L$SEH_begin_RC4_set_key::
mov r8d,DWORD PTR[OPENSSL_ia32cap_P]
bt r8d,20
- jnc $L$w1stloop
- bt r8d,30
- setc r9b
- mov DWORD PTR[260+rdi],r9d
- jmp $L$c1stloop
+ jc $L$c1stloop
+ jmp $L$w1stloop
ALIGN 16
$L$w1stloop::
@@ -430,8 +622,8 @@ $L$exit_key::
mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
mov rsi,QWORD PTR[16+rsp]
DB 0F3h,0C3h ;repret
-$L$SEH_end_RC4_set_key::
-RC4_set_key ENDP
+$L$SEH_end_private_RC4_set_key::
+private_RC4_set_key ENDP
PUBLIC RC4_options
@@ -440,18 +632,20 @@ RC4_options PROC PUBLIC
lea rax,QWORD PTR[$L$opts]
mov edx,DWORD PTR[OPENSSL_ia32cap_P]
bt edx,20
- jnc $L$done
- add rax,12
+ jc $L$8xchar
bt edx,30
jnc $L$done
- add rax,13
+ add rax,25
+ DB 0F3h,0C3h ;repret
+$L$8xchar::
+ add rax,12
$L$done::
DB 0F3h,0C3h ;repret
ALIGN 64
$L$opts::
DB 114,99,52,40,56,120,44,105,110,116,41,0
DB 114,99,52,40,56,120,44,99,104,97,114,41,0
-DB 114,99,52,40,49,120,44,99,104,97,114,41,0
+DB 114,99,52,40,49,54,120,44,105,110,116,41,0
DB 82,67,52,32,102,111,114,32,120,56,54,95,54,52,44,32
DB 67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
DB 112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
@@ -568,9 +762,9 @@ ALIGN 4
DD imagerel $L$SEH_end_RC4
DD imagerel $L$SEH_info_RC4
- DD imagerel $L$SEH_begin_RC4_set_key
- DD imagerel $L$SEH_end_RC4_set_key
- DD imagerel $L$SEH_info_RC4_set_key
+ DD imagerel $L$SEH_begin_private_RC4_set_key
+ DD imagerel $L$SEH_end_private_RC4_set_key
+ DD imagerel $L$SEH_info_private_RC4_set_key
.pdata ENDS
.xdata SEGMENT READONLY ALIGN(8)
@@ -578,7 +772,7 @@ ALIGN 8
$L$SEH_info_RC4::
DB 9,0,0,0
DD imagerel stream_se_handler
-$L$SEH_info_RC4_set_key::
+$L$SEH_info_private_RC4_set_key::
DB 9,0,0,0
DD imagerel key_se_handler
diff --git a/deps/openssl/asm/x64-win32-masm/sha/sha1-x86_64.asm b/deps/openssl/asm/x64-win32-masm/sha/sha1-x86_64.asm
index 9323f2b26..9589f7fa0 100644
--- a/deps/openssl/asm/x64-win32-masm/sha/sha1-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/sha/sha1-x86_64.asm
@@ -1,5 +1,7 @@
OPTION DOTNAME
.text$ SEGMENT ALIGN(64) 'CODE'
+EXTERN OPENSSL_ia32cap_P:NEAR
+
PUBLIC sha1_block_data_order
ALIGN 16
@@ -13,9 +15,18 @@ $L$SEH_begin_sha1_block_data_order::
mov rdx,r8
+ mov r9d,DWORD PTR[((OPENSSL_ia32cap_P+0))]
+ mov r8d,DWORD PTR[((OPENSSL_ia32cap_P+4))]
+ test r8d,512
+ jz $L$ialu
+ jmp _ssse3_shortcut
+
+ALIGN 16
+$L$ialu::
push rbx
push rbp
push r12
+ push r13
mov r11,rsp
mov r8,rdi
sub rsp,72
@@ -25,1278 +36,2499 @@ $L$SEH_begin_sha1_block_data_order::
mov QWORD PTR[64+rsp],r11
$L$prologue::
- mov edx,DWORD PTR[r8]
- mov esi,DWORD PTR[4+r8]
- mov edi,DWORD PTR[8+r8]
- mov ebp,DWORD PTR[12+r8]
- mov r11d,DWORD PTR[16+r8]
-ALIGN 4
+ mov esi,DWORD PTR[r8]
+ mov edi,DWORD PTR[4+r8]
+ mov r11d,DWORD PTR[8+r8]
+ mov r12d,DWORD PTR[12+r8]
+ mov r13d,DWORD PTR[16+r8]
+ jmp $L$loop
+
+ALIGN 16
$L$loop::
- mov eax,DWORD PTR[r9]
- bswap eax
- mov DWORD PTR[rsp],eax
- lea r12d,DWORD PTR[05a827999h+r11*1+rax]
- mov ebx,edi
- mov eax,DWORD PTR[4+r9]
- mov r11d,edx
- xor ebx,ebp
- bswap eax
- rol r11d,5
- and ebx,esi
- mov DWORD PTR[4+rsp],eax
- add r12d,r11d
- xor ebx,ebp
+ mov edx,DWORD PTR[r9]
+ bswap edx
+ mov DWORD PTR[rsp],edx
+ mov eax,r11d
+ mov ebp,DWORD PTR[4+r9]
+ mov ecx,esi
+ xor eax,r12d
+ bswap ebp
+ rol ecx,5
+ lea r13d,DWORD PTR[1518500249+r13*1+rdx]
+ and eax,edi
+ mov DWORD PTR[4+rsp],ebp
+ add r13d,ecx
+ xor eax,r12d
+ rol edi,30
+ add r13d,eax
+ mov eax,edi
+ mov edx,DWORD PTR[8+r9]
+ mov ecx,r13d
+ xor eax,r11d
+ bswap edx
+ rol ecx,5
+ lea r12d,DWORD PTR[1518500249+r12*1+rbp]
+ and eax,esi
+ mov DWORD PTR[8+rsp],edx
+ add r12d,ecx
+ xor eax,r11d
rol esi,30
- add r12d,ebx
- lea r11d,DWORD PTR[05a827999h+rbp*1+rax]
- mov ebx,esi
- mov eax,DWORD PTR[8+r9]
- mov ebp,r12d
- xor ebx,edi
- bswap eax
- rol ebp,5
- and ebx,edx
- mov DWORD PTR[8+rsp],eax
- add r11d,ebp
- xor ebx,edi
- rol edx,30
- add r11d,ebx
- lea ebp,DWORD PTR[05a827999h+rdi*1+rax]
- mov ebx,edx
- mov eax,DWORD PTR[12+r9]
- mov edi,r11d
- xor ebx,esi
- bswap eax
- rol edi,5
- and ebx,r12d
- mov DWORD PTR[12+rsp],eax
- add ebp,edi
- xor ebx,esi
+ add r12d,eax
+ mov eax,esi
+ mov ebp,DWORD PTR[12+r9]
+ mov ecx,r12d
+ xor eax,edi
+ bswap ebp
+ rol ecx,5
+ lea r11d,DWORD PTR[1518500249+r11*1+rdx]
+ and eax,r13d
+ mov DWORD PTR[12+rsp],ebp
+ add r11d,ecx
+ xor eax,edi
+ rol r13d,30
+ add r11d,eax
+ mov eax,r13d
+ mov edx,DWORD PTR[16+r9]
+ mov ecx,r11d
+ xor eax,esi
+ bswap edx
+ rol ecx,5
+ lea edi,DWORD PTR[1518500249+rdi*1+rbp]
+ and eax,r12d
+ mov DWORD PTR[16+rsp],edx
+ add edi,ecx
+ xor eax,esi
rol r12d,30
- add ebp,ebx
- lea edi,DWORD PTR[05a827999h+rsi*1+rax]
- mov ebx,r12d
- mov eax,DWORD PTR[16+r9]
- mov esi,ebp
- xor ebx,edx
- bswap eax
- rol esi,5
- and ebx,r11d
- mov DWORD PTR[16+rsp],eax
- add edi,esi
- xor ebx,edx
+ add edi,eax
+ mov eax,r12d
+ mov ebp,DWORD PTR[20+r9]
+ mov ecx,edi
+ xor eax,r13d
+ bswap ebp
+ rol ecx,5
+ lea esi,DWORD PTR[1518500249+rsi*1+rdx]
+ and eax,r11d
+ mov DWORD PTR[20+rsp],ebp
+ add esi,ecx
+ xor eax,r13d
rol r11d,30
- add edi,ebx
- lea esi,DWORD PTR[05a827999h+rdx*1+rax]
+ add esi,eax
+ mov eax,r11d
+ mov edx,DWORD PTR[24+r9]
+ mov ecx,esi
+ xor eax,r12d
+ bswap edx
+ rol ecx,5
+ lea r13d,DWORD PTR[1518500249+r13*1+rbp]
+ and eax,edi
+ mov DWORD PTR[24+rsp],edx
+ add r13d,ecx
+ xor eax,r12d
+ rol edi,30
+ add r13d,eax
+ mov eax,edi
+ mov ebp,DWORD PTR[28+r9]
+ mov ecx,r13d
+ xor eax,r11d
+ bswap ebp
+ rol ecx,5
+ lea r12d,DWORD PTR[1518500249+r12*1+rdx]
+ and eax,esi
+ mov DWORD PTR[28+rsp],ebp
+ add r12d,ecx
+ xor eax,r11d
+ rol esi,30
+ add r12d,eax
+ mov eax,esi
+ mov edx,DWORD PTR[32+r9]
+ mov ecx,r12d
+ xor eax,edi
+ bswap edx
+ rol ecx,5
+ lea r11d,DWORD PTR[1518500249+r11*1+rbp]
+ and eax,r13d
+ mov DWORD PTR[32+rsp],edx
+ add r11d,ecx
+ xor eax,edi
+ rol r13d,30
+ add r11d,eax
+ mov eax,r13d
+ mov ebp,DWORD PTR[36+r9]
+ mov ecx,r11d
+ xor eax,esi
+ bswap ebp
+ rol ecx,5
+ lea edi,DWORD PTR[1518500249+rdi*1+rdx]
+ and eax,r12d
+ mov DWORD PTR[36+rsp],ebp
+ add edi,ecx
+ xor eax,esi
+ rol r12d,30
+ add edi,eax
+ mov eax,r12d
+ mov edx,DWORD PTR[40+r9]
+ mov ecx,edi
+ xor eax,r13d
+ bswap edx
+ rol ecx,5
+ lea esi,DWORD PTR[1518500249+rsi*1+rbp]
+ and eax,r11d
+ mov DWORD PTR[40+rsp],edx
+ add esi,ecx
+ xor eax,r13d
+ rol r11d,30
+ add esi,eax
+ mov eax,r11d
+ mov ebp,DWORD PTR[44+r9]
+ mov ecx,esi
+ xor eax,r12d
+ bswap ebp
+ rol ecx,5
+ lea r13d,DWORD PTR[1518500249+r13*1+rdx]
+ and eax,edi
+ mov DWORD PTR[44+rsp],ebp
+ add r13d,ecx
+ xor eax,r12d
+ rol edi,30
+ add r13d,eax
+ mov eax,edi
+ mov edx,DWORD PTR[48+r9]
+ mov ecx,r13d
+ xor eax,r11d
+ bswap edx
+ rol ecx,5
+ lea r12d,DWORD PTR[1518500249+r12*1+rbp]
+ and eax,esi
+ mov DWORD PTR[48+rsp],edx
+ add r12d,ecx
+ xor eax,r11d
+ rol esi,30
+ add r12d,eax
+ mov eax,esi
+ mov ebp,DWORD PTR[52+r9]
+ mov ecx,r12d
+ xor eax,edi
+ bswap ebp
+ rol ecx,5
+ lea r11d,DWORD PTR[1518500249+r11*1+rdx]
+ and eax,r13d
+ mov DWORD PTR[52+rsp],ebp
+ add r11d,ecx
+ xor eax,edi
+ rol r13d,30
+ add r11d,eax
+ mov eax,r13d
+ mov edx,DWORD PTR[56+r9]
+ mov ecx,r11d
+ xor eax,esi
+ bswap edx
+ rol ecx,5
+ lea edi,DWORD PTR[1518500249+rdi*1+rbp]
+ and eax,r12d
+ mov DWORD PTR[56+rsp],edx
+ add edi,ecx
+ xor eax,esi
+ rol r12d,30
+ add edi,eax
+ mov eax,r12d
+ mov ebp,DWORD PTR[60+r9]
+ mov ecx,edi
+ xor eax,r13d
+ bswap ebp
+ rol ecx,5
+ lea esi,DWORD PTR[1518500249+rsi*1+rdx]
+ and eax,r11d
+ mov DWORD PTR[60+rsp],ebp
+ add esi,ecx
+ xor eax,r13d
+ rol r11d,30
+ add esi,eax
+ mov edx,DWORD PTR[rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor edx,DWORD PTR[8+rsp]
+ xor eax,r12d
+ rol ecx,5
+ xor edx,DWORD PTR[32+rsp]
+ and eax,edi
+ lea r13d,DWORD PTR[1518500249+r13*1+rbp]
+ xor edx,DWORD PTR[52+rsp]
+ xor eax,r12d
+ rol edx,1
+ add r13d,ecx
+ rol edi,30
+ mov DWORD PTR[rsp],edx
+ add r13d,eax
+ mov ebp,DWORD PTR[4+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor ebp,DWORD PTR[12+rsp]
+ xor eax,r11d
+ rol ecx,5
+ xor ebp,DWORD PTR[36+rsp]
+ and eax,esi
+ lea r12d,DWORD PTR[1518500249+r12*1+rdx]
+ xor ebp,DWORD PTR[56+rsp]
+ xor eax,r11d
+ rol ebp,1
+ add r12d,ecx
+ rol esi,30
+ mov DWORD PTR[4+rsp],ebp
+ add r12d,eax
+ mov edx,DWORD PTR[8+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor edx,DWORD PTR[16+rsp]
+ xor eax,edi
+ rol ecx,5
+ xor edx,DWORD PTR[40+rsp]
+ and eax,r13d
+ lea r11d,DWORD PTR[1518500249+r11*1+rbp]
+ xor edx,DWORD PTR[60+rsp]
+ xor eax,edi
+ rol edx,1
+ add r11d,ecx
+ rol r13d,30
+ mov DWORD PTR[8+rsp],edx
+ add r11d,eax
+ mov ebp,DWORD PTR[12+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,esi
+ rol ecx,5
+ xor ebp,DWORD PTR[44+rsp]
+ and eax,r12d
+ lea edi,DWORD PTR[1518500249+rdi*1+rdx]
+ xor ebp,DWORD PTR[rsp]
+ xor eax,esi
+ rol ebp,1
+ add edi,ecx
+ rol r12d,30
+ mov DWORD PTR[12+rsp],ebp
+ add edi,eax
+ mov edx,DWORD PTR[16+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,r13d
+ rol ecx,5
+ xor edx,DWORD PTR[48+rsp]
+ and eax,r11d
+ lea esi,DWORD PTR[1518500249+rsi*1+rbp]
+ xor edx,DWORD PTR[4+rsp]
+ xor eax,r13d
+ rol edx,1
+ add esi,ecx
+ rol r11d,30
+ mov DWORD PTR[16+rsp],edx
+ add esi,eax
+ mov ebp,DWORD PTR[20+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[1859775393+r13*1+rdx]
+ xor ebp,DWORD PTR[52+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor ebp,DWORD PTR[8+rsp]
+ rol edi,30
+ add r13d,eax
+ rol ebp,1
+ mov DWORD PTR[20+rsp],ebp
+ mov edx,DWORD PTR[24+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor edx,DWORD PTR[32+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[1859775393+r12*1+rbp]
+ xor edx,DWORD PTR[56+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor edx,DWORD PTR[12+rsp]
+ rol esi,30
+ add r12d,eax
+ rol edx,1
+ mov DWORD PTR[24+rsp],edx
+ mov ebp,DWORD PTR[28+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor ebp,DWORD PTR[36+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[1859775393+r11*1+rdx]
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor ebp,DWORD PTR[16+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol ebp,1
+ mov DWORD PTR[28+rsp],ebp
+ mov edx,DWORD PTR[32+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor edx,DWORD PTR[40+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[1859775393+rdi*1+rbp]
+ xor edx,DWORD PTR[rsp]
+ xor eax,esi
+ add edi,ecx
+ xor edx,DWORD PTR[20+rsp]
+ rol r12d,30
+ add edi,eax
+ rol edx,1
+ mov DWORD PTR[32+rsp],edx
+ mov ebp,DWORD PTR[36+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor ebp,DWORD PTR[44+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[1859775393+rsi*1+rdx]
+ xor ebp,DWORD PTR[4+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor ebp,DWORD PTR[24+rsp]
+ rol r11d,30
+ add esi,eax
+ rol ebp,1
+ mov DWORD PTR[36+rsp],ebp
+ mov edx,DWORD PTR[40+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor edx,DWORD PTR[48+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[1859775393+r13*1+rbp]
+ xor edx,DWORD PTR[8+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor edx,DWORD PTR[28+rsp]
+ rol edi,30
+ add r13d,eax
+ rol edx,1
+ mov DWORD PTR[40+rsp],edx
+ mov ebp,DWORD PTR[44+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor ebp,DWORD PTR[52+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[1859775393+r12*1+rdx]
+ xor ebp,DWORD PTR[12+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor ebp,DWORD PTR[32+rsp]
+ rol esi,30
+ add r12d,eax
+ rol ebp,1
+ mov DWORD PTR[44+rsp],ebp
+ mov edx,DWORD PTR[48+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor edx,DWORD PTR[56+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[1859775393+r11*1+rbp]
+ xor edx,DWORD PTR[16+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor edx,DWORD PTR[36+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol edx,1
+ mov DWORD PTR[48+rsp],edx
+ mov ebp,DWORD PTR[52+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[1859775393+rdi*1+rdx]
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor ebp,DWORD PTR[40+rsp]
+ rol r12d,30
+ add edi,eax
+ rol ebp,1
+ mov DWORD PTR[52+rsp],ebp
+ mov edx,DWORD PTR[56+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor edx,DWORD PTR[rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[1859775393+rsi*1+rbp]
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor edx,DWORD PTR[44+rsp]
+ rol r11d,30
+ add esi,eax
+ rol edx,1
+ mov DWORD PTR[56+rsp],edx
+ mov ebp,DWORD PTR[60+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor ebp,DWORD PTR[4+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[1859775393+r13*1+rdx]
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor ebp,DWORD PTR[48+rsp]
+ rol edi,30
+ add r13d,eax
+ rol ebp,1
+ mov DWORD PTR[60+rsp],ebp
+ mov edx,DWORD PTR[rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor edx,DWORD PTR[8+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[1859775393+r12*1+rbp]
+ xor edx,DWORD PTR[32+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor edx,DWORD PTR[52+rsp]
+ rol esi,30
+ add r12d,eax
+ rol edx,1
+ mov DWORD PTR[rsp],edx
+ mov ebp,DWORD PTR[4+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor ebp,DWORD PTR[12+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[1859775393+r11*1+rdx]
+ xor ebp,DWORD PTR[36+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor ebp,DWORD PTR[56+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol ebp,1
+ mov DWORD PTR[4+rsp],ebp
+ mov edx,DWORD PTR[8+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor edx,DWORD PTR[16+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[1859775393+rdi*1+rbp]
+ xor edx,DWORD PTR[40+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor edx,DWORD PTR[60+rsp]
+ rol r12d,30
+ add edi,eax
+ rol edx,1
+ mov DWORD PTR[8+rsp],edx
+ mov ebp,DWORD PTR[12+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[1859775393+rsi*1+rdx]
+ xor ebp,DWORD PTR[44+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor ebp,DWORD PTR[rsp]
+ rol r11d,30
+ add esi,eax
+ rol ebp,1
+ mov DWORD PTR[12+rsp],ebp
+ mov edx,DWORD PTR[16+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[1859775393+r13*1+rbp]
+ xor edx,DWORD PTR[48+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor edx,DWORD PTR[4+rsp]
+ rol edi,30
+ add r13d,eax
+ rol edx,1
+ mov DWORD PTR[16+rsp],edx
+ mov ebp,DWORD PTR[20+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[1859775393+r12*1+rdx]
+ xor ebp,DWORD PTR[52+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor ebp,DWORD PTR[8+rsp]
+ rol esi,30
+ add r12d,eax
+ rol ebp,1
+ mov DWORD PTR[20+rsp],ebp
+ mov edx,DWORD PTR[24+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor edx,DWORD PTR[32+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[1859775393+r11*1+rbp]
+ xor edx,DWORD PTR[56+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor edx,DWORD PTR[12+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol edx,1
+ mov DWORD PTR[24+rsp],edx
+ mov ebp,DWORD PTR[28+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor ebp,DWORD PTR[36+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[1859775393+rdi*1+rdx]
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor ebp,DWORD PTR[16+rsp]
+ rol r12d,30
+ add edi,eax
+ rol ebp,1
+ mov DWORD PTR[28+rsp],ebp
+ mov edx,DWORD PTR[32+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor edx,DWORD PTR[40+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[1859775393+rsi*1+rbp]
+ xor edx,DWORD PTR[rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor edx,DWORD PTR[20+rsp]
+ rol r11d,30
+ add esi,eax
+ rol edx,1
+ mov DWORD PTR[32+rsp],edx
+ mov ebp,DWORD PTR[36+rsp]
+ mov eax,r11d
mov ebx,r11d
- mov eax,DWORD PTR[20+r9]
- mov edx,edi
- xor ebx,r12d
- bswap eax
- rol edx,5
- and ebx,ebp
- mov DWORD PTR[20+rsp],eax
- add esi,edx
+ xor ebp,DWORD PTR[44+rsp]
+ and eax,r12d
+ mov ecx,esi
+ xor ebp,DWORD PTR[4+rsp]
xor ebx,r12d
- rol ebp,30
- add esi,ebx
- lea edx,DWORD PTR[05a827999h+r12*1+rax]
- mov ebx,ebp
- mov eax,DWORD PTR[24+r9]
- mov r12d,esi
- xor ebx,r11d
- bswap eax
- rol r12d,5
+ lea r13d,DWORD PTR[((-1894007588))+r13*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[24+rsp]
+ add r13d,eax
and ebx,edi
- mov DWORD PTR[24+rsp],eax
- add edx,r12d
- xor ebx,r11d
+ rol ebp,1
+ add r13d,ebx
rol edi,30
- add edx,ebx
- lea r12d,DWORD PTR[05a827999h+r11*1+rax]
+ mov DWORD PTR[36+rsp],ebp
+ add r13d,ecx
+ mov edx,DWORD PTR[40+rsp]
+ mov eax,edi
mov ebx,edi
- mov eax,DWORD PTR[28+r9]
- mov r11d,edx
- xor ebx,ebp
- bswap eax
- rol r11d,5
+ xor edx,DWORD PTR[48+rsp]
+ and eax,r11d
+ mov ecx,r13d
+ xor edx,DWORD PTR[8+rsp]
+ xor ebx,r11d
+ lea r12d,DWORD PTR[((-1894007588))+r12*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[28+rsp]
+ add r12d,eax
and ebx,esi
- mov DWORD PTR[28+rsp],eax
- add r12d,r11d
- xor ebx,ebp
- rol esi,30
+ rol edx,1
add r12d,ebx
- lea r11d,DWORD PTR[05a827999h+rbp*1+rax]
+ rol esi,30
+ mov DWORD PTR[40+rsp],edx
+ add r12d,ecx
+ mov ebp,DWORD PTR[44+rsp]
+ mov eax,esi
mov ebx,esi
- mov eax,DWORD PTR[32+r9]
- mov ebp,r12d
- xor ebx,edi
- bswap eax
- rol ebp,5
- and ebx,edx
- mov DWORD PTR[32+rsp],eax
- add r11d,ebp
+ xor ebp,DWORD PTR[52+rsp]
+ and eax,edi
+ mov ecx,r12d
+ xor ebp,DWORD PTR[12+rsp]
xor ebx,edi
- rol edx,30
+ lea r11d,DWORD PTR[((-1894007588))+r11*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[32+rsp]
+ add r11d,eax
+ and ebx,r13d
+ rol ebp,1
add r11d,ebx
- lea ebp,DWORD PTR[05a827999h+rdi*1+rax]
- mov ebx,edx
- mov eax,DWORD PTR[36+r9]
- mov edi,r11d
+ rol r13d,30
+ mov DWORD PTR[44+rsp],ebp
+ add r11d,ecx
+ mov edx,DWORD PTR[48+rsp]
+ mov eax,r13d
+ mov ebx,r13d
+ xor edx,DWORD PTR[56+rsp]
+ and eax,esi
+ mov ecx,r11d
+ xor edx,DWORD PTR[16+rsp]
xor ebx,esi
- bswap eax
- rol edi,5
+ lea edi,DWORD PTR[((-1894007588))+rdi*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[36+rsp]
+ add edi,eax
and ebx,r12d
- mov DWORD PTR[36+rsp],eax
- add ebp,edi
- xor ebx,esi
+ rol edx,1
+ add edi,ebx
rol r12d,30
- add ebp,ebx
- lea edi,DWORD PTR[05a827999h+rsi*1+rax]
+ mov DWORD PTR[48+rsp],edx
+ add edi,ecx
+ mov ebp,DWORD PTR[52+rsp]
+ mov eax,r12d
mov ebx,r12d
- mov eax,DWORD PTR[40+r9]
- mov esi,ebp
- xor ebx,edx
- bswap eax
- rol esi,5
+ xor ebp,DWORD PTR[60+rsp]
+ and eax,r13d
+ mov ecx,edi
+ xor ebp,DWORD PTR[20+rsp]
+ xor ebx,r13d
+ lea esi,DWORD PTR[((-1894007588))+rsi*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[40+rsp]
+ add esi,eax
and ebx,r11d
- mov DWORD PTR[40+rsp],eax
- add edi,esi
- xor ebx,edx
+ rol ebp,1
+ add esi,ebx
rol r11d,30
- add edi,ebx
- lea esi,DWORD PTR[05a827999h+rdx*1+rax]
+ mov DWORD PTR[52+rsp],ebp
+ add esi,ecx
+ mov edx,DWORD PTR[56+rsp]
+ mov eax,r11d
mov ebx,r11d
- mov eax,DWORD PTR[44+r9]
- mov edx,edi
- xor ebx,r12d
- bswap eax
- rol edx,5
- and ebx,ebp
- mov DWORD PTR[44+rsp],eax
- add esi,edx
+ xor edx,DWORD PTR[rsp]
+ and eax,r12d
+ mov ecx,esi
+ xor edx,DWORD PTR[24+rsp]
xor ebx,r12d
- rol ebp,30
- add esi,ebx
- lea edx,DWORD PTR[05a827999h+r12*1+rax]
- mov ebx,ebp
- mov eax,DWORD PTR[48+r9]
- mov r12d,esi
- xor ebx,r11d
- bswap eax
- rol r12d,5
+ lea r13d,DWORD PTR[((-1894007588))+r13*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[44+rsp]
+ add r13d,eax
and ebx,edi
- mov DWORD PTR[48+rsp],eax
- add edx,r12d
- xor ebx,r11d
+ rol edx,1
+ add r13d,ebx
rol edi,30
- add edx,ebx
- lea r12d,DWORD PTR[05a827999h+r11*1+rax]
+ mov DWORD PTR[56+rsp],edx
+ add r13d,ecx
+ mov ebp,DWORD PTR[60+rsp]
+ mov eax,edi
mov ebx,edi
- mov eax,DWORD PTR[52+r9]
- mov r11d,edx
- xor ebx,ebp
- bswap eax
- rol r11d,5
+ xor ebp,DWORD PTR[4+rsp]
+ and eax,r11d
+ mov ecx,r13d
+ xor ebp,DWORD PTR[28+rsp]
+ xor ebx,r11d
+ lea r12d,DWORD PTR[((-1894007588))+r12*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[48+rsp]
+ add r12d,eax
and ebx,esi
- mov DWORD PTR[52+rsp],eax
- add r12d,r11d
- xor ebx,ebp
- rol esi,30
+ rol ebp,1
add r12d,ebx
- lea r11d,DWORD PTR[05a827999h+rbp*1+rax]
+ rol esi,30
+ mov DWORD PTR[60+rsp],ebp
+ add r12d,ecx
+ mov edx,DWORD PTR[rsp]
+ mov eax,esi
mov ebx,esi
- mov eax,DWORD PTR[56+r9]
- mov ebp,r12d
- xor ebx,edi
- bswap eax
- rol ebp,5
- and ebx,edx
- mov DWORD PTR[56+rsp],eax
- add r11d,ebp
+ xor edx,DWORD PTR[8+rsp]
+ and eax,edi
+ mov ecx,r12d
+ xor edx,DWORD PTR[32+rsp]
xor ebx,edi
- rol edx,30
+ lea r11d,DWORD PTR[((-1894007588))+r11*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[52+rsp]
+ add r11d,eax
+ and ebx,r13d
+ rol edx,1
add r11d,ebx
- lea ebp,DWORD PTR[05a827999h+rdi*1+rax]
- mov ebx,edx
- mov eax,DWORD PTR[60+r9]
- mov edi,r11d
+ rol r13d,30
+ mov DWORD PTR[rsp],edx
+ add r11d,ecx
+ mov ebp,DWORD PTR[4+rsp]
+ mov eax,r13d
+ mov ebx,r13d
+ xor ebp,DWORD PTR[12+rsp]
+ and eax,esi
+ mov ecx,r11d
+ xor ebp,DWORD PTR[36+rsp]
xor ebx,esi
- bswap eax
- rol edi,5
+ lea edi,DWORD PTR[((-1894007588))+rdi*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[56+rsp]
+ add edi,eax
and ebx,r12d
- mov DWORD PTR[60+rsp],eax
- add ebp,edi
- xor ebx,esi
+ rol ebp,1
+ add edi,ebx
rol r12d,30
- add ebp,ebx
- lea edi,DWORD PTR[05a827999h+rsi*1+rax]
- mov eax,DWORD PTR[rsp]
+ mov DWORD PTR[4+rsp],ebp
+ add edi,ecx
+ mov edx,DWORD PTR[8+rsp]
+ mov eax,r12d
mov ebx,r12d
- mov esi,ebp
- xor eax,DWORD PTR[8+rsp]
- xor ebx,edx
- rol esi,5
- xor eax,DWORD PTR[32+rsp]
+ xor edx,DWORD PTR[16+rsp]
+ and eax,r13d
+ mov ecx,edi
+ xor edx,DWORD PTR[40+rsp]
+ xor ebx,r13d
+ lea esi,DWORD PTR[((-1894007588))+rsi*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[60+rsp]
+ add esi,eax
and ebx,r11d
- add edi,esi
- xor eax,DWORD PTR[52+rsp]
- xor ebx,edx
+ rol edx,1
+ add esi,ebx
rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[rsp],eax
- lea esi,DWORD PTR[05a827999h+rdx*1+rax]
- mov eax,DWORD PTR[4+rsp]
+ mov DWORD PTR[8+rsp],edx
+ add esi,ecx
+ mov ebp,DWORD PTR[12+rsp]
+ mov eax,r11d
mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[12+rsp]
- xor ebx,r12d
- rol edx,5
- xor eax,DWORD PTR[36+rsp]
- and ebx,ebp
- add esi,edx
- xor eax,DWORD PTR[56+rsp]
+ xor ebp,DWORD PTR[20+rsp]
+ and eax,r12d
+ mov ecx,esi
+ xor ebp,DWORD PTR[44+rsp]
xor ebx,r12d
- rol ebp,30
- add esi,ebx
- rol eax,1
- mov DWORD PTR[4+rsp],eax
- lea edx,DWORD PTR[05a827999h+r12*1+rax]
- mov eax,DWORD PTR[8+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[16+rsp]
- xor ebx,r11d
- rol r12d,5
- xor eax,DWORD PTR[40+rsp]
+ lea r13d,DWORD PTR[((-1894007588))+r13*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[rsp]
+ add r13d,eax
and ebx,edi
- add edx,r12d
- xor eax,DWORD PTR[60+rsp]
- xor ebx,r11d
+ rol ebp,1
+ add r13d,ebx
rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[8+rsp],eax
- lea r12d,DWORD PTR[05a827999h+r11*1+rax]
- mov eax,DWORD PTR[12+rsp]
+ mov DWORD PTR[12+rsp],ebp
+ add r13d,ecx
+ mov edx,DWORD PTR[16+rsp]
+ mov eax,edi
mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[20+rsp]
- xor ebx,ebp
- rol r11d,5
- xor eax,DWORD PTR[44+rsp]
+ xor edx,DWORD PTR[24+rsp]
+ and eax,r11d
+ mov ecx,r13d
+ xor edx,DWORD PTR[48+rsp]
+ xor ebx,r11d
+ lea r12d,DWORD PTR[((-1894007588))+r12*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[4+rsp]
+ add r12d,eax
and ebx,esi
- add r12d,r11d
- xor eax,DWORD PTR[rsp]
- xor ebx,ebp
- rol esi,30
+ rol edx,1
add r12d,ebx
- rol eax,1
- mov DWORD PTR[12+rsp],eax
- lea r11d,DWORD PTR[05a827999h+rbp*1+rax]
- mov eax,DWORD PTR[16+rsp]
+ rol esi,30
+ mov DWORD PTR[16+rsp],edx
+ add r12d,ecx
+ mov ebp,DWORD PTR[20+rsp]
+ mov eax,esi
mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[24+rsp]
- xor ebx,edi
- rol ebp,5
- xor eax,DWORD PTR[48+rsp]
- and ebx,edx
- add r11d,ebp
- xor eax,DWORD PTR[4+rsp]
+ xor ebp,DWORD PTR[28+rsp]
+ and eax,edi
+ mov ecx,r12d
+ xor ebp,DWORD PTR[52+rsp]
xor ebx,edi
- rol edx,30
+ lea r11d,DWORD PTR[((-1894007588))+r11*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[8+rsp]
+ add r11d,eax
+ and ebx,r13d
+ rol ebp,1
add r11d,ebx
- rol eax,1
- mov DWORD PTR[16+rsp],eax
- lea ebp,DWORD PTR[1859775393+rdi*1+rax]
- mov eax,DWORD PTR[20+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[28+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[52+rsp]
+ rol r13d,30
+ mov DWORD PTR[20+rsp],ebp
+ add r11d,ecx
+ mov edx,DWORD PTR[24+rsp]
+ mov eax,r13d
+ mov ebx,r13d
+ xor edx,DWORD PTR[32+rsp]
+ and eax,esi
+ mov ecx,r11d
+ xor edx,DWORD PTR[56+rsp]
xor ebx,esi
- add ebp,edi
- xor eax,DWORD PTR[8+rsp]
+ lea edi,DWORD PTR[((-1894007588))+rdi*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[12+rsp]
+ add edi,eax
+ and ebx,r12d
+ rol edx,1
+ add edi,ebx
rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[20+rsp],eax
- lea edi,DWORD PTR[1859775393+rsi*1+rax]
- mov eax,DWORD PTR[24+rsp]
+ mov DWORD PTR[24+rsp],edx
+ add edi,ecx
+ mov ebp,DWORD PTR[28+rsp]
+ mov eax,r12d
mov ebx,r12d
- mov esi,ebp
- xor eax,DWORD PTR[32+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[56+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[12+rsp]
+ xor ebp,DWORD PTR[36+rsp]
+ and eax,r13d
+ mov ecx,edi
+ xor ebp,DWORD PTR[60+rsp]
+ xor ebx,r13d
+ lea esi,DWORD PTR[((-1894007588))+rsi*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[16+rsp]
+ add esi,eax
+ and ebx,r11d
+ rol ebp,1
+ add esi,ebx
rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[24+rsp],eax
- lea esi,DWORD PTR[1859775393+rdx*1+rax]
- mov eax,DWORD PTR[28+rsp]
+ mov DWORD PTR[28+rsp],ebp
+ add esi,ecx
+ mov edx,DWORD PTR[32+rsp]
+ mov eax,r11d
mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[36+rsp]
- xor ebx,ebp
- rol edx,5
- xor eax,DWORD PTR[60+rsp]
+ xor edx,DWORD PTR[40+rsp]
+ and eax,r12d
+ mov ecx,esi
+ xor edx,DWORD PTR[rsp]
xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[16+rsp]
- rol ebp,30
- add esi,ebx
- rol eax,1
- mov DWORD PTR[28+rsp],eax
- lea edx,DWORD PTR[1859775393+r12*1+rax]
- mov eax,DWORD PTR[32+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[40+rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[20+rsp]
+ lea r13d,DWORD PTR[((-1894007588))+r13*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[20+rsp]
+ add r13d,eax
+ and ebx,edi
+ rol edx,1
+ add r13d,ebx
rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[32+rsp],eax
- lea r12d,DWORD PTR[1859775393+r11*1+rax]
- mov eax,DWORD PTR[36+rsp]
+ mov DWORD PTR[32+rsp],edx
+ add r13d,ecx
+ mov ebp,DWORD PTR[36+rsp]
+ mov eax,edi
mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[44+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[4+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[24+rsp]
- rol esi,30
+ xor ebp,DWORD PTR[44+rsp]
+ and eax,r11d
+ mov ecx,r13d
+ xor ebp,DWORD PTR[4+rsp]
+ xor ebx,r11d
+ lea r12d,DWORD PTR[((-1894007588))+r12*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[24+rsp]
+ add r12d,eax
+ and ebx,esi
+ rol ebp,1
add r12d,ebx
- rol eax,1
- mov DWORD PTR[36+rsp],eax
- lea r11d,DWORD PTR[1859775393+rbp*1+rax]
- mov eax,DWORD PTR[40+rsp]
+ rol esi,30
+ mov DWORD PTR[36+rsp],ebp
+ add r12d,ecx
+ mov edx,DWORD PTR[40+rsp]
+ mov eax,esi
mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[48+rsp]
- xor ebx,edx
- rol ebp,5
- xor eax,DWORD PTR[8+rsp]
+ xor edx,DWORD PTR[48+rsp]
+ and eax,edi
+ mov ecx,r12d
+ xor edx,DWORD PTR[8+rsp]
xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[28+rsp]
- rol edx,30
+ lea r11d,DWORD PTR[((-1894007588))+r11*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[28+rsp]
+ add r11d,eax
+ and ebx,r13d
+ rol edx,1
add r11d,ebx
- rol eax,1
- mov DWORD PTR[40+rsp],eax
- lea ebp,DWORD PTR[1859775393+rdi*1+rax]
- mov eax,DWORD PTR[44+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[52+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[12+rsp]
+ rol r13d,30
+ mov DWORD PTR[40+rsp],edx
+ add r11d,ecx
+ mov ebp,DWORD PTR[44+rsp]
+ mov eax,r13d
+ mov ebx,r13d
+ xor ebp,DWORD PTR[52+rsp]
+ and eax,esi
+ mov ecx,r11d
+ xor ebp,DWORD PTR[12+rsp]
xor ebx,esi
- add ebp,edi
- xor eax,DWORD PTR[32+rsp]
+ lea edi,DWORD PTR[((-1894007588))+rdi*1+rdx]
+ rol ecx,5
+ xor ebp,DWORD PTR[32+rsp]
+ add edi,eax
+ and ebx,r12d
+ rol ebp,1
+ add edi,ebx
rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[44+rsp],eax
- lea edi,DWORD PTR[1859775393+rsi*1+rax]
- mov eax,DWORD PTR[48+rsp]
+ mov DWORD PTR[44+rsp],ebp
+ add edi,ecx
+ mov edx,DWORD PTR[48+rsp]
+ mov eax,r12d
mov ebx,r12d
- mov esi,ebp
- xor eax,DWORD PTR[56+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[16+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[36+rsp]
- rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[48+rsp],eax
- lea esi,DWORD PTR[1859775393+rdx*1+rax]
- mov eax,DWORD PTR[52+rsp]
- mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[60+rsp]
- xor ebx,ebp
- rol edx,5
- xor eax,DWORD PTR[20+rsp]
- xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[40+rsp]
- rol ebp,30
+ xor edx,DWORD PTR[56+rsp]
+ and eax,r13d
+ mov ecx,edi
+ xor edx,DWORD PTR[16+rsp]
+ xor ebx,r13d
+ lea esi,DWORD PTR[((-1894007588))+rsi*1+rbp]
+ rol ecx,5
+ xor edx,DWORD PTR[36+rsp]
+ add esi,eax
+ and ebx,r11d
+ rol edx,1
add esi,ebx
- rol eax,1
- mov DWORD PTR[52+rsp],eax
- lea edx,DWORD PTR[1859775393+r12*1+rax]
- mov eax,DWORD PTR[56+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[24+rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[44+rsp]
+ rol r11d,30
+ mov DWORD PTR[48+rsp],edx
+ add esi,ecx
+ mov ebp,DWORD PTR[52+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[((-899497514))+r13*1+rdx]
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor ebp,DWORD PTR[40+rsp]
rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[56+rsp],eax
- lea r12d,DWORD PTR[1859775393+r11*1+rax]
- mov eax,DWORD PTR[60+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[4+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[28+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[48+rsp]
+ add r13d,eax
+ rol ebp,1
+ mov DWORD PTR[52+rsp],ebp
+ mov edx,DWORD PTR[56+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor edx,DWORD PTR[rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[((-899497514))+r12*1+rbp]
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor edx,DWORD PTR[44+rsp]
rol esi,30
- add r12d,ebx
- rol eax,1
- mov DWORD PTR[60+rsp],eax
- lea r11d,DWORD PTR[1859775393+rbp*1+rax]
- mov eax,DWORD PTR[rsp]
- mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[8+rsp]
- xor ebx,edx
- rol ebp,5
- xor eax,DWORD PTR[32+rsp]
- xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[52+rsp]
- rol edx,30
- add r11d,ebx
- rol eax,1
- mov DWORD PTR[rsp],eax
- lea ebp,DWORD PTR[1859775393+rdi*1+rax]
- mov eax,DWORD PTR[4+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[12+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[36+rsp]
- xor ebx,esi
- add ebp,edi
- xor eax,DWORD PTR[56+rsp]
+ add r12d,eax
+ rol edx,1
+ mov DWORD PTR[56+rsp],edx
+ mov ebp,DWORD PTR[60+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor ebp,DWORD PTR[4+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[((-899497514))+r11*1+rdx]
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor ebp,DWORD PTR[48+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol ebp,1
+ mov DWORD PTR[60+rsp],ebp
+ mov edx,DWORD PTR[rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor edx,DWORD PTR[8+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[((-899497514))+rdi*1+rbp]
+ xor edx,DWORD PTR[32+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor edx,DWORD PTR[52+rsp]
rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[4+rsp],eax
- lea edi,DWORD PTR[1859775393+rsi*1+rax]
- mov eax,DWORD PTR[8+rsp]
- mov ebx,r12d
- mov esi,ebp
- xor eax,DWORD PTR[16+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[40+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[60+rsp]
+ add edi,eax
+ rol edx,1
+ mov DWORD PTR[rsp],edx
+ mov ebp,DWORD PTR[4+rsp]
+ mov eax,r12d
+ mov ecx,edi
+ xor ebp,DWORD PTR[12+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[((-899497514))+rsi*1+rdx]
+ xor ebp,DWORD PTR[36+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor ebp,DWORD PTR[56+rsp]
rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[8+rsp],eax
- lea esi,DWORD PTR[1859775393+rdx*1+rax]
- mov eax,DWORD PTR[12+rsp]
- mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[20+rsp]
- xor ebx,ebp
- rol edx,5
- xor eax,DWORD PTR[44+rsp]
- xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[rsp]
- rol ebp,30
- add esi,ebx
- rol eax,1
- mov DWORD PTR[12+rsp],eax
- lea edx,DWORD PTR[1859775393+r12*1+rax]
- mov eax,DWORD PTR[16+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[24+rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[48+rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[4+rsp]
+ add esi,eax
+ rol ebp,1
+ mov DWORD PTR[4+rsp],ebp
+ mov edx,DWORD PTR[8+rsp]
+ mov eax,r11d
+ mov ecx,esi
+ xor edx,DWORD PTR[16+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[((-899497514))+r13*1+rbp]
+ xor edx,DWORD PTR[40+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor edx,DWORD PTR[60+rsp]
rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[16+rsp],eax
- lea r12d,DWORD PTR[1859775393+r11*1+rax]
- mov eax,DWORD PTR[20+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[28+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[52+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[8+rsp]
+ add r13d,eax
+ rol edx,1
+ mov DWORD PTR[8+rsp],edx
+ mov ebp,DWORD PTR[12+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[((-899497514))+r12*1+rdx]
+ xor ebp,DWORD PTR[44+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor ebp,DWORD PTR[rsp]
rol esi,30
- add r12d,ebx
- rol eax,1
- mov DWORD PTR[20+rsp],eax
- lea r11d,DWORD PTR[1859775393+rbp*1+rax]
- mov eax,DWORD PTR[24+rsp]
- mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[32+rsp]
- xor ebx,edx
- rol ebp,5
- xor eax,DWORD PTR[56+rsp]
- xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[12+rsp]
- rol edx,30
- add r11d,ebx
- rol eax,1
- mov DWORD PTR[24+rsp],eax
- lea ebp,DWORD PTR[1859775393+rdi*1+rax]
- mov eax,DWORD PTR[28+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[36+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[60+rsp]
- xor ebx,esi
- add ebp,edi
- xor eax,DWORD PTR[16+rsp]
+ add r12d,eax
+ rol ebp,1
+ mov DWORD PTR[12+rsp],ebp
+ mov edx,DWORD PTR[16+rsp]
+ mov eax,esi
+ mov ecx,r12d
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[((-899497514))+r11*1+rbp]
+ xor edx,DWORD PTR[48+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor edx,DWORD PTR[4+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol edx,1
+ mov DWORD PTR[16+rsp],edx
+ mov ebp,DWORD PTR[20+rsp]
+ mov eax,r13d
+ mov ecx,r11d
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[((-899497514))+rdi*1+rdx]
+ xor ebp,DWORD PTR[52+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor ebp,DWORD PTR[8+rsp]
rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[28+rsp],eax
- lea edi,DWORD PTR[1859775393+rsi*1+rax]
- mov eax,DWORD PTR[32+rsp]
- mov ebx,r12d
- mov esi,ebp
- xor eax,DWORD PTR[40+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[20+rsp]
- rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[32+rsp],eax
- lea esi,DWORD PTR[08f1bbcdch+rdx*1+rax]
- mov eax,DWORD PTR[36+rsp]
- mov ebx,ebp
- mov ecx,ebp
- xor eax,DWORD PTR[44+rsp]
- mov edx,edi
- and ebx,r11d
- xor eax,DWORD PTR[4+rsp]
- or ecx,r11d
- rol edx,5
- xor eax,DWORD PTR[24+rsp]
- and ecx,r12d
- add esi,edx
- rol eax,1
- or ebx,ecx
- rol ebp,30
- mov DWORD PTR[36+rsp],eax
- add esi,ebx
- lea edx,DWORD PTR[08f1bbcdch+r12*1+rax]
- mov eax,DWORD PTR[40+rsp]
- mov ebx,edi
+ add edi,eax
+ rol ebp,1
+ mov DWORD PTR[20+rsp],ebp
+ mov edx,DWORD PTR[24+rsp]
+ mov eax,r12d
mov ecx,edi
- xor eax,DWORD PTR[48+rsp]
- mov r12d,esi
- and ebx,ebp
- xor eax,DWORD PTR[8+rsp]
- or ecx,ebp
- rol r12d,5
- xor eax,DWORD PTR[28+rsp]
- and ecx,r11d
- add edx,r12d
- rol eax,1
- or ebx,ecx
- rol edi,30
- mov DWORD PTR[40+rsp],eax
- add edx,ebx
- lea r12d,DWORD PTR[08f1bbcdch+r11*1+rax]
- mov eax,DWORD PTR[44+rsp]
- mov ebx,esi
+ xor edx,DWORD PTR[32+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[((-899497514))+rsi*1+rbp]
+ xor edx,DWORD PTR[56+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor edx,DWORD PTR[12+rsp]
+ rol r11d,30
+ add esi,eax
+ rol edx,1
+ mov DWORD PTR[24+rsp],edx
+ mov ebp,DWORD PTR[28+rsp]
+ mov eax,r11d
mov ecx,esi
- xor eax,DWORD PTR[52+rsp]
- mov r11d,edx
- and ebx,edi
- xor eax,DWORD PTR[12+rsp]
- or ecx,edi
- rol r11d,5
- xor eax,DWORD PTR[32+rsp]
- and ecx,ebp
- add r12d,r11d
- rol eax,1
- or ebx,ecx
+ xor ebp,DWORD PTR[36+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[((-899497514))+r13*1+rdx]
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor ebp,DWORD PTR[16+rsp]
+ rol edi,30
+ add r13d,eax
+ rol ebp,1
+ mov DWORD PTR[28+rsp],ebp
+ mov edx,DWORD PTR[32+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor edx,DWORD PTR[40+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[((-899497514))+r12*1+rbp]
+ xor edx,DWORD PTR[rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor edx,DWORD PTR[20+rsp]
rol esi,30
- mov DWORD PTR[44+rsp],eax
- add r12d,ebx
- lea r11d,DWORD PTR[08f1bbcdch+rbp*1+rax]
- mov eax,DWORD PTR[48+rsp]
- mov ebx,edx
- mov ecx,edx
- xor eax,DWORD PTR[56+rsp]
- mov ebp,r12d
- and ebx,esi
- xor eax,DWORD PTR[16+rsp]
- or ecx,esi
- rol ebp,5
- xor eax,DWORD PTR[36+rsp]
- and ecx,edi
- add r11d,ebp
- rol eax,1
- or ebx,ecx
- rol edx,30
- mov DWORD PTR[48+rsp],eax
- add r11d,ebx
- lea ebp,DWORD PTR[08f1bbcdch+rdi*1+rax]
- mov eax,DWORD PTR[52+rsp]
- mov ebx,r12d
+ add r12d,eax
+ rol edx,1
+ mov DWORD PTR[32+rsp],edx
+ mov ebp,DWORD PTR[36+rsp]
+ mov eax,esi
mov ecx,r12d
- xor eax,DWORD PTR[60+rsp]
- mov edi,r11d
- and ebx,edx
- xor eax,DWORD PTR[20+rsp]
- or ecx,edx
- rol edi,5
- xor eax,DWORD PTR[40+rsp]
- and ecx,esi
- add ebp,edi
- rol eax,1
- or ebx,ecx
- rol r12d,30
- mov DWORD PTR[52+rsp],eax
- add ebp,ebx
- lea edi,DWORD PTR[08f1bbcdch+rsi*1+rax]
- mov eax,DWORD PTR[56+rsp]
- mov ebx,r11d
+ xor ebp,DWORD PTR[44+rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[((-899497514))+r11*1+rdx]
+ xor ebp,DWORD PTR[4+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor ebp,DWORD PTR[24+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol ebp,1
+ mov DWORD PTR[36+rsp],ebp
+ mov edx,DWORD PTR[40+rsp]
+ mov eax,r13d
mov ecx,r11d
- xor eax,DWORD PTR[rsp]
- mov esi,ebp
- and ebx,r12d
- xor eax,DWORD PTR[24+rsp]
- or ecx,r12d
- rol esi,5
- xor eax,DWORD PTR[44+rsp]
- and ecx,edx
- add edi,esi
- rol eax,1
- or ebx,ecx
- rol r11d,30
- mov DWORD PTR[56+rsp],eax
- add edi,ebx
- lea esi,DWORD PTR[08f1bbcdch+rdx*1+rax]
- mov eax,DWORD PTR[60+rsp]
- mov ebx,ebp
- mov ecx,ebp
- xor eax,DWORD PTR[4+rsp]
- mov edx,edi
- and ebx,r11d
- xor eax,DWORD PTR[28+rsp]
- or ecx,r11d
- rol edx,5
- xor eax,DWORD PTR[48+rsp]
- and ecx,r12d
- add esi,edx
- rol eax,1
- or ebx,ecx
- rol ebp,30
- mov DWORD PTR[60+rsp],eax
- add esi,ebx
- lea edx,DWORD PTR[08f1bbcdch+r12*1+rax]
- mov eax,DWORD PTR[rsp]
- mov ebx,edi
+ xor edx,DWORD PTR[48+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[((-899497514))+rdi*1+rbp]
+ xor edx,DWORD PTR[8+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor edx,DWORD PTR[28+rsp]
+ rol r12d,30
+ add edi,eax
+ rol edx,1
+ mov DWORD PTR[40+rsp],edx
+ mov ebp,DWORD PTR[44+rsp]
+ mov eax,r12d
mov ecx,edi
- xor eax,DWORD PTR[8+rsp]
- mov r12d,esi
- and ebx,ebp
- xor eax,DWORD PTR[32+rsp]
- or ecx,ebp
- rol r12d,5
- xor eax,DWORD PTR[52+rsp]
- and ecx,r11d
- add edx,r12d
- rol eax,1
- or ebx,ecx
- rol edi,30
- mov DWORD PTR[rsp],eax
- add edx,ebx
- lea r12d,DWORD PTR[08f1bbcdch+r11*1+rax]
- mov eax,DWORD PTR[4+rsp]
- mov ebx,esi
+ xor ebp,DWORD PTR[52+rsp]
+ xor eax,r11d
+ rol ecx,5
+ lea esi,DWORD PTR[((-899497514))+rsi*1+rdx]
+ xor ebp,DWORD PTR[12+rsp]
+ xor eax,r13d
+ add esi,ecx
+ xor ebp,DWORD PTR[32+rsp]
+ rol r11d,30
+ add esi,eax
+ rol ebp,1
+ mov DWORD PTR[44+rsp],ebp
+ mov edx,DWORD PTR[48+rsp]
+ mov eax,r11d
mov ecx,esi
- xor eax,DWORD PTR[12+rsp]
- mov r11d,edx
- and ebx,edi
- xor eax,DWORD PTR[36+rsp]
- or ecx,edi
- rol r11d,5
- xor eax,DWORD PTR[56+rsp]
- and ecx,ebp
- add r12d,r11d
- rol eax,1
- or ebx,ecx
+ xor edx,DWORD PTR[56+rsp]
+ xor eax,edi
+ rol ecx,5
+ lea r13d,DWORD PTR[((-899497514))+r13*1+rbp]
+ xor edx,DWORD PTR[16+rsp]
+ xor eax,r12d
+ add r13d,ecx
+ xor edx,DWORD PTR[36+rsp]
+ rol edi,30
+ add r13d,eax
+ rol edx,1
+ mov DWORD PTR[48+rsp],edx
+ mov ebp,DWORD PTR[52+rsp]
+ mov eax,edi
+ mov ecx,r13d
+ xor ebp,DWORD PTR[60+rsp]
+ xor eax,esi
+ rol ecx,5
+ lea r12d,DWORD PTR[((-899497514))+r12*1+rdx]
+ xor ebp,DWORD PTR[20+rsp]
+ xor eax,r11d
+ add r12d,ecx
+ xor ebp,DWORD PTR[40+rsp]
rol esi,30
- mov DWORD PTR[4+rsp],eax
- add r12d,ebx
- lea r11d,DWORD PTR[08f1bbcdch+rbp*1+rax]
- mov eax,DWORD PTR[8+rsp]
- mov ebx,edx
- mov ecx,edx
- xor eax,DWORD PTR[16+rsp]
- mov ebp,r12d
- and ebx,esi
- xor eax,DWORD PTR[40+rsp]
- or ecx,esi
- rol ebp,5
- xor eax,DWORD PTR[60+rsp]
- and ecx,edi
- add r11d,ebp
- rol eax,1
- or ebx,ecx
- rol edx,30
- mov DWORD PTR[8+rsp],eax
- add r11d,ebx
- lea ebp,DWORD PTR[08f1bbcdch+rdi*1+rax]
- mov eax,DWORD PTR[12+rsp]
- mov ebx,r12d
+ add r12d,eax
+ rol ebp,1
+ mov edx,DWORD PTR[56+rsp]
+ mov eax,esi
mov ecx,r12d
- xor eax,DWORD PTR[20+rsp]
- mov edi,r11d
- and ebx,edx
- xor eax,DWORD PTR[44+rsp]
- or ecx,edx
- rol edi,5
- xor eax,DWORD PTR[rsp]
- and ecx,esi
- add ebp,edi
- rol eax,1
- or ebx,ecx
- rol r12d,30
- mov DWORD PTR[12+rsp],eax
- add ebp,ebx
- lea edi,DWORD PTR[08f1bbcdch+rsi*1+rax]
- mov eax,DWORD PTR[16+rsp]
- mov ebx,r11d
+ xor edx,DWORD PTR[rsp]
+ xor eax,r13d
+ rol ecx,5
+ lea r11d,DWORD PTR[((-899497514))+r11*1+rbp]
+ xor edx,DWORD PTR[24+rsp]
+ xor eax,edi
+ add r11d,ecx
+ xor edx,DWORD PTR[44+rsp]
+ rol r13d,30
+ add r11d,eax
+ rol edx,1
+ mov ebp,DWORD PTR[60+rsp]
+ mov eax,r13d
mov ecx,r11d
- xor eax,DWORD PTR[24+rsp]
- mov esi,ebp
- and ebx,r12d
- xor eax,DWORD PTR[48+rsp]
- or ecx,r12d
- rol esi,5
- xor eax,DWORD PTR[4+rsp]
- and ecx,edx
- add edi,esi
- rol eax,1
- or ebx,ecx
+ xor ebp,DWORD PTR[4+rsp]
+ xor eax,r12d
+ rol ecx,5
+ lea edi,DWORD PTR[((-899497514))+rdi*1+rdx]
+ xor ebp,DWORD PTR[28+rsp]
+ xor eax,esi
+ add edi,ecx
+ xor ebp,DWORD PTR[48+rsp]
+ rol r12d,30
+ add edi,eax
+ rol ebp,1
+ mov eax,r12d
+ mov ecx,edi
+ xor eax,r11d
+ lea esi,DWORD PTR[((-899497514))+rsi*1+rbp]
+ rol ecx,5
+ xor eax,r13d
+ add esi,ecx
rol r11d,30
- mov DWORD PTR[16+rsp],eax
- add edi,ebx
- lea esi,DWORD PTR[08f1bbcdch+rdx*1+rax]
- mov eax,DWORD PTR[20+rsp]
- mov ebx,ebp
- mov ecx,ebp
- xor eax,DWORD PTR[28+rsp]
- mov edx,edi
- and ebx,r11d
- xor eax,DWORD PTR[52+rsp]
- or ecx,r11d
+ add esi,eax
+ add esi,DWORD PTR[r8]
+ add edi,DWORD PTR[4+r8]
+ add r11d,DWORD PTR[8+r8]
+ add r12d,DWORD PTR[12+r8]
+ add r13d,DWORD PTR[16+r8]
+ mov DWORD PTR[r8],esi
+ mov DWORD PTR[4+r8],edi
+ mov DWORD PTR[8+r8],r11d
+ mov DWORD PTR[12+r8],r12d
+ mov DWORD PTR[16+r8],r13d
+
+ sub r10,1
+ lea r9,QWORD PTR[64+r9]
+ jnz $L$loop
+
+ mov rsi,QWORD PTR[64+rsp]
+ mov r13,QWORD PTR[rsi]
+ mov r12,QWORD PTR[8+rsi]
+ mov rbp,QWORD PTR[16+rsi]
+ mov rbx,QWORD PTR[24+rsi]
+ lea rsp,QWORD PTR[32+rsi]
+$L$epilogue::
+ mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
+ mov rsi,QWORD PTR[16+rsp]
+ DB 0F3h,0C3h ;repret
+$L$SEH_end_sha1_block_data_order::
+sha1_block_data_order ENDP
+
+ALIGN 16
+sha1_block_data_order_ssse3 PROC PRIVATE
+ mov QWORD PTR[8+rsp],rdi ;WIN64 prologue
+ mov QWORD PTR[16+rsp],rsi
+ mov rax,rsp
+$L$SEH_begin_sha1_block_data_order_ssse3::
+ mov rdi,rcx
+ mov rsi,rdx
+ mov rdx,r8
+
+
+_ssse3_shortcut::
+ push rbx
+ push rbp
+ push r12
+ lea rsp,QWORD PTR[((-144))+rsp]
+ movaps XMMWORD PTR[(64+0)+rsp],xmm6
+ movaps XMMWORD PTR[(64+16)+rsp],xmm7
+ movaps XMMWORD PTR[(64+32)+rsp],xmm8
+ movaps XMMWORD PTR[(64+48)+rsp],xmm9
+ movaps XMMWORD PTR[(64+64)+rsp],xmm10
+$L$prologue_ssse3::
+ mov r8,rdi
+ mov r9,rsi
+ mov r10,rdx
+
+ shl r10,6
+ add r10,r9
+ lea r11,QWORD PTR[K_XX_XX]
+
+ mov eax,DWORD PTR[r8]
+ mov ebx,DWORD PTR[4+r8]
+ mov ecx,DWORD PTR[8+r8]
+ mov edx,DWORD PTR[12+r8]
+ mov esi,ebx
+ mov ebp,DWORD PTR[16+r8]
+
+ movdqa xmm6,XMMWORD PTR[64+r11]
+ movdqa xmm9,XMMWORD PTR[r11]
+ movdqu xmm0,XMMWORD PTR[r9]
+ movdqu xmm1,XMMWORD PTR[16+r9]
+ movdqu xmm2,XMMWORD PTR[32+r9]
+ movdqu xmm3,XMMWORD PTR[48+r9]
+DB 102,15,56,0,198
+ add r9,64
+DB 102,15,56,0,206
+DB 102,15,56,0,214
+DB 102,15,56,0,222
+ paddd xmm0,xmm9
+ paddd xmm1,xmm9
+ paddd xmm2,xmm9
+ movdqa XMMWORD PTR[rsp],xmm0
+ psubd xmm0,xmm9
+ movdqa XMMWORD PTR[16+rsp],xmm1
+ psubd xmm1,xmm9
+ movdqa XMMWORD PTR[32+rsp],xmm2
+ psubd xmm2,xmm9
+ jmp $L$oop_ssse3
+ALIGN 16
+$L$oop_ssse3::
+ movdqa xmm4,xmm1
+ add ebp,DWORD PTR[rsp]
+ xor ecx,edx
+ movdqa xmm8,xmm3
+DB 102,15,58,15,224,8
+ mov edi,eax
+ rol eax,5
+ paddd xmm9,xmm3
+ and esi,ecx
+ xor ecx,edx
+ psrldq xmm8,4
+ xor esi,edx
+ add ebp,eax
+ pxor xmm4,xmm0
+ ror ebx,2
+ add ebp,esi
+ pxor xmm8,xmm2
+ add edx,DWORD PTR[4+rsp]
+ xor ebx,ecx
+ mov esi,ebp
+ rol ebp,5
+ pxor xmm4,xmm8
+ and edi,ebx
+ xor ebx,ecx
+ movdqa XMMWORD PTR[48+rsp],xmm9
+ xor edi,ecx
+ add edx,ebp
+ movdqa xmm10,xmm4
+ movdqa xmm8,xmm4
+ ror eax,7
+ add edx,edi
+ add ecx,DWORD PTR[8+rsp]
+ xor eax,ebx
+ pslldq xmm10,12
+ paddd xmm4,xmm4
+ mov edi,edx
rol edx,5
- xor eax,DWORD PTR[8+rsp]
- and ecx,r12d
- add esi,edx
- rol eax,1
- or ebx,ecx
- rol ebp,30
- mov DWORD PTR[20+rsp],eax
- add esi,ebx
- lea edx,DWORD PTR[08f1bbcdch+r12*1+rax]
- mov eax,DWORD PTR[24+rsp]
- mov ebx,edi
- mov ecx,edi
- xor eax,DWORD PTR[32+rsp]
- mov r12d,esi
- and ebx,ebp
- xor eax,DWORD PTR[56+rsp]
- or ecx,ebp
- rol r12d,5
- xor eax,DWORD PTR[12+rsp]
- and ecx,r11d
- add edx,r12d
- rol eax,1
- or ebx,ecx
- rol edi,30
- mov DWORD PTR[24+rsp],eax
- add edx,ebx
- lea r12d,DWORD PTR[08f1bbcdch+r11*1+rax]
- mov eax,DWORD PTR[28+rsp]
- mov ebx,esi
- mov ecx,esi
- xor eax,DWORD PTR[36+rsp]
- mov r11d,edx
- and ebx,edi
- xor eax,DWORD PTR[60+rsp]
- or ecx,edi
- rol r11d,5
- xor eax,DWORD PTR[16+rsp]
- and ecx,ebp
- add r12d,r11d
- rol eax,1
- or ebx,ecx
- rol esi,30
- mov DWORD PTR[28+rsp],eax
- add r12d,ebx
- lea r11d,DWORD PTR[08f1bbcdch+rbp*1+rax]
- mov eax,DWORD PTR[32+rsp]
- mov ebx,edx
- mov ecx,edx
- xor eax,DWORD PTR[40+rsp]
- mov ebp,r12d
- and ebx,esi
- xor eax,DWORD PTR[rsp]
- or ecx,esi
+ and esi,eax
+ xor eax,ebx
+ psrld xmm8,31
+ xor esi,ebx
+ add ecx,edx
+ movdqa xmm9,xmm10
+ ror ebp,7
+ add ecx,esi
+ psrld xmm10,30
+ por xmm4,xmm8
+ add ebx,DWORD PTR[12+rsp]
+ xor ebp,eax
+ mov esi,ecx
+ rol ecx,5
+ pslld xmm9,2
+ pxor xmm4,xmm10
+ and edi,ebp
+ xor ebp,eax
+ movdqa xmm10,XMMWORD PTR[r11]
+ xor edi,eax
+ add ebx,ecx
+ pxor xmm4,xmm9
+ ror edx,7
+ add ebx,edi
+ movdqa xmm5,xmm2
+ add eax,DWORD PTR[16+rsp]
+ xor edx,ebp
+ movdqa xmm9,xmm4
+DB 102,15,58,15,233,8
+ mov edi,ebx
+ rol ebx,5
+ paddd xmm10,xmm4
+ and esi,edx
+ xor edx,ebp
+ psrldq xmm9,4
+ xor esi,ebp
+ add eax,ebx
+ pxor xmm5,xmm1
+ ror ecx,7
+ add eax,esi
+ pxor xmm9,xmm3
+ add ebp,DWORD PTR[20+rsp]
+ xor ecx,edx
+ mov esi,eax
+ rol eax,5
+ pxor xmm5,xmm9
+ and edi,ecx
+ xor ecx,edx
+ movdqa XMMWORD PTR[rsp],xmm10
+ xor edi,edx
+ add ebp,eax
+ movdqa xmm8,xmm5
+ movdqa xmm9,xmm5
+ ror ebx,7
+ add ebp,edi
+ add edx,DWORD PTR[24+rsp]
+ xor ebx,ecx
+ pslldq xmm8,12
+ paddd xmm5,xmm5
+ mov edi,ebp
rol ebp,5
- xor eax,DWORD PTR[20+rsp]
- and ecx,edi
- add r11d,ebp
- rol eax,1
- or ebx,ecx
- rol edx,30
- mov DWORD PTR[32+rsp],eax
- add r11d,ebx
- lea ebp,DWORD PTR[08f1bbcdch+rdi*1+rax]
- mov eax,DWORD PTR[36+rsp]
- mov ebx,r12d
- mov ecx,r12d
- xor eax,DWORD PTR[44+rsp]
- mov edi,r11d
- and ebx,edx
- xor eax,DWORD PTR[4+rsp]
- or ecx,edx
- rol edi,5
- xor eax,DWORD PTR[24+rsp]
- and ecx,esi
+ and esi,ebx
+ xor ebx,ecx
+ psrld xmm9,31
+ xor esi,ecx
+ add edx,ebp
+ movdqa xmm10,xmm8
+ ror eax,7
+ add edx,esi
+ psrld xmm8,30
+ por xmm5,xmm9
+ add ecx,DWORD PTR[28+rsp]
+ xor eax,ebx
+ mov esi,edx
+ rol edx,5
+ pslld xmm10,2
+ pxor xmm5,xmm8
+ and edi,eax
+ xor eax,ebx
+ movdqa xmm8,XMMWORD PTR[16+r11]
+ xor edi,ebx
+ add ecx,edx
+ pxor xmm5,xmm10
+ ror ebp,7
+ add ecx,edi
+ movdqa xmm6,xmm3
+ add ebx,DWORD PTR[32+rsp]
+ xor ebp,eax
+ movdqa xmm10,xmm5
+DB 102,15,58,15,242,8
+ mov edi,ecx
+ rol ecx,5
+ paddd xmm8,xmm5
+ and esi,ebp
+ xor ebp,eax
+ psrldq xmm10,4
+ xor esi,eax
+ add ebx,ecx
+ pxor xmm6,xmm2
+ ror edx,7
+ add ebx,esi
+ pxor xmm10,xmm4
+ add eax,DWORD PTR[36+rsp]
+ xor edx,ebp
+ mov esi,ebx
+ rol ebx,5
+ pxor xmm6,xmm10
+ and edi,edx
+ xor edx,ebp
+ movdqa XMMWORD PTR[16+rsp],xmm8
+ xor edi,ebp
+ add eax,ebx
+ movdqa xmm9,xmm6
+ movdqa xmm10,xmm6
+ ror ecx,7
+ add eax,edi
+ add ebp,DWORD PTR[40+rsp]
+ xor ecx,edx
+ pslldq xmm9,12
+ paddd xmm6,xmm6
+ mov edi,eax
+ rol eax,5
+ and esi,ecx
+ xor ecx,edx
+ psrld xmm10,31
+ xor esi,edx
+ add ebp,eax
+ movdqa xmm8,xmm9
+ ror ebx,7
+ add ebp,esi
+ psrld xmm9,30
+ por xmm6,xmm10
+ add edx,DWORD PTR[44+rsp]
+ xor ebx,ecx
+ mov esi,ebp
+ rol ebp,5
+ pslld xmm8,2
+ pxor xmm6,xmm9
+ and edi,ebx
+ xor ebx,ecx
+ movdqa xmm9,XMMWORD PTR[16+r11]
+ xor edi,ecx
+ add edx,ebp
+ pxor xmm6,xmm8
+ ror eax,7
+ add edx,edi
+ movdqa xmm7,xmm4
+ add ecx,DWORD PTR[48+rsp]
+ xor eax,ebx
+ movdqa xmm8,xmm6
+DB 102,15,58,15,251,8
+ mov edi,edx
+ rol edx,5
+ paddd xmm9,xmm6
+ and esi,eax
+ xor eax,ebx
+ psrldq xmm8,4
+ xor esi,ebx
+ add ecx,edx
+ pxor xmm7,xmm3
+ ror ebp,7
+ add ecx,esi
+ pxor xmm8,xmm5
+ add ebx,DWORD PTR[52+rsp]
+ xor ebp,eax
+ mov esi,ecx
+ rol ecx,5
+ pxor xmm7,xmm8
+ and edi,ebp
+ xor ebp,eax
+ movdqa XMMWORD PTR[32+rsp],xmm9
+ xor edi,eax
+ add ebx,ecx
+ movdqa xmm10,xmm7
+ movdqa xmm8,xmm7
+ ror edx,7
+ add ebx,edi
+ add eax,DWORD PTR[56+rsp]
+ xor edx,ebp
+ pslldq xmm10,12
+ paddd xmm7,xmm7
+ mov edi,ebx
+ rol ebx,5
+ and esi,edx
+ xor edx,ebp
+ psrld xmm8,31
+ xor esi,ebp
+ add eax,ebx
+ movdqa xmm9,xmm10
+ ror ecx,7
+ add eax,esi
+ psrld xmm10,30
+ por xmm7,xmm8
+ add ebp,DWORD PTR[60+rsp]
+ xor ecx,edx
+ mov esi,eax
+ rol eax,5
+ pslld xmm9,2
+ pxor xmm7,xmm10
+ and edi,ecx
+ xor ecx,edx
+ movdqa xmm10,XMMWORD PTR[16+r11]
+ xor edi,edx
+ add ebp,eax
+ pxor xmm7,xmm9
+ ror ebx,7
add ebp,edi
- rol eax,1
- or ebx,ecx
- rol r12d,30
- mov DWORD PTR[36+rsp],eax
- add ebp,ebx
- lea edi,DWORD PTR[08f1bbcdch+rsi*1+rax]
- mov eax,DWORD PTR[40+rsp]
- mov ebx,r11d
- mov ecx,r11d
- xor eax,DWORD PTR[48+rsp]
+ movdqa xmm9,xmm7
+ add edx,DWORD PTR[rsp]
+ pxor xmm0,xmm4
+DB 102,68,15,58,15,206,8
+ xor ebx,ecx
+ mov edi,ebp
+ rol ebp,5
+ pxor xmm0,xmm1
+ and esi,ebx
+ xor ebx,ecx
+ movdqa xmm8,xmm10
+ paddd xmm10,xmm7
+ xor esi,ecx
+ add edx,ebp
+ pxor xmm0,xmm9
+ ror eax,7
+ add edx,esi
+ add ecx,DWORD PTR[4+rsp]
+ xor eax,ebx
+ movdqa xmm9,xmm0
+ movdqa XMMWORD PTR[48+rsp],xmm10
+ mov esi,edx
+ rol edx,5
+ and edi,eax
+ xor eax,ebx
+ pslld xmm0,2
+ xor edi,ebx
+ add ecx,edx
+ psrld xmm9,30
+ ror ebp,7
+ add ecx,edi
+ add ebx,DWORD PTR[8+rsp]
+ xor ebp,eax
+ mov edi,ecx
+ rol ecx,5
+ por xmm0,xmm9
+ and esi,ebp
+ xor ebp,eax
+ movdqa xmm10,xmm0
+ xor esi,eax
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ add eax,DWORD PTR[12+rsp]
+ xor edx,ebp
+ mov esi,ebx
+ rol ebx,5
+ and edi,edx
+ xor edx,ebp
+ xor edi,ebp
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ add ebp,DWORD PTR[16+rsp]
+ pxor xmm1,xmm5
+DB 102,68,15,58,15,215,8
+ xor esi,edx
+ mov edi,eax
+ rol eax,5
+ pxor xmm1,xmm2
+ xor esi,ecx
+ add ebp,eax
+ movdqa xmm9,xmm8
+ paddd xmm8,xmm0
+ ror ebx,7
+ add ebp,esi
+ pxor xmm1,xmm10
+ add edx,DWORD PTR[20+rsp]
+ xor edi,ecx
mov esi,ebp
- and ebx,r12d
- xor eax,DWORD PTR[8+rsp]
- or ecx,r12d
- rol esi,5
- xor eax,DWORD PTR[28+rsp]
- and ecx,edx
- add edi,esi
- rol eax,1
- or ebx,ecx
- rol r11d,30
- mov DWORD PTR[40+rsp],eax
- add edi,ebx
- lea esi,DWORD PTR[08f1bbcdch+rdx*1+rax]
- mov eax,DWORD PTR[44+rsp]
- mov ebx,ebp
- mov ecx,ebp
- xor eax,DWORD PTR[52+rsp]
- mov edx,edi
- and ebx,r11d
- xor eax,DWORD PTR[12+rsp]
- or ecx,r11d
+ rol ebp,5
+ movdqa xmm10,xmm1
+ movdqa XMMWORD PTR[rsp],xmm8
+ xor edi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,edi
+ pslld xmm1,2
+ add ecx,DWORD PTR[24+rsp]
+ xor esi,ebx
+ psrld xmm10,30
+ mov edi,edx
rol edx,5
- xor eax,DWORD PTR[32+rsp]
- and ecx,r12d
- add esi,edx
- rol eax,1
- or ebx,ecx
- rol ebp,30
- mov DWORD PTR[44+rsp],eax
- add esi,ebx
- lea edx,DWORD PTR[08f1bbcdch+r12*1+rax]
- mov eax,DWORD PTR[48+rsp]
- mov ebx,edi
- mov ecx,edi
- xor eax,DWORD PTR[56+rsp]
- mov r12d,esi
- and ebx,ebp
- xor eax,DWORD PTR[16+rsp]
- or ecx,ebp
- rol r12d,5
- xor eax,DWORD PTR[36+rsp]
- and ecx,r11d
- add edx,r12d
- rol eax,1
- or ebx,ecx
- rol edi,30
- mov DWORD PTR[48+rsp],eax
- add edx,ebx
- lea r12d,DWORD PTR[3395469782+r11*1+rax]
- mov eax,DWORD PTR[52+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[60+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[20+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[40+rsp]
- rol esi,30
- add r12d,ebx
- rol eax,1
- mov DWORD PTR[52+rsp],eax
- lea r11d,DWORD PTR[3395469782+rbp*1+rax]
- mov eax,DWORD PTR[56+rsp]
- mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[rsp]
- xor ebx,edx
+ xor esi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,esi
+ por xmm1,xmm10
+ add ebx,DWORD PTR[28+rsp]
+ xor edi,eax
+ movdqa xmm8,xmm1
+ mov esi,ecx
+ rol ecx,5
+ xor edi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,edi
+ add eax,DWORD PTR[32+rsp]
+ pxor xmm2,xmm6
+DB 102,68,15,58,15,192,8
+ xor esi,ebp
+ mov edi,ebx
+ rol ebx,5
+ pxor xmm2,xmm3
+ xor esi,edx
+ add eax,ebx
+ movdqa xmm10,XMMWORD PTR[32+r11]
+ paddd xmm9,xmm1
+ ror ecx,7
+ add eax,esi
+ pxor xmm2,xmm8
+ add ebp,DWORD PTR[36+rsp]
+ xor edi,edx
+ mov esi,eax
+ rol eax,5
+ movdqa xmm8,xmm2
+ movdqa XMMWORD PTR[16+rsp],xmm9
+ xor edi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,edi
+ pslld xmm2,2
+ add edx,DWORD PTR[40+rsp]
+ xor esi,ecx
+ psrld xmm8,30
+ mov edi,ebp
rol ebp,5
- xor eax,DWORD PTR[24+rsp]
- xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[44+rsp]
- rol edx,30
- add r11d,ebx
- rol eax,1
- mov DWORD PTR[56+rsp],eax
- lea ebp,DWORD PTR[3395469782+rdi*1+rax]
- mov eax,DWORD PTR[60+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[4+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[28+rsp]
- xor ebx,esi
+ xor esi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,esi
+ por xmm2,xmm8
+ add ecx,DWORD PTR[44+rsp]
+ xor edi,ebx
+ movdqa xmm9,xmm2
+ mov esi,edx
+ rol edx,5
+ xor edi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,edi
+ add ebx,DWORD PTR[48+rsp]
+ pxor xmm3,xmm7
+DB 102,68,15,58,15,201,8
+ xor esi,eax
+ mov edi,ecx
+ rol ecx,5
+ pxor xmm3,xmm4
+ xor esi,ebp
+ add ebx,ecx
+ movdqa xmm8,xmm10
+ paddd xmm10,xmm2
+ ror edx,7
+ add ebx,esi
+ pxor xmm3,xmm9
+ add eax,DWORD PTR[52+rsp]
+ xor edi,ebp
+ mov esi,ebx
+ rol ebx,5
+ movdqa xmm9,xmm3
+ movdqa XMMWORD PTR[32+rsp],xmm10
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ pslld xmm3,2
+ add ebp,DWORD PTR[56+rsp]
+ xor esi,edx
+ psrld xmm9,30
+ mov edi,eax
+ rol eax,5
+ xor esi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,esi
+ por xmm3,xmm9
+ add edx,DWORD PTR[60+rsp]
+ xor edi,ecx
+ movdqa xmm10,xmm3
+ mov esi,ebp
+ rol ebp,5
+ xor edi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,edi
+ add ecx,DWORD PTR[rsp]
+ pxor xmm4,xmm0
+DB 102,68,15,58,15,210,8
+ xor esi,ebx
+ mov edi,edx
+ rol edx,5
+ pxor xmm4,xmm5
+ xor esi,eax
+ add ecx,edx
+ movdqa xmm9,xmm8
+ paddd xmm8,xmm3
+ ror ebp,7
+ add ecx,esi
+ pxor xmm4,xmm10
+ add ebx,DWORD PTR[4+rsp]
+ xor edi,eax
+ mov esi,ecx
+ rol ecx,5
+ movdqa xmm10,xmm4
+ movdqa XMMWORD PTR[48+rsp],xmm8
+ xor edi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,edi
+ pslld xmm4,2
+ add eax,DWORD PTR[8+rsp]
+ xor esi,ebp
+ psrld xmm10,30
+ mov edi,ebx
+ rol ebx,5
+ xor esi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,esi
+ por xmm4,xmm10
+ add ebp,DWORD PTR[12+rsp]
+ xor edi,edx
+ movdqa xmm8,xmm4
+ mov esi,eax
+ rol eax,5
+ xor edi,ecx
+ add ebp,eax
+ ror ebx,7
add ebp,edi
- xor eax,DWORD PTR[48+rsp]
- rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[60+rsp],eax
- lea edi,DWORD PTR[3395469782+rsi*1+rax]
- mov eax,DWORD PTR[rsp]
- mov ebx,r12d
+ add edx,DWORD PTR[16+rsp]
+ pxor xmm5,xmm1
+DB 102,68,15,58,15,195,8
+ xor esi,ecx
+ mov edi,ebp
+ rol ebp,5
+ pxor xmm5,xmm6
+ xor esi,ebx
+ add edx,ebp
+ movdqa xmm10,xmm9
+ paddd xmm9,xmm4
+ ror eax,7
+ add edx,esi
+ pxor xmm5,xmm8
+ add ecx,DWORD PTR[20+rsp]
+ xor edi,ebx
+ mov esi,edx
+ rol edx,5
+ movdqa xmm8,xmm5
+ movdqa XMMWORD PTR[rsp],xmm9
+ xor edi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,edi
+ pslld xmm5,2
+ add ebx,DWORD PTR[24+rsp]
+ xor esi,eax
+ psrld xmm8,30
+ mov edi,ecx
+ rol ecx,5
+ xor esi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ por xmm5,xmm8
+ add eax,DWORD PTR[28+rsp]
+ xor edi,ebp
+ movdqa xmm9,xmm5
+ mov esi,ebx
+ rol ebx,5
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ mov edi,ecx
+ pxor xmm6,xmm2
+DB 102,68,15,58,15,204,8
+ xor ecx,edx
+ add ebp,DWORD PTR[32+rsp]
+ and edi,edx
+ pxor xmm6,xmm7
+ and esi,ecx
+ ror ebx,7
+ movdqa xmm8,xmm10
+ paddd xmm10,xmm5
+ add ebp,edi
+ mov edi,eax
+ pxor xmm6,xmm9
+ rol eax,5
+ add ebp,esi
+ xor ecx,edx
+ add ebp,eax
+ movdqa xmm9,xmm6
+ movdqa XMMWORD PTR[16+rsp],xmm10
+ mov esi,ebx
+ xor ebx,ecx
+ add edx,DWORD PTR[36+rsp]
+ and esi,ecx
+ pslld xmm6,2
+ and edi,ebx
+ ror eax,7
+ psrld xmm9,30
+ add edx,esi
mov esi,ebp
- xor eax,DWORD PTR[8+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[32+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[52+rsp]
- rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[rsp],eax
- lea esi,DWORD PTR[3395469782+rdx*1+rax]
- mov eax,DWORD PTR[4+rsp]
- mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[12+rsp]
- xor ebx,ebp
+ rol ebp,5
+ add edx,edi
+ xor ebx,ecx
+ add edx,ebp
+ por xmm6,xmm9
+ mov edi,eax
+ xor eax,ebx
+ movdqa xmm10,xmm6
+ add ecx,DWORD PTR[40+rsp]
+ and edi,ebx
+ and esi,eax
+ ror ebp,7
+ add ecx,edi
+ mov edi,edx
rol edx,5
- xor eax,DWORD PTR[36+rsp]
- xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[56+rsp]
- rol ebp,30
- add esi,ebx
- rol eax,1
- mov DWORD PTR[4+rsp],eax
- lea edx,DWORD PTR[3395469782+r12*1+rax]
- mov eax,DWORD PTR[8+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[16+rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[40+rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[60+rsp]
- rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[8+rsp],eax
- lea r12d,DWORD PTR[3395469782+r11*1+rax]
- mov eax,DWORD PTR[12+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[20+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[44+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[rsp]
- rol esi,30
- add r12d,ebx
- rol eax,1
- mov DWORD PTR[12+rsp],eax
- lea r11d,DWORD PTR[3395469782+rbp*1+rax]
- mov eax,DWORD PTR[16+rsp]
- mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[24+rsp]
- xor ebx,edx
+ add ecx,esi
+ xor eax,ebx
+ add ecx,edx
+ mov esi,ebp
+ xor ebp,eax
+ add ebx,DWORD PTR[44+rsp]
+ and esi,eax
+ and edi,ebp
+ ror edx,7
+ add ebx,esi
+ mov esi,ecx
+ rol ecx,5
+ add ebx,edi
+ xor ebp,eax
+ add ebx,ecx
+ mov edi,edx
+ pxor xmm7,xmm3
+DB 102,68,15,58,15,213,8
+ xor edx,ebp
+ add eax,DWORD PTR[48+rsp]
+ and edi,ebp
+ pxor xmm7,xmm0
+ and esi,edx
+ ror ecx,7
+ movdqa xmm9,XMMWORD PTR[48+r11]
+ paddd xmm8,xmm6
+ add eax,edi
+ mov edi,ebx
+ pxor xmm7,xmm10
+ rol ebx,5
+ add eax,esi
+ xor edx,ebp
+ add eax,ebx
+ movdqa xmm10,xmm7
+ movdqa XMMWORD PTR[32+rsp],xmm8
+ mov esi,ecx
+ xor ecx,edx
+ add ebp,DWORD PTR[52+rsp]
+ and esi,edx
+ pslld xmm7,2
+ and edi,ecx
+ ror ebx,7
+ psrld xmm10,30
+ add ebp,esi
+ mov esi,eax
+ rol eax,5
+ add ebp,edi
+ xor ecx,edx
+ add ebp,eax
+ por xmm7,xmm10
+ mov edi,ebx
+ xor ebx,ecx
+ movdqa xmm8,xmm7
+ add edx,DWORD PTR[56+rsp]
+ and edi,ecx
+ and esi,ebx
+ ror eax,7
+ add edx,edi
+ mov edi,ebp
rol ebp,5
- xor eax,DWORD PTR[48+rsp]
- xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[4+rsp]
- rol edx,30
- add r11d,ebx
- rol eax,1
- mov DWORD PTR[16+rsp],eax
- lea ebp,DWORD PTR[3395469782+rdi*1+rax]
- mov eax,DWORD PTR[20+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[28+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[52+rsp]
- xor ebx,esi
+ add edx,esi
+ xor ebx,ecx
+ add edx,ebp
+ mov esi,eax
+ xor eax,ebx
+ add ecx,DWORD PTR[60+rsp]
+ and esi,ebx
+ and edi,eax
+ ror ebp,7
+ add ecx,esi
+ mov esi,edx
+ rol edx,5
+ add ecx,edi
+ xor eax,ebx
+ add ecx,edx
+ mov edi,ebp
+ pxor xmm0,xmm4
+DB 102,68,15,58,15,198,8
+ xor ebp,eax
+ add ebx,DWORD PTR[rsp]
+ and edi,eax
+ pxor xmm0,xmm1
+ and esi,ebp
+ ror edx,7
+ movdqa xmm10,xmm9
+ paddd xmm9,xmm7
+ add ebx,edi
+ mov edi,ecx
+ pxor xmm0,xmm8
+ rol ecx,5
+ add ebx,esi
+ xor ebp,eax
+ add ebx,ecx
+ movdqa xmm8,xmm0
+ movdqa XMMWORD PTR[48+rsp],xmm9
+ mov esi,edx
+ xor edx,ebp
+ add eax,DWORD PTR[4+rsp]
+ and esi,ebp
+ pslld xmm0,2
+ and edi,edx
+ ror ecx,7
+ psrld xmm8,30
+ add eax,esi
+ mov esi,ebx
+ rol ebx,5
+ add eax,edi
+ xor edx,ebp
+ add eax,ebx
+ por xmm0,xmm8
+ mov edi,ecx
+ xor ecx,edx
+ movdqa xmm9,xmm0
+ add ebp,DWORD PTR[8+rsp]
+ and edi,edx
+ and esi,ecx
+ ror ebx,7
add ebp,edi
- xor eax,DWORD PTR[8+rsp]
- rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[20+rsp],eax
- lea edi,DWORD PTR[3395469782+rsi*1+rax]
- mov eax,DWORD PTR[24+rsp]
- mov ebx,r12d
+ mov edi,eax
+ rol eax,5
+ add ebp,esi
+ xor ecx,edx
+ add ebp,eax
+ mov esi,ebx
+ xor ebx,ecx
+ add edx,DWORD PTR[12+rsp]
+ and esi,ecx
+ and edi,ebx
+ ror eax,7
+ add edx,esi
mov esi,ebp
- xor eax,DWORD PTR[32+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[56+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[12+rsp]
- rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[24+rsp],eax
- lea esi,DWORD PTR[3395469782+rdx*1+rax]
- mov eax,DWORD PTR[28+rsp]
- mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[36+rsp]
- xor ebx,ebp
+ rol ebp,5
+ add edx,edi
+ xor ebx,ecx
+ add edx,ebp
+ mov edi,eax
+ pxor xmm1,xmm5
+DB 102,68,15,58,15,207,8
+ xor eax,ebx
+ add ecx,DWORD PTR[16+rsp]
+ and edi,ebx
+ pxor xmm1,xmm2
+ and esi,eax
+ ror ebp,7
+ movdqa xmm8,xmm10
+ paddd xmm10,xmm0
+ add ecx,edi
+ mov edi,edx
+ pxor xmm1,xmm9
rol edx,5
- xor eax,DWORD PTR[60+rsp]
- xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[16+rsp]
- rol ebp,30
- add esi,ebx
- rol eax,1
- mov DWORD PTR[28+rsp],eax
- lea edx,DWORD PTR[3395469782+r12*1+rax]
- mov eax,DWORD PTR[32+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[40+rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[20+rsp]
- rol edi,30
- add edx,ebx
- rol eax,1
- mov DWORD PTR[32+rsp],eax
- lea r12d,DWORD PTR[3395469782+r11*1+rax]
- mov eax,DWORD PTR[36+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[44+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[4+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[24+rsp]
- rol esi,30
- add r12d,ebx
- rol eax,1
- mov DWORD PTR[36+rsp],eax
- lea r11d,DWORD PTR[3395469782+rbp*1+rax]
- mov eax,DWORD PTR[40+rsp]
- mov ebx,esi
- mov ebp,r12d
- xor eax,DWORD PTR[48+rsp]
- xor ebx,edx
+ add ecx,esi
+ xor eax,ebx
+ add ecx,edx
+ movdqa xmm9,xmm1
+ movdqa XMMWORD PTR[rsp],xmm10
+ mov esi,ebp
+ xor ebp,eax
+ add ebx,DWORD PTR[20+rsp]
+ and esi,eax
+ pslld xmm1,2
+ and edi,ebp
+ ror edx,7
+ psrld xmm9,30
+ add ebx,esi
+ mov esi,ecx
+ rol ecx,5
+ add ebx,edi
+ xor ebp,eax
+ add ebx,ecx
+ por xmm1,xmm9
+ mov edi,edx
+ xor edx,ebp
+ movdqa xmm10,xmm1
+ add eax,DWORD PTR[24+rsp]
+ and edi,ebp
+ and esi,edx
+ ror ecx,7
+ add eax,edi
+ mov edi,ebx
+ rol ebx,5
+ add eax,esi
+ xor edx,ebp
+ add eax,ebx
+ mov esi,ecx
+ xor ecx,edx
+ add ebp,DWORD PTR[28+rsp]
+ and esi,edx
+ and edi,ecx
+ ror ebx,7
+ add ebp,esi
+ mov esi,eax
+ rol eax,5
+ add ebp,edi
+ xor ecx,edx
+ add ebp,eax
+ mov edi,ebx
+ pxor xmm2,xmm6
+DB 102,68,15,58,15,208,8
+ xor ebx,ecx
+ add edx,DWORD PTR[32+rsp]
+ and edi,ecx
+ pxor xmm2,xmm3
+ and esi,ebx
+ ror eax,7
+ movdqa xmm9,xmm8
+ paddd xmm8,xmm1
+ add edx,edi
+ mov edi,ebp
+ pxor xmm2,xmm10
rol ebp,5
- xor eax,DWORD PTR[8+rsp]
- xor ebx,edi
- add r11d,ebp
- xor eax,DWORD PTR[28+rsp]
- rol edx,30
- add r11d,ebx
- rol eax,1
- mov DWORD PTR[40+rsp],eax
- lea ebp,DWORD PTR[3395469782+rdi*1+rax]
- mov eax,DWORD PTR[44+rsp]
- mov ebx,edx
- mov edi,r11d
- xor eax,DWORD PTR[52+rsp]
- xor ebx,r12d
- rol edi,5
- xor eax,DWORD PTR[12+rsp]
- xor ebx,esi
+ add edx,esi
+ xor ebx,ecx
+ add edx,ebp
+ movdqa xmm10,xmm2
+ movdqa XMMWORD PTR[16+rsp],xmm8
+ mov esi,eax
+ xor eax,ebx
+ add ecx,DWORD PTR[36+rsp]
+ and esi,ebx
+ pslld xmm2,2
+ and edi,eax
+ ror ebp,7
+ psrld xmm10,30
+ add ecx,esi
+ mov esi,edx
+ rol edx,5
+ add ecx,edi
+ xor eax,ebx
+ add ecx,edx
+ por xmm2,xmm10
+ mov edi,ebp
+ xor ebp,eax
+ movdqa xmm8,xmm2
+ add ebx,DWORD PTR[40+rsp]
+ and edi,eax
+ and esi,ebp
+ ror edx,7
+ add ebx,edi
+ mov edi,ecx
+ rol ecx,5
+ add ebx,esi
+ xor ebp,eax
+ add ebx,ecx
+ mov esi,edx
+ xor edx,ebp
+ add eax,DWORD PTR[44+rsp]
+ and esi,ebp
+ and edi,edx
+ ror ecx,7
+ add eax,esi
+ mov esi,ebx
+ rol ebx,5
+ add eax,edi
+ xor edx,ebp
+ add eax,ebx
+ add ebp,DWORD PTR[48+rsp]
+ pxor xmm3,xmm7
+DB 102,68,15,58,15,193,8
+ xor esi,edx
+ mov edi,eax
+ rol eax,5
+ pxor xmm3,xmm4
+ xor esi,ecx
+ add ebp,eax
+ movdqa xmm10,xmm9
+ paddd xmm9,xmm2
+ ror ebx,7
+ add ebp,esi
+ pxor xmm3,xmm8
+ add edx,DWORD PTR[52+rsp]
+ xor edi,ecx
+ mov esi,ebp
+ rol ebp,5
+ movdqa xmm8,xmm3
+ movdqa XMMWORD PTR[32+rsp],xmm9
+ xor edi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,edi
+ pslld xmm3,2
+ add ecx,DWORD PTR[56+rsp]
+ xor esi,ebx
+ psrld xmm8,30
+ mov edi,edx
+ rol edx,5
+ xor esi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,esi
+ por xmm3,xmm8
+ add ebx,DWORD PTR[60+rsp]
+ xor edi,eax
+ mov esi,ecx
+ rol ecx,5
+ xor edi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,edi
+ add eax,DWORD PTR[rsp]
+ paddd xmm10,xmm3
+ xor esi,ebp
+ mov edi,ebx
+ rol ebx,5
+ xor esi,edx
+ movdqa XMMWORD PTR[48+rsp],xmm10
+ add eax,ebx
+ ror ecx,7
+ add eax,esi
+ add ebp,DWORD PTR[4+rsp]
+ xor edi,edx
+ mov esi,eax
+ rol eax,5
+ xor edi,ecx
+ add ebp,eax
+ ror ebx,7
add ebp,edi
- xor eax,DWORD PTR[32+rsp]
- rol r12d,30
- add ebp,ebx
- rol eax,1
- mov DWORD PTR[44+rsp],eax
- lea edi,DWORD PTR[3395469782+rsi*1+rax]
- mov eax,DWORD PTR[48+rsp]
- mov ebx,r12d
+ add edx,DWORD PTR[8+rsp]
+ xor esi,ecx
+ mov edi,ebp
+ rol ebp,5
+ xor esi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,esi
+ add ecx,DWORD PTR[12+rsp]
+ xor edi,ebx
+ mov esi,edx
+ rol edx,5
+ xor edi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,edi
+ cmp r9,r10
+ je $L$done_ssse3
+ movdqa xmm6,XMMWORD PTR[64+r11]
+ movdqa xmm9,XMMWORD PTR[r11]
+ movdqu xmm0,XMMWORD PTR[r9]
+ movdqu xmm1,XMMWORD PTR[16+r9]
+ movdqu xmm2,XMMWORD PTR[32+r9]
+ movdqu xmm3,XMMWORD PTR[48+r9]
+DB 102,15,56,0,198
+ add r9,64
+ add ebx,DWORD PTR[16+rsp]
+ xor esi,eax
+DB 102,15,56,0,206
+ mov edi,ecx
+ rol ecx,5
+ paddd xmm0,xmm9
+ xor esi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ movdqa XMMWORD PTR[rsp],xmm0
+ add eax,DWORD PTR[20+rsp]
+ xor edi,ebp
+ psubd xmm0,xmm9
+ mov esi,ebx
+ rol ebx,5
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ add ebp,DWORD PTR[24+rsp]
+ xor esi,edx
+ mov edi,eax
+ rol eax,5
+ xor esi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,esi
+ add edx,DWORD PTR[28+rsp]
+ xor edi,ecx
mov esi,ebp
- xor eax,DWORD PTR[56+rsp]
- xor ebx,r11d
- rol esi,5
- xor eax,DWORD PTR[16+rsp]
- xor ebx,edx
- add edi,esi
- xor eax,DWORD PTR[36+rsp]
- rol r11d,30
- add edi,ebx
- rol eax,1
- mov DWORD PTR[48+rsp],eax
- lea esi,DWORD PTR[3395469782+rdx*1+rax]
- mov eax,DWORD PTR[52+rsp]
- mov ebx,r11d
- mov edx,edi
- xor eax,DWORD PTR[60+rsp]
- xor ebx,ebp
+ rol ebp,5
+ xor edi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,edi
+ add ecx,DWORD PTR[32+rsp]
+ xor esi,ebx
+DB 102,15,56,0,214
+ mov edi,edx
rol edx,5
- xor eax,DWORD PTR[20+rsp]
- xor ebx,r12d
- add esi,edx
- xor eax,DWORD PTR[40+rsp]
- rol ebp,30
- add esi,ebx
- rol eax,1
- lea edx,DWORD PTR[3395469782+r12*1+rax]
- mov eax,DWORD PTR[56+rsp]
- mov ebx,ebp
- mov r12d,esi
- xor eax,DWORD PTR[rsp]
- xor ebx,edi
- rol r12d,5
- xor eax,DWORD PTR[24+rsp]
- xor ebx,r11d
- add edx,r12d
- xor eax,DWORD PTR[44+rsp]
- rol edi,30
- add edx,ebx
- rol eax,1
- lea r12d,DWORD PTR[3395469782+r11*1+rax]
- mov eax,DWORD PTR[60+rsp]
- mov ebx,edi
- mov r11d,edx
- xor eax,DWORD PTR[4+rsp]
- xor ebx,esi
- rol r11d,5
- xor eax,DWORD PTR[28+rsp]
- xor ebx,ebp
- add r12d,r11d
- xor eax,DWORD PTR[48+rsp]
- rol esi,30
- add r12d,ebx
- rol eax,1
- lea r11d,DWORD PTR[3395469782+rbp*1+rax]
- mov ebx,esi
- mov ebp,r12d
- xor ebx,edx
+ paddd xmm1,xmm9
+ xor esi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,esi
+ movdqa XMMWORD PTR[16+rsp],xmm1
+ add ebx,DWORD PTR[36+rsp]
+ xor edi,eax
+ psubd xmm1,xmm9
+ mov esi,ecx
+ rol ecx,5
+ xor edi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,edi
+ add eax,DWORD PTR[40+rsp]
+ xor esi,ebp
+ mov edi,ebx
+ rol ebx,5
+ xor esi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,esi
+ add ebp,DWORD PTR[44+rsp]
+ xor edi,edx
+ mov esi,eax
+ rol eax,5
+ xor edi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,edi
+ add edx,DWORD PTR[48+rsp]
+ xor esi,ecx
+DB 102,15,56,0,222
+ mov edi,ebp
rol ebp,5
- xor ebx,edi
- add r11d,ebp
- rol edx,30
- add r11d,ebx
- add r11d,DWORD PTR[r8]
- add r12d,DWORD PTR[4+r8]
- add edx,DWORD PTR[8+r8]
- add esi,DWORD PTR[12+r8]
- add edi,DWORD PTR[16+r8]
- mov DWORD PTR[r8],r11d
- mov DWORD PTR[4+r8],r12d
- mov DWORD PTR[8+r8],edx
- mov DWORD PTR[12+r8],esi
- mov DWORD PTR[16+r8],edi
-
- xchg edx,r11d
- xchg esi,r12d
- xchg edi,r11d
- xchg ebp,r12d
+ paddd xmm2,xmm9
+ xor esi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,esi
+ movdqa XMMWORD PTR[32+rsp],xmm2
+ add ecx,DWORD PTR[52+rsp]
+ xor edi,ebx
+ psubd xmm2,xmm9
+ mov esi,edx
+ rol edx,5
+ xor edi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,edi
+ add ebx,DWORD PTR[56+rsp]
+ xor esi,eax
+ mov edi,ecx
+ rol ecx,5
+ xor esi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ add eax,DWORD PTR[60+rsp]
+ xor edi,ebp
+ mov esi,ebx
+ rol ebx,5
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ add eax,DWORD PTR[r8]
+ add esi,DWORD PTR[4+r8]
+ add ecx,DWORD PTR[8+r8]
+ add edx,DWORD PTR[12+r8]
+ mov DWORD PTR[r8],eax
+ add ebp,DWORD PTR[16+r8]
+ mov DWORD PTR[4+r8],esi
+ mov ebx,esi
+ mov DWORD PTR[8+r8],ecx
+ mov DWORD PTR[12+r8],edx
+ mov DWORD PTR[16+r8],ebp
+ jmp $L$oop_ssse3
- lea r9,QWORD PTR[64+r9]
- sub r10,1
- jnz $L$loop
- mov rsi,QWORD PTR[64+rsp]
+ALIGN 16
+$L$done_ssse3::
+ add ebx,DWORD PTR[16+rsp]
+ xor esi,eax
+ mov edi,ecx
+ rol ecx,5
+ xor esi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ add eax,DWORD PTR[20+rsp]
+ xor edi,ebp
+ mov esi,ebx
+ rol ebx,5
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ add ebp,DWORD PTR[24+rsp]
+ xor esi,edx
+ mov edi,eax
+ rol eax,5
+ xor esi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,esi
+ add edx,DWORD PTR[28+rsp]
+ xor edi,ecx
+ mov esi,ebp
+ rol ebp,5
+ xor edi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,edi
+ add ecx,DWORD PTR[32+rsp]
+ xor esi,ebx
+ mov edi,edx
+ rol edx,5
+ xor esi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,esi
+ add ebx,DWORD PTR[36+rsp]
+ xor edi,eax
+ mov esi,ecx
+ rol ecx,5
+ xor edi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,edi
+ add eax,DWORD PTR[40+rsp]
+ xor esi,ebp
+ mov edi,ebx
+ rol ebx,5
+ xor esi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,esi
+ add ebp,DWORD PTR[44+rsp]
+ xor edi,edx
+ mov esi,eax
+ rol eax,5
+ xor edi,ecx
+ add ebp,eax
+ ror ebx,7
+ add ebp,edi
+ add edx,DWORD PTR[48+rsp]
+ xor esi,ecx
+ mov edi,ebp
+ rol ebp,5
+ xor esi,ebx
+ add edx,ebp
+ ror eax,7
+ add edx,esi
+ add ecx,DWORD PTR[52+rsp]
+ xor edi,ebx
+ mov esi,edx
+ rol edx,5
+ xor edi,eax
+ add ecx,edx
+ ror ebp,7
+ add ecx,edi
+ add ebx,DWORD PTR[56+rsp]
+ xor esi,eax
+ mov edi,ecx
+ rol ecx,5
+ xor esi,ebp
+ add ebx,ecx
+ ror edx,7
+ add ebx,esi
+ add eax,DWORD PTR[60+rsp]
+ xor edi,ebp
+ mov esi,ebx
+ rol ebx,5
+ xor edi,edx
+ add eax,ebx
+ ror ecx,7
+ add eax,edi
+ add eax,DWORD PTR[r8]
+ add esi,DWORD PTR[4+r8]
+ add ecx,DWORD PTR[8+r8]
+ mov DWORD PTR[r8],eax
+ add edx,DWORD PTR[12+r8]
+ mov DWORD PTR[4+r8],esi
+ add ebp,DWORD PTR[16+r8]
+ mov DWORD PTR[8+r8],ecx
+ mov DWORD PTR[12+r8],edx
+ mov DWORD PTR[16+r8],ebp
+ movaps xmm6,XMMWORD PTR[((64+0))+rsp]
+ movaps xmm7,XMMWORD PTR[((64+16))+rsp]
+ movaps xmm8,XMMWORD PTR[((64+32))+rsp]
+ movaps xmm9,XMMWORD PTR[((64+48))+rsp]
+ movaps xmm10,XMMWORD PTR[((64+64))+rsp]
+ lea rsi,QWORD PTR[144+rsp]
mov r12,QWORD PTR[rsi]
mov rbp,QWORD PTR[8+rsi]
mov rbx,QWORD PTR[16+rsi]
lea rsp,QWORD PTR[24+rsi]
-$L$epilogue::
+$L$epilogue_ssse3::
mov rdi,QWORD PTR[8+rsp] ;WIN64 epilogue
mov rsi,QWORD PTR[16+rsp]
DB 0F3h,0C3h ;repret
-$L$SEH_end_sha1_block_data_order::
-sha1_block_data_order ENDP
+$L$SEH_end_sha1_block_data_order_ssse3::
+sha1_block_data_order_ssse3 ENDP
+ALIGN 64
+K_XX_XX::
+ DD 05a827999h,05a827999h,05a827999h,05a827999h
+
+ DD 06ed9eba1h,06ed9eba1h,06ed9eba1h,06ed9eba1h
+
+ DD 08f1bbcdch,08f1bbcdch,08f1bbcdch,08f1bbcdch
+
+ DD 0ca62c1d6h,0ca62c1d6h,0ca62c1d6h,0ca62c1d6h
+
+ DD 000010203h,004050607h,008090a0bh,00c0d0e0fh
+
DB 83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115
DB 102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44
DB 32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60
DB 97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114
DB 103,62,0
-ALIGN 16
+ALIGN 64
EXTERN __imp_RtlVirtualUnwind:NEAR
ALIGN 16
@@ -1317,16 +2549,67 @@ se_handler PROC PRIVATE
lea r10,QWORD PTR[$L$prologue]
cmp rbx,r10
- jb $L$in_prologue
+ jb $L$common_seh_tail
mov rax,QWORD PTR[152+r8]
lea r10,QWORD PTR[$L$epilogue]
cmp rbx,r10
- jae $L$in_prologue
+ jae $L$common_seh_tail
mov rax,QWORD PTR[64+rax]
- lea rax,QWORD PTR[24+rax]
+ lea rax,QWORD PTR[32+rax]
+
+ mov rbx,QWORD PTR[((-8))+rax]
+ mov rbp,QWORD PTR[((-16))+rax]
+ mov r12,QWORD PTR[((-24))+rax]
+ mov r13,QWORD PTR[((-32))+rax]
+ mov QWORD PTR[144+r8],rbx
+ mov QWORD PTR[160+r8],rbp
+ mov QWORD PTR[216+r8],r12
+ mov QWORD PTR[224+r8],r13
+
+ jmp $L$common_seh_tail
+se_handler ENDP
+
+
+ALIGN 16
+ssse3_handler PROC PRIVATE
+ push rsi
+ push rdi
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+ pushfq
+ sub rsp,64
+
+ mov rax,QWORD PTR[120+r8]
+ mov rbx,QWORD PTR[248+r8]
+
+ mov rsi,QWORD PTR[8+r9]
+ mov r11,QWORD PTR[56+r9]
+
+ mov r10d,DWORD PTR[r11]
+ lea r10,QWORD PTR[r10*1+rsi]
+ cmp rbx,r10
+ jb $L$common_seh_tail
+
+ mov rax,QWORD PTR[152+r8]
+
+ mov r10d,DWORD PTR[4+r11]
+ lea r10,QWORD PTR[r10*1+rsi]
+ cmp rbx,r10
+ jae $L$common_seh_tail
+
+ lea rsi,QWORD PTR[64+rax]
+ lea rdi,QWORD PTR[512+r8]
+ mov ecx,10
+ DD 0a548f3fch
+
+ lea rax,QWORD PTR[168+rax]
mov rbx,QWORD PTR[((-8))+rax]
mov rbp,QWORD PTR[((-16))+rax]
@@ -1335,7 +2618,7 @@ se_handler PROC PRIVATE
mov QWORD PTR[160+r8],rbp
mov QWORD PTR[216+r8],r12
-$L$in_prologue::
+$L$common_seh_tail::
mov rdi,QWORD PTR[8+rax]
mov rsi,QWORD PTR[16+rax]
mov QWORD PTR[152+r8],rax
@@ -1374,7 +2657,7 @@ $L$in_prologue::
pop rdi
pop rsi
DB 0F3h,0C3h ;repret
-se_handler ENDP
+ssse3_handler ENDP
.text$ ENDS
.pdata SEGMENT READONLY ALIGN(4)
@@ -1382,13 +2665,20 @@ ALIGN 4
DD imagerel $L$SEH_begin_sha1_block_data_order
DD imagerel $L$SEH_end_sha1_block_data_order
DD imagerel $L$SEH_info_sha1_block_data_order
-
+ DD imagerel $L$SEH_begin_sha1_block_data_order_ssse3
+ DD imagerel $L$SEH_end_sha1_block_data_order_ssse3
+ DD imagerel $L$SEH_info_sha1_block_data_order_ssse3
.pdata ENDS
.xdata SEGMENT READONLY ALIGN(8)
ALIGN 8
$L$SEH_info_sha1_block_data_order::
DB 9,0,0,0
DD imagerel se_handler
+$L$SEH_info_sha1_block_data_order_ssse3::
+DB 9,0,0,0
+ DD imagerel ssse3_handler
+ DD imagerel $L$prologue_ssse3,imagerel $L$epilogue_ssse3
+
.xdata ENDS
END
diff --git a/deps/openssl/asm/x64-win32-masm/sha/sha512-x86_64.asm b/deps/openssl/asm/x64-win32-masm/sha/sha512-x86_64.asm
index 5ea4a6327..f685c2fdf 100644
--- a/deps/openssl/asm/x64-win32-masm/sha/sha512-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/sha/sha512-x86_64.asm
@@ -26,1930 +26,1738 @@ $L$SEH_begin_sha256_block_data_order::
sub rsp,16*4+4*8
lea rdx,QWORD PTR[rdx*4+rsi]
and rsp,-64
- mov QWORD PTR[((16*4+0*8))+rsp],rdi
- mov QWORD PTR[((16*4+1*8))+rsp],rsi
- mov QWORD PTR[((16*4+2*8))+rsp],rdx
- mov QWORD PTR[((16*4+3*8))+rsp],r11
+ mov QWORD PTR[((64+0))+rsp],rdi
+ mov QWORD PTR[((64+8))+rsp],rsi
+ mov QWORD PTR[((64+16))+rsp],rdx
+ mov QWORD PTR[((64+24))+rsp],r11
$L$prologue::
lea rbp,QWORD PTR[K256]
- mov eax,DWORD PTR[((4*0))+rdi]
- mov ebx,DWORD PTR[((4*1))+rdi]
- mov ecx,DWORD PTR[((4*2))+rdi]
- mov edx,DWORD PTR[((4*3))+rdi]
- mov r8d,DWORD PTR[((4*4))+rdi]
- mov r9d,DWORD PTR[((4*5))+rdi]
- mov r10d,DWORD PTR[((4*6))+rdi]
- mov r11d,DWORD PTR[((4*7))+rdi]
+ mov eax,DWORD PTR[rdi]
+ mov ebx,DWORD PTR[4+rdi]
+ mov ecx,DWORD PTR[8+rdi]
+ mov edx,DWORD PTR[12+rdi]
+ mov r8d,DWORD PTR[16+rdi]
+ mov r9d,DWORD PTR[20+rdi]
+ mov r10d,DWORD PTR[24+rdi]
+ mov r11d,DWORD PTR[28+rdi]
jmp $L$loop
ALIGN 16
$L$loop::
xor rdi,rdi
- mov r12d,DWORD PTR[((4*0))+rsi]
- bswap r12d
+ mov r12d,DWORD PTR[rsi]
mov r13d,r8d
- mov r14d,r8d
+ mov r14d,eax
+ bswap r12d
+ ror r13d,14
mov r15d,r9d
+ mov DWORD PTR[rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r8d
xor r15d,r10d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r11d
+ xor r14d,eax
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r8d
- mov DWORD PTR[rsp],r12d
+ mov r11d,ebx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r8d
xor r15d,r10d
- add r12d,r11d
-
- mov r11d,eax
- add r12d,r13d
+ xor r11d,ecx
+ xor r14d,eax
add r12d,r15d
- mov r13d,eax
- mov r14d,eax
+ mov r15d,ebx
- ror r11d,2
- ror r13d,13
- mov r15d,eax
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r11d,eax
+ and r15d,ecx
- xor r11d,r13d
- ror r13d,9
- or r14d,ecx
+ ror r14d,2
+ add r12d,r13d
+ add r11d,r15d
- xor r11d,r13d
- and r15d,ecx
add edx,r12d
-
- and r14d,ebx
add r11d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r11d,r14d
- mov r12d,DWORD PTR[((4*1))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[4+rsi]
mov r13d,edx
- mov r14d,edx
+ mov r14d,r11d
+ bswap r12d
+ ror r13d,14
mov r15d,r8d
+ mov DWORD PTR[4+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,edx
xor r15d,r9d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r10d
+ xor r14d,r11d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,edx
- mov DWORD PTR[4+rsp],r12d
+ mov r10d,eax
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,edx
xor r15d,r9d
- add r12d,r10d
-
- mov r10d,r11d
- add r12d,r13d
+ xor r10d,ebx
+ xor r14d,r11d
add r12d,r15d
- mov r13d,r11d
- mov r14d,r11d
+ mov r15d,eax
- ror r10d,2
- ror r13d,13
- mov r15d,r11d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r10d,r11d
+ and r15d,ebx
- xor r10d,r13d
- ror r13d,9
- or r14d,ebx
+ ror r14d,2
+ add r12d,r13d
+ add r10d,r15d
- xor r10d,r13d
- and r15d,ebx
add ecx,r12d
-
- and r14d,eax
add r10d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r10d,r14d
- mov r12d,DWORD PTR[((4*2))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[8+rsi]
mov r13d,ecx
- mov r14d,ecx
+ mov r14d,r10d
+ bswap r12d
+ ror r13d,14
mov r15d,edx
+ mov DWORD PTR[8+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ecx
xor r15d,r8d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r9d
+ xor r14d,r10d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ecx
- mov DWORD PTR[8+rsp],r12d
+ mov r9d,r11d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ecx
xor r15d,r8d
- add r12d,r9d
-
- mov r9d,r10d
- add r12d,r13d
+ xor r9d,eax
+ xor r14d,r10d
add r12d,r15d
- mov r13d,r10d
- mov r14d,r10d
+ mov r15d,r11d
- ror r9d,2
- ror r13d,13
- mov r15d,r10d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r9d,r10d
+ and r15d,eax
- xor r9d,r13d
- ror r13d,9
- or r14d,eax
+ ror r14d,2
+ add r12d,r13d
+ add r9d,r15d
- xor r9d,r13d
- and r15d,eax
add ebx,r12d
-
- and r14d,r11d
add r9d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r9d,r14d
- mov r12d,DWORD PTR[((4*3))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[12+rsi]
mov r13d,ebx
- mov r14d,ebx
+ mov r14d,r9d
+ bswap r12d
+ ror r13d,14
mov r15d,ecx
+ mov DWORD PTR[12+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ebx
xor r15d,edx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r8d
+ xor r14d,r9d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ebx
- mov DWORD PTR[12+rsp],r12d
+ mov r8d,r10d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ebx
xor r15d,edx
- add r12d,r8d
-
- mov r8d,r9d
- add r12d,r13d
+ xor r8d,r11d
+ xor r14d,r9d
add r12d,r15d
- mov r13d,r9d
- mov r14d,r9d
+ mov r15d,r10d
- ror r8d,2
- ror r13d,13
- mov r15d,r9d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r8d,r9d
+ and r15d,r11d
- xor r8d,r13d
- ror r13d,9
- or r14d,r11d
+ ror r14d,2
+ add r12d,r13d
+ add r8d,r15d
- xor r8d,r13d
- and r15d,r11d
add eax,r12d
-
- and r14d,r10d
add r8d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r8d,r14d
- mov r12d,DWORD PTR[((4*4))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[16+rsi]
mov r13d,eax
- mov r14d,eax
+ mov r14d,r8d
+ bswap r12d
+ ror r13d,14
mov r15d,ebx
+ mov DWORD PTR[16+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,eax
xor r15d,ecx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,edx
+ xor r14d,r8d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,eax
- mov DWORD PTR[16+rsp],r12d
+ mov edx,r9d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,eax
xor r15d,ecx
- add r12d,edx
-
- mov edx,r8d
- add r12d,r13d
+ xor edx,r10d
+ xor r14d,r8d
add r12d,r15d
- mov r13d,r8d
- mov r14d,r8d
+ mov r15d,r9d
- ror edx,2
- ror r13d,13
- mov r15d,r8d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and edx,r8d
+ and r15d,r10d
- xor edx,r13d
- ror r13d,9
- or r14d,r10d
+ ror r14d,2
+ add r12d,r13d
+ add edx,r15d
- xor edx,r13d
- and r15d,r10d
add r11d,r12d
-
- and r14d,r9d
add edx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add edx,r14d
- mov r12d,DWORD PTR[((4*5))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[20+rsi]
mov r13d,r11d
- mov r14d,r11d
+ mov r14d,edx
+ bswap r12d
+ ror r13d,14
mov r15d,eax
+ mov DWORD PTR[20+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r11d
xor r15d,ebx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ecx
+ xor r14d,edx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r11d
- mov DWORD PTR[20+rsp],r12d
+ mov ecx,r8d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r11d
xor r15d,ebx
- add r12d,ecx
-
- mov ecx,edx
- add r12d,r13d
+ xor ecx,r9d
+ xor r14d,edx
add r12d,r15d
- mov r13d,edx
- mov r14d,edx
+ mov r15d,r8d
- ror ecx,2
- ror r13d,13
- mov r15d,edx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ecx,edx
+ and r15d,r9d
- xor ecx,r13d
- ror r13d,9
- or r14d,r9d
+ ror r14d,2
+ add r12d,r13d
+ add ecx,r15d
- xor ecx,r13d
- and r15d,r9d
add r10d,r12d
-
- and r14d,r8d
add ecx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ecx,r14d
- mov r12d,DWORD PTR[((4*6))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[24+rsi]
mov r13d,r10d
- mov r14d,r10d
+ mov r14d,ecx
+ bswap r12d
+ ror r13d,14
mov r15d,r11d
+ mov DWORD PTR[24+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r10d
xor r15d,eax
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ebx
+ xor r14d,ecx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r10d
- mov DWORD PTR[24+rsp],r12d
+ mov ebx,edx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r10d
xor r15d,eax
- add r12d,ebx
-
- mov ebx,ecx
- add r12d,r13d
+ xor ebx,r8d
+ xor r14d,ecx
add r12d,r15d
- mov r13d,ecx
- mov r14d,ecx
+ mov r15d,edx
- ror ebx,2
- ror r13d,13
- mov r15d,ecx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ebx,ecx
+ and r15d,r8d
- xor ebx,r13d
- ror r13d,9
- or r14d,r8d
+ ror r14d,2
+ add r12d,r13d
+ add ebx,r15d
- xor ebx,r13d
- and r15d,r8d
add r9d,r12d
-
- and r14d,edx
add ebx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ebx,r14d
- mov r12d,DWORD PTR[((4*7))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[28+rsi]
mov r13d,r9d
- mov r14d,r9d
+ mov r14d,ebx
+ bswap r12d
+ ror r13d,14
mov r15d,r10d
+ mov DWORD PTR[28+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r9d
xor r15d,r11d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,eax
+ xor r14d,ebx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r9d
- mov DWORD PTR[28+rsp],r12d
+ mov eax,ecx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r9d
xor r15d,r11d
- add r12d,eax
-
- mov eax,ebx
- add r12d,r13d
+ xor eax,edx
+ xor r14d,ebx
add r12d,r15d
- mov r13d,ebx
- mov r14d,ebx
+ mov r15d,ecx
- ror eax,2
- ror r13d,13
- mov r15d,ebx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and eax,ebx
+ and r15d,edx
- xor eax,r13d
- ror r13d,9
- or r14d,edx
+ ror r14d,2
+ add r12d,r13d
+ add eax,r15d
- xor eax,r13d
- and r15d,edx
add r8d,r12d
-
- and r14d,ecx
add eax,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add eax,r14d
- mov r12d,DWORD PTR[((4*8))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[32+rsi]
mov r13d,r8d
- mov r14d,r8d
+ mov r14d,eax
+ bswap r12d
+ ror r13d,14
mov r15d,r9d
+ mov DWORD PTR[32+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r8d
xor r15d,r10d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r11d
+ xor r14d,eax
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r8d
- mov DWORD PTR[32+rsp],r12d
+ mov r11d,ebx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r8d
xor r15d,r10d
- add r12d,r11d
-
- mov r11d,eax
- add r12d,r13d
+ xor r11d,ecx
+ xor r14d,eax
add r12d,r15d
- mov r13d,eax
- mov r14d,eax
+ mov r15d,ebx
- ror r11d,2
- ror r13d,13
- mov r15d,eax
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r11d,eax
+ and r15d,ecx
- xor r11d,r13d
- ror r13d,9
- or r14d,ecx
+ ror r14d,2
+ add r12d,r13d
+ add r11d,r15d
- xor r11d,r13d
- and r15d,ecx
add edx,r12d
-
- and r14d,ebx
add r11d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r11d,r14d
- mov r12d,DWORD PTR[((4*9))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[36+rsi]
mov r13d,edx
- mov r14d,edx
+ mov r14d,r11d
+ bswap r12d
+ ror r13d,14
mov r15d,r8d
+ mov DWORD PTR[36+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,edx
xor r15d,r9d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r10d
+ xor r14d,r11d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,edx
- mov DWORD PTR[36+rsp],r12d
+ mov r10d,eax
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,edx
xor r15d,r9d
- add r12d,r10d
-
- mov r10d,r11d
- add r12d,r13d
+ xor r10d,ebx
+ xor r14d,r11d
add r12d,r15d
- mov r13d,r11d
- mov r14d,r11d
+ mov r15d,eax
- ror r10d,2
- ror r13d,13
- mov r15d,r11d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r10d,r11d
+ and r15d,ebx
- xor r10d,r13d
- ror r13d,9
- or r14d,ebx
+ ror r14d,2
+ add r12d,r13d
+ add r10d,r15d
- xor r10d,r13d
- and r15d,ebx
add ecx,r12d
-
- and r14d,eax
add r10d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r10d,r14d
- mov r12d,DWORD PTR[((4*10))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[40+rsi]
mov r13d,ecx
- mov r14d,ecx
+ mov r14d,r10d
+ bswap r12d
+ ror r13d,14
mov r15d,edx
+ mov DWORD PTR[40+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ecx
xor r15d,r8d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r9d
+ xor r14d,r10d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ecx
- mov DWORD PTR[40+rsp],r12d
+ mov r9d,r11d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ecx
xor r15d,r8d
- add r12d,r9d
-
- mov r9d,r10d
- add r12d,r13d
+ xor r9d,eax
+ xor r14d,r10d
add r12d,r15d
- mov r13d,r10d
- mov r14d,r10d
+ mov r15d,r11d
- ror r9d,2
- ror r13d,13
- mov r15d,r10d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r9d,r10d
+ and r15d,eax
- xor r9d,r13d
- ror r13d,9
- or r14d,eax
+ ror r14d,2
+ add r12d,r13d
+ add r9d,r15d
- xor r9d,r13d
- and r15d,eax
add ebx,r12d
-
- and r14d,r11d
add r9d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r9d,r14d
- mov r12d,DWORD PTR[((4*11))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[44+rsi]
mov r13d,ebx
- mov r14d,ebx
+ mov r14d,r9d
+ bswap r12d
+ ror r13d,14
mov r15d,ecx
+ mov DWORD PTR[44+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ebx
xor r15d,edx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r8d
+ xor r14d,r9d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ebx
- mov DWORD PTR[44+rsp],r12d
+ mov r8d,r10d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ebx
xor r15d,edx
- add r12d,r8d
-
- mov r8d,r9d
- add r12d,r13d
+ xor r8d,r11d
+ xor r14d,r9d
add r12d,r15d
- mov r13d,r9d
- mov r14d,r9d
+ mov r15d,r10d
- ror r8d,2
- ror r13d,13
- mov r15d,r9d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r8d,r9d
+ and r15d,r11d
- xor r8d,r13d
- ror r13d,9
- or r14d,r11d
+ ror r14d,2
+ add r12d,r13d
+ add r8d,r15d
- xor r8d,r13d
- and r15d,r11d
add eax,r12d
-
- and r14d,r10d
add r8d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r8d,r14d
- mov r12d,DWORD PTR[((4*12))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[48+rsi]
mov r13d,eax
- mov r14d,eax
+ mov r14d,r8d
+ bswap r12d
+ ror r13d,14
mov r15d,ebx
+ mov DWORD PTR[48+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,eax
xor r15d,ecx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,edx
+ xor r14d,r8d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,eax
- mov DWORD PTR[48+rsp],r12d
+ mov edx,r9d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,eax
xor r15d,ecx
- add r12d,edx
-
- mov edx,r8d
- add r12d,r13d
+ xor edx,r10d
+ xor r14d,r8d
add r12d,r15d
- mov r13d,r8d
- mov r14d,r8d
+ mov r15d,r9d
- ror edx,2
- ror r13d,13
- mov r15d,r8d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and edx,r8d
+ and r15d,r10d
- xor edx,r13d
- ror r13d,9
- or r14d,r10d
+ ror r14d,2
+ add r12d,r13d
+ add edx,r15d
- xor edx,r13d
- and r15d,r10d
add r11d,r12d
-
- and r14d,r9d
add edx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add edx,r14d
- mov r12d,DWORD PTR[((4*13))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[52+rsi]
mov r13d,r11d
- mov r14d,r11d
+ mov r14d,edx
+ bswap r12d
+ ror r13d,14
mov r15d,eax
+ mov DWORD PTR[52+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r11d
xor r15d,ebx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ecx
+ xor r14d,edx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r11d
- mov DWORD PTR[52+rsp],r12d
+ mov ecx,r8d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r11d
xor r15d,ebx
- add r12d,ecx
-
- mov ecx,edx
- add r12d,r13d
+ xor ecx,r9d
+ xor r14d,edx
add r12d,r15d
- mov r13d,edx
- mov r14d,edx
+ mov r15d,r8d
- ror ecx,2
- ror r13d,13
- mov r15d,edx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ecx,edx
+ and r15d,r9d
- xor ecx,r13d
- ror r13d,9
- or r14d,r9d
+ ror r14d,2
+ add r12d,r13d
+ add ecx,r15d
- xor ecx,r13d
- and r15d,r9d
add r10d,r12d
-
- and r14d,r8d
add ecx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ecx,r14d
- mov r12d,DWORD PTR[((4*14))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[56+rsi]
mov r13d,r10d
- mov r14d,r10d
+ mov r14d,ecx
+ bswap r12d
+ ror r13d,14
mov r15d,r11d
+ mov DWORD PTR[56+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r10d
xor r15d,eax
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ebx
+ xor r14d,ecx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r10d
- mov DWORD PTR[56+rsp],r12d
+ mov ebx,edx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r10d
xor r15d,eax
- add r12d,ebx
-
- mov ebx,ecx
- add r12d,r13d
+ xor ebx,r8d
+ xor r14d,ecx
add r12d,r15d
- mov r13d,ecx
- mov r14d,ecx
+ mov r15d,edx
- ror ebx,2
- ror r13d,13
- mov r15d,ecx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ebx,ecx
+ and r15d,r8d
- xor ebx,r13d
- ror r13d,9
- or r14d,r8d
+ ror r14d,2
+ add r12d,r13d
+ add ebx,r15d
- xor ebx,r13d
- and r15d,r8d
add r9d,r12d
-
- and r14d,edx
add ebx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ebx,r14d
- mov r12d,DWORD PTR[((4*15))+rsi]
- bswap r12d
+
+ mov r12d,DWORD PTR[60+rsi]
mov r13d,r9d
- mov r14d,r9d
+ mov r14d,ebx
+ bswap r12d
+ ror r13d,14
mov r15d,r10d
+ mov DWORD PTR[60+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r9d
xor r15d,r11d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,eax
+ xor r14d,ebx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r9d
- mov DWORD PTR[60+rsp],r12d
+ mov eax,ecx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r9d
xor r15d,r11d
- add r12d,eax
-
- mov eax,ebx
- add r12d,r13d
+ xor eax,edx
+ xor r14d,ebx
add r12d,r15d
- mov r13d,ebx
- mov r14d,ebx
+ mov r15d,ecx
- ror eax,2
- ror r13d,13
- mov r15d,ebx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and eax,ebx
+ and r15d,edx
- xor eax,r13d
- ror r13d,9
- or r14d,edx
+ ror r14d,2
+ add r12d,r13d
+ add eax,r15d
- xor eax,r13d
- and r15d,edx
add r8d,r12d
-
- and r14d,ecx
add eax,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add eax,r14d
+
jmp $L$rounds_16_xx
ALIGN 16
$L$rounds_16_xx::
mov r13d,DWORD PTR[4+rsp]
- mov r12d,DWORD PTR[56+rsp]
-
- mov r15d,r13d
+ mov r14d,DWORD PTR[56+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[36+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[36+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[rsp]
mov r13d,r8d
- mov r14d,r8d
+ add r12d,r14d
+ mov r14d,eax
+ ror r13d,14
mov r15d,r9d
+ mov DWORD PTR[rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r8d
xor r15d,r10d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r11d
+ xor r14d,eax
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r8d
- mov DWORD PTR[rsp],r12d
+ mov r11d,ebx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r8d
xor r15d,r10d
- add r12d,r11d
-
- mov r11d,eax
- add r12d,r13d
+ xor r11d,ecx
+ xor r14d,eax
add r12d,r15d
- mov r13d,eax
- mov r14d,eax
+ mov r15d,ebx
- ror r11d,2
- ror r13d,13
- mov r15d,eax
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r11d,eax
+ and r15d,ecx
- xor r11d,r13d
- ror r13d,9
- or r14d,ecx
+ ror r14d,2
+ add r12d,r13d
+ add r11d,r15d
- xor r11d,r13d
- and r15d,ecx
add edx,r12d
-
- and r14d,ebx
add r11d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r11d,r14d
- mov r13d,DWORD PTR[8+rsp]
- mov r12d,DWORD PTR[60+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[8+rsp]
+ mov r14d,DWORD PTR[60+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[40+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[40+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[4+rsp]
mov r13d,edx
- mov r14d,edx
+ add r12d,r14d
+ mov r14d,r11d
+ ror r13d,14
mov r15d,r8d
+ mov DWORD PTR[4+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,edx
xor r15d,r9d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r10d
+ xor r14d,r11d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,edx
- mov DWORD PTR[4+rsp],r12d
+ mov r10d,eax
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,edx
xor r15d,r9d
- add r12d,r10d
-
- mov r10d,r11d
- add r12d,r13d
+ xor r10d,ebx
+ xor r14d,r11d
add r12d,r15d
- mov r13d,r11d
- mov r14d,r11d
+ mov r15d,eax
- ror r10d,2
- ror r13d,13
- mov r15d,r11d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r10d,r11d
+ and r15d,ebx
- xor r10d,r13d
- ror r13d,9
- or r14d,ebx
+ ror r14d,2
+ add r12d,r13d
+ add r10d,r15d
- xor r10d,r13d
- and r15d,ebx
add ecx,r12d
-
- and r14d,eax
add r10d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r10d,r14d
- mov r13d,DWORD PTR[12+rsp]
- mov r12d,DWORD PTR[rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[12+rsp]
+ mov r14d,DWORD PTR[rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[44+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[44+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[8+rsp]
mov r13d,ecx
- mov r14d,ecx
+ add r12d,r14d
+ mov r14d,r10d
+ ror r13d,14
mov r15d,edx
+ mov DWORD PTR[8+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ecx
xor r15d,r8d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r9d
+ xor r14d,r10d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ecx
- mov DWORD PTR[8+rsp],r12d
+ mov r9d,r11d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ecx
xor r15d,r8d
- add r12d,r9d
-
- mov r9d,r10d
- add r12d,r13d
+ xor r9d,eax
+ xor r14d,r10d
add r12d,r15d
- mov r13d,r10d
- mov r14d,r10d
+ mov r15d,r11d
- ror r9d,2
- ror r13d,13
- mov r15d,r10d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r9d,r10d
+ and r15d,eax
- xor r9d,r13d
- ror r13d,9
- or r14d,eax
+ ror r14d,2
+ add r12d,r13d
+ add r9d,r15d
- xor r9d,r13d
- and r15d,eax
add ebx,r12d
-
- and r14d,r11d
add r9d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r9d,r14d
- mov r13d,DWORD PTR[16+rsp]
- mov r12d,DWORD PTR[4+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[16+rsp]
+ mov r14d,DWORD PTR[4+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[48+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[48+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[12+rsp]
mov r13d,ebx
- mov r14d,ebx
+ add r12d,r14d
+ mov r14d,r9d
+ ror r13d,14
mov r15d,ecx
+ mov DWORD PTR[12+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ebx
xor r15d,edx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r8d
+ xor r14d,r9d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ebx
- mov DWORD PTR[12+rsp],r12d
+ mov r8d,r10d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ebx
xor r15d,edx
- add r12d,r8d
-
- mov r8d,r9d
- add r12d,r13d
+ xor r8d,r11d
+ xor r14d,r9d
add r12d,r15d
- mov r13d,r9d
- mov r14d,r9d
+ mov r15d,r10d
- ror r8d,2
- ror r13d,13
- mov r15d,r9d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r8d,r9d
+ and r15d,r11d
- xor r8d,r13d
- ror r13d,9
- or r14d,r11d
+ ror r14d,2
+ add r12d,r13d
+ add r8d,r15d
- xor r8d,r13d
- and r15d,r11d
add eax,r12d
-
- and r14d,r10d
add r8d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r8d,r14d
- mov r13d,DWORD PTR[20+rsp]
- mov r12d,DWORD PTR[8+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[20+rsp]
+ mov r14d,DWORD PTR[8+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[52+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[52+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[16+rsp]
mov r13d,eax
- mov r14d,eax
+ add r12d,r14d
+ mov r14d,r8d
+ ror r13d,14
mov r15d,ebx
+ mov DWORD PTR[16+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,eax
xor r15d,ecx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,edx
+ xor r14d,r8d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,eax
- mov DWORD PTR[16+rsp],r12d
+ mov edx,r9d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,eax
xor r15d,ecx
- add r12d,edx
-
- mov edx,r8d
- add r12d,r13d
+ xor edx,r10d
+ xor r14d,r8d
add r12d,r15d
- mov r13d,r8d
- mov r14d,r8d
+ mov r15d,r9d
- ror edx,2
- ror r13d,13
- mov r15d,r8d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and edx,r8d
+ and r15d,r10d
- xor edx,r13d
- ror r13d,9
- or r14d,r10d
+ ror r14d,2
+ add r12d,r13d
+ add edx,r15d
- xor edx,r13d
- and r15d,r10d
add r11d,r12d
-
- and r14d,r9d
add edx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add edx,r14d
- mov r13d,DWORD PTR[24+rsp]
- mov r12d,DWORD PTR[12+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[24+rsp]
+ mov r14d,DWORD PTR[12+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[56+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[56+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[20+rsp]
mov r13d,r11d
- mov r14d,r11d
+ add r12d,r14d
+ mov r14d,edx
+ ror r13d,14
mov r15d,eax
+ mov DWORD PTR[20+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r11d
xor r15d,ebx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ecx
+ xor r14d,edx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r11d
- mov DWORD PTR[20+rsp],r12d
+ mov ecx,r8d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r11d
xor r15d,ebx
- add r12d,ecx
-
- mov ecx,edx
- add r12d,r13d
+ xor ecx,r9d
+ xor r14d,edx
add r12d,r15d
- mov r13d,edx
- mov r14d,edx
+ mov r15d,r8d
- ror ecx,2
- ror r13d,13
- mov r15d,edx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ecx,edx
+ and r15d,r9d
- xor ecx,r13d
- ror r13d,9
- or r14d,r9d
+ ror r14d,2
+ add r12d,r13d
+ add ecx,r15d
- xor ecx,r13d
- and r15d,r9d
add r10d,r12d
-
- and r14d,r8d
add ecx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ecx,r14d
- mov r13d,DWORD PTR[28+rsp]
- mov r12d,DWORD PTR[16+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[28+rsp]
+ mov r14d,DWORD PTR[16+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[60+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[60+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[24+rsp]
mov r13d,r10d
- mov r14d,r10d
+ add r12d,r14d
+ mov r14d,ecx
+ ror r13d,14
mov r15d,r11d
+ mov DWORD PTR[24+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r10d
xor r15d,eax
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ebx
+ xor r14d,ecx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r10d
- mov DWORD PTR[24+rsp],r12d
+ mov ebx,edx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r10d
xor r15d,eax
- add r12d,ebx
-
- mov ebx,ecx
- add r12d,r13d
+ xor ebx,r8d
+ xor r14d,ecx
add r12d,r15d
- mov r13d,ecx
- mov r14d,ecx
+ mov r15d,edx
- ror ebx,2
- ror r13d,13
- mov r15d,ecx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ebx,ecx
+ and r15d,r8d
- xor ebx,r13d
- ror r13d,9
- or r14d,r8d
+ ror r14d,2
+ add r12d,r13d
+ add ebx,r15d
- xor ebx,r13d
- and r15d,r8d
add r9d,r12d
-
- and r14d,edx
add ebx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ebx,r14d
- mov r13d,DWORD PTR[32+rsp]
- mov r12d,DWORD PTR[20+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[32+rsp]
+ mov r14d,DWORD PTR[20+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[28+rsp]
mov r13d,r9d
- mov r14d,r9d
+ add r12d,r14d
+ mov r14d,ebx
+ ror r13d,14
mov r15d,r10d
+ mov DWORD PTR[28+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r9d
xor r15d,r11d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,eax
+ xor r14d,ebx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r9d
- mov DWORD PTR[28+rsp],r12d
+ mov eax,ecx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r9d
xor r15d,r11d
- add r12d,eax
-
- mov eax,ebx
- add r12d,r13d
+ xor eax,edx
+ xor r14d,ebx
add r12d,r15d
- mov r13d,ebx
- mov r14d,ebx
+ mov r15d,ecx
- ror eax,2
- ror r13d,13
- mov r15d,ebx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and eax,ebx
+ and r15d,edx
- xor eax,r13d
- ror r13d,9
- or r14d,edx
+ ror r14d,2
+ add r12d,r13d
+ add eax,r15d
- xor eax,r13d
- and r15d,edx
add r8d,r12d
-
- and r14d,ecx
add eax,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add eax,r14d
- mov r13d,DWORD PTR[36+rsp]
- mov r12d,DWORD PTR[24+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[36+rsp]
+ mov r14d,DWORD PTR[24+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[4+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[4+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[32+rsp]
mov r13d,r8d
- mov r14d,r8d
+ add r12d,r14d
+ mov r14d,eax
+ ror r13d,14
mov r15d,r9d
+ mov DWORD PTR[32+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r8d
xor r15d,r10d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r11d
+ xor r14d,eax
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r8d
- mov DWORD PTR[32+rsp],r12d
+ mov r11d,ebx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r8d
xor r15d,r10d
- add r12d,r11d
-
- mov r11d,eax
- add r12d,r13d
+ xor r11d,ecx
+ xor r14d,eax
add r12d,r15d
- mov r13d,eax
- mov r14d,eax
+ mov r15d,ebx
- ror r11d,2
- ror r13d,13
- mov r15d,eax
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r11d,eax
+ and r15d,ecx
- xor r11d,r13d
- ror r13d,9
- or r14d,ecx
+ ror r14d,2
+ add r12d,r13d
+ add r11d,r15d
- xor r11d,r13d
- and r15d,ecx
add edx,r12d
-
- and r14d,ebx
add r11d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r11d,r14d
- mov r13d,DWORD PTR[40+rsp]
- mov r12d,DWORD PTR[28+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[40+rsp]
+ mov r14d,DWORD PTR[28+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[8+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[8+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[36+rsp]
mov r13d,edx
- mov r14d,edx
+ add r12d,r14d
+ mov r14d,r11d
+ ror r13d,14
mov r15d,r8d
+ mov DWORD PTR[36+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,edx
xor r15d,r9d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r10d
+ xor r14d,r11d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,edx
- mov DWORD PTR[36+rsp],r12d
+ mov r10d,eax
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,edx
xor r15d,r9d
- add r12d,r10d
-
- mov r10d,r11d
- add r12d,r13d
+ xor r10d,ebx
+ xor r14d,r11d
add r12d,r15d
- mov r13d,r11d
- mov r14d,r11d
+ mov r15d,eax
- ror r10d,2
- ror r13d,13
- mov r15d,r11d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r10d,r11d
+ and r15d,ebx
- xor r10d,r13d
- ror r13d,9
- or r14d,ebx
+ ror r14d,2
+ add r12d,r13d
+ add r10d,r15d
- xor r10d,r13d
- and r15d,ebx
add ecx,r12d
-
- and r14d,eax
add r10d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r10d,r14d
- mov r13d,DWORD PTR[44+rsp]
- mov r12d,DWORD PTR[32+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[44+rsp]
+ mov r14d,DWORD PTR[32+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[12+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[12+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[40+rsp]
mov r13d,ecx
- mov r14d,ecx
+ add r12d,r14d
+ mov r14d,r10d
+ ror r13d,14
mov r15d,edx
+ mov DWORD PTR[40+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ecx
xor r15d,r8d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r9d
+ xor r14d,r10d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ecx
- mov DWORD PTR[40+rsp],r12d
+ mov r9d,r11d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ecx
xor r15d,r8d
- add r12d,r9d
-
- mov r9d,r10d
- add r12d,r13d
+ xor r9d,eax
+ xor r14d,r10d
add r12d,r15d
- mov r13d,r10d
- mov r14d,r10d
+ mov r15d,r11d
- ror r9d,2
- ror r13d,13
- mov r15d,r10d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r9d,r10d
+ and r15d,eax
- xor r9d,r13d
- ror r13d,9
- or r14d,eax
+ ror r14d,2
+ add r12d,r13d
+ add r9d,r15d
- xor r9d,r13d
- and r15d,eax
add ebx,r12d
-
- and r14d,r11d
add r9d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r9d,r14d
- mov r13d,DWORD PTR[48+rsp]
- mov r12d,DWORD PTR[36+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[48+rsp]
+ mov r14d,DWORD PTR[36+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[16+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[16+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[44+rsp]
mov r13d,ebx
- mov r14d,ebx
+ add r12d,r14d
+ mov r14d,r9d
+ ror r13d,14
mov r15d,ecx
+ mov DWORD PTR[44+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,ebx
xor r15d,edx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,r8d
+ xor r14d,r9d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,ebx
- mov DWORD PTR[44+rsp],r12d
+ mov r8d,r10d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,ebx
xor r15d,edx
- add r12d,r8d
-
- mov r8d,r9d
- add r12d,r13d
+ xor r8d,r11d
+ xor r14d,r9d
add r12d,r15d
- mov r13d,r9d
- mov r14d,r9d
+ mov r15d,r10d
- ror r8d,2
- ror r13d,13
- mov r15d,r9d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and r8d,r9d
+ and r15d,r11d
- xor r8d,r13d
- ror r13d,9
- or r14d,r11d
+ ror r14d,2
+ add r12d,r13d
+ add r8d,r15d
- xor r8d,r13d
- and r15d,r11d
add eax,r12d
-
- and r14d,r10d
add r8d,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add r8d,r14d
- mov r13d,DWORD PTR[52+rsp]
- mov r12d,DWORD PTR[40+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[52+rsp]
+ mov r14d,DWORD PTR[40+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[20+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[20+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[48+rsp]
mov r13d,eax
- mov r14d,eax
+ add r12d,r14d
+ mov r14d,r8d
+ ror r13d,14
mov r15d,ebx
+ mov DWORD PTR[48+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,eax
xor r15d,ecx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,edx
+ xor r14d,r8d
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,eax
- mov DWORD PTR[48+rsp],r12d
+ mov edx,r9d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,eax
xor r15d,ecx
- add r12d,edx
-
- mov edx,r8d
- add r12d,r13d
+ xor edx,r10d
+ xor r14d,r8d
add r12d,r15d
- mov r13d,r8d
- mov r14d,r8d
+ mov r15d,r9d
- ror edx,2
- ror r13d,13
- mov r15d,r8d
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and edx,r8d
+ and r15d,r10d
- xor edx,r13d
- ror r13d,9
- or r14d,r10d
+ ror r14d,2
+ add r12d,r13d
+ add edx,r15d
- xor edx,r13d
- and r15d,r10d
add r11d,r12d
-
- and r14d,r9d
add edx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add edx,r14d
- mov r13d,DWORD PTR[56+rsp]
- mov r12d,DWORD PTR[44+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[56+rsp]
+ mov r14d,DWORD PTR[44+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[24+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[24+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[52+rsp]
mov r13d,r11d
- mov r14d,r11d
+ add r12d,r14d
+ mov r14d,edx
+ ror r13d,14
mov r15d,eax
+ mov DWORD PTR[52+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r11d
xor r15d,ebx
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ecx
+ xor r14d,edx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r11d
- mov DWORD PTR[52+rsp],r12d
+ mov ecx,r8d
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r11d
xor r15d,ebx
- add r12d,ecx
-
- mov ecx,edx
- add r12d,r13d
+ xor ecx,r9d
+ xor r14d,edx
add r12d,r15d
- mov r13d,edx
- mov r14d,edx
+ mov r15d,r8d
- ror ecx,2
- ror r13d,13
- mov r15d,edx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ecx,edx
+ and r15d,r9d
- xor ecx,r13d
- ror r13d,9
- or r14d,r9d
+ ror r14d,2
+ add r12d,r13d
+ add ecx,r15d
- xor ecx,r13d
- and r15d,r9d
add r10d,r12d
-
- and r14d,r8d
add ecx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ecx,r14d
- mov r13d,DWORD PTR[60+rsp]
- mov r12d,DWORD PTR[48+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[60+rsp]
+ mov r14d,DWORD PTR[48+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
- xor r13d,r15d
- mov r14d,r12d
-
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[28+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[28+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[56+rsp]
mov r13d,r10d
- mov r14d,r10d
+ add r12d,r14d
+ mov r14d,ecx
+ ror r13d,14
mov r15d,r11d
+ mov DWORD PTR[56+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r10d
xor r15d,eax
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,ebx
+ xor r14d,ecx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r10d
- mov DWORD PTR[56+rsp],r12d
+ mov ebx,edx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r10d
xor r15d,eax
- add r12d,ebx
-
- mov ebx,ecx
- add r12d,r13d
+ xor ebx,r8d
+ xor r14d,ecx
add r12d,r15d
- mov r13d,ecx
- mov r14d,ecx
+ mov r15d,edx
- ror ebx,2
- ror r13d,13
- mov r15d,ecx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and ebx,ecx
+ and r15d,r8d
- xor ebx,r13d
- ror r13d,9
- or r14d,r8d
+ ror r14d,2
+ add r12d,r13d
+ add ebx,r15d
- xor ebx,r13d
- and r15d,r8d
add r9d,r12d
-
- and r14d,edx
add ebx,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add ebx,r14d
- mov r13d,DWORD PTR[rsp]
- mov r12d,DWORD PTR[52+rsp]
- mov r15d,r13d
+ mov r13d,DWORD PTR[rsp]
+ mov r14d,DWORD PTR[52+rsp]
+ mov r12d,r13d
+ mov r15d,r14d
+ ror r12d,11
+ xor r12d,r13d
shr r13d,3
- ror r15d,7
-
- xor r13d,r15d
- ror r15d,11
-
- xor r13d,r15d
- mov r14d,r12d
- shr r12d,10
- ror r14d,17
-
- xor r12d,r14d
- ror r14d,2
+ ror r12d,7
+ xor r13d,r12d
+ mov r12d,DWORD PTR[32+rsp]
- xor r12d,r14d
+ ror r15d,2
+ xor r15d,r14d
+ shr r14d,10
+ ror r15d,17
add r12d,r13d
-
- add r12d,DWORD PTR[32+rsp]
+ xor r14d,r15d
add r12d,DWORD PTR[60+rsp]
mov r13d,r9d
- mov r14d,r9d
+ add r12d,r14d
+ mov r14d,ebx
+ ror r13d,14
mov r15d,r10d
+ mov DWORD PTR[60+rsp],r12d
- ror r13d,6
- ror r14d,11
+ ror r14d,9
+ xor r13d,r9d
xor r15d,r11d
- xor r13d,r14d
- ror r14d,14
+ ror r13d,5
+ add r12d,eax
+ xor r14d,ebx
+
+ add r12d,DWORD PTR[rdi*4+rbp]
and r15d,r9d
- mov DWORD PTR[60+rsp],r12d
+ mov eax,ecx
- xor r13d,r14d
+ ror r14d,11
+ xor r13d,r9d
xor r15d,r11d
- add r12d,eax
-
- mov eax,ebx
- add r12d,r13d
+ xor eax,edx
+ xor r14d,ebx
add r12d,r15d
- mov r13d,ebx
- mov r14d,ebx
+ mov r15d,ecx
- ror eax,2
- ror r13d,13
- mov r15d,ebx
- add r12d,DWORD PTR[rdi*4+rbp]
+ ror r13d,6
+ and eax,ebx
+ and r15d,edx
- xor eax,r13d
- ror r13d,9
- or r14d,edx
+ ror r14d,2
+ add r12d,r13d
+ add eax,r15d
- xor eax,r13d
- and r15d,edx
add r8d,r12d
-
- and r14d,ecx
add eax,r12d
-
- or r14d,r15d
lea rdi,QWORD PTR[1+rdi]
-
add eax,r14d
+
cmp rdi,64
jb $L$rounds_16_xx
- mov rdi,QWORD PTR[((16*4+0*8))+rsp]
- lea rsi,QWORD PTR[((16*4))+rsi]
-
- add eax,DWORD PTR[((4*0))+rdi]
- add ebx,DWORD PTR[((4*1))+rdi]
- add ecx,DWORD PTR[((4*2))+rdi]
- add edx,DWORD PTR[((4*3))+rdi]
- add r8d,DWORD PTR[((4*4))+rdi]
- add r9d,DWORD PTR[((4*5))+rdi]
- add r10d,DWORD PTR[((4*6))+rdi]
- add r11d,DWORD PTR[((4*7))+rdi]
-
- cmp rsi,QWORD PTR[((16*4+2*8))+rsp]
-
- mov DWORD PTR[((4*0))+rdi],eax
- mov DWORD PTR[((4*1))+rdi],ebx
- mov DWORD PTR[((4*2))+rdi],ecx
- mov DWORD PTR[((4*3))+rdi],edx
- mov DWORD PTR[((4*4))+rdi],r8d
- mov DWORD PTR[((4*5))+rdi],r9d
- mov DWORD PTR[((4*6))+rdi],r10d
- mov DWORD PTR[((4*7))+rdi],r11d
+ mov rdi,QWORD PTR[((64+0))+rsp]
+ lea rsi,QWORD PTR[64+rsi]
+
+ add eax,DWORD PTR[rdi]
+ add ebx,DWORD PTR[4+rdi]
+ add ecx,DWORD PTR[8+rdi]
+ add edx,DWORD PTR[12+rdi]
+ add r8d,DWORD PTR[16+rdi]
+ add r9d,DWORD PTR[20+rdi]
+ add r10d,DWORD PTR[24+rdi]
+ add r11d,DWORD PTR[28+rdi]
+
+ cmp rsi,QWORD PTR[((64+16))+rsp]
+
+ mov DWORD PTR[rdi],eax
+ mov DWORD PTR[4+rdi],ebx
+ mov DWORD PTR[8+rdi],ecx
+ mov DWORD PTR[12+rdi],edx
+ mov DWORD PTR[16+rdi],r8d
+ mov DWORD PTR[20+rdi],r9d
+ mov DWORD PTR[24+rdi],r10d
+ mov DWORD PTR[28+rdi],r11d
jb $L$loop
- mov rsi,QWORD PTR[((16*4+3*8))+rsp]
+ mov rsi,QWORD PTR[((64+24))+rsp]
mov r15,QWORD PTR[rsi]
mov r14,QWORD PTR[8+rsi]
mov r13,QWORD PTR[16+rsi]
@@ -2010,7 +1818,7 @@ se_handler PROC PRIVATE
cmp rbx,r10
jae $L$in_prologue
- mov rax,QWORD PTR[((16*4+3*8))+rax]
+ mov rax,QWORD PTR[((64+24))+rax]
lea rax,QWORD PTR[48+rax]
mov rbx,QWORD PTR[((-8))+rax]
diff --git a/deps/openssl/asm/x64-win32-masm/whrlpool/wp-x86_64.asm b/deps/openssl/asm/x64-win32-masm/whrlpool/wp-x86_64.asm
index 25337b244..42b524dc8 100644
--- a/deps/openssl/asm/x64-win32-masm/whrlpool/wp-x86_64.asm
+++ b/deps/openssl/asm/x64-win32-masm/whrlpool/wp-x86_64.asm
@@ -37,39 +37,39 @@ $L$prologue::
xor rcx,rcx
xor rdx,rdx
- mov r8,QWORD PTR[((0*8))+rdi]
- mov r9,QWORD PTR[((1*8))+rdi]
- mov r10,QWORD PTR[((2*8))+rdi]
- mov r11,QWORD PTR[((3*8))+rdi]
- mov r12,QWORD PTR[((4*8))+rdi]
- mov r13,QWORD PTR[((5*8))+rdi]
- mov r14,QWORD PTR[((6*8))+rdi]
- mov r15,QWORD PTR[((7*8))+rdi]
+ mov r8,QWORD PTR[rdi]
+ mov r9,QWORD PTR[8+rdi]
+ mov r10,QWORD PTR[16+rdi]
+ mov r11,QWORD PTR[24+rdi]
+ mov r12,QWORD PTR[32+rdi]
+ mov r13,QWORD PTR[40+rdi]
+ mov r14,QWORD PTR[48+rdi]
+ mov r15,QWORD PTR[56+rdi]
$L$outerloop::
- mov QWORD PTR[((0*8))+rsp],r8
- mov QWORD PTR[((1*8))+rsp],r9
- mov QWORD PTR[((2*8))+rsp],r10
- mov QWORD PTR[((3*8))+rsp],r11
- mov QWORD PTR[((4*8))+rsp],r12
- mov QWORD PTR[((5*8))+rsp],r13
- mov QWORD PTR[((6*8))+rsp],r14
- mov QWORD PTR[((7*8))+rsp],r15
- xor r8,QWORD PTR[((0*8))+rsi]
- xor r9,QWORD PTR[((1*8))+rsi]
- xor r10,QWORD PTR[((2*8))+rsi]
- xor r11,QWORD PTR[((3*8))+rsi]
- xor r12,QWORD PTR[((4*8))+rsi]
- xor r13,QWORD PTR[((5*8))+rsi]
- xor r14,QWORD PTR[((6*8))+rsi]
- xor r15,QWORD PTR[((7*8))+rsi]
- mov QWORD PTR[((64+0*8))+rsp],r8
- mov QWORD PTR[((64+1*8))+rsp],r9
- mov QWORD PTR[((64+2*8))+rsp],r10
- mov QWORD PTR[((64+3*8))+rsp],r11
- mov QWORD PTR[((64+4*8))+rsp],r12
- mov QWORD PTR[((64+5*8))+rsp],r13
- mov QWORD PTR[((64+6*8))+rsp],r14
- mov QWORD PTR[((64+7*8))+rsp],r15
+ mov QWORD PTR[rsp],r8
+ mov QWORD PTR[8+rsp],r9
+ mov QWORD PTR[16+rsp],r10
+ mov QWORD PTR[24+rsp],r11
+ mov QWORD PTR[32+rsp],r12
+ mov QWORD PTR[40+rsp],r13
+ mov QWORD PTR[48+rsp],r14
+ mov QWORD PTR[56+rsp],r15
+ xor r8,QWORD PTR[rsi]
+ xor r9,QWORD PTR[8+rsi]
+ xor r10,QWORD PTR[16+rsi]
+ xor r11,QWORD PTR[24+rsi]
+ xor r12,QWORD PTR[32+rsi]
+ xor r13,QWORD PTR[40+rsi]
+ xor r14,QWORD PTR[48+rsi]
+ xor r15,QWORD PTR[56+rsi]
+ mov QWORD PTR[((64+0))+rsp],r8
+ mov QWORD PTR[((64+8))+rsp],r9
+ mov QWORD PTR[((64+16))+rsp],r10
+ mov QWORD PTR[((64+24))+rsp],r11
+ mov QWORD PTR[((64+32))+rsp],r12
+ mov QWORD PTR[((64+40))+rsp],r13
+ mov QWORD PTR[((64+48))+rsp],r14
+ mov QWORD PTR[((64+56))+rsp],r15
xor rsi,rsi
mov QWORD PTR[24+rbx],rsi
ALIGN 16
@@ -86,7 +86,7 @@ $L$round::
mov r9,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((0*8+8))+rsp]
+ mov eax,DWORD PTR[((0+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
mov r10,QWORD PTR[6+rsi*8+rbp]
@@ -100,7 +100,7 @@ $L$round::
mov r13,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((0*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((0+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
mov r14,QWORD PTR[2+rsi*8+rbp]
@@ -114,7 +114,7 @@ $L$round::
xor r10,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((1*8+8))+rsp]
+ mov eax,DWORD PTR[((8+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r11,QWORD PTR[6+rsi*8+rbp]
@@ -128,7 +128,7 @@ $L$round::
xor r14,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((1*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((8+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r15,QWORD PTR[2+rsi*8+rbp]
@@ -142,7 +142,7 @@ $L$round::
xor r11,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((2*8+8))+rsp]
+ mov eax,DWORD PTR[((16+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r12,QWORD PTR[6+rsi*8+rbp]
@@ -156,7 +156,7 @@ $L$round::
xor r15,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((2*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((16+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r8,QWORD PTR[2+rsi*8+rbp]
@@ -170,7 +170,7 @@ $L$round::
xor r12,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((3*8+8))+rsp]
+ mov eax,DWORD PTR[((24+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r13,QWORD PTR[6+rsi*8+rbp]
@@ -184,7 +184,7 @@ $L$round::
xor r8,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((3*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((24+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r9,QWORD PTR[2+rsi*8+rbp]
@@ -198,7 +198,7 @@ $L$round::
xor r13,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((4*8+8))+rsp]
+ mov eax,DWORD PTR[((32+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r14,QWORD PTR[6+rsi*8+rbp]
@@ -212,7 +212,7 @@ $L$round::
xor r9,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((4*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((32+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r10,QWORD PTR[2+rsi*8+rbp]
@@ -226,7 +226,7 @@ $L$round::
xor r14,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((5*8+8))+rsp]
+ mov eax,DWORD PTR[((40+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r15,QWORD PTR[6+rsi*8+rbp]
@@ -240,7 +240,7 @@ $L$round::
xor r10,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((5*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((40+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r11,QWORD PTR[2+rsi*8+rbp]
@@ -254,7 +254,7 @@ $L$round::
xor r15,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((6*8+8))+rsp]
+ mov eax,DWORD PTR[((48+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r8,QWORD PTR[6+rsi*8+rbp]
@@ -268,7 +268,7 @@ $L$round::
xor r11,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((6*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((48+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r12,QWORD PTR[2+rsi*8+rbp]
@@ -282,7 +282,7 @@ $L$round::
xor r8,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((7*8+8))+rsp]
+ mov eax,DWORD PTR[((56+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r9,QWORD PTR[6+rsi*8+rbp]
@@ -296,19 +296,19 @@ $L$round::
xor r12,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((7*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((56+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r13,QWORD PTR[2+rsi*8+rbp]
xor r14,QWORD PTR[1+rdi*8+rbp]
- mov QWORD PTR[((0*8))+rsp],r8
- mov QWORD PTR[((1*8))+rsp],r9
- mov QWORD PTR[((2*8))+rsp],r10
- mov QWORD PTR[((3*8))+rsp],r11
- mov QWORD PTR[((4*8))+rsp],r12
- mov QWORD PTR[((5*8))+rsp],r13
- mov QWORD PTR[((6*8))+rsp],r14
- mov QWORD PTR[((7*8))+rsp],r15
+ mov QWORD PTR[rsp],r8
+ mov QWORD PTR[8+rsp],r9
+ mov QWORD PTR[16+rsp],r10
+ mov QWORD PTR[24+rsp],r11
+ mov QWORD PTR[32+rsp],r12
+ mov QWORD PTR[40+rsp],r13
+ mov QWORD PTR[48+rsp],r14
+ mov QWORD PTR[56+rsp],r15
mov cl,al
mov dl,ah
lea rsi,QWORD PTR[rcx*1+rcx]
@@ -318,7 +318,7 @@ $L$round::
xor r9,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+0*8+8))+rsp]
+ mov eax,DWORD PTR[((64+0+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r10,QWORD PTR[6+rsi*8+rbp]
@@ -332,7 +332,7 @@ $L$round::
xor r13,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+0*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+0+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r14,QWORD PTR[2+rsi*8+rbp]
@@ -346,7 +346,7 @@ $L$round::
xor r10,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+1*8+8))+rsp]
+ mov eax,DWORD PTR[((64+8+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r11,QWORD PTR[6+rsi*8+rbp]
@@ -360,7 +360,7 @@ $L$round::
xor r14,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+1*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+8+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r15,QWORD PTR[2+rsi*8+rbp]
@@ -374,7 +374,7 @@ $L$round::
xor r11,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+2*8+8))+rsp]
+ mov eax,DWORD PTR[((64+16+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r12,QWORD PTR[6+rsi*8+rbp]
@@ -388,7 +388,7 @@ $L$round::
xor r15,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+2*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+16+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r8,QWORD PTR[2+rsi*8+rbp]
@@ -402,7 +402,7 @@ $L$round::
xor r12,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+3*8+8))+rsp]
+ mov eax,DWORD PTR[((64+24+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r13,QWORD PTR[6+rsi*8+rbp]
@@ -416,7 +416,7 @@ $L$round::
xor r8,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+3*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+24+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r9,QWORD PTR[2+rsi*8+rbp]
@@ -430,7 +430,7 @@ $L$round::
xor r13,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+4*8+8))+rsp]
+ mov eax,DWORD PTR[((64+32+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r14,QWORD PTR[6+rsi*8+rbp]
@@ -444,7 +444,7 @@ $L$round::
xor r9,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+4*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+32+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r10,QWORD PTR[2+rsi*8+rbp]
@@ -458,7 +458,7 @@ $L$round::
xor r14,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+5*8+8))+rsp]
+ mov eax,DWORD PTR[((64+40+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r15,QWORD PTR[6+rsi*8+rbp]
@@ -472,7 +472,7 @@ $L$round::
xor r10,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+5*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+40+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r11,QWORD PTR[2+rsi*8+rbp]
@@ -486,7 +486,7 @@ $L$round::
xor r15,QWORD PTR[7+rdi*8+rbp]
mov cl,al
mov dl,ah
- mov eax,DWORD PTR[((64+6*8+8))+rsp]
+ mov eax,DWORD PTR[((64+48+8))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r8,QWORD PTR[6+rsi*8+rbp]
@@ -500,7 +500,7 @@ $L$round::
xor r11,QWORD PTR[3+rdi*8+rbp]
mov cl,bl
mov dl,bh
- mov ebx,DWORD PTR[((64+6*8+8+4))+rsp]
+ mov ebx,DWORD PTR[((64+48+8+4))+rsp]
lea rsi,QWORD PTR[rcx*1+rcx]
lea rdi,QWORD PTR[rdx*1+rdx]
xor r12,QWORD PTR[2+rsi*8+rbp]
@@ -540,44 +540,44 @@ $L$round::
je $L$roundsdone
mov QWORD PTR[24+rbx],rsi
- mov QWORD PTR[((64+0*8))+rsp],r8
- mov QWORD PTR[((64+1*8))+rsp],r9
- mov QWORD PTR[((64+2*8))+rsp],r10
- mov QWORD PTR[((64+3*8))+rsp],r11
- mov QWORD PTR[((64+4*8))+rsp],r12
- mov QWORD PTR[((64+5*8))+rsp],r13
- mov QWORD PTR[((64+6*8))+rsp],r14
- mov QWORD PTR[((64+7*8))+rsp],r15
+ mov QWORD PTR[((64+0))+rsp],r8
+ mov QWORD PTR[((64+8))+rsp],r9
+ mov QWORD PTR[((64+16))+rsp],r10
+ mov QWORD PTR[((64+24))+rsp],r11
+ mov QWORD PTR[((64+32))+rsp],r12
+ mov QWORD PTR[((64+40))+rsp],r13
+ mov QWORD PTR[((64+48))+rsp],r14
+ mov QWORD PTR[((64+56))+rsp],r15
jmp $L$round
ALIGN 16
$L$roundsdone::
mov rdi,QWORD PTR[rbx]
mov rsi,QWORD PTR[8+rbx]
mov rax,QWORD PTR[16+rbx]
- xor r8,QWORD PTR[((0*8))+rsi]
- xor r9,QWORD PTR[((1*8))+rsi]
- xor r10,QWORD PTR[((2*8))+rsi]
- xor r11,QWORD PTR[((3*8))+rsi]
- xor r12,QWORD PTR[((4*8))+rsi]
- xor r13,QWORD PTR[((5*8))+rsi]
- xor r14,QWORD PTR[((6*8))+rsi]
- xor r15,QWORD PTR[((7*8))+rsi]
- xor r8,QWORD PTR[((0*8))+rdi]
- xor r9,QWORD PTR[((1*8))+rdi]
- xor r10,QWORD PTR[((2*8))+rdi]
- xor r11,QWORD PTR[((3*8))+rdi]
- xor r12,QWORD PTR[((4*8))+rdi]
- xor r13,QWORD PTR[((5*8))+rdi]
- xor r14,QWORD PTR[((6*8))+rdi]
- xor r15,QWORD PTR[((7*8))+rdi]
- mov QWORD PTR[((0*8))+rdi],r8
- mov QWORD PTR[((1*8))+rdi],r9
- mov QWORD PTR[((2*8))+rdi],r10
- mov QWORD PTR[((3*8))+rdi],r11
- mov QWORD PTR[((4*8))+rdi],r12
- mov QWORD PTR[((5*8))+rdi],r13
- mov QWORD PTR[((6*8))+rdi],r14
- mov QWORD PTR[((7*8))+rdi],r15
+ xor r8,QWORD PTR[rsi]
+ xor r9,QWORD PTR[8+rsi]
+ xor r10,QWORD PTR[16+rsi]
+ xor r11,QWORD PTR[24+rsi]
+ xor r12,QWORD PTR[32+rsi]
+ xor r13,QWORD PTR[40+rsi]
+ xor r14,QWORD PTR[48+rsi]
+ xor r15,QWORD PTR[56+rsi]
+ xor r8,QWORD PTR[rdi]
+ xor r9,QWORD PTR[8+rdi]
+ xor r10,QWORD PTR[16+rdi]
+ xor r11,QWORD PTR[24+rdi]
+ xor r12,QWORD PTR[32+rdi]
+ xor r13,QWORD PTR[40+rdi]
+ xor r14,QWORD PTR[48+rdi]
+ xor r15,QWORD PTR[56+rdi]
+ mov QWORD PTR[rdi],r8
+ mov QWORD PTR[8+rdi],r9
+ mov QWORD PTR[16+rdi],r10
+ mov QWORD PTR[24+rdi],r11
+ mov QWORD PTR[32+rdi],r12
+ mov QWORD PTR[40+rdi],r13
+ mov QWORD PTR[48+rdi],r14
+ mov QWORD PTR[56+rdi],r15
lea rsi,QWORD PTR[64+rsi]
sub rax,1
jz $L$alldone
diff --git a/deps/openssl/asm/x64-win32-masm/x86_64cpuid.asm b/deps/openssl/asm/x64-win32-masm/x86_64cpuid.asm
index cdf7f90ca..497160cbc 100644
--- a/deps/openssl/asm/x64-win32-masm/x86_64cpuid.asm
+++ b/deps/openssl/asm/x64-win32-masm/x86_64cpuid.asm
@@ -1,9 +1,15 @@
OPTION DOTNAME
EXTERN OPENSSL_cpuid_setup:NEAR
+
.CRT$XCU SEGMENT READONLY ALIGN(8)
DQ OPENSSL_cpuid_setup
+
.CRT$XCU ENDS
+_DATA SEGMENT
+COMM OPENSSL_ia32cap_P:DWORD:2
+
+_DATA ENDS
.text$ SEGMENT ALIGN(64) 'CODE'
PUBLIC OPENSSL_atomic_add
@@ -68,7 +74,15 @@ OPENSSL_ia32_cpuid PROC PUBLIC
mov eax,080000000h
cpuid
- cmp eax,080000008h
+ cmp eax,080000001h
+ jb $L$intel
+ mov r10d,eax
+ mov eax,080000001h
+ cpuid
+ or r9d,ecx
+ and r9d,000000801h
+
+ cmp r10d,080000008h
jb $L$intel
mov eax,080000008h
@@ -79,12 +93,12 @@ OPENSSL_ia32_cpuid PROC PUBLIC
mov eax,1
cpuid
bt edx,28
- jnc $L$done
+ jnc $L$generic
shr ebx,16
cmp bl,r10b
- ja $L$done
+ ja $L$generic
and edx,0efffffffh
- jmp $L$done
+ jmp $L$generic
$L$intel::
cmp r11d,4
@@ -101,30 +115,48 @@ $L$intel::
$L$nocacheinfo::
mov eax,1
cpuid
+ and edx,0bfefffffh
cmp r9d,0
jne $L$notintel
- or edx,000100000h
+ or edx,040000000h
and ah,15
cmp ah,15
- je $L$notintel
- or edx,040000000h
+ jne $L$notintel
+ or edx,000100000h
$L$notintel::
bt edx,28
- jnc $L$done
+ jnc $L$generic
and edx,0efffffffh
cmp r10d,0
- je $L$done
+ je $L$generic
or edx,010000000h
shr ebx,16
cmp bl,1
- ja $L$done
+ ja $L$generic
and edx,0efffffffh
+$L$generic::
+ and r9d,000000800h
+ and ecx,0fffff7ffh
+ or r9d,ecx
+
+ mov r10d,edx
+ bt r9d,27
+ jnc $L$clear_avx
+ xor ecx,ecx
+DB 00fh,001h,0d0h
+
+ and eax,6
+ cmp eax,6
+ je $L$done
+$L$clear_avx::
+ mov eax,0efffe7ffh
+ and r9d,eax
$L$done::
- shl rcx,32
- mov eax,edx
+ shl r9,32
+ mov eax,r10d
mov rbx,r8
- or rax,rcx
+ or rax,r9
DB 0F3h,0C3h ;repret
OPENSSL_ia32_cpuid ENDP
@@ -181,6 +213,20 @@ OPENSSL_wipe_cpu PROC PUBLIC
lea rax,QWORD PTR[8+rsp]
DB 0F3h,0C3h ;repret
OPENSSL_wipe_cpu ENDP
+PUBLIC OPENSSL_ia32_rdrand
+
+ALIGN 16
+OPENSSL_ia32_rdrand PROC PUBLIC
+ mov ecx,8
+$L$oop_rdrand::
+DB 72,15,199,240
+ jc $L$break_rdrand
+ loop $L$oop_rdrand
+$L$break_rdrand::
+ cmp rax,0
+ cmove rax,rcx
+ DB 0F3h,0C3h ;repret
+OPENSSL_ia32_rdrand ENDP
.text$ ENDS
END
diff --git a/deps/openssl/asm/x86-elf-gas/aes/aes-586.s b/deps/openssl/asm/x86-elf-gas/aes/aes-586.s
index 34c90a068..f586d3df6 100644
--- a/deps/openssl/asm/x86-elf-gas/aes/aes-586.s
+++ b/deps/openssl/asm/x86-elf-gas/aes/aes-586.s
@@ -2986,19 +2986,19 @@ _x86_AES_set_encrypt_key:
popl %ebp
ret
.size _x86_AES_set_encrypt_key,.-_x86_AES_set_encrypt_key
-.globl AES_set_encrypt_key
-.type AES_set_encrypt_key,@function
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,@function
.align 16
-AES_set_encrypt_key:
-.L_AES_set_encrypt_key_begin:
+private_AES_set_encrypt_key:
+.L_private_AES_set_encrypt_key_begin:
call _x86_AES_set_encrypt_key
ret
-.size AES_set_encrypt_key,.-.L_AES_set_encrypt_key_begin
-.globl AES_set_decrypt_key
-.type AES_set_decrypt_key,@function
+.size private_AES_set_encrypt_key,.-.L_private_AES_set_encrypt_key_begin
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,@function
.align 16
-AES_set_decrypt_key:
-.L_AES_set_decrypt_key_begin:
+private_AES_set_decrypt_key:
+.L_private_AES_set_decrypt_key_begin:
call _x86_AES_set_encrypt_key
cmpl $0,%eax
je .L054proceed
@@ -3227,8 +3227,8 @@ AES_set_decrypt_key:
popl %ebx
popl %ebp
ret
-.size AES_set_decrypt_key,.-.L_AES_set_decrypt_key_begin
+.size private_AES_set_decrypt_key,.-.L_private_AES_set_decrypt_key_begin
.byte 65,69,83,32,102,111,114,32,120,56,54,44,32,67,82,89
.byte 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
.byte 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
-.comm OPENSSL_ia32cap_P,4,4
+.comm OPENSSL_ia32cap_P,8,4
diff --git a/deps/openssl/asm/x86-elf-gas/camellia/cmll-x86.s b/deps/openssl/asm/x86-elf-gas/camellia/cmll-x86.s
index a896314cf..5c87910e3 100644
--- a/deps/openssl/asm/x86-elf-gas/camellia/cmll-x86.s
+++ b/deps/openssl/asm/x86-elf-gas/camellia/cmll-x86.s
@@ -1537,11 +1537,11 @@ Camellia_Ekeygen:
popl %ebp
ret
.size Camellia_Ekeygen,.-.L_Camellia_Ekeygen_begin
-.globl Camellia_set_key
-.type Camellia_set_key,@function
+.globl private_Camellia_set_key
+.type private_Camellia_set_key,@function
.align 16
-Camellia_set_key:
-.L_Camellia_set_key_begin:
+private_Camellia_set_key:
+.L_private_Camellia_set_key_begin:
pushl %ebx
movl 8(%esp),%ecx
movl 12(%esp),%ebx
@@ -1571,7 +1571,7 @@ Camellia_set_key:
.L014done:
popl %ebx
ret
-.size Camellia_set_key,.-.L_Camellia_set_key_begin
+.size private_Camellia_set_key,.-.L_private_Camellia_set_key_begin
.align 64
.LCamellia_SIGMA:
.long 2694735487,1003262091,3061508184,1286239154,3337565999,3914302142,1426019237,4057165596,283453434,3731369245,2958461122,3018244605,0,0,0,0
diff --git a/deps/openssl/asm/x86-elf-gas/rc4/rc4-586.s b/deps/openssl/asm/x86-elf-gas/rc4/rc4-586.s
index 9ba94e4b1..513ce6a58 100644
--- a/deps/openssl/asm/x86-elf-gas/rc4/rc4-586.s
+++ b/deps/openssl/asm/x86-elf-gas/rc4/rc4-586.s
@@ -29,11 +29,146 @@ RC4:
movl (%edi,%eax,4),%ecx
andl $-4,%edx
jz .L002loop1
- leal -4(%esi,%edx,1),%edx
- movl %edx,28(%esp)
+ testl $-8,%edx
movl %ebp,32(%esp)
+ jz .L003go4loop4
+ leal OPENSSL_ia32cap_P,%ebp
+ btl $26,(%ebp)
+ jnc .L003go4loop4
+ movl 32(%esp),%ebp
+ andl $-8,%edx
+ leal -8(%esi,%edx,1),%edx
+ movl %edx,-4(%edi)
+ addb %cl,%bl
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ movq (%esi),%mm0
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm2
+ jmp .L004loop_mmx_enter
+.align 16
+.L005loop_mmx:
+ addb %cl,%bl
+ psllq $56,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movq (%esi),%mm0
+ movq %mm2,-8(%ebp,%esi,1)
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm2
+.L004loop_mmx_enter:
+ addb %cl,%bl
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm0,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $8,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $16,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $24,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $32,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $40,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $48,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ movl %ebx,%edx
+ xorl %ebx,%ebx
+ movb %dl,%bl
+ cmpl -4(%edi),%esi
+ leal 8(%esi),%esi
+ jb .L005loop_mmx
+ psllq $56,%mm1
+ pxor %mm1,%mm2
+ movq %mm2,-8(%ebp,%esi,1)
+ emms
+ cmpl 24(%esp),%esi
+ je .L006done
+ jmp .L002loop1
.align 16
-.L003loop4:
+.L003go4loop4:
+ leal -4(%esi,%edx,1),%edx
+ movl %edx,28(%esp)
+.L007loop4:
addb %cl,%bl
movl (%edi,%ebx,4),%edx
movl %ecx,(%edi,%ebx,4)
@@ -79,9 +214,9 @@ RC4:
movl %ebp,(%ecx,%esi,1)
leal 4(%esi),%esi
movl (%edi,%eax,4),%ecx
- jb .L003loop4
+ jb .L007loop4
cmpl 24(%esp),%esi
- je .L004done
+ je .L006done
movl 32(%esp),%ebp
.align 16
.L002loop1:
@@ -99,11 +234,11 @@ RC4:
cmpl 24(%esp),%esi
movb %dl,-1(%ebp,%esi,1)
jb .L002loop1
- jmp .L004done
+ jmp .L006done
.align 16
.L001RC4_CHAR:
movzbl (%edi,%eax,1),%ecx
-.L005cloop1:
+.L008cloop1:
addb %cl,%bl
movzbl (%edi,%ebx,1),%edx
movb %cl,(%edi,%ebx,1)
@@ -116,10 +251,10 @@ RC4:
movzbl (%edi,%eax,1),%ecx
cmpl 24(%esp),%esi
movb %dl,-1(%ebp,%esi,1)
- jb .L005cloop1
-.L004done:
+ jb .L008cloop1
+.L006done:
decb %al
- movb %bl,-4(%edi)
+ movl %ebx,-4(%edi)
movb %al,-8(%edi)
.L000abort:
popl %edi
@@ -128,11 +263,11 @@ RC4:
popl %ebp
ret
.size RC4,.-.L_RC4_begin
-.globl RC4_set_key
-.type RC4_set_key,@function
+.globl private_RC4_set_key
+.type private_RC4_set_key,@function
.align 16
-RC4_set_key:
-.L_RC4_set_key_begin:
+private_RC4_set_key:
+.L_private_RC4_set_key_begin:
pushl %ebp
pushl %ebx
pushl %esi
@@ -147,53 +282,53 @@ RC4_set_key:
xorl %eax,%eax
movl %ebp,-4(%edi)
btl $20,(%edx)
- jc .L006c1stloop
+ jc .L009c1stloop
.align 16
-.L007w1stloop:
+.L010w1stloop:
movl %eax,(%edi,%eax,4)
addb $1,%al
- jnc .L007w1stloop
+ jnc .L010w1stloop
xorl %ecx,%ecx
xorl %edx,%edx
.align 16
-.L008w2ndloop:
+.L011w2ndloop:
movl (%edi,%ecx,4),%eax
addb (%esi,%ebp,1),%dl
addb %al,%dl
addl $1,%ebp
movl (%edi,%edx,4),%ebx
- jnz .L009wnowrap
+ jnz .L012wnowrap
movl -4(%edi),%ebp
-.L009wnowrap:
+.L012wnowrap:
movl %eax,(%edi,%edx,4)
movl %ebx,(%edi,%ecx,4)
addb $1,%cl
- jnc .L008w2ndloop
- jmp .L010exit
+ jnc .L011w2ndloop
+ jmp .L013exit
.align 16
-.L006c1stloop:
+.L009c1stloop:
movb %al,(%edi,%eax,1)
addb $1,%al
- jnc .L006c1stloop
+ jnc .L009c1stloop
xorl %ecx,%ecx
xorl %edx,%edx
xorl %ebx,%ebx
.align 16
-.L011c2ndloop:
+.L014c2ndloop:
movb (%edi,%ecx,1),%al
addb (%esi,%ebp,1),%dl
addb %al,%dl
addl $1,%ebp
movb (%edi,%edx,1),%bl
- jnz .L012cnowrap
+ jnz .L015cnowrap
movl -4(%edi),%ebp
-.L012cnowrap:
+.L015cnowrap:
movb %al,(%edi,%edx,1)
movb %bl,(%edi,%ecx,1)
addb $1,%cl
- jnc .L011c2ndloop
+ jnc .L014c2ndloop
movl $-1,256(%edi)
-.L010exit:
+.L013exit:
xorl %eax,%eax
movl %eax,-8(%edi)
movl %eax,-4(%edi)
@@ -202,29 +337,36 @@ RC4_set_key:
popl %ebx
popl %ebp
ret
-.size RC4_set_key,.-.L_RC4_set_key_begin
+.size private_RC4_set_key,.-.L_private_RC4_set_key_begin
.globl RC4_options
.type RC4_options,@function
.align 16
RC4_options:
.L_RC4_options_begin:
- call .L013pic_point
-.L013pic_point:
+ call .L016pic_point
+.L016pic_point:
popl %eax
- leal .L014opts-.L013pic_point(%eax),%eax
+ leal .L017opts-.L016pic_point(%eax),%eax
leal OPENSSL_ia32cap_P,%edx
- btl $20,(%edx)
- jnc .L015skip
+ movl (%edx),%edx
+ btl $20,%edx
+ jc .L0181xchar
+ btl $26,%edx
+ jnc .L019ret
+ addl $25,%eax
+ ret
+.L0181xchar:
addl $12,%eax
-.L015skip:
+.L019ret:
ret
.align 64
-.L014opts:
+.L017opts:
.byte 114,99,52,40,52,120,44,105,110,116,41,0
.byte 114,99,52,40,49,120,44,99,104,97,114,41,0
+.byte 114,99,52,40,56,120,44,109,109,120,41,0
.byte 82,67,52,32,102,111,114,32,120,56,54,44,32,67,82,89
.byte 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
.byte 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 64
.size RC4_options,.-.L_RC4_options_begin
-.comm OPENSSL_ia32cap_P,4,4
+.comm OPENSSL_ia32cap_P,8,4
diff --git a/deps/openssl/asm/x86-elf-gas/sha/sha1-586.s b/deps/openssl/asm/x86-elf-gas/sha/sha1-586.s
index cccb1aba8..e77f65412 100644
--- a/deps/openssl/asm/x86-elf-gas/sha/sha1-586.s
+++ b/deps/openssl/asm/x86-elf-gas/sha/sha1-586.s
@@ -12,11 +12,12 @@ sha1_block_data_order:
movl 20(%esp),%ebp
movl 24(%esp),%esi
movl 28(%esp),%eax
- subl $64,%esp
+ subl $76,%esp
shll $6,%eax
addl %esi,%eax
- movl %eax,92(%esp)
+ movl %eax,104(%esp)
movl 16(%ebp),%edi
+ jmp .L000loop
.align 16
.L000loop:
movl (%esi),%eax
@@ -67,7 +68,7 @@ sha1_block_data_order:
movl %ebx,52(%esp)
movl %ecx,56(%esp)
movl %edx,60(%esp)
- movl %esi,88(%esp)
+ movl %esi,100(%esp)
movl (%ebp),%eax
movl 4(%ebp),%ebx
movl 8(%ebp),%ecx
@@ -78,10 +79,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl (%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
@@ -90,10 +91,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 4(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
@@ -102,10 +103,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 8(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
@@ -114,10 +115,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 12(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
addl %ecx,%ebp
@@ -126,10 +127,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %esi,%ebx
addl %eax,%ebp
- andl %edx,%ebx
movl 16(%esp),%eax
- xorl %esi,%ebx
+ andl %edx,%ebx
rorl $2,%edx
+ xorl %esi,%ebx
leal 1518500249(%ebp,%eax,1),%ebp
addl %ebx,%ebp
@@ -138,10 +139,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %edi,%eax
addl %esi,%ebp
- andl %ecx,%eax
movl 20(%esp),%esi
- xorl %edi,%eax
+ andl %ecx,%eax
rorl $2,%ecx
+ xorl %edi,%eax
leal 1518500249(%ebp,%esi,1),%ebp
addl %eax,%ebp
@@ -150,10 +151,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl 24(%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
@@ -162,10 +163,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 28(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
@@ -174,10 +175,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 32(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
@@ -186,10 +187,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 36(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
addl %ecx,%ebp
@@ -198,10 +199,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %esi,%ebx
addl %eax,%ebp
- andl %edx,%ebx
movl 40(%esp),%eax
- xorl %esi,%ebx
+ andl %edx,%ebx
rorl $2,%edx
+ xorl %esi,%ebx
leal 1518500249(%ebp,%eax,1),%ebp
addl %ebx,%ebp
@@ -210,10 +211,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %edi,%eax
addl %esi,%ebp
- andl %ecx,%eax
movl 44(%esp),%esi
- xorl %edi,%eax
+ andl %ecx,%eax
rorl $2,%ecx
+ xorl %edi,%eax
leal 1518500249(%ebp,%esi,1),%ebp
addl %eax,%ebp
@@ -222,10 +223,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl 48(%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
@@ -234,10 +235,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 52(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
@@ -246,10 +247,10 @@ sha1_block_data_order:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 56(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
@@ -258,1162 +259,1099 @@ sha1_block_data_order:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 60(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
+ movl (%esp),%ebx
addl %ebp,%ecx
- movl (%esp),%ebx
movl %edi,%ebp
xorl 8(%esp),%ebx
xorl %esi,%ebp
xorl 32(%esp),%ebx
andl %edx,%ebp
- rorl $2,%edx
xorl 52(%esp),%ebx
roll $1,%ebx
xorl %esi,%ebp
+ addl %ebp,%eax
+ movl %ecx,%ebp
+ rorl $2,%edx
movl %ebx,(%esp)
+ roll $5,%ebp
leal 1518500249(%ebx,%eax,1),%ebx
- movl %ecx,%eax
- roll $5,%eax
+ movl 4(%esp),%eax
addl %ebp,%ebx
- addl %eax,%ebx
- movl 4(%esp),%eax
movl %edx,%ebp
xorl 12(%esp),%eax
xorl %edi,%ebp
xorl 36(%esp),%eax
andl %ecx,%ebp
- rorl $2,%ecx
xorl 56(%esp),%eax
roll $1,%eax
xorl %edi,%ebp
+ addl %ebp,%esi
+ movl %ebx,%ebp
+ rorl $2,%ecx
movl %eax,4(%esp)
+ roll $5,%ebp
leal 1518500249(%eax,%esi,1),%eax
- movl %ebx,%esi
- roll $5,%esi
+ movl 8(%esp),%esi
addl %ebp,%eax
- addl %esi,%eax
- movl 8(%esp),%esi
movl %ecx,%ebp
xorl 16(%esp),%esi
xorl %edx,%ebp
xorl 40(%esp),%esi
andl %ebx,%ebp
- rorl $2,%ebx
xorl 60(%esp),%esi
roll $1,%esi
xorl %edx,%ebp
+ addl %ebp,%edi
+ movl %eax,%ebp
+ rorl $2,%ebx
movl %esi,8(%esp)
+ roll $5,%ebp
leal 1518500249(%esi,%edi,1),%esi
- movl %eax,%edi
- roll $5,%edi
+ movl 12(%esp),%edi
addl %ebp,%esi
- addl %edi,%esi
- movl 12(%esp),%edi
movl %ebx,%ebp
xorl 20(%esp),%edi
xorl %ecx,%ebp
xorl 44(%esp),%edi
andl %eax,%ebp
- rorl $2,%eax
xorl (%esp),%edi
roll $1,%edi
xorl %ecx,%ebp
+ addl %ebp,%edx
+ movl %esi,%ebp
+ rorl $2,%eax
movl %edi,12(%esp)
+ roll $5,%ebp
leal 1518500249(%edi,%edx,1),%edi
- movl %esi,%edx
- roll $5,%edx
+ movl 16(%esp),%edx
addl %ebp,%edi
- addl %edx,%edi
movl %esi,%ebp
- movl 16(%esp),%edx
- rorl $2,%esi
xorl 24(%esp),%edx
xorl %eax,%ebp
xorl 48(%esp),%edx
xorl %ebx,%ebp
xorl 4(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,16(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 20(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 20(%esp),%ecx
- rorl $2,%edi
xorl 28(%esp),%ecx
xorl %esi,%ebp
xorl 52(%esp),%ecx
xorl %eax,%ebp
xorl 8(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,20(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 24(%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl 24(%esp),%ebx
- rorl $2,%edx
xorl 32(%esp),%ebx
xorl %edi,%ebp
xorl 56(%esp),%ebx
xorl %esi,%ebp
xorl 12(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,24(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 28(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 28(%esp),%eax
- rorl $2,%ecx
xorl 36(%esp),%eax
xorl %edx,%ebp
xorl 60(%esp),%eax
xorl %edi,%ebp
xorl 16(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,28(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 32(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 32(%esp),%esi
- rorl $2,%ebx
xorl 40(%esp),%esi
xorl %ecx,%ebp
xorl (%esp),%esi
xorl %edx,%ebp
xorl 20(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,32(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 36(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 36(%esp),%edi
- rorl $2,%eax
xorl 44(%esp),%edi
xorl %ebx,%ebp
xorl 4(%esp),%edi
xorl %ecx,%ebp
xorl 24(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,36(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl 40(%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl 40(%esp),%edx
- rorl $2,%esi
xorl 48(%esp),%edx
xorl %eax,%ebp
xorl 8(%esp),%edx
xorl %ebx,%ebp
xorl 28(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,40(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 44(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 44(%esp),%ecx
- rorl $2,%edi
xorl 52(%esp),%ecx
xorl %esi,%ebp
xorl 12(%esp),%ecx
xorl %eax,%ebp
xorl 32(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,44(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 48(%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl 48(%esp),%ebx
- rorl $2,%edx
xorl 56(%esp),%ebx
xorl %edi,%ebp
xorl 16(%esp),%ebx
xorl %esi,%ebp
xorl 36(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,48(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 52(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 52(%esp),%eax
- rorl $2,%ecx
xorl 60(%esp),%eax
xorl %edx,%ebp
xorl 20(%esp),%eax
xorl %edi,%ebp
xorl 40(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,52(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 56(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 56(%esp),%esi
- rorl $2,%ebx
xorl (%esp),%esi
xorl %ecx,%ebp
xorl 24(%esp),%esi
xorl %edx,%ebp
xorl 44(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,56(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 60(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 60(%esp),%edi
- rorl $2,%eax
xorl 4(%esp),%edi
xorl %ebx,%ebp
xorl 28(%esp),%edi
xorl %ecx,%ebp
xorl 48(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,60(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl (%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl (%esp),%edx
- rorl $2,%esi
xorl 8(%esp),%edx
xorl %eax,%ebp
xorl 32(%esp),%edx
xorl %ebx,%ebp
xorl 52(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 4(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 4(%esp),%ecx
- rorl $2,%edi
xorl 12(%esp),%ecx
xorl %esi,%ebp
xorl 36(%esp),%ecx
xorl %eax,%ebp
xorl 56(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,4(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 8(%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl 8(%esp),%ebx
- rorl $2,%edx
xorl 16(%esp),%ebx
xorl %edi,%ebp
xorl 40(%esp),%ebx
xorl %esi,%ebp
xorl 60(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,8(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 12(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 12(%esp),%eax
- rorl $2,%ecx
xorl 20(%esp),%eax
xorl %edx,%ebp
xorl 44(%esp),%eax
xorl %edi,%ebp
xorl (%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,12(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 16(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 16(%esp),%esi
- rorl $2,%ebx
xorl 24(%esp),%esi
xorl %ecx,%ebp
xorl 48(%esp),%esi
xorl %edx,%ebp
xorl 4(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,16(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 20(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 20(%esp),%edi
- rorl $2,%eax
xorl 28(%esp),%edi
xorl %ebx,%ebp
xorl 52(%esp),%edi
xorl %ecx,%ebp
xorl 8(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,20(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl 24(%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl 24(%esp),%edx
- rorl $2,%esi
xorl 32(%esp),%edx
xorl %eax,%ebp
xorl 56(%esp),%edx
xorl %ebx,%ebp
xorl 12(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,24(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 28(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 28(%esp),%ecx
- rorl $2,%edi
xorl 36(%esp),%ecx
xorl %esi,%ebp
xorl 60(%esp),%ecx
xorl %eax,%ebp
xorl 16(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,28(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
-
+ leal 1859775393(%ecx,%ebx,1),%ecx
movl 32(%esp),%ebx
- movl 40(%esp),%ebp
- xorl %ebp,%ebx
- movl (%esp),%ebp
- xorl %ebp,%ebx
- movl 20(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ addl %ebp,%ecx
+
+ movl %edi,%ebp
+ xorl 40(%esp),%ebx
+ xorl %esi,%ebp
+ xorl (%esp),%ebx
+ andl %edx,%ebp
+ xorl 20(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,32(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,32(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
-
+ andl %esi,%ebp
movl 36(%esp),%eax
- movl 44(%esp),%ebp
- xorl %ebp,%eax
- movl 4(%esp),%ebp
- xorl %ebp,%eax
- movl 24(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ addl %ebp,%ebx
+
+ movl %edx,%ebp
+ xorl 44(%esp),%eax
+ xorl %edi,%ebp
+ xorl 4(%esp),%eax
+ andl %ecx,%ebp
+ xorl 24(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,36(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,36(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
-
+ andl %edi,%ebp
movl 40(%esp),%esi
- movl 48(%esp),%ebp
- xorl %ebp,%esi
- movl 8(%esp),%ebp
- xorl %ebp,%esi
- movl 28(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ addl %ebp,%eax
+
+ movl %ecx,%ebp
+ xorl 48(%esp),%esi
+ xorl %edx,%ebp
+ xorl 8(%esp),%esi
+ andl %ebx,%ebp
+ xorl 28(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,40(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,40(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
-
+ andl %edx,%ebp
movl 44(%esp),%edi
- movl 52(%esp),%ebp
- xorl %ebp,%edi
- movl 12(%esp),%ebp
- xorl %ebp,%edi
- movl 32(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ addl %ebp,%esi
+
+ movl %ebx,%ebp
+ xorl 52(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 12(%esp),%edi
+ andl %eax,%ebp
+ xorl 32(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,44(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,44(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
-
+ andl %ecx,%ebp
movl 48(%esp),%edx
- movl 56(%esp),%ebp
- xorl %ebp,%edx
- movl 16(%esp),%ebp
- xorl %ebp,%edx
- movl 36(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ addl %ebp,%edi
+
+ movl %eax,%ebp
+ xorl 56(%esp),%edx
+ xorl %ebx,%ebp
+ xorl 16(%esp),%edx
+ andl %esi,%ebp
+ xorl 36(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,48(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,48(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
-
+ andl %ebx,%ebp
movl 52(%esp),%ecx
- movl 60(%esp),%ebp
- xorl %ebp,%ecx
- movl 20(%esp),%ebp
- xorl %ebp,%ecx
- movl 40(%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ addl %ebp,%edx
+
+ movl %esi,%ebp
+ xorl 60(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 20(%esp),%ecx
+ andl %edi,%ebp
+ xorl 40(%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,52(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,52(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
-
+ andl %eax,%ebp
movl 56(%esp),%ebx
- movl (%esp),%ebp
- xorl %ebp,%ebx
- movl 24(%esp),%ebp
- xorl %ebp,%ebx
- movl 44(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ addl %ebp,%ecx
+
+ movl %edi,%ebp
+ xorl (%esp),%ebx
+ xorl %esi,%ebp
+ xorl 24(%esp),%ebx
+ andl %edx,%ebp
+ xorl 44(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,56(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,56(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
-
+ andl %esi,%ebp
movl 60(%esp),%eax
- movl 4(%esp),%ebp
- xorl %ebp,%eax
- movl 28(%esp),%ebp
- xorl %ebp,%eax
- movl 48(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ addl %ebp,%ebx
+
+ movl %edx,%ebp
+ xorl 4(%esp),%eax
+ xorl %edi,%ebp
+ xorl 28(%esp),%eax
+ andl %ecx,%ebp
+ xorl 48(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,60(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,60(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
-
+ andl %edi,%ebp
movl (%esp),%esi
- movl 8(%esp),%ebp
- xorl %ebp,%esi
- movl 32(%esp),%ebp
- xorl %ebp,%esi
- movl 52(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ addl %ebp,%eax
+
+ movl %ecx,%ebp
+ xorl 8(%esp),%esi
+ xorl %edx,%ebp
+ xorl 32(%esp),%esi
+ andl %ebx,%ebp
+ xorl 52(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
-
+ andl %edx,%ebp
movl 4(%esp),%edi
- movl 12(%esp),%ebp
- xorl %ebp,%edi
- movl 36(%esp),%ebp
- xorl %ebp,%edi
- movl 56(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ addl %ebp,%esi
+
+ movl %ebx,%ebp
+ xorl 12(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 36(%esp),%edi
+ andl %eax,%ebp
+ xorl 56(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,4(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,4(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
-
+ andl %ecx,%ebp
movl 8(%esp),%edx
- movl 16(%esp),%ebp
- xorl %ebp,%edx
- movl 40(%esp),%ebp
- xorl %ebp,%edx
- movl 60(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ addl %ebp,%edi
+
+ movl %eax,%ebp
+ xorl 16(%esp),%edx
+ xorl %ebx,%ebp
+ xorl 40(%esp),%edx
+ andl %esi,%ebp
+ xorl 60(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,8(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,8(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
-
+ andl %ebx,%ebp
movl 12(%esp),%ecx
- movl 20(%esp),%ebp
- xorl %ebp,%ecx
- movl 44(%esp),%ebp
- xorl %ebp,%ecx
- movl (%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ addl %ebp,%edx
+
+ movl %esi,%ebp
+ xorl 20(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 44(%esp),%ecx
+ andl %edi,%ebp
+ xorl (%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,12(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,12(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
-
+ andl %eax,%ebp
movl 16(%esp),%ebx
- movl 24(%esp),%ebp
- xorl %ebp,%ebx
- movl 48(%esp),%ebp
- xorl %ebp,%ebx
- movl 4(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ addl %ebp,%ecx
+
+ movl %edi,%ebp
+ xorl 24(%esp),%ebx
+ xorl %esi,%ebp
+ xorl 48(%esp),%ebx
+ andl %edx,%ebp
+ xorl 4(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,16(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,16(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
-
+ andl %esi,%ebp
movl 20(%esp),%eax
- movl 28(%esp),%ebp
- xorl %ebp,%eax
- movl 52(%esp),%ebp
- xorl %ebp,%eax
- movl 8(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ addl %ebp,%ebx
+
+ movl %edx,%ebp
+ xorl 28(%esp),%eax
+ xorl %edi,%ebp
+ xorl 52(%esp),%eax
+ andl %ecx,%ebp
+ xorl 8(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,20(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,20(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
-
+ andl %edi,%ebp
movl 24(%esp),%esi
- movl 32(%esp),%ebp
- xorl %ebp,%esi
- movl 56(%esp),%ebp
- xorl %ebp,%esi
- movl 12(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ addl %ebp,%eax
+
+ movl %ecx,%ebp
+ xorl 32(%esp),%esi
+ xorl %edx,%ebp
+ xorl 56(%esp),%esi
+ andl %ebx,%ebp
+ xorl 12(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,24(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,24(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
-
+ andl %edx,%ebp
movl 28(%esp),%edi
- movl 36(%esp),%ebp
- xorl %ebp,%edi
- movl 60(%esp),%ebp
- xorl %ebp,%edi
- movl 16(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ addl %ebp,%esi
+
+ movl %ebx,%ebp
+ xorl 36(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 60(%esp),%edi
+ andl %eax,%ebp
+ xorl 16(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,28(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,28(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
-
+ andl %ecx,%ebp
movl 32(%esp),%edx
- movl 40(%esp),%ebp
- xorl %ebp,%edx
- movl (%esp),%ebp
- xorl %ebp,%edx
- movl 20(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ addl %ebp,%edi
+
+ movl %eax,%ebp
+ xorl 40(%esp),%edx
+ xorl %ebx,%ebp
+ xorl (%esp),%edx
+ andl %esi,%ebp
+ xorl 20(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,32(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,32(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
-
+ andl %ebx,%ebp
movl 36(%esp),%ecx
- movl 44(%esp),%ebp
- xorl %ebp,%ecx
- movl 4(%esp),%ebp
- xorl %ebp,%ecx
- movl 24(%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ addl %ebp,%edx
+
+ movl %esi,%ebp
+ xorl 44(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 4(%esp),%ecx
+ andl %edi,%ebp
+ xorl 24(%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,36(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,36(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
-
+ andl %eax,%ebp
movl 40(%esp),%ebx
- movl 48(%esp),%ebp
- xorl %ebp,%ebx
- movl 8(%esp),%ebp
- xorl %ebp,%ebx
- movl 28(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ addl %ebp,%ecx
+
+ movl %edi,%ebp
+ xorl 48(%esp),%ebx
+ xorl %esi,%ebp
+ xorl 8(%esp),%ebx
+ andl %edx,%ebp
+ xorl 28(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,40(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,40(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
-
+ andl %esi,%ebp
movl 44(%esp),%eax
- movl 52(%esp),%ebp
- xorl %ebp,%eax
- movl 12(%esp),%ebp
- xorl %ebp,%eax
- movl 32(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ addl %ebp,%ebx
+
+ movl %edx,%ebp
+ xorl 52(%esp),%eax
+ xorl %edi,%ebp
+ xorl 12(%esp),%eax
+ andl %ecx,%ebp
+ xorl 32(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,44(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,44(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
+ andl %edi,%ebp
+ movl 48(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 48(%esp),%esi
- rorl $2,%ebx
xorl 56(%esp),%esi
xorl %ecx,%ebp
xorl 16(%esp),%esi
xorl %edx,%ebp
xorl 36(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,48(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 52(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 52(%esp),%edi
- rorl $2,%eax
xorl 60(%esp),%edi
xorl %ebx,%ebp
xorl 20(%esp),%edi
xorl %ecx,%ebp
xorl 40(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,52(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 56(%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl 56(%esp),%edx
- rorl $2,%esi
xorl (%esp),%edx
xorl %eax,%ebp
xorl 24(%esp),%edx
xorl %ebx,%ebp
xorl 44(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,56(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 60(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 60(%esp),%ecx
- rorl $2,%edi
xorl 4(%esp),%ecx
xorl %esi,%ebp
xorl 28(%esp),%ecx
xorl %eax,%ebp
xorl 48(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,60(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl (%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl (%esp),%ebx
- rorl $2,%edx
xorl 8(%esp),%ebx
xorl %edi,%ebp
xorl 32(%esp),%ebx
xorl %esi,%ebp
xorl 52(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 4(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 4(%esp),%eax
- rorl $2,%ecx
xorl 12(%esp),%eax
xorl %edx,%ebp
xorl 36(%esp),%eax
xorl %edi,%ebp
xorl 56(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,4(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 3395469782(%eax,%esi,1),%eax
+ movl 8(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 8(%esp),%esi
- rorl $2,%ebx
xorl 16(%esp),%esi
xorl %ecx,%ebp
xorl 40(%esp),%esi
xorl %edx,%ebp
xorl 60(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,8(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 12(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 12(%esp),%edi
- rorl $2,%eax
xorl 20(%esp),%edi
xorl %ebx,%ebp
xorl 44(%esp),%edi
xorl %ecx,%ebp
xorl (%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,12(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 16(%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl 16(%esp),%edx
- rorl $2,%esi
xorl 24(%esp),%edx
xorl %eax,%ebp
xorl 48(%esp),%edx
xorl %ebx,%ebp
xorl 4(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,16(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 20(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 20(%esp),%ecx
- rorl $2,%edi
xorl 28(%esp),%ecx
xorl %esi,%ebp
xorl 52(%esp),%ecx
xorl %eax,%ebp
xorl 8(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,20(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl 24(%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl 24(%esp),%ebx
- rorl $2,%edx
xorl 32(%esp),%ebx
xorl %edi,%ebp
xorl 56(%esp),%ebx
xorl %esi,%ebp
xorl 12(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,24(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 28(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 28(%esp),%eax
- rorl $2,%ecx
xorl 36(%esp),%eax
xorl %edx,%ebp
xorl 60(%esp),%eax
xorl %edi,%ebp
xorl 16(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,28(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 3395469782(%eax,%esi,1),%eax
+ movl 32(%esp),%esi
+ addl %ebp,%eax
movl %ebx,%ebp
- movl 32(%esp),%esi
- rorl $2,%ebx
xorl 40(%esp),%esi
xorl %ecx,%ebp
xorl (%esp),%esi
xorl %edx,%ebp
xorl 20(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,32(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 36(%esp),%edi
+ addl %ebp,%esi
movl %eax,%ebp
- movl 36(%esp),%edi
- rorl $2,%eax
xorl 44(%esp),%edi
xorl %ebx,%ebp
xorl 4(%esp),%edi
xorl %ecx,%ebp
xorl 24(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,36(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 40(%esp),%edx
+ addl %ebp,%edi
movl %esi,%ebp
- movl 40(%esp),%edx
- rorl $2,%esi
xorl 48(%esp),%edx
xorl %eax,%ebp
xorl 8(%esp),%edx
xorl %ebx,%ebp
xorl 28(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,40(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 44(%esp),%ecx
+ addl %ebp,%edx
movl %edi,%ebp
- movl 44(%esp),%ecx
- rorl $2,%edi
xorl 52(%esp),%ecx
xorl %esi,%ebp
xorl 12(%esp),%ecx
xorl %eax,%ebp
xorl 32(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,44(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl 48(%esp),%ebx
+ addl %ebp,%ecx
movl %edx,%ebp
- movl 48(%esp),%ebx
- rorl $2,%edx
xorl 56(%esp),%ebx
xorl %edi,%ebp
xorl 16(%esp),%ebx
xorl %esi,%ebp
xorl 36(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,48(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 52(%esp),%eax
+ addl %ebp,%ebx
movl %ecx,%ebp
- movl 52(%esp),%eax
- rorl $2,%ecx
xorl 60(%esp),%eax
xorl %edx,%ebp
xorl 20(%esp),%eax
xorl %edi,%ebp
xorl 40(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
- movl %eax,52(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
-
+ addl %ebp,%esi
+ rorl $2,%ecx
movl %ebx,%ebp
+ roll $5,%ebp
+ leal 3395469782(%eax,%esi,1),%eax
movl 56(%esp),%esi
- rorl $2,%ebx
+ addl %ebp,%eax
+
+ movl %ebx,%ebp
xorl (%esp),%esi
xorl %ecx,%ebp
xorl 24(%esp),%esi
xorl %edx,%ebp
xorl 44(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
- movl %esi,56(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
-
+ addl %ebp,%edi
+ rorl $2,%ebx
movl %eax,%ebp
+ roll $5,%ebp
+ leal 3395469782(%esi,%edi,1),%esi
movl 60(%esp),%edi
- rorl $2,%eax
+ addl %ebp,%esi
+
+ movl %eax,%ebp
xorl 4(%esp),%edi
xorl %ebx,%ebp
xorl 28(%esp),%edi
xorl %ecx,%ebp
xorl 48(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
- movl %edi,60(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
- movl 84(%esp),%ebp
- movl 88(%esp),%edx
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
+ leal 3395469782(%edi,%edx,1),%edi
+ addl %ebp,%edi
+ movl 96(%esp),%ebp
+ movl 100(%esp),%edx
addl (%ebp),%edi
addl 4(%ebp),%esi
addl 8(%ebp),%eax
@@ -1422,14 +1360,14 @@ sha1_block_data_order:
movl %edi,(%ebp)
addl $64,%edx
movl %esi,4(%ebp)
- cmpl 92(%esp),%edx
+ cmpl 104(%esp),%edx
movl %eax,8(%ebp)
movl %ecx,%edi
movl %ebx,12(%ebp)
movl %edx,%esi
movl %ecx,16(%ebp)
jb .L000loop
- addl $64,%esp
+ addl $76,%esp
popl %edi
popl %esi
popl %ebx
diff --git a/deps/openssl/asm/x86-elf-gas/sha/sha256-586.s b/deps/openssl/asm/x86-elf-gas/sha/sha256-586.s
index 973e50d19..77a89514f 100644
--- a/deps/openssl/asm/x86-elf-gas/sha/sha256-586.s
+++ b/deps/openssl/asm/x86-elf-gas/sha/sha256-586.s
@@ -96,31 +96,30 @@ sha256_block_data_order:
.L00300_15:
movl 92(%esp),%ebx
movl %edx,%ecx
- rorl $6,%ecx
- movl %edx,%edi
- rorl $11,%edi
+ rorl $14,%ecx
movl 20(%esp),%esi
- xorl %edi,%ecx
- rorl $14,%edi
- xorl %edi,%ecx
+ xorl %edx,%ecx
+ rorl $5,%ecx
+ xorl %edx,%ecx
+ rorl $6,%ecx
movl 24(%esp),%edi
addl %ecx,%ebx
- movl %edx,16(%esp)
xorl %edi,%esi
+ movl %edx,16(%esp)
movl %eax,%ecx
andl %edx,%esi
movl 12(%esp),%edx
xorl %edi,%esi
movl %eax,%edi
addl %esi,%ebx
- rorl $2,%ecx
+ rorl $9,%ecx
addl 28(%esp),%ebx
- rorl $13,%edi
+ xorl %eax,%ecx
+ rorl $11,%ecx
movl 4(%esp),%esi
- xorl %edi,%ecx
- rorl $9,%edi
+ xorl %eax,%ecx
+ rorl $2,%ecx
addl %ebx,%edx
- xorl %edi,%ecx
movl 8(%esp),%edi
addl %ecx,%ebx
movl %eax,(%esp)
@@ -142,48 +141,46 @@ sha256_block_data_order:
.L00416_63:
movl %ebx,%esi
movl 100(%esp),%ecx
- shrl $3,%ebx
- rorl $7,%esi
- xorl %esi,%ebx
rorl $11,%esi
movl %ecx,%edi
+ xorl %ebx,%esi
+ rorl $7,%esi
+ shrl $3,%ebx
+ rorl $2,%edi
xorl %esi,%ebx
- shrl $10,%ecx
- movl 156(%esp),%esi
+ xorl %ecx,%edi
rorl $17,%edi
- xorl %edi,%ecx
- rorl $2,%edi
- addl %esi,%ebx
+ shrl $10,%ecx
+ addl 156(%esp),%ebx
xorl %ecx,%edi
- addl %edi,%ebx
- movl %edx,%ecx
addl 120(%esp),%ebx
- rorl $6,%ecx
- movl %edx,%edi
- rorl $11,%edi
+ movl %edx,%ecx
+ addl %edi,%ebx
+ rorl $14,%ecx
movl 20(%esp),%esi
- xorl %edi,%ecx
- rorl $14,%edi
+ xorl %edx,%ecx
+ rorl $5,%ecx
movl %ebx,92(%esp)
- xorl %edi,%ecx
+ xorl %edx,%ecx
+ rorl $6,%ecx
movl 24(%esp),%edi
addl %ecx,%ebx
- movl %edx,16(%esp)
xorl %edi,%esi
+ movl %edx,16(%esp)
movl %eax,%ecx
andl %edx,%esi
movl 12(%esp),%edx
xorl %edi,%esi
movl %eax,%edi
addl %esi,%ebx
- rorl $2,%ecx
+ rorl $9,%ecx
addl 28(%esp),%ebx
- rorl $13,%edi
+ xorl %eax,%ecx
+ rorl $11,%ecx
movl 4(%esp),%esi
- xorl %edi,%ecx
- rorl $9,%edi
+ xorl %eax,%ecx
+ rorl $2,%ecx
addl %ebx,%edx
- xorl %edi,%ecx
movl 8(%esp),%edi
addl %ecx,%ebx
movl %eax,(%esp)
diff --git a/deps/openssl/asm/x86-elf-gas/x86cpuid.s b/deps/openssl/asm/x86-elf-gas/x86cpuid.s
index 56a92bfcb..f9cd03805 100644
--- a/deps/openssl/asm/x86-elf-gas/x86cpuid.s
+++ b/deps/openssl/asm/x86-elf-gas/x86cpuid.s
@@ -19,9 +19,9 @@ OPENSSL_ia32_cpuid:
pushfl
popl %eax
xorl %eax,%ecx
- btl $21,%ecx
- jnc .L000done
xorl %eax,%eax
+ btl $21,%ecx
+ jnc .L000nocpuid
.byte 0x0f,0xa2
movl %eax,%edi
xorl %eax,%eax
@@ -47,7 +47,14 @@ OPENSSL_ia32_cpuid:
jnz .L001intel
movl $2147483648,%eax
.byte 0x0f,0xa2
- cmpl $2147483656,%eax
+ cmpl $2147483649,%eax
+ jb .L001intel
+ movl %eax,%esi
+ movl $2147483649,%eax
+ .byte 0x0f,0xa2
+ orl %ecx,%ebp
+ andl $2049,%ebp
+ cmpl $2147483656,%esi
jb .L001intel
movl $2147483656,%eax
.byte 0x0f,0xa2
@@ -56,46 +63,68 @@ OPENSSL_ia32_cpuid:
movl $1,%eax
.byte 0x0f,0xa2
btl $28,%edx
- jnc .L000done
+ jnc .L002generic
shrl $16,%ebx
andl $255,%ebx
cmpl %esi,%ebx
- ja .L000done
+ ja .L002generic
andl $4026531839,%edx
- jmp .L000done
+ jmp .L002generic
.L001intel:
cmpl $4,%edi
movl $-1,%edi
- jb .L002nocacheinfo
+ jb .L003nocacheinfo
movl $4,%eax
movl $0,%ecx
.byte 0x0f,0xa2
movl %eax,%edi
shrl $14,%edi
andl $4095,%edi
-.L002nocacheinfo:
+.L003nocacheinfo:
movl $1,%eax
.byte 0x0f,0xa2
+ andl $3220176895,%edx
cmpl $0,%ebp
- jne .L003notP4
+ jne .L004notintel
+ orl $1073741824,%edx
andb $15,%ah
cmpb $15,%ah
- jne .L003notP4
+ jne .L004notintel
orl $1048576,%edx
-.L003notP4:
+.L004notintel:
btl $28,%edx
- jnc .L000done
+ jnc .L002generic
andl $4026531839,%edx
cmpl $0,%edi
- je .L000done
+ je .L002generic
orl $268435456,%edx
shrl $16,%ebx
cmpb $1,%bl
- ja .L000done
+ ja .L002generic
andl $4026531839,%edx
-.L000done:
- movl %edx,%eax
- movl %ecx,%edx
+.L002generic:
+ andl $2048,%ebp
+ andl $4294965247,%ecx
+ movl %edx,%esi
+ orl %ecx,%ebp
+ btl $27,%ecx
+ jnc .L005clear_avx
+ xorl %ecx,%ecx
+.byte 15,1,208
+ andl $6,%eax
+ cmpl $6,%eax
+ je .L006done
+ cmpl $2,%eax
+ je .L005clear_avx
+.L007clear_xmm:
+ andl $4261412861,%ebp
+ andl $4278190079,%esi
+.L005clear_avx:
+ andl $4026525695,%ebp
+.L006done:
+ movl %esi,%eax
+ movl %ebp,%edx
+.L000nocpuid:
popl %edi
popl %esi
popl %ebx
@@ -111,9 +140,9 @@ OPENSSL_rdtsc:
xorl %edx,%edx
leal OPENSSL_ia32cap_P,%ecx
btl $4,(%ecx)
- jnc .L004notsc
+ jnc .L008notsc
.byte 0x0f,0x31
-.L004notsc:
+.L008notsc:
ret
.size OPENSSL_rdtsc,.-.L_OPENSSL_rdtsc_begin
.globl OPENSSL_instrument_halt
@@ -123,14 +152,14 @@ OPENSSL_instrument_halt:
.L_OPENSSL_instrument_halt_begin:
leal OPENSSL_ia32cap_P,%ecx
btl $4,(%ecx)
- jnc .L005nohalt
+ jnc .L009nohalt
.long 2421723150
andl $3,%eax
- jnz .L005nohalt
+ jnz .L009nohalt
pushfl
popl %eax
btl $9,%eax
- jnc .L005nohalt
+ jnc .L009nohalt
.byte 0x0f,0x31
pushl %edx
pushl %eax
@@ -140,7 +169,7 @@ OPENSSL_instrument_halt:
sbbl 4(%esp),%edx
addl $8,%esp
ret
-.L005nohalt:
+.L009nohalt:
xorl %eax,%eax
xorl %edx,%edx
ret
@@ -153,21 +182,21 @@ OPENSSL_far_spin:
pushfl
popl %eax
btl $9,%eax
- jnc .L006nospin
+ jnc .L010nospin
movl 4(%esp),%eax
movl 8(%esp),%ecx
.long 2430111262
xorl %eax,%eax
movl (%ecx),%edx
- jmp .L007spin
+ jmp .L011spin
.align 16
-.L007spin:
+.L011spin:
incl %eax
cmpl (%ecx),%edx
- je .L007spin
+ je .L011spin
.long 529567888
ret
-.L006nospin:
+.L010nospin:
xorl %eax,%eax
xorl %edx,%edx
ret
@@ -182,9 +211,9 @@ OPENSSL_wipe_cpu:
leal OPENSSL_ia32cap_P,%ecx
movl (%ecx),%ecx
btl $1,(%ecx)
- jnc .L008no_x87
+ jnc .L012no_x87
.long 4007259865,4007259865,4007259865,4007259865,2430851995
-.L008no_x87:
+.L012no_x87:
leal 4(%esp),%eax
ret
.size OPENSSL_wipe_cpu,.-.L_OPENSSL_wipe_cpu_begin
@@ -198,11 +227,11 @@ OPENSSL_atomic_add:
pushl %ebx
nop
movl (%edx),%eax
-.L009spin:
+.L013spin:
leal (%eax,%ecx,1),%ebx
nop
.long 447811568
- jne .L009spin
+ jne .L013spin
movl %ebx,%eax
popl %ebx
ret
@@ -243,37 +272,49 @@ OPENSSL_cleanse:
movl 8(%esp),%ecx
xorl %eax,%eax
cmpl $7,%ecx
- jae .L010lot
+ jae .L014lot
cmpl $0,%ecx
- je .L011ret
-.L012little:
+ je .L015ret
+.L016little:
movb %al,(%edx)
subl $1,%ecx
leal 1(%edx),%edx
- jnz .L012little
-.L011ret:
+ jnz .L016little
+.L015ret:
ret
.align 16
-.L010lot:
+.L014lot:
testl $3,%edx
- jz .L013aligned
+ jz .L017aligned
movb %al,(%edx)
leal -1(%ecx),%ecx
leal 1(%edx),%edx
- jmp .L010lot
-.L013aligned:
+ jmp .L014lot
+.L017aligned:
movl %eax,(%edx)
leal -4(%ecx),%ecx
testl $-4,%ecx
leal 4(%edx),%edx
- jnz .L013aligned
+ jnz .L017aligned
cmpl $0,%ecx
- jne .L012little
+ jne .L016little
ret
.size OPENSSL_cleanse,.-.L_OPENSSL_cleanse_begin
-.comm OPENSSL_ia32cap_P,4,4
+.globl OPENSSL_ia32_rdrand
+.type OPENSSL_ia32_rdrand,@function
+.align 16
+OPENSSL_ia32_rdrand:
+.L_OPENSSL_ia32_rdrand_begin:
+ movl $8,%ecx
+.L018loop:
+.byte 15,199,240
+ jc .L019break
+ loop .L018loop
+.L019break:
+ cmpl $0,%eax
+ cmovel %ecx,%eax
+ ret
+.size OPENSSL_ia32_rdrand,.-.L_OPENSSL_ia32_rdrand_begin
+.comm OPENSSL_ia32cap_P,8,4
.section .init
call OPENSSL_cpuid_setup
- jmp .Linitalign
-.align 16
-.Linitalign:
diff --git a/deps/openssl/asm/x86-macosx-gas/aes/aes-586.s b/deps/openssl/asm/x86-macosx-gas/aes/aes-586.s
index ff56a4bef..a58ea6f76 100644
--- a/deps/openssl/asm/x86-macosx-gas/aes/aes-586.s
+++ b/deps/openssl/asm/x86-macosx-gas/aes/aes-586.s
@@ -975,7 +975,7 @@ L_AES_encrypt_begin:
call L004pic_point
L004pic_point:
popl %ebp
- leal _OPENSSL_ia32cap_P,%eax
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L004pic_point(%ebp),%eax
leal LAES_Te-L004pic_point(%ebp),%ebp
leal 764(%esp),%ebx
subl %ebp,%ebx
@@ -2153,7 +2153,7 @@ L_AES_decrypt_begin:
call L010pic_point
L010pic_point:
popl %ebp
- leal _OPENSSL_ia32cap_P,%eax
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L010pic_point(%ebp),%eax
leal LAES_Td-L010pic_point(%ebp),%ebp
leal 764(%esp),%ebx
subl %ebp,%ebx
@@ -2207,7 +2207,7 @@ L_AES_cbc_encrypt_begin:
call L013pic_point
L013pic_point:
popl %ebp
- leal _OPENSSL_ia32cap_P,%eax
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L013pic_point(%ebp),%eax
cmpl $0,40(%esp)
leal LAES_Te-L013pic_point(%ebp),%ebp
jne L014picked_te
@@ -2950,16 +2950,16 @@ L045exit:
popl %ebx
popl %ebp
ret
-.globl _AES_set_encrypt_key
+.globl _private_AES_set_encrypt_key
.align 4
-_AES_set_encrypt_key:
-L_AES_set_encrypt_key_begin:
+_private_AES_set_encrypt_key:
+L_private_AES_set_encrypt_key_begin:
call __x86_AES_set_encrypt_key
ret
-.globl _AES_set_decrypt_key
+.globl _private_AES_set_decrypt_key
.align 4
-_AES_set_decrypt_key:
-L_AES_set_decrypt_key_begin:
+_private_AES_set_decrypt_key:
+L_private_AES_set_decrypt_key_begin:
call __x86_AES_set_encrypt_key
cmpl $0,%eax
je L054proceed
@@ -3191,4 +3191,8 @@ L056permute:
.byte 65,69,83,32,102,111,114,32,120,56,54,44,32,67,82,89
.byte 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
.byte 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
-.comm _OPENSSL_ia32cap_P,4
+.section __IMPORT,__pointers,non_lazy_symbol_pointers
+L_OPENSSL_ia32cap_P$non_lazy_ptr:
+.indirect_symbol _OPENSSL_ia32cap_P
+.long 0
+.comm _OPENSSL_ia32cap_P,8,2
diff --git a/deps/openssl/asm/x86-macosx-gas/camellia/cmll-x86.s b/deps/openssl/asm/x86-macosx-gas/camellia/cmll-x86.s
index 4d61caa68..2367cee78 100644
--- a/deps/openssl/asm/x86-macosx-gas/camellia/cmll-x86.s
+++ b/deps/openssl/asm/x86-macosx-gas/camellia/cmll-x86.s
@@ -1519,10 +1519,10 @@ L013done:
popl %ebx
popl %ebp
ret
-.globl _Camellia_set_key
+.globl _private_Camellia_set_key
.align 4
-_Camellia_set_key:
-L_Camellia_set_key_begin:
+_private_Camellia_set_key:
+L_private_Camellia_set_key_begin:
pushl %ebx
movl 8(%esp),%ecx
movl 12(%esp),%ebx
diff --git a/deps/openssl/asm/x86-macosx-gas/des/crypt586.s b/deps/openssl/asm/x86-macosx-gas/des/crypt586.s
index edb1bb391..7d0074ec2 100644
--- a/deps/openssl/asm/x86-macosx-gas/des/crypt586.s
+++ b/deps/openssl/asm/x86-macosx-gas/des/crypt586.s
@@ -13,11 +13,14 @@ L_fcrypt_body_begin:
xorl %edi,%edi
xorl %esi,%esi
- leal _DES_SPtrans,%edx
+ call L000PIC_me_up
+L000PIC_me_up:
+ popl %edx
+ movl L_DES_SPtrans$non_lazy_ptr-L000PIC_me_up(%edx),%edx
pushl %edx
movl 28(%esp),%ebp
pushl $25
-L000start:
+L001start:
# Round 0
@@ -840,7 +843,7 @@ L000start:
movl %esi,%edi
movl %eax,%esi
movl %ebx,(%esp)
- jnz L000start
+ jnz L001start
# FP
@@ -889,3 +892,7 @@ L000start:
popl %ebx
popl %ebp
ret
+.section __IMPORT,__pointers,non_lazy_symbol_pointers
+L_DES_SPtrans$non_lazy_ptr:
+.indirect_symbol _DES_SPtrans
+.long 0
diff --git a/deps/openssl/asm/x86-macosx-gas/rc4/rc4-586.s b/deps/openssl/asm/x86-macosx-gas/rc4/rc4-586.s
index a821dc950..882a02d74 100644
--- a/deps/openssl/asm/x86-macosx-gas/rc4/rc4-586.s
+++ b/deps/openssl/asm/x86-macosx-gas/rc4/rc4-586.s
@@ -28,11 +28,149 @@ L_RC4_begin:
movl (%edi,%eax,4),%ecx
andl $-4,%edx
jz L002loop1
- leal -4(%esi,%edx,1),%edx
- movl %edx,28(%esp)
+ testl $-8,%edx
movl %ebp,32(%esp)
+ jz L003go4loop4
+ call L004PIC_me_up
+L004PIC_me_up:
+ popl %ebp
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L004PIC_me_up(%ebp),%ebp
+ btl $26,(%ebp)
+ jnc L003go4loop4
+ movl 32(%esp),%ebp
+ andl $-8,%edx
+ leal -8(%esi,%edx,1),%edx
+ movl %edx,-4(%edi)
+ addb %cl,%bl
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ movq (%esi),%mm0
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm2
+ jmp L005loop_mmx_enter
.align 4,0x90
-L003loop4:
+L006loop_mmx:
+ addb %cl,%bl
+ psllq $56,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movq (%esi),%mm0
+ movq %mm2,-8(%ebp,%esi,1)
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm2
+L005loop_mmx_enter:
+ addb %cl,%bl
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm0,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $8,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $16,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $24,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $32,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $40,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ addb %cl,%bl
+ psllq $48,%mm1
+ movl (%edi,%ebx,4),%edx
+ movl %ecx,(%edi,%ebx,4)
+ movl %edx,(%edi,%eax,4)
+ incl %eax
+ addl %ecx,%edx
+ movzbl %al,%eax
+ movzbl %dl,%edx
+ pxor %mm1,%mm2
+ movl (%edi,%eax,4),%ecx
+ movd (%edi,%edx,4),%mm1
+ movl %ebx,%edx
+ xorl %ebx,%ebx
+ movb %dl,%bl
+ cmpl -4(%edi),%esi
+ leal 8(%esi),%esi
+ jb L006loop_mmx
+ psllq $56,%mm1
+ pxor %mm1,%mm2
+ movq %mm2,-8(%ebp,%esi,1)
+ emms
+ cmpl 24(%esp),%esi
+ je L007done
+ jmp L002loop1
+.align 4,0x90
+L003go4loop4:
+ leal -4(%esi,%edx,1),%edx
+ movl %edx,28(%esp)
+L008loop4:
addb %cl,%bl
movl (%edi,%ebx,4),%edx
movl %ecx,(%edi,%ebx,4)
@@ -78,9 +216,9 @@ L003loop4:
movl %ebp,(%ecx,%esi,1)
leal 4(%esi),%esi
movl (%edi,%eax,4),%ecx
- jb L003loop4
+ jb L008loop4
cmpl 24(%esp),%esi
- je L004done
+ je L007done
movl 32(%esp),%ebp
.align 4,0x90
L002loop1:
@@ -98,11 +236,11 @@ L002loop1:
cmpl 24(%esp),%esi
movb %dl,-1(%ebp,%esi,1)
jb L002loop1
- jmp L004done
+ jmp L007done
.align 4,0x90
L001RC4_CHAR:
movzbl (%edi,%eax,1),%ecx
-L005cloop1:
+L009cloop1:
addb %cl,%bl
movzbl (%edi,%ebx,1),%edx
movb %cl,(%edi,%ebx,1)
@@ -115,10 +253,10 @@ L005cloop1:
movzbl (%edi,%eax,1),%ecx
cmpl 24(%esp),%esi
movb %dl,-1(%ebp,%esi,1)
- jb L005cloop1
-L004done:
+ jb L009cloop1
+L007done:
decb %al
- movb %bl,-4(%edi)
+ movl %ebx,-4(%edi)
movb %al,-8(%edi)
L000abort:
popl %edi
@@ -126,10 +264,10 @@ L000abort:
popl %ebx
popl %ebp
ret
-.globl _RC4_set_key
+.globl _private_RC4_set_key
.align 4
-_RC4_set_key:
-L_RC4_set_key_begin:
+_private_RC4_set_key:
+L_private_RC4_set_key_begin:
pushl %ebp
pushl %ebx
pushl %esi
@@ -137,60 +275,63 @@ L_RC4_set_key_begin:
movl 20(%esp),%edi
movl 24(%esp),%ebp
movl 28(%esp),%esi
- leal _OPENSSL_ia32cap_P,%edx
+ call L010PIC_me_up
+L010PIC_me_up:
+ popl %edx
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L010PIC_me_up(%edx),%edx
leal 8(%edi),%edi
leal (%esi,%ebp,1),%esi
negl %ebp
xorl %eax,%eax
movl %ebp,-4(%edi)
btl $20,(%edx)
- jc L006c1stloop
+ jc L011c1stloop
.align 4,0x90
-L007w1stloop:
+L012w1stloop:
movl %eax,(%edi,%eax,4)
addb $1,%al
- jnc L007w1stloop
+ jnc L012w1stloop
xorl %ecx,%ecx
xorl %edx,%edx
.align 4,0x90
-L008w2ndloop:
+L013w2ndloop:
movl (%edi,%ecx,4),%eax
addb (%esi,%ebp,1),%dl
addb %al,%dl
addl $1,%ebp
movl (%edi,%edx,4),%ebx
- jnz L009wnowrap
+ jnz L014wnowrap
movl -4(%edi),%ebp
-L009wnowrap:
+L014wnowrap:
movl %eax,(%edi,%edx,4)
movl %ebx,(%edi,%ecx,4)
addb $1,%cl
- jnc L008w2ndloop
- jmp L010exit
+ jnc L013w2ndloop
+ jmp L015exit
.align 4,0x90
-L006c1stloop:
+L011c1stloop:
movb %al,(%edi,%eax,1)
addb $1,%al
- jnc L006c1stloop
+ jnc L011c1stloop
xorl %ecx,%ecx
xorl %edx,%edx
xorl %ebx,%ebx
.align 4,0x90
-L011c2ndloop:
+L016c2ndloop:
movb (%edi,%ecx,1),%al
addb (%esi,%ebp,1),%dl
addb %al,%dl
addl $1,%ebp
movb (%edi,%edx,1),%bl
- jnz L012cnowrap
+ jnz L017cnowrap
movl -4(%edi),%ebp
-L012cnowrap:
+L017cnowrap:
movb %al,(%edi,%edx,1)
movb %bl,(%edi,%ecx,1)
addb $1,%cl
- jnc L011c2ndloop
+ jnc L016c2ndloop
movl $-1,256(%edi)
-L010exit:
+L015exit:
xorl %eax,%eax
movl %eax,-8(%edi)
movl %eax,-4(%edi)
@@ -203,22 +344,36 @@ L010exit:
.align 4
_RC4_options:
L_RC4_options_begin:
- call L013pic_point
-L013pic_point:
+ call L018pic_point
+L018pic_point:
popl %eax
- leal L014opts-L013pic_point(%eax),%eax
- leal _OPENSSL_ia32cap_P,%edx
- btl $20,(%edx)
- jnc L015skip
+ leal L019opts-L018pic_point(%eax),%eax
+ call L020PIC_me_up
+L020PIC_me_up:
+ popl %edx
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L020PIC_me_up(%edx),%edx
+ movl (%edx),%edx
+ btl $20,%edx
+ jc L0211xchar
+ btl $26,%edx
+ jnc L022ret
+ addl $25,%eax
+ ret
+L0211xchar:
addl $12,%eax
-L015skip:
+L022ret:
ret
.align 6,0x90
-L014opts:
+L019opts:
.byte 114,99,52,40,52,120,44,105,110,116,41,0
.byte 114,99,52,40,49,120,44,99,104,97,114,41,0
+.byte 114,99,52,40,56,120,44,109,109,120,41,0
.byte 82,67,52,32,102,111,114,32,120,56,54,44,32,67,82,89
.byte 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
.byte 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.align 6,0x90
-.comm _OPENSSL_ia32cap_P,4
+.section __IMPORT,__pointers,non_lazy_symbol_pointers
+L_OPENSSL_ia32cap_P$non_lazy_ptr:
+.indirect_symbol _OPENSSL_ia32cap_P
+.long 0
+.comm _OPENSSL_ia32cap_P,8,2
diff --git a/deps/openssl/asm/x86-macosx-gas/sha/sha1-586.s b/deps/openssl/asm/x86-macosx-gas/sha/sha1-586.s
index 4f356fe70..28d95721b 100644
--- a/deps/openssl/asm/x86-macosx-gas/sha/sha1-586.s
+++ b/deps/openssl/asm/x86-macosx-gas/sha/sha1-586.s
@@ -11,11 +11,12 @@ L_sha1_block_data_order_begin:
movl 20(%esp),%ebp
movl 24(%esp),%esi
movl 28(%esp),%eax
- subl $64,%esp
+ subl $76,%esp
shll $6,%eax
addl %esi,%eax
- movl %eax,92(%esp)
+ movl %eax,104(%esp)
movl 16(%ebp),%edi
+ jmp L000loop
.align 4,0x90
L000loop:
movl (%esi),%eax
@@ -66,7 +67,7 @@ L000loop:
movl %ebx,52(%esp)
movl %ecx,56(%esp)
movl %edx,60(%esp)
- movl %esi,88(%esp)
+ movl %esi,100(%esp)
movl (%ebp),%eax
movl 4(%ebp),%ebx
movl 8(%ebp),%ecx
@@ -78,10 +79,10 @@ L000loop:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl (%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
# 00_15 1
@@ -91,10 +92,10 @@ L000loop:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 4(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
# 00_15 2
@@ -104,10 +105,10 @@ L000loop:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 8(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
# 00_15 3
@@ -117,10 +118,10 @@ L000loop:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 12(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
addl %ecx,%ebp
# 00_15 4
@@ -130,10 +131,10 @@ L000loop:
roll $5,%ebp
xorl %esi,%ebx
addl %eax,%ebp
- andl %edx,%ebx
movl 16(%esp),%eax
- xorl %esi,%ebx
+ andl %edx,%ebx
rorl $2,%edx
+ xorl %esi,%ebx
leal 1518500249(%ebp,%eax,1),%ebp
addl %ebx,%ebp
# 00_15 5
@@ -143,10 +144,10 @@ L000loop:
roll $5,%ebp
xorl %edi,%eax
addl %esi,%ebp
- andl %ecx,%eax
movl 20(%esp),%esi
- xorl %edi,%eax
+ andl %ecx,%eax
rorl $2,%ecx
+ xorl %edi,%eax
leal 1518500249(%ebp,%esi,1),%ebp
addl %eax,%ebp
# 00_15 6
@@ -156,10 +157,10 @@ L000loop:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl 24(%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
# 00_15 7
@@ -169,10 +170,10 @@ L000loop:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 28(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
# 00_15 8
@@ -182,10 +183,10 @@ L000loop:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 32(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
# 00_15 9
@@ -195,10 +196,10 @@ L000loop:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 36(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
addl %ecx,%ebp
# 00_15 10
@@ -208,10 +209,10 @@ L000loop:
roll $5,%ebp
xorl %esi,%ebx
addl %eax,%ebp
- andl %edx,%ebx
movl 40(%esp),%eax
- xorl %esi,%ebx
+ andl %edx,%ebx
rorl $2,%edx
+ xorl %esi,%ebx
leal 1518500249(%ebp,%eax,1),%ebp
addl %ebx,%ebp
# 00_15 11
@@ -221,10 +222,10 @@ L000loop:
roll $5,%ebp
xorl %edi,%eax
addl %esi,%ebp
- andl %ecx,%eax
movl 44(%esp),%esi
- xorl %edi,%eax
+ andl %ecx,%eax
rorl $2,%ecx
+ xorl %edi,%eax
leal 1518500249(%ebp,%esi,1),%ebp
addl %eax,%ebp
# 00_15 12
@@ -234,10 +235,10 @@ L000loop:
roll $5,%ebp
xorl %edx,%esi
addl %edi,%ebp
- andl %ebx,%esi
movl 48(%esp),%edi
- xorl %edx,%esi
+ andl %ebx,%esi
rorl $2,%ebx
+ xorl %edx,%esi
leal 1518500249(%ebp,%edi,1),%ebp
addl %esi,%ebp
# 00_15 13
@@ -247,10 +248,10 @@ L000loop:
roll $5,%ebp
xorl %ecx,%edi
addl %edx,%ebp
- andl %eax,%edi
movl 52(%esp),%edx
- xorl %ecx,%edi
+ andl %eax,%edi
rorl $2,%eax
+ xorl %ecx,%edi
leal 1518500249(%ebp,%edx,1),%ebp
addl %edi,%ebp
# 00_15 14
@@ -260,10 +261,10 @@ L000loop:
roll $5,%ebp
xorl %ebx,%edx
addl %ecx,%ebp
- andl %esi,%edx
movl 56(%esp),%ecx
- xorl %ebx,%edx
+ andl %esi,%edx
rorl $2,%esi
+ xorl %ebx,%edx
leal 1518500249(%ebp,%ecx,1),%ebp
addl %edx,%ebp
# 00_15 15
@@ -273,1226 +274,1163 @@ L000loop:
roll $5,%ebp
xorl %eax,%ecx
addl %ebx,%ebp
- andl %edi,%ecx
movl 60(%esp),%ebx
- xorl %eax,%ecx
+ andl %edi,%ecx
rorl $2,%edi
+ xorl %eax,%ecx
leal 1518500249(%ebp,%ebx,1),%ebp
+ movl (%esp),%ebx
addl %ebp,%ecx
# 16_19 16
- movl (%esp),%ebx
movl %edi,%ebp
xorl 8(%esp),%ebx
xorl %esi,%ebp
xorl 32(%esp),%ebx
andl %edx,%ebp
- rorl $2,%edx
xorl 52(%esp),%ebx
roll $1,%ebx
xorl %esi,%ebp
+ addl %ebp,%eax
+ movl %ecx,%ebp
+ rorl $2,%edx
movl %ebx,(%esp)
+ roll $5,%ebp
leal 1518500249(%ebx,%eax,1),%ebx
- movl %ecx,%eax
- roll $5,%eax
+ movl 4(%esp),%eax
addl %ebp,%ebx
- addl %eax,%ebx
# 16_19 17
- movl 4(%esp),%eax
movl %edx,%ebp
xorl 12(%esp),%eax
xorl %edi,%ebp
xorl 36(%esp),%eax
andl %ecx,%ebp
- rorl $2,%ecx
xorl 56(%esp),%eax
roll $1,%eax
xorl %edi,%ebp
+ addl %ebp,%esi
+ movl %ebx,%ebp
+ rorl $2,%ecx
movl %eax,4(%esp)
+ roll $5,%ebp
leal 1518500249(%eax,%esi,1),%eax
- movl %ebx,%esi
- roll $5,%esi
+ movl 8(%esp),%esi
addl %ebp,%eax
- addl %esi,%eax
# 16_19 18
- movl 8(%esp),%esi
movl %ecx,%ebp
xorl 16(%esp),%esi
xorl %edx,%ebp
xorl 40(%esp),%esi
andl %ebx,%ebp
- rorl $2,%ebx
xorl 60(%esp),%esi
roll $1,%esi
xorl %edx,%ebp
+ addl %ebp,%edi
+ movl %eax,%ebp
+ rorl $2,%ebx
movl %esi,8(%esp)
+ roll $5,%ebp
leal 1518500249(%esi,%edi,1),%esi
- movl %eax,%edi
- roll $5,%edi
+ movl 12(%esp),%edi
addl %ebp,%esi
- addl %edi,%esi
# 16_19 19
- movl 12(%esp),%edi
movl %ebx,%ebp
xorl 20(%esp),%edi
xorl %ecx,%ebp
xorl 44(%esp),%edi
andl %eax,%ebp
- rorl $2,%eax
xorl (%esp),%edi
roll $1,%edi
xorl %ecx,%ebp
+ addl %ebp,%edx
+ movl %esi,%ebp
+ rorl $2,%eax
movl %edi,12(%esp)
+ roll $5,%ebp
leal 1518500249(%edi,%edx,1),%edi
- movl %esi,%edx
- roll $5,%edx
+ movl 16(%esp),%edx
addl %ebp,%edi
- addl %edx,%edi
# 20_39 20
movl %esi,%ebp
- movl 16(%esp),%edx
- rorl $2,%esi
xorl 24(%esp),%edx
xorl %eax,%ebp
xorl 48(%esp),%edx
xorl %ebx,%ebp
xorl 4(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,16(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 20(%esp),%ecx
+ addl %ebp,%edx
# 20_39 21
movl %edi,%ebp
- movl 20(%esp),%ecx
- rorl $2,%edi
xorl 28(%esp),%ecx
xorl %esi,%ebp
xorl 52(%esp),%ecx
xorl %eax,%ebp
xorl 8(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,20(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 24(%esp),%ebx
+ addl %ebp,%ecx
# 20_39 22
movl %edx,%ebp
- movl 24(%esp),%ebx
- rorl $2,%edx
xorl 32(%esp),%ebx
xorl %edi,%ebp
xorl 56(%esp),%ebx
xorl %esi,%ebp
xorl 12(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,24(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 28(%esp),%eax
+ addl %ebp,%ebx
# 20_39 23
movl %ecx,%ebp
- movl 28(%esp),%eax
- rorl $2,%ecx
xorl 36(%esp),%eax
xorl %edx,%ebp
xorl 60(%esp),%eax
xorl %edi,%ebp
xorl 16(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,28(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 32(%esp),%esi
+ addl %ebp,%eax
# 20_39 24
movl %ebx,%ebp
- movl 32(%esp),%esi
- rorl $2,%ebx
xorl 40(%esp),%esi
xorl %ecx,%ebp
xorl (%esp),%esi
xorl %edx,%ebp
xorl 20(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,32(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 36(%esp),%edi
+ addl %ebp,%esi
# 20_39 25
movl %eax,%ebp
- movl 36(%esp),%edi
- rorl $2,%eax
xorl 44(%esp),%edi
xorl %ebx,%ebp
xorl 4(%esp),%edi
xorl %ecx,%ebp
xorl 24(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,36(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl 40(%esp),%edx
+ addl %ebp,%edi
# 20_39 26
movl %esi,%ebp
- movl 40(%esp),%edx
- rorl $2,%esi
xorl 48(%esp),%edx
xorl %eax,%ebp
xorl 8(%esp),%edx
xorl %ebx,%ebp
xorl 28(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,40(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 44(%esp),%ecx
+ addl %ebp,%edx
# 20_39 27
movl %edi,%ebp
- movl 44(%esp),%ecx
- rorl $2,%edi
xorl 52(%esp),%ecx
xorl %esi,%ebp
xorl 12(%esp),%ecx
xorl %eax,%ebp
xorl 32(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,44(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 48(%esp),%ebx
+ addl %ebp,%ecx
# 20_39 28
movl %edx,%ebp
- movl 48(%esp),%ebx
- rorl $2,%edx
xorl 56(%esp),%ebx
xorl %edi,%ebp
xorl 16(%esp),%ebx
xorl %esi,%ebp
xorl 36(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,48(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 52(%esp),%eax
+ addl %ebp,%ebx
# 20_39 29
movl %ecx,%ebp
- movl 52(%esp),%eax
- rorl $2,%ecx
xorl 60(%esp),%eax
xorl %edx,%ebp
xorl 20(%esp),%eax
xorl %edi,%ebp
xorl 40(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,52(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 56(%esp),%esi
+ addl %ebp,%eax
# 20_39 30
movl %ebx,%ebp
- movl 56(%esp),%esi
- rorl $2,%ebx
xorl (%esp),%esi
xorl %ecx,%ebp
xorl 24(%esp),%esi
xorl %edx,%ebp
xorl 44(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,56(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 60(%esp),%edi
+ addl %ebp,%esi
# 20_39 31
movl %eax,%ebp
- movl 60(%esp),%edi
- rorl $2,%eax
xorl 4(%esp),%edi
xorl %ebx,%ebp
xorl 28(%esp),%edi
xorl %ecx,%ebp
xorl 48(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,60(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl (%esp),%edx
+ addl %ebp,%edi
# 20_39 32
movl %esi,%ebp
- movl (%esp),%edx
- rorl $2,%esi
xorl 8(%esp),%edx
xorl %eax,%ebp
xorl 32(%esp),%edx
xorl %ebx,%ebp
xorl 52(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 4(%esp),%ecx
+ addl %ebp,%edx
# 20_39 33
movl %edi,%ebp
- movl 4(%esp),%ecx
- rorl $2,%edi
xorl 12(%esp),%ecx
xorl %esi,%ebp
xorl 36(%esp),%ecx
xorl %eax,%ebp
xorl 56(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,4(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 8(%esp),%ebx
+ addl %ebp,%ecx
# 20_39 34
movl %edx,%ebp
- movl 8(%esp),%ebx
- rorl $2,%edx
xorl 16(%esp),%ebx
xorl %edi,%ebp
xorl 40(%esp),%ebx
xorl %esi,%ebp
xorl 60(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,8(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 1859775393(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 1859775393(%ebx,%eax,1),%ebx
+ movl 12(%esp),%eax
+ addl %ebp,%ebx
# 20_39 35
movl %ecx,%ebp
- movl 12(%esp),%eax
- rorl $2,%ecx
xorl 20(%esp),%eax
xorl %edx,%ebp
xorl 44(%esp),%eax
xorl %edi,%ebp
xorl (%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,12(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 1859775393(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 1859775393(%eax,%esi,1),%eax
+ movl 16(%esp),%esi
+ addl %ebp,%eax
# 20_39 36
movl %ebx,%ebp
- movl 16(%esp),%esi
- rorl $2,%ebx
xorl 24(%esp),%esi
xorl %ecx,%ebp
xorl 48(%esp),%esi
xorl %edx,%ebp
xorl 4(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,16(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 1859775393(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 1859775393(%esi,%edi,1),%esi
+ movl 20(%esp),%edi
+ addl %ebp,%esi
# 20_39 37
movl %eax,%ebp
- movl 20(%esp),%edi
- rorl $2,%eax
xorl 28(%esp),%edi
xorl %ebx,%ebp
xorl 52(%esp),%edi
xorl %ecx,%ebp
xorl 8(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,20(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 1859775393(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 1859775393(%edi,%edx,1),%edi
+ movl 24(%esp),%edx
+ addl %ebp,%edi
# 20_39 38
movl %esi,%ebp
- movl 24(%esp),%edx
- rorl $2,%esi
xorl 32(%esp),%edx
xorl %eax,%ebp
xorl 56(%esp),%edx
xorl %ebx,%ebp
xorl 12(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,24(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 1859775393(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 1859775393(%edx,%ecx,1),%edx
+ movl 28(%esp),%ecx
+ addl %ebp,%edx
# 20_39 39
movl %edi,%ebp
- movl 28(%esp),%ecx
- rorl $2,%edi
xorl 36(%esp),%ecx
xorl %esi,%ebp
xorl 60(%esp),%ecx
xorl %eax,%ebp
xorl 16(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,28(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 1859775393(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 1859775393(%ecx,%ebx,1),%ecx
+ movl 32(%esp),%ebx
+ addl %ebp,%ecx
# 40_59 40
- movl 32(%esp),%ebx
- movl 40(%esp),%ebp
- xorl %ebp,%ebx
- movl (%esp),%ebp
- xorl %ebp,%ebx
- movl 20(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ movl %edi,%ebp
+ xorl 40(%esp),%ebx
+ xorl %esi,%ebp
+ xorl (%esp),%ebx
+ andl %edx,%ebp
+ xorl 20(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,32(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,32(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
+ andl %esi,%ebp
+ movl 36(%esp),%eax
+ addl %ebp,%ebx
# 40_59 41
- movl 36(%esp),%eax
- movl 44(%esp),%ebp
- xorl %ebp,%eax
- movl 4(%esp),%ebp
- xorl %ebp,%eax
- movl 24(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ movl %edx,%ebp
+ xorl 44(%esp),%eax
+ xorl %edi,%ebp
+ xorl 4(%esp),%eax
+ andl %ecx,%ebp
+ xorl 24(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,36(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,36(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
+ andl %edi,%ebp
+ movl 40(%esp),%esi
+ addl %ebp,%eax
# 40_59 42
- movl 40(%esp),%esi
- movl 48(%esp),%ebp
- xorl %ebp,%esi
- movl 8(%esp),%ebp
- xorl %ebp,%esi
- movl 28(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ movl %ecx,%ebp
+ xorl 48(%esp),%esi
+ xorl %edx,%ebp
+ xorl 8(%esp),%esi
+ andl %ebx,%ebp
+ xorl 28(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,40(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,40(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
+ andl %edx,%ebp
+ movl 44(%esp),%edi
+ addl %ebp,%esi
# 40_59 43
- movl 44(%esp),%edi
- movl 52(%esp),%ebp
- xorl %ebp,%edi
- movl 12(%esp),%ebp
- xorl %ebp,%edi
- movl 32(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ movl %ebx,%ebp
+ xorl 52(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 12(%esp),%edi
+ andl %eax,%ebp
+ xorl 32(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,44(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,44(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
+ andl %ecx,%ebp
+ movl 48(%esp),%edx
+ addl %ebp,%edi
# 40_59 44
- movl 48(%esp),%edx
- movl 56(%esp),%ebp
- xorl %ebp,%edx
- movl 16(%esp),%ebp
- xorl %ebp,%edx
- movl 36(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ movl %eax,%ebp
+ xorl 56(%esp),%edx
+ xorl %ebx,%ebp
+ xorl 16(%esp),%edx
+ andl %esi,%ebp
+ xorl 36(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,48(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,48(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
+ andl %ebx,%ebp
+ movl 52(%esp),%ecx
+ addl %ebp,%edx
# 40_59 45
- movl 52(%esp),%ecx
- movl 60(%esp),%ebp
- xorl %ebp,%ecx
- movl 20(%esp),%ebp
- xorl %ebp,%ecx
- movl 40(%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ movl %esi,%ebp
+ xorl 60(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 20(%esp),%ecx
+ andl %edi,%ebp
+ xorl 40(%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,52(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,52(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
+ andl %eax,%ebp
+ movl 56(%esp),%ebx
+ addl %ebp,%ecx
# 40_59 46
- movl 56(%esp),%ebx
- movl (%esp),%ebp
- xorl %ebp,%ebx
- movl 24(%esp),%ebp
- xorl %ebp,%ebx
- movl 44(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ movl %edi,%ebp
+ xorl (%esp),%ebx
+ xorl %esi,%ebp
+ xorl 24(%esp),%ebx
+ andl %edx,%ebp
+ xorl 44(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,56(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,56(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
+ andl %esi,%ebp
+ movl 60(%esp),%eax
+ addl %ebp,%ebx
# 40_59 47
- movl 60(%esp),%eax
- movl 4(%esp),%ebp
- xorl %ebp,%eax
- movl 28(%esp),%ebp
- xorl %ebp,%eax
- movl 48(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ movl %edx,%ebp
+ xorl 4(%esp),%eax
+ xorl %edi,%ebp
+ xorl 28(%esp),%eax
+ andl %ecx,%ebp
+ xorl 48(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,60(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,60(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
+ andl %edi,%ebp
+ movl (%esp),%esi
+ addl %ebp,%eax
# 40_59 48
- movl (%esp),%esi
- movl 8(%esp),%ebp
- xorl %ebp,%esi
- movl 32(%esp),%ebp
- xorl %ebp,%esi
- movl 52(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ movl %ecx,%ebp
+ xorl 8(%esp),%esi
+ xorl %edx,%ebp
+ xorl 32(%esp),%esi
+ andl %ebx,%ebp
+ xorl 52(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
+ andl %edx,%ebp
+ movl 4(%esp),%edi
+ addl %ebp,%esi
# 40_59 49
- movl 4(%esp),%edi
- movl 12(%esp),%ebp
- xorl %ebp,%edi
- movl 36(%esp),%ebp
- xorl %ebp,%edi
- movl 56(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ movl %ebx,%ebp
+ xorl 12(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 36(%esp),%edi
+ andl %eax,%ebp
+ xorl 56(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,4(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,4(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
+ andl %ecx,%ebp
+ movl 8(%esp),%edx
+ addl %ebp,%edi
# 40_59 50
- movl 8(%esp),%edx
- movl 16(%esp),%ebp
- xorl %ebp,%edx
- movl 40(%esp),%ebp
- xorl %ebp,%edx
- movl 60(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ movl %eax,%ebp
+ xorl 16(%esp),%edx
+ xorl %ebx,%ebp
+ xorl 40(%esp),%edx
+ andl %esi,%ebp
+ xorl 60(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,8(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,8(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
+ andl %ebx,%ebp
+ movl 12(%esp),%ecx
+ addl %ebp,%edx
# 40_59 51
- movl 12(%esp),%ecx
- movl 20(%esp),%ebp
- xorl %ebp,%ecx
- movl 44(%esp),%ebp
- xorl %ebp,%ecx
- movl (%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ movl %esi,%ebp
+ xorl 20(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 44(%esp),%ecx
+ andl %edi,%ebp
+ xorl (%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,12(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,12(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
+ andl %eax,%ebp
+ movl 16(%esp),%ebx
+ addl %ebp,%ecx
# 40_59 52
- movl 16(%esp),%ebx
- movl 24(%esp),%ebp
- xorl %ebp,%ebx
- movl 48(%esp),%ebp
- xorl %ebp,%ebx
- movl 4(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ movl %edi,%ebp
+ xorl 24(%esp),%ebx
+ xorl %esi,%ebp
+ xorl 48(%esp),%ebx
+ andl %edx,%ebp
+ xorl 4(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,16(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,16(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
+ andl %esi,%ebp
+ movl 20(%esp),%eax
+ addl %ebp,%ebx
# 40_59 53
- movl 20(%esp),%eax
- movl 28(%esp),%ebp
- xorl %ebp,%eax
- movl 52(%esp),%ebp
- xorl %ebp,%eax
- movl 8(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ movl %edx,%ebp
+ xorl 28(%esp),%eax
+ xorl %edi,%ebp
+ xorl 52(%esp),%eax
+ andl %ecx,%ebp
+ xorl 8(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,20(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,20(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
+ andl %edi,%ebp
+ movl 24(%esp),%esi
+ addl %ebp,%eax
# 40_59 54
- movl 24(%esp),%esi
- movl 32(%esp),%ebp
- xorl %ebp,%esi
- movl 56(%esp),%ebp
- xorl %ebp,%esi
- movl 12(%esp),%ebp
- xorl %ebp,%esi
- movl %ebx,%ebp
+ movl %ecx,%ebp
+ xorl 32(%esp),%esi
+ xorl %edx,%ebp
+ xorl 56(%esp),%esi
+ andl %ebx,%ebp
+ xorl 12(%esp),%esi
roll $1,%esi
- orl %ecx,%ebp
- movl %esi,24(%esp)
- andl %edx,%ebp
- leal 2400959708(%esi,%edi,1),%esi
- movl %ebx,%edi
+ addl %edi,%ebp
rorl $2,%ebx
- andl %ecx,%edi
- orl %edi,%ebp
movl %eax,%edi
roll $5,%edi
- addl %ebp,%esi
+ movl %esi,24(%esp)
+ leal 2400959708(%esi,%ebp,1),%esi
+ movl %ecx,%ebp
addl %edi,%esi
+ andl %edx,%ebp
+ movl 28(%esp),%edi
+ addl %ebp,%esi
# 40_59 55
- movl 28(%esp),%edi
- movl 36(%esp),%ebp
- xorl %ebp,%edi
- movl 60(%esp),%ebp
- xorl %ebp,%edi
- movl 16(%esp),%ebp
- xorl %ebp,%edi
- movl %eax,%ebp
+ movl %ebx,%ebp
+ xorl 36(%esp),%edi
+ xorl %ecx,%ebp
+ xorl 60(%esp),%edi
+ andl %eax,%ebp
+ xorl 16(%esp),%edi
roll $1,%edi
- orl %ebx,%ebp
- movl %edi,28(%esp)
- andl %ecx,%ebp
- leal 2400959708(%edi,%edx,1),%edi
- movl %eax,%edx
+ addl %edx,%ebp
rorl $2,%eax
- andl %ebx,%edx
- orl %edx,%ebp
movl %esi,%edx
roll $5,%edx
- addl %ebp,%edi
+ movl %edi,28(%esp)
+ leal 2400959708(%edi,%ebp,1),%edi
+ movl %ebx,%ebp
addl %edx,%edi
+ andl %ecx,%ebp
+ movl 32(%esp),%edx
+ addl %ebp,%edi
# 40_59 56
- movl 32(%esp),%edx
- movl 40(%esp),%ebp
- xorl %ebp,%edx
- movl (%esp),%ebp
- xorl %ebp,%edx
- movl 20(%esp),%ebp
- xorl %ebp,%edx
- movl %esi,%ebp
+ movl %eax,%ebp
+ xorl 40(%esp),%edx
+ xorl %ebx,%ebp
+ xorl (%esp),%edx
+ andl %esi,%ebp
+ xorl 20(%esp),%edx
roll $1,%edx
- orl %eax,%ebp
- movl %edx,32(%esp)
- andl %ebx,%ebp
- leal 2400959708(%edx,%ecx,1),%edx
- movl %esi,%ecx
+ addl %ecx,%ebp
rorl $2,%esi
- andl %eax,%ecx
- orl %ecx,%ebp
movl %edi,%ecx
roll $5,%ecx
- addl %ebp,%edx
+ movl %edx,32(%esp)
+ leal 2400959708(%edx,%ebp,1),%edx
+ movl %eax,%ebp
addl %ecx,%edx
+ andl %ebx,%ebp
+ movl 36(%esp),%ecx
+ addl %ebp,%edx
# 40_59 57
- movl 36(%esp),%ecx
- movl 44(%esp),%ebp
- xorl %ebp,%ecx
- movl 4(%esp),%ebp
- xorl %ebp,%ecx
- movl 24(%esp),%ebp
- xorl %ebp,%ecx
- movl %edi,%ebp
+ movl %esi,%ebp
+ xorl 44(%esp),%ecx
+ xorl %eax,%ebp
+ xorl 4(%esp),%ecx
+ andl %edi,%ebp
+ xorl 24(%esp),%ecx
roll $1,%ecx
- orl %esi,%ebp
- movl %ecx,36(%esp)
- andl %eax,%ebp
- leal 2400959708(%ecx,%ebx,1),%ecx
- movl %edi,%ebx
+ addl %ebx,%ebp
rorl $2,%edi
- andl %esi,%ebx
- orl %ebx,%ebp
movl %edx,%ebx
roll $5,%ebx
- addl %ebp,%ecx
+ movl %ecx,36(%esp)
+ leal 2400959708(%ecx,%ebp,1),%ecx
+ movl %esi,%ebp
addl %ebx,%ecx
+ andl %eax,%ebp
+ movl 40(%esp),%ebx
+ addl %ebp,%ecx
# 40_59 58
- movl 40(%esp),%ebx
- movl 48(%esp),%ebp
- xorl %ebp,%ebx
- movl 8(%esp),%ebp
- xorl %ebp,%ebx
- movl 28(%esp),%ebp
- xorl %ebp,%ebx
- movl %edx,%ebp
+ movl %edi,%ebp
+ xorl 48(%esp),%ebx
+ xorl %esi,%ebp
+ xorl 8(%esp),%ebx
+ andl %edx,%ebp
+ xorl 28(%esp),%ebx
roll $1,%ebx
- orl %edi,%ebp
- movl %ebx,40(%esp)
- andl %esi,%ebp
- leal 2400959708(%ebx,%eax,1),%ebx
- movl %edx,%eax
+ addl %eax,%ebp
rorl $2,%edx
- andl %edi,%eax
- orl %eax,%ebp
movl %ecx,%eax
roll $5,%eax
- addl %ebp,%ebx
+ movl %ebx,40(%esp)
+ leal 2400959708(%ebx,%ebp,1),%ebx
+ movl %edi,%ebp
addl %eax,%ebx
+ andl %esi,%ebp
+ movl 44(%esp),%eax
+ addl %ebp,%ebx
# 40_59 59
- movl 44(%esp),%eax
- movl 52(%esp),%ebp
- xorl %ebp,%eax
- movl 12(%esp),%ebp
- xorl %ebp,%eax
- movl 32(%esp),%ebp
- xorl %ebp,%eax
- movl %ecx,%ebp
+ movl %edx,%ebp
+ xorl 52(%esp),%eax
+ xorl %edi,%ebp
+ xorl 12(%esp),%eax
+ andl %ecx,%ebp
+ xorl 32(%esp),%eax
roll $1,%eax
- orl %edx,%ebp
- movl %eax,44(%esp)
- andl %edi,%ebp
- leal 2400959708(%eax,%esi,1),%eax
- movl %ecx,%esi
+ addl %esi,%ebp
rorl $2,%ecx
- andl %edx,%esi
- orl %esi,%ebp
movl %ebx,%esi
roll $5,%esi
- addl %ebp,%eax
+ movl %eax,44(%esp)
+ leal 2400959708(%eax,%ebp,1),%eax
+ movl %edx,%ebp
addl %esi,%eax
+ andl %edi,%ebp
+ movl 48(%esp),%esi
+ addl %ebp,%eax
# 20_39 60
movl %ebx,%ebp
- movl 48(%esp),%esi
- rorl $2,%ebx
xorl 56(%esp),%esi
xorl %ecx,%ebp
xorl 16(%esp),%esi
xorl %edx,%ebp
xorl 36(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,48(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 52(%esp),%edi
+ addl %ebp,%esi
# 20_39 61
movl %eax,%ebp
- movl 52(%esp),%edi
- rorl $2,%eax
xorl 60(%esp),%edi
xorl %ebx,%ebp
xorl 20(%esp),%edi
xorl %ecx,%ebp
xorl 40(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,52(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 56(%esp),%edx
+ addl %ebp,%edi
# 20_39 62
movl %esi,%ebp
- movl 56(%esp),%edx
- rorl $2,%esi
xorl (%esp),%edx
xorl %eax,%ebp
xorl 24(%esp),%edx
xorl %ebx,%ebp
xorl 44(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,56(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 60(%esp),%ecx
+ addl %ebp,%edx
# 20_39 63
movl %edi,%ebp
- movl 60(%esp),%ecx
- rorl $2,%edi
xorl 4(%esp),%ecx
xorl %esi,%ebp
xorl 28(%esp),%ecx
xorl %eax,%ebp
xorl 48(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,60(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl (%esp),%ebx
+ addl %ebp,%ecx
# 20_39 64
movl %edx,%ebp
- movl (%esp),%ebx
- rorl $2,%edx
xorl 8(%esp),%ebx
xorl %edi,%ebp
xorl 32(%esp),%ebx
xorl %esi,%ebp
xorl 52(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 4(%esp),%eax
+ addl %ebp,%ebx
# 20_39 65
movl %ecx,%ebp
- movl 4(%esp),%eax
- rorl $2,%ecx
xorl 12(%esp),%eax
xorl %edx,%ebp
xorl 36(%esp),%eax
xorl %edi,%ebp
xorl 56(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,4(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 3395469782(%eax,%esi,1),%eax
+ movl 8(%esp),%esi
+ addl %ebp,%eax
# 20_39 66
movl %ebx,%ebp
- movl 8(%esp),%esi
- rorl $2,%ebx
xorl 16(%esp),%esi
xorl %ecx,%ebp
xorl 40(%esp),%esi
xorl %edx,%ebp
xorl 60(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,8(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 12(%esp),%edi
+ addl %ebp,%esi
# 20_39 67
movl %eax,%ebp
- movl 12(%esp),%edi
- rorl $2,%eax
xorl 20(%esp),%edi
xorl %ebx,%ebp
xorl 44(%esp),%edi
xorl %ecx,%ebp
xorl (%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,12(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 16(%esp),%edx
+ addl %ebp,%edi
# 20_39 68
movl %esi,%ebp
- movl 16(%esp),%edx
- rorl $2,%esi
xorl 24(%esp),%edx
xorl %eax,%ebp
xorl 48(%esp),%edx
xorl %ebx,%ebp
xorl 4(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,16(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 20(%esp),%ecx
+ addl %ebp,%edx
# 20_39 69
movl %edi,%ebp
- movl 20(%esp),%ecx
- rorl $2,%edi
xorl 28(%esp),%ecx
xorl %esi,%ebp
xorl 52(%esp),%ecx
xorl %eax,%ebp
xorl 8(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,20(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl 24(%esp),%ebx
+ addl %ebp,%ecx
# 20_39 70
movl %edx,%ebp
- movl 24(%esp),%ebx
- rorl $2,%edx
xorl 32(%esp),%ebx
xorl %edi,%ebp
xorl 56(%esp),%ebx
xorl %esi,%ebp
xorl 12(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,24(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 28(%esp),%eax
+ addl %ebp,%ebx
# 20_39 71
movl %ecx,%ebp
- movl 28(%esp),%eax
- rorl $2,%ecx
xorl 36(%esp),%eax
xorl %edx,%ebp
xorl 60(%esp),%eax
xorl %edi,%ebp
xorl 16(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
movl %eax,28(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
+ leal 3395469782(%eax,%esi,1),%eax
+ movl 32(%esp),%esi
+ addl %ebp,%eax
# 20_39 72
movl %ebx,%ebp
- movl 32(%esp),%esi
- rorl $2,%ebx
xorl 40(%esp),%esi
xorl %ecx,%ebp
xorl (%esp),%esi
xorl %edx,%ebp
xorl 20(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
movl %esi,32(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 36(%esp),%edi
+ addl %ebp,%esi
# 20_39 73
movl %eax,%ebp
- movl 36(%esp),%edi
- rorl $2,%eax
xorl 44(%esp),%edi
xorl %ebx,%ebp
xorl 4(%esp),%edi
xorl %ecx,%ebp
xorl 24(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
movl %edi,36(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
+ leal 3395469782(%edi,%edx,1),%edi
+ movl 40(%esp),%edx
+ addl %ebp,%edi
# 20_39 74
movl %esi,%ebp
- movl 40(%esp),%edx
- rorl $2,%esi
xorl 48(%esp),%edx
xorl %eax,%ebp
xorl 8(%esp),%edx
xorl %ebx,%ebp
xorl 28(%esp),%edx
roll $1,%edx
- addl %ecx,%ebp
+ addl %ebp,%ecx
+ rorl $2,%esi
+ movl %edi,%ebp
+ roll $5,%ebp
movl %edx,40(%esp)
- movl %edi,%ecx
- roll $5,%ecx
- leal 3395469782(%edx,%ebp,1),%edx
- addl %ecx,%edx
+ leal 3395469782(%edx,%ecx,1),%edx
+ movl 44(%esp),%ecx
+ addl %ebp,%edx
# 20_39 75
movl %edi,%ebp
- movl 44(%esp),%ecx
- rorl $2,%edi
xorl 52(%esp),%ecx
xorl %esi,%ebp
xorl 12(%esp),%ecx
xorl %eax,%ebp
xorl 32(%esp),%ecx
roll $1,%ecx
- addl %ebx,%ebp
+ addl %ebp,%ebx
+ rorl $2,%edi
+ movl %edx,%ebp
+ roll $5,%ebp
movl %ecx,44(%esp)
- movl %edx,%ebx
- roll $5,%ebx
- leal 3395469782(%ecx,%ebp,1),%ecx
- addl %ebx,%ecx
+ leal 3395469782(%ecx,%ebx,1),%ecx
+ movl 48(%esp),%ebx
+ addl %ebp,%ecx
# 20_39 76
movl %edx,%ebp
- movl 48(%esp),%ebx
- rorl $2,%edx
xorl 56(%esp),%ebx
xorl %edi,%ebp
xorl 16(%esp),%ebx
xorl %esi,%ebp
xorl 36(%esp),%ebx
roll $1,%ebx
- addl %eax,%ebp
+ addl %ebp,%eax
+ rorl $2,%edx
+ movl %ecx,%ebp
+ roll $5,%ebp
movl %ebx,48(%esp)
- movl %ecx,%eax
- roll $5,%eax
- leal 3395469782(%ebx,%ebp,1),%ebx
- addl %eax,%ebx
+ leal 3395469782(%ebx,%eax,1),%ebx
+ movl 52(%esp),%eax
+ addl %ebp,%ebx
# 20_39 77
movl %ecx,%ebp
- movl 52(%esp),%eax
- rorl $2,%ecx
xorl 60(%esp),%eax
xorl %edx,%ebp
xorl 20(%esp),%eax
xorl %edi,%ebp
xorl 40(%esp),%eax
roll $1,%eax
- addl %esi,%ebp
- movl %eax,52(%esp)
- movl %ebx,%esi
- roll $5,%esi
- leal 3395469782(%eax,%ebp,1),%eax
- addl %esi,%eax
+ addl %ebp,%esi
+ rorl $2,%ecx
+ movl %ebx,%ebp
+ roll $5,%ebp
+ leal 3395469782(%eax,%esi,1),%eax
+ movl 56(%esp),%esi
+ addl %ebp,%eax
# 20_39 78
movl %ebx,%ebp
- movl 56(%esp),%esi
- rorl $2,%ebx
xorl (%esp),%esi
xorl %ecx,%ebp
xorl 24(%esp),%esi
xorl %edx,%ebp
xorl 44(%esp),%esi
roll $1,%esi
- addl %edi,%ebp
- movl %esi,56(%esp)
- movl %eax,%edi
- roll $5,%edi
- leal 3395469782(%esi,%ebp,1),%esi
- addl %edi,%esi
+ addl %ebp,%edi
+ rorl $2,%ebx
+ movl %eax,%ebp
+ roll $5,%ebp
+ leal 3395469782(%esi,%edi,1),%esi
+ movl 60(%esp),%edi
+ addl %ebp,%esi
# 20_39 79
movl %eax,%ebp
- movl 60(%esp),%edi
- rorl $2,%eax
xorl 4(%esp),%edi
xorl %ebx,%ebp
xorl 28(%esp),%edi
xorl %ecx,%ebp
xorl 48(%esp),%edi
roll $1,%edi
- addl %edx,%ebp
- movl %edi,60(%esp)
- movl %esi,%edx
- roll $5,%edx
- leal 3395469782(%edi,%ebp,1),%edi
- addl %edx,%edi
- movl 84(%esp),%ebp
- movl 88(%esp),%edx
+ addl %ebp,%edx
+ rorl $2,%eax
+ movl %esi,%ebp
+ roll $5,%ebp
+ leal 3395469782(%edi,%edx,1),%edi
+ addl %ebp,%edi
+ movl 96(%esp),%ebp
+ movl 100(%esp),%edx
addl (%ebp),%edi
addl 4(%ebp),%esi
addl 8(%ebp),%eax
@@ -1501,14 +1439,14 @@ L000loop:
movl %edi,(%ebp)
addl $64,%edx
movl %esi,4(%ebp)
- cmpl 92(%esp),%edx
+ cmpl 104(%esp),%edx
movl %eax,8(%ebp)
movl %ecx,%edi
movl %ebx,12(%ebp)
movl %edx,%esi
movl %ecx,16(%ebp)
jb L000loop
- addl $64,%esp
+ addl $76,%esp
popl %edi
popl %esi
popl %ebx
diff --git a/deps/openssl/asm/x86-macosx-gas/sha/sha256-586.s b/deps/openssl/asm/x86-macosx-gas/sha/sha256-586.s
index 1190be750..67c7a96bc 100644
--- a/deps/openssl/asm/x86-macosx-gas/sha/sha256-586.s
+++ b/deps/openssl/asm/x86-macosx-gas/sha/sha256-586.s
@@ -95,31 +95,30 @@ L002loop:
L00300_15:
movl 92(%esp),%ebx
movl %edx,%ecx
- rorl $6,%ecx
- movl %edx,%edi
- rorl $11,%edi
+ rorl $14,%ecx
movl 20(%esp),%esi
- xorl %edi,%ecx
- rorl $14,%edi
- xorl %edi,%ecx
+ xorl %edx,%ecx
+ rorl $5,%ecx
+ xorl %edx,%ecx
+ rorl $6,%ecx
movl 24(%esp),%edi
addl %ecx,%ebx
- movl %edx,16(%esp)
xorl %edi,%esi
+ movl %edx,16(%esp)
movl %eax,%ecx
andl %edx,%esi
movl 12(%esp),%edx
xorl %edi,%esi
movl %eax,%edi
addl %esi,%ebx
- rorl $2,%ecx
+ rorl $9,%ecx
addl 28(%esp),%ebx
- rorl $13,%edi
+ xorl %eax,%ecx
+ rorl $11,%ecx
movl 4(%esp),%esi
- xorl %edi,%ecx
- rorl $9,%edi
+ xorl %eax,%ecx
+ rorl $2,%ecx
addl %ebx,%edx
- xorl %edi,%ecx
movl 8(%esp),%edi
addl %ecx,%ebx
movl %eax,(%esp)
@@ -141,48 +140,46 @@ L00300_15:
L00416_63:
movl %ebx,%esi
movl 100(%esp),%ecx
- shrl $3,%ebx
- rorl $7,%esi
- xorl %esi,%ebx
rorl $11,%esi
movl %ecx,%edi
+ xorl %ebx,%esi
+ rorl $7,%esi
+ shrl $3,%ebx
+ rorl $2,%edi
xorl %esi,%ebx
- shrl $10,%ecx
- movl 156(%esp),%esi
+ xorl %ecx,%edi
rorl $17,%edi
- xorl %edi,%ecx
- rorl $2,%edi
- addl %esi,%ebx
+ shrl $10,%ecx
+ addl 156(%esp),%ebx
xorl %ecx,%edi
- addl %edi,%ebx
- movl %edx,%ecx
addl 120(%esp),%ebx
- rorl $6,%ecx
- movl %edx,%edi
- rorl $11,%edi
+ movl %edx,%ecx
+ addl %edi,%ebx
+ rorl $14,%ecx
movl 20(%esp),%esi
- xorl %edi,%ecx
- rorl $14,%edi
+ xorl %edx,%ecx
+ rorl $5,%ecx
movl %ebx,92(%esp)
- xorl %edi,%ecx
+ xorl %edx,%ecx
+ rorl $6,%ecx
movl 24(%esp),%edi
addl %ecx,%ebx
- movl %edx,16(%esp)
xorl %edi,%esi
+ movl %edx,16(%esp)
movl %eax,%ecx
andl %edx,%esi
movl 12(%esp),%edx
xorl %edi,%esi
movl %eax,%edi
addl %esi,%ebx
- rorl $2,%ecx
+ rorl $9,%ecx
addl 28(%esp),%ebx
- rorl $13,%edi
+ xorl %eax,%ecx
+ rorl $11,%ecx
movl 4(%esp),%esi
- xorl %edi,%ecx
- rorl $9,%edi
+ xorl %eax,%ecx
+ rorl $2,%ecx
addl %ebx,%edx
- xorl %edi,%ecx
movl 8(%esp),%edi
addl %ecx,%ebx
movl %eax,(%esp)
diff --git a/deps/openssl/asm/x86-macosx-gas/x86cpuid.s b/deps/openssl/asm/x86-macosx-gas/x86cpuid.s
index b5e80f83a..db36e6f50 100644
--- a/deps/openssl/asm/x86-macosx-gas/x86cpuid.s
+++ b/deps/openssl/asm/x86-macosx-gas/x86cpuid.s
@@ -18,9 +18,9 @@ L_OPENSSL_ia32_cpuid_begin:
pushfl
popl %eax
xorl %eax,%ecx
- btl $21,%ecx
- jnc L000done
xorl %eax,%eax
+ btl $21,%ecx
+ jnc L000nocpuid
.byte 0x0f,0xa2
movl %eax,%edi
xorl %eax,%eax
@@ -46,7 +46,14 @@ L_OPENSSL_ia32_cpuid_begin:
jnz L001intel
movl $2147483648,%eax
.byte 0x0f,0xa2
- cmpl $2147483656,%eax
+ cmpl $2147483649,%eax
+ jb L001intel
+ movl %eax,%esi
+ movl $2147483649,%eax
+ .byte 0x0f,0xa2
+ orl %ecx,%ebp
+ andl $2049,%ebp
+ cmpl $2147483656,%esi
jb L001intel
movl $2147483656,%eax
.byte 0x0f,0xa2
@@ -55,46 +62,68 @@ L_OPENSSL_ia32_cpuid_begin:
movl $1,%eax
.byte 0x0f,0xa2
btl $28,%edx
- jnc L000done
+ jnc L002generic
shrl $16,%ebx
andl $255,%ebx
cmpl %esi,%ebx
- ja L000done
+ ja L002generic
andl $4026531839,%edx
- jmp L000done
+ jmp L002generic
L001intel:
cmpl $4,%edi
movl $-1,%edi
- jb L002nocacheinfo
+ jb L003nocacheinfo
movl $4,%eax
movl $0,%ecx
.byte 0x0f,0xa2
movl %eax,%edi
shrl $14,%edi
andl $4095,%edi
-L002nocacheinfo:
+L003nocacheinfo:
movl $1,%eax
.byte 0x0f,0xa2
+ andl $3220176895,%edx
cmpl $0,%ebp
- jne L003notP4
+ jne L004notintel
+ orl $1073741824,%edx
andb $15,%ah
cmpb $15,%ah
- jne L003notP4
+ jne L004notintel
orl $1048576,%edx
-L003notP4:
+L004notintel:
btl $28,%edx
- jnc L000done
+ jnc L002generic
andl $4026531839,%edx
cmpl $0,%edi
- je L000done
+ je L002generic
orl $268435456,%edx
shrl $16,%ebx
cmpb $1,%bl
- ja L000done
+ ja L002generic
andl $4026531839,%edx
-L000done:
- movl %edx,%eax
- movl %ecx,%edx
+L002generic:
+ andl $2048,%ebp
+ andl $4294965247,%ecx
+ movl %edx,%esi
+ orl %ecx,%ebp
+ btl $27,%ecx
+ jnc L005clear_avx
+ xorl %ecx,%ecx
+.byte 15,1,208
+ andl $6,%eax
+ cmpl $6,%eax
+ je L006done
+ cmpl $2,%eax
+ je L005clear_avx
+L007clear_xmm:
+ andl $4261412861,%ebp
+ andl $4278190079,%esi
+L005clear_avx:
+ andl $4026525695,%ebp
+L006done:
+ movl %esi,%eax
+ movl %ebp,%edx
+L000nocpuid:
popl %edi
popl %esi
popl %ebx
@@ -106,26 +135,32 @@ _OPENSSL_rdtsc:
L_OPENSSL_rdtsc_begin:
xorl %eax,%eax
xorl %edx,%edx
- leal _OPENSSL_ia32cap_P,%ecx
+ call L008PIC_me_up
+L008PIC_me_up:
+ popl %ecx
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L008PIC_me_up(%ecx),%ecx
btl $4,(%ecx)
- jnc L004notsc
+ jnc L009notsc
.byte 0x0f,0x31
-L004notsc:
+L009notsc:
ret
.globl _OPENSSL_instrument_halt
.align 4
_OPENSSL_instrument_halt:
L_OPENSSL_instrument_halt_begin:
- leal _OPENSSL_ia32cap_P,%ecx
+ call L010PIC_me_up
+L010PIC_me_up:
+ popl %ecx
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L010PIC_me_up(%ecx),%ecx
btl $4,(%ecx)
- jnc L005nohalt
+ jnc L011nohalt
.long 2421723150
andl $3,%eax
- jnz L005nohalt
+ jnz L011nohalt
pushfl
popl %eax
btl $9,%eax
- jnc L005nohalt
+ jnc L011nohalt
.byte 0x0f,0x31
pushl %edx
pushl %eax
@@ -135,7 +170,7 @@ L_OPENSSL_instrument_halt_begin:
sbbl 4(%esp),%edx
addl $8,%esp
ret
-L005nohalt:
+L011nohalt:
xorl %eax,%eax
xorl %edx,%edx
ret
@@ -146,21 +181,21 @@ L_OPENSSL_far_spin_begin:
pushfl
popl %eax
btl $9,%eax
- jnc L006nospin
+ jnc L012nospin
movl 4(%esp),%eax
movl 8(%esp),%ecx
.long 2430111262
xorl %eax,%eax
movl (%ecx),%edx
- jmp L007spin
+ jmp L013spin
.align 4,0x90
-L007spin:
+L013spin:
incl %eax
cmpl (%ecx),%edx
- je L007spin
+ je L013spin
.long 529567888
ret
-L006nospin:
+L012nospin:
xorl %eax,%eax
xorl %edx,%edx
ret
@@ -170,12 +205,15 @@ _OPENSSL_wipe_cpu:
L_OPENSSL_wipe_cpu_begin:
xorl %eax,%eax
xorl %edx,%edx
- leal _OPENSSL_ia32cap_P,%ecx
+ call L014PIC_me_up
+L014PIC_me_up:
+ popl %ecx
+ movl L_OPENSSL_ia32cap_P$non_lazy_ptr-L014PIC_me_up(%ecx),%ecx
movl (%ecx),%ecx
btl $1,(%ecx)
- jnc L008no_x87
+ jnc L015no_x87
.long 4007259865,4007259865,4007259865,4007259865,2430851995
-L008no_x87:
+L015no_x87:
leal 4(%esp),%eax
ret
.globl _OPENSSL_atomic_add
@@ -187,11 +225,11 @@ L_OPENSSL_atomic_add_begin:
pushl %ebx
nop
movl (%edx),%eax
-L009spin:
+L016spin:
leal (%eax,%ecx,1),%ebx
nop
.long 447811568
- jne L009spin
+ jne L016spin
movl %ebx,%eax
popl %ebx
ret
@@ -228,34 +266,51 @@ L_OPENSSL_cleanse_begin:
movl 8(%esp),%ecx
xorl %eax,%eax
cmpl $7,%ecx
- jae L010lot
+ jae L017lot
cmpl $0,%ecx
- je L011ret
-L012little:
+ je L018ret
+L019little:
movb %al,(%edx)
subl $1,%ecx
leal 1(%edx),%edx
- jnz L012little
-L011ret:
+ jnz L019little
+L018ret:
ret
.align 4,0x90
-L010lot:
+L017lot:
testl $3,%edx
- jz L013aligned
+ jz L020aligned
movb %al,(%edx)
leal -1(%ecx),%ecx
leal 1(%edx),%edx
- jmp L010lot
-L013aligned:
+ jmp L017lot
+L020aligned:
movl %eax,(%edx)
leal -4(%ecx),%ecx
testl $-4,%ecx
leal 4(%edx),%edx
- jnz L013aligned
+ jnz L020aligned
cmpl $0,%ecx
- jne L012little
+ jne L019little
+ ret
+.globl _OPENSSL_ia32_rdrand
+.align 4
+_OPENSSL_ia32_rdrand:
+L_OPENSSL_ia32_rdrand_begin:
+ movl $8,%ecx
+L021loop:
+.byte 15,199,240
+ jc L022break
+ loop L021loop
+L022break:
+ cmpl $0,%eax
+ cmovel %ecx,%eax
ret
-.comm _OPENSSL_ia32cap_P,4
+.section __IMPORT,__pointers,non_lazy_symbol_pointers
+L_OPENSSL_ia32cap_P$non_lazy_ptr:
+.indirect_symbol _OPENSSL_ia32cap_P
+.long 0
+.comm _OPENSSL_ia32cap_P,8,2
.mod_init_func
.align 2
.long _OPENSSL_cpuid_setup
diff --git a/deps/openssl/asm/x86-win32-masm/aes/aes-586.asm b/deps/openssl/asm/x86-win32-masm/aes/aes-586.asm
index 22dd21fbc..e4ac96e64 100644
--- a/deps/openssl/asm/x86-win32-masm/aes/aes-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/aes/aes-586.asm
@@ -2975,14 +2975,14 @@ $L045exit:
ret
__x86_AES_set_encrypt_key ENDP
ALIGN 16
-_AES_set_encrypt_key PROC PUBLIC
-$L_AES_set_encrypt_key_begin::
+_private_AES_set_encrypt_key PROC PUBLIC
+$L_private_AES_set_encrypt_key_begin::
call __x86_AES_set_encrypt_key
ret
-_AES_set_encrypt_key ENDP
+_private_AES_set_encrypt_key ENDP
ALIGN 16
-_AES_set_decrypt_key PROC PUBLIC
-$L_AES_set_decrypt_key_begin::
+_private_AES_set_decrypt_key PROC PUBLIC
+$L_private_AES_set_decrypt_key_begin::
call __x86_AES_set_encrypt_key
cmp eax,0
je $L054proceed
@@ -3211,12 +3211,12 @@ $L056permute:
pop ebx
pop ebp
ret
-_AES_set_decrypt_key ENDP
+_private_AES_set_decrypt_key ENDP
DB 65,69,83,32,102,111,114,32,120,56,54,44,32,67,82,89
DB 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
DB 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
.text$ ENDS
.bss SEGMENT 'BSS'
-COMM _OPENSSL_ia32cap_P:DWORD
+COMM _OPENSSL_ia32cap_P:QWORD
.bss ENDS
END
diff --git a/deps/openssl/asm/x86-win32-masm/bf/bf-686.asm b/deps/openssl/asm/x86-win32-masm/bf/bf-686.asm
index a802e7292..288317967 100644
--- a/deps/openssl/asm/x86-win32-masm/bf/bf-686.asm
+++ b/deps/openssl/asm/x86-win32-masm/bf/bf-686.asm
@@ -2,7 +2,7 @@ TITLE bf-686.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm b/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm
index eaad4a073..031be4e7e 100644
--- a/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm
+++ b/deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm
@@ -2,7 +2,7 @@ TITLE ../openssl/crypto/bn/asm/x86-mont.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/bn/x86.asm b/deps/openssl/asm/x86-win32-masm/bn/x86.asm
index d7051fa4e..2e7a0d4aa 100644
--- a/deps/openssl/asm/x86-win32-masm/bn/x86.asm
+++ b/deps/openssl/asm/x86-win32-masm/bn/x86.asm
@@ -2,7 +2,7 @@ TITLE ../openssl/crypto/bn/asm/x86.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm b/deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm
index acdf6a2f8..e32d28135 100644
--- a/deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm
+++ b/deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm
@@ -2,7 +2,7 @@ TITLE cmll-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
@@ -1532,8 +1532,8 @@ $L013done:
ret
_Camellia_Ekeygen ENDP
ALIGN 16
-_Camellia_set_key PROC PUBLIC
-$L_Camellia_set_key_begin::
+_private_Camellia_set_key PROC PUBLIC
+$L_private_Camellia_set_key_begin::
push ebx
mov ecx,DWORD PTR 8[esp]
mov ebx,DWORD PTR 12[esp]
@@ -1563,7 +1563,7 @@ ALIGN 4
$L014done:
pop ebx
ret
-_Camellia_set_key ENDP
+_private_Camellia_set_key ENDP
ALIGN 64
$LCamellia_SIGMA::
DD 2694735487,1003262091,3061508184,1286239154,3337565999,3914302142,1426019237,4057165596,283453434,3731369245,2958461122,3018244605,0,0,0,0
diff --git a/deps/openssl/asm/x86-win32-masm/cast/cast-586.asm b/deps/openssl/asm/x86-win32-masm/cast/cast-586.asm
index 1f2f0708a..6f85c34d2 100644
--- a/deps/openssl/asm/x86-win32-masm/cast/cast-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/cast/cast-586.asm
@@ -2,7 +2,7 @@ TITLE cast-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/des/crypt586.asm b/deps/openssl/asm/x86-win32-masm/des/crypt586.asm
index 24e474dfc..4c82c7a26 100644
--- a/deps/openssl/asm/x86-win32-masm/des/crypt586.asm
+++ b/deps/openssl/asm/x86-win32-masm/des/crypt586.asm
@@ -2,7 +2,7 @@ TITLE crypt586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/des/des-586.asm b/deps/openssl/asm/x86-win32-masm/des/des-586.asm
index 3c630daff..24f19a660 100644
--- a/deps/openssl/asm/x86-win32-masm/des/des-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/des/des-586.asm
@@ -2,7 +2,7 @@ TITLE des-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/md5/md5-586.asm b/deps/openssl/asm/x86-win32-masm/md5/md5-586.asm
index c8edae762..8e263de0f 100644
--- a/deps/openssl/asm/x86-win32-masm/md5/md5-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/md5/md5-586.asm
@@ -2,7 +2,7 @@ TITLE ../openssl/crypto/md5/asm/md5-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/rc4/rc4-586.asm b/deps/openssl/asm/x86-win32-masm/rc4/rc4-586.asm
index 3eb66f735..d17909091 100644
--- a/deps/openssl/asm/x86-win32-masm/rc4/rc4-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/rc4/rc4-586.asm
@@ -2,7 +2,14 @@ TITLE rc4-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
+.XMM
+IF @Version LT 800
+XMMWORD STRUCT 16
+DQ 2 dup (?)
+XMMWORD ENDS
+ENDIF
+
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
@@ -10,6 +17,7 @@ IF @Version LT 800
ELSE
.text$ SEGMENT ALIGN(64) 'CODE'
ENDIF
+;EXTERN _OPENSSL_ia32cap_P:NEAR
ALIGN 16
_RC4 PROC PUBLIC
$L_RC4_begin::
@@ -37,11 +45,146 @@ $L_RC4_begin::
mov ecx,DWORD PTR [eax*4+edi]
and edx,-4
jz $L002loop1
- lea edx,DWORD PTR [edx*1+esi-4]
- mov DWORD PTR 28[esp],edx
+ test edx,-8
mov DWORD PTR 32[esp],ebp
+ jz $L003go4loop4
+ lea ebp,DWORD PTR _OPENSSL_ia32cap_P
+ bt DWORD PTR [ebp],26
+ jnc $L003go4loop4
+ mov ebp,DWORD PTR 32[esp]
+ and edx,-8
+ lea edx,DWORD PTR [edx*1+esi-8]
+ mov DWORD PTR [edi-4],edx
+ add bl,cl
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ movq mm0,QWORD PTR [esi]
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm2,DWORD PTR [edx*4+edi]
+ jmp $L004loop_mmx_enter
+ALIGN 16
+$L005loop_mmx:
+ add bl,cl
+ psllq mm1,56
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ movq mm0,QWORD PTR [esi]
+ movq QWORD PTR [esi*1+ebp-8],mm2
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm2,DWORD PTR [edx*4+edi]
+$L004loop_mmx_enter:
+ add bl,cl
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm0
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,8
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,16
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,24
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,32
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,40
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ add bl,cl
+ psllq mm1,48
+ mov edx,DWORD PTR [ebx*4+edi]
+ mov DWORD PTR [ebx*4+edi],ecx
+ mov DWORD PTR [eax*4+edi],edx
+ inc eax
+ add edx,ecx
+ movzx eax,al
+ movzx edx,dl
+ pxor mm2,mm1
+ mov ecx,DWORD PTR [eax*4+edi]
+ movd mm1,DWORD PTR [edx*4+edi]
+ mov edx,ebx
+ xor ebx,ebx
+ mov bl,dl
+ cmp esi,DWORD PTR [edi-4]
+ lea esi,DWORD PTR 8[esi]
+ jb $L005loop_mmx
+ psllq mm1,56
+ pxor mm2,mm1
+ movq QWORD PTR [esi*1+ebp-8],mm2
+ emms
+ cmp esi,DWORD PTR 24[esp]
+ je $L006done
+ jmp $L002loop1
ALIGN 16
-$L003loop4:
+$L003go4loop4:
+ lea edx,DWORD PTR [edx*1+esi-4]
+ mov DWORD PTR 28[esp],edx
+$L007loop4:
add bl,cl
mov edx,DWORD PTR [ebx*4+edi]
mov DWORD PTR [ebx*4+edi],ecx
@@ -87,9 +230,9 @@ $L003loop4:
mov DWORD PTR [esi*1+ecx],ebp
lea esi,DWORD PTR 4[esi]
mov ecx,DWORD PTR [eax*4+edi]
- jb $L003loop4
+ jb $L007loop4
cmp esi,DWORD PTR 24[esp]
- je $L004done
+ je $L006done
mov ebp,DWORD PTR 32[esp]
ALIGN 16
$L002loop1:
@@ -107,11 +250,11 @@ $L002loop1:
cmp esi,DWORD PTR 24[esp]
mov BYTE PTR [esi*1+ebp-1],dl
jb $L002loop1
- jmp $L004done
+ jmp $L006done
ALIGN 16
$L001RC4_CHAR:
movzx ecx,BYTE PTR [eax*1+edi]
-$L005cloop1:
+$L008cloop1:
add bl,cl
movzx edx,BYTE PTR [ebx*1+edi]
mov BYTE PTR [ebx*1+edi],cl
@@ -124,10 +267,10 @@ $L005cloop1:
movzx ecx,BYTE PTR [eax*1+edi]
cmp esi,DWORD PTR 24[esp]
mov BYTE PTR [esi*1+ebp-1],dl
- jb $L005cloop1
-$L004done:
+ jb $L008cloop1
+$L006done:
dec al
- mov BYTE PTR [edi-4],bl
+ mov DWORD PTR [edi-4],ebx
mov BYTE PTR [edi-8],al
$L000abort:
pop edi
@@ -136,10 +279,9 @@ $L000abort:
pop ebp
ret
_RC4 ENDP
-;EXTERN _OPENSSL_ia32cap_P:NEAR
ALIGN 16
-_RC4_set_key PROC PUBLIC
-$L_RC4_set_key_begin::
+_private_RC4_set_key PROC PUBLIC
+$L_private_RC4_set_key_begin::
push ebp
push ebx
push esi
@@ -154,53 +296,53 @@ $L_RC4_set_key_begin::
xor eax,eax
mov DWORD PTR [edi-4],ebp
bt DWORD PTR [edx],20
- jc $L006c1stloop
+ jc $L009c1stloop
ALIGN 16
-$L007w1stloop:
+$L010w1stloop:
mov DWORD PTR [eax*4+edi],eax
add al,1
- jnc $L007w1stloop
+ jnc $L010w1stloop
xor ecx,ecx
xor edx,edx
ALIGN 16
-$L008w2ndloop:
+$L011w2ndloop:
mov eax,DWORD PTR [ecx*4+edi]
add dl,BYTE PTR [ebp*1+esi]
add dl,al
add ebp,1
mov ebx,DWORD PTR [edx*4+edi]
- jnz $L009wnowrap
+ jnz $L012wnowrap
mov ebp,DWORD PTR [edi-4]
-$L009wnowrap:
+$L012wnowrap:
mov DWORD PTR [edx*4+edi],eax
mov DWORD PTR [ecx*4+edi],ebx
add cl,1
- jnc $L008w2ndloop
- jmp $L010exit
+ jnc $L011w2ndloop
+ jmp $L013exit
ALIGN 16
-$L006c1stloop:
+$L009c1stloop:
mov BYTE PTR [eax*1+edi],al
add al,1
- jnc $L006c1stloop
+ jnc $L009c1stloop
xor ecx,ecx
xor edx,edx
xor ebx,ebx
ALIGN 16
-$L011c2ndloop:
+$L014c2ndloop:
mov al,BYTE PTR [ecx*1+edi]
add dl,BYTE PTR [ebp*1+esi]
add dl,al
add ebp,1
mov bl,BYTE PTR [edx*1+edi]
- jnz $L012cnowrap
+ jnz $L015cnowrap
mov ebp,DWORD PTR [edi-4]
-$L012cnowrap:
+$L015cnowrap:
mov BYTE PTR [edx*1+edi],al
mov BYTE PTR [ecx*1+edi],bl
add cl,1
- jnc $L011c2ndloop
+ jnc $L014c2ndloop
mov DWORD PTR 256[edi],-1
-$L010exit:
+$L013exit:
xor eax,eax
mov DWORD PTR [edi-8],eax
mov DWORD PTR [edi-4],eax
@@ -209,24 +351,31 @@ $L010exit:
pop ebx
pop ebp
ret
-_RC4_set_key ENDP
+_private_RC4_set_key ENDP
ALIGN 16
_RC4_options PROC PUBLIC
$L_RC4_options_begin::
- call $L013pic_point
-$L013pic_point:
+ call $L016pic_point
+$L016pic_point:
pop eax
- lea eax,DWORD PTR ($L014opts-$L013pic_point)[eax]
+ lea eax,DWORD PTR ($L017opts-$L016pic_point)[eax]
lea edx,DWORD PTR _OPENSSL_ia32cap_P
- bt DWORD PTR [edx],20
- jnc $L015skip
+ mov edx,DWORD PTR [edx]
+ bt edx,20
+ jc $L0181xchar
+ bt edx,26
+ jnc $L019ret
+ add eax,25
+ ret
+$L0181xchar:
add eax,12
-$L015skip:
+$L019ret:
ret
ALIGN 64
-$L014opts:
+$L017opts:
DB 114,99,52,40,52,120,44,105,110,116,41,0
DB 114,99,52,40,49,120,44,99,104,97,114,41,0
+DB 114,99,52,40,56,120,44,109,109,120,41,0
DB 82,67,52,32,102,111,114,32,120,56,54,44,32,67,82,89
DB 80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114
DB 111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
@@ -234,6 +383,6 @@ ALIGN 64
_RC4_options ENDP
.text$ ENDS
.bss SEGMENT 'BSS'
-COMM _OPENSSL_ia32cap_P:DWORD
+COMM _OPENSSL_ia32cap_P:QWORD
.bss ENDS
END
diff --git a/deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm b/deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm
index e699d9173..7ce74110e 100644
--- a/deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm
@@ -2,7 +2,7 @@ TITLE rc5-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm b/deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm
index 8fa61f8f9..7f6458cef 100644
--- a/deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm
@@ -2,7 +2,7 @@ TITLE ../openssl/crypto/ripemd/asm/rmd-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm b/deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm
index ce9f8d5b4..878b1d3b9 100644
--- a/deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm
@@ -2,7 +2,7 @@ TITLE sha1-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
@@ -20,11 +20,12 @@ $L_sha1_block_data_order_begin::
mov ebp,DWORD PTR 20[esp]
mov esi,DWORD PTR 24[esp]
mov eax,DWORD PTR 28[esp]
- sub esp,64
+ sub esp,76
shl eax,6
add eax,esi
- mov DWORD PTR 92[esp],eax
+ mov DWORD PTR 104[esp],eax
mov edi,DWORD PTR 16[ebp]
+ jmp $L000loop
ALIGN 16
$L000loop:
mov eax,DWORD PTR [esi]
@@ -75,7 +76,7 @@ $L000loop:
mov DWORD PTR 52[esp],ebx
mov DWORD PTR 56[esp],ecx
mov DWORD PTR 60[esp],edx
- mov DWORD PTR 88[esp],esi
+ mov DWORD PTR 100[esp],esi
mov eax,DWORD PTR [ebp]
mov ebx,DWORD PTR 4[ebp]
mov ecx,DWORD PTR 8[ebp]
@@ -86,10 +87,10 @@ $L000loop:
rol ebp,5
xor esi,edx
add ebp,edi
- and esi,ebx
mov edi,DWORD PTR [esp]
- xor esi,edx
+ and esi,ebx
ror ebx,2
+ xor esi,edx
lea ebp,DWORD PTR 1518500249[edi*1+ebp]
add ebp,esi
; 00_15 1
@@ -98,10 +99,10 @@ $L000loop:
rol ebp,5
xor edi,ecx
add ebp,edx
- and edi,eax
mov edx,DWORD PTR 4[esp]
- xor edi,ecx
+ and edi,eax
ror eax,2
+ xor edi,ecx
lea ebp,DWORD PTR 1518500249[edx*1+ebp]
add ebp,edi
; 00_15 2
@@ -110,10 +111,10 @@ $L000loop:
rol ebp,5
xor edx,ebx
add ebp,ecx
- and edx,esi
mov ecx,DWORD PTR 8[esp]
- xor edx,ebx
+ and edx,esi
ror esi,2
+ xor edx,ebx
lea ebp,DWORD PTR 1518500249[ecx*1+ebp]
add ebp,edx
; 00_15 3
@@ -122,10 +123,10 @@ $L000loop:
rol ebp,5
xor ecx,eax
add ebp,ebx
- and ecx,edi
mov ebx,DWORD PTR 12[esp]
- xor ecx,eax
+ and ecx,edi
ror edi,2
+ xor ecx,eax
lea ebp,DWORD PTR 1518500249[ebx*1+ebp]
add ebp,ecx
; 00_15 4
@@ -134,10 +135,10 @@ $L000loop:
rol ebp,5
xor ebx,esi
add ebp,eax
- and ebx,edx
mov eax,DWORD PTR 16[esp]
- xor ebx,esi
+ and ebx,edx
ror edx,2
+ xor ebx,esi
lea ebp,DWORD PTR 1518500249[eax*1+ebp]
add ebp,ebx
; 00_15 5
@@ -146,10 +147,10 @@ $L000loop:
rol ebp,5
xor eax,edi
add ebp,esi
- and eax,ecx
mov esi,DWORD PTR 20[esp]
- xor eax,edi
+ and eax,ecx
ror ecx,2
+ xor eax,edi
lea ebp,DWORD PTR 1518500249[esi*1+ebp]
add ebp,eax
; 00_15 6
@@ -158,10 +159,10 @@ $L000loop:
rol ebp,5
xor esi,edx
add ebp,edi
- and esi,ebx
mov edi,DWORD PTR 24[esp]
- xor esi,edx
+ and esi,ebx
ror ebx,2
+ xor esi,edx
lea ebp,DWORD PTR 1518500249[edi*1+ebp]
add ebp,esi
; 00_15 7
@@ -170,10 +171,10 @@ $L000loop:
rol ebp,5
xor edi,ecx
add ebp,edx
- and edi,eax
mov edx,DWORD PTR 28[esp]
- xor edi,ecx
+ and edi,eax
ror eax,2
+ xor edi,ecx
lea ebp,DWORD PTR 1518500249[edx*1+ebp]
add ebp,edi
; 00_15 8
@@ -182,10 +183,10 @@ $L000loop:
rol ebp,5
xor edx,ebx
add ebp,ecx
- and edx,esi
mov ecx,DWORD PTR 32[esp]
- xor edx,ebx
+ and edx,esi
ror esi,2
+ xor edx,ebx
lea ebp,DWORD PTR 1518500249[ecx*1+ebp]
add ebp,edx
; 00_15 9
@@ -194,10 +195,10 @@ $L000loop:
rol ebp,5
xor ecx,eax
add ebp,ebx
- and ecx,edi
mov ebx,DWORD PTR 36[esp]
- xor ecx,eax
+ and ecx,edi
ror edi,2
+ xor ecx,eax
lea ebp,DWORD PTR 1518500249[ebx*1+ebp]
add ebp,ecx
; 00_15 10
@@ -206,10 +207,10 @@ $L000loop:
rol ebp,5
xor ebx,esi
add ebp,eax
- and ebx,edx
mov eax,DWORD PTR 40[esp]
- xor ebx,esi
+ and ebx,edx
ror edx,2
+ xor ebx,esi
lea ebp,DWORD PTR 1518500249[eax*1+ebp]
add ebp,ebx
; 00_15 11
@@ -218,10 +219,10 @@ $L000loop:
rol ebp,5
xor eax,edi
add ebp,esi
- and eax,ecx
mov esi,DWORD PTR 44[esp]
- xor eax,edi
+ and eax,ecx
ror ecx,2
+ xor eax,edi
lea ebp,DWORD PTR 1518500249[esi*1+ebp]
add ebp,eax
; 00_15 12
@@ -230,10 +231,10 @@ $L000loop:
rol ebp,5
xor esi,edx
add ebp,edi
- and esi,ebx
mov edi,DWORD PTR 48[esp]
- xor esi,edx
+ and esi,ebx
ror ebx,2
+ xor esi,edx
lea ebp,DWORD PTR 1518500249[edi*1+ebp]
add ebp,esi
; 00_15 13
@@ -242,10 +243,10 @@ $L000loop:
rol ebp,5
xor edi,ecx
add ebp,edx
- and edi,eax
mov edx,DWORD PTR 52[esp]
- xor edi,ecx
+ and edi,eax
ror eax,2
+ xor edi,ecx
lea ebp,DWORD PTR 1518500249[edx*1+ebp]
add ebp,edi
; 00_15 14
@@ -254,10 +255,10 @@ $L000loop:
rol ebp,5
xor edx,ebx
add ebp,ecx
- and edx,esi
mov ecx,DWORD PTR 56[esp]
- xor edx,ebx
+ and edx,esi
ror esi,2
+ xor edx,ebx
lea ebp,DWORD PTR 1518500249[ecx*1+ebp]
add ebp,edx
; 00_15 15
@@ -266,1162 +267,1099 @@ $L000loop:
rol ebp,5
xor ecx,eax
add ebp,ebx
- and ecx,edi
mov ebx,DWORD PTR 60[esp]
- xor ecx,eax
+ and ecx,edi
ror edi,2
+ xor ecx,eax
lea ebp,DWORD PTR 1518500249[ebx*1+ebp]
+ mov ebx,DWORD PTR [esp]
add ecx,ebp
; 16_19 16
- mov ebx,DWORD PTR [esp]
mov ebp,edi
xor ebx,DWORD PTR 8[esp]
xor ebp,esi
xor ebx,DWORD PTR 32[esp]
and ebp,edx
- ror edx,2
xor ebx,DWORD PTR 52[esp]
rol ebx,1
xor ebp,esi
+ add eax,ebp
+ mov ebp,ecx
+ ror edx,2
mov DWORD PTR [esp],ebx
+ rol ebp,5
lea ebx,DWORD PTR 1518500249[eax*1+ebx]
- mov eax,ecx
- rol eax,5
+ mov eax,DWORD PTR 4[esp]
add ebx,ebp
- add ebx,eax
; 16_19 17
- mov eax,DWORD PTR 4[esp]
mov ebp,edx
xor eax,DWORD PTR 12[esp]
xor ebp,edi
xor eax,DWORD PTR 36[esp]
and ebp,ecx
- ror ecx,2
xor eax,DWORD PTR 56[esp]
rol eax,1
xor ebp,edi
+ add esi,ebp
+ mov ebp,ebx
+ ror ecx,2
mov DWORD PTR 4[esp],eax
+ rol ebp,5
lea eax,DWORD PTR 1518500249[esi*1+eax]
- mov esi,ebx
- rol esi,5
+ mov esi,DWORD PTR 8[esp]
add eax,ebp
- add eax,esi
; 16_19 18
- mov esi,DWORD PTR 8[esp]
mov ebp,ecx
xor esi,DWORD PTR 16[esp]
xor ebp,edx
xor esi,DWORD PTR 40[esp]
and ebp,ebx
- ror ebx,2
xor esi,DWORD PTR 60[esp]
rol esi,1
xor ebp,edx
+ add edi,ebp
+ mov ebp,eax
+ ror ebx,2
mov DWORD PTR 8[esp],esi
+ rol ebp,5
lea esi,DWORD PTR 1518500249[edi*1+esi]
- mov edi,eax
- rol edi,5
+ mov edi,DWORD PTR 12[esp]
add esi,ebp
- add esi,edi
; 16_19 19
- mov edi,DWORD PTR 12[esp]
mov ebp,ebx
xor edi,DWORD PTR 20[esp]
xor ebp,ecx
xor edi,DWORD PTR 44[esp]
and ebp,eax
- ror eax,2
xor edi,DWORD PTR [esp]
rol edi,1
xor ebp,ecx
+ add edx,ebp
+ mov ebp,esi
+ ror eax,2
mov DWORD PTR 12[esp],edi
+ rol ebp,5
lea edi,DWORD PTR 1518500249[edx*1+edi]
- mov edx,esi
- rol edx,5
+ mov edx,DWORD PTR 16[esp]
add edi,ebp
- add edi,edx
; 20_39 20
mov ebp,esi
- mov edx,DWORD PTR 16[esp]
- ror esi,2
xor edx,DWORD PTR 24[esp]
xor ebp,eax
xor edx,DWORD PTR 48[esp]
xor ebp,ebx
xor edx,DWORD PTR 4[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 16[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 1859775393[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 1859775393[ecx*1+edx]
+ mov ecx,DWORD PTR 20[esp]
+ add edx,ebp
; 20_39 21
mov ebp,edi
- mov ecx,DWORD PTR 20[esp]
- ror edi,2
xor ecx,DWORD PTR 28[esp]
xor ebp,esi
xor ecx,DWORD PTR 52[esp]
xor ebp,eax
xor ecx,DWORD PTR 8[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 20[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 1859775393[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 1859775393[ebx*1+ecx]
+ mov ebx,DWORD PTR 24[esp]
+ add ecx,ebp
; 20_39 22
mov ebp,edx
- mov ebx,DWORD PTR 24[esp]
- ror edx,2
xor ebx,DWORD PTR 32[esp]
xor ebp,edi
xor ebx,DWORD PTR 56[esp]
xor ebp,esi
xor ebx,DWORD PTR 12[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR 24[esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 1859775393[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 1859775393[eax*1+ebx]
+ mov eax,DWORD PTR 28[esp]
+ add ebx,ebp
; 20_39 23
mov ebp,ecx
- mov eax,DWORD PTR 28[esp]
- ror ecx,2
xor eax,DWORD PTR 36[esp]
xor ebp,edx
xor eax,DWORD PTR 60[esp]
xor ebp,edi
xor eax,DWORD PTR 16[esp]
rol eax,1
- add ebp,esi
+ add esi,ebp
+ ror ecx,2
+ mov ebp,ebx
+ rol ebp,5
mov DWORD PTR 28[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 1859775393[ebp*1+eax]
- add eax,esi
+ lea eax,DWORD PTR 1859775393[esi*1+eax]
+ mov esi,DWORD PTR 32[esp]
+ add eax,ebp
; 20_39 24
mov ebp,ebx
- mov esi,DWORD PTR 32[esp]
- ror ebx,2
xor esi,DWORD PTR 40[esp]
xor ebp,ecx
xor esi,DWORD PTR [esp]
xor ebp,edx
xor esi,DWORD PTR 20[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 32[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 1859775393[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 1859775393[edi*1+esi]
+ mov edi,DWORD PTR 36[esp]
+ add esi,ebp
; 20_39 25
mov ebp,eax
- mov edi,DWORD PTR 36[esp]
- ror eax,2
xor edi,DWORD PTR 44[esp]
xor ebp,ebx
xor edi,DWORD PTR 4[esp]
xor ebp,ecx
xor edi,DWORD PTR 24[esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 36[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 1859775393[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 1859775393[edx*1+edi]
+ mov edx,DWORD PTR 40[esp]
+ add edi,ebp
; 20_39 26
mov ebp,esi
- mov edx,DWORD PTR 40[esp]
- ror esi,2
xor edx,DWORD PTR 48[esp]
xor ebp,eax
xor edx,DWORD PTR 8[esp]
xor ebp,ebx
xor edx,DWORD PTR 28[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 40[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 1859775393[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 1859775393[ecx*1+edx]
+ mov ecx,DWORD PTR 44[esp]
+ add edx,ebp
; 20_39 27
mov ebp,edi
- mov ecx,DWORD PTR 44[esp]
- ror edi,2
xor ecx,DWORD PTR 52[esp]
xor ebp,esi
xor ecx,DWORD PTR 12[esp]
xor ebp,eax
xor ecx,DWORD PTR 32[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 44[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 1859775393[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 1859775393[ebx*1+ecx]
+ mov ebx,DWORD PTR 48[esp]
+ add ecx,ebp
; 20_39 28
mov ebp,edx
- mov ebx,DWORD PTR 48[esp]
- ror edx,2
xor ebx,DWORD PTR 56[esp]
xor ebp,edi
xor ebx,DWORD PTR 16[esp]
xor ebp,esi
xor ebx,DWORD PTR 36[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR 48[esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 1859775393[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 1859775393[eax*1+ebx]
+ mov eax,DWORD PTR 52[esp]
+ add ebx,ebp
; 20_39 29
mov ebp,ecx
- mov eax,DWORD PTR 52[esp]
- ror ecx,2
xor eax,DWORD PTR 60[esp]
xor ebp,edx
xor eax,DWORD PTR 20[esp]
xor ebp,edi
xor eax,DWORD PTR 40[esp]
rol eax,1
- add ebp,esi
+ add esi,ebp
+ ror ecx,2
+ mov ebp,ebx
+ rol ebp,5
mov DWORD PTR 52[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 1859775393[ebp*1+eax]
- add eax,esi
+ lea eax,DWORD PTR 1859775393[esi*1+eax]
+ mov esi,DWORD PTR 56[esp]
+ add eax,ebp
; 20_39 30
mov ebp,ebx
- mov esi,DWORD PTR 56[esp]
- ror ebx,2
xor esi,DWORD PTR [esp]
xor ebp,ecx
xor esi,DWORD PTR 24[esp]
xor ebp,edx
xor esi,DWORD PTR 44[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 56[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 1859775393[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 1859775393[edi*1+esi]
+ mov edi,DWORD PTR 60[esp]
+ add esi,ebp
; 20_39 31
mov ebp,eax
- mov edi,DWORD PTR 60[esp]
- ror eax,2
xor edi,DWORD PTR 4[esp]
xor ebp,ebx
xor edi,DWORD PTR 28[esp]
xor ebp,ecx
xor edi,DWORD PTR 48[esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 60[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 1859775393[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 1859775393[edx*1+edi]
+ mov edx,DWORD PTR [esp]
+ add edi,ebp
; 20_39 32
mov ebp,esi
- mov edx,DWORD PTR [esp]
- ror esi,2
xor edx,DWORD PTR 8[esp]
xor ebp,eax
xor edx,DWORD PTR 32[esp]
xor ebp,ebx
xor edx,DWORD PTR 52[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR [esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 1859775393[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 1859775393[ecx*1+edx]
+ mov ecx,DWORD PTR 4[esp]
+ add edx,ebp
; 20_39 33
mov ebp,edi
- mov ecx,DWORD PTR 4[esp]
- ror edi,2
xor ecx,DWORD PTR 12[esp]
xor ebp,esi
xor ecx,DWORD PTR 36[esp]
xor ebp,eax
xor ecx,DWORD PTR 56[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 4[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 1859775393[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 1859775393[ebx*1+ecx]
+ mov ebx,DWORD PTR 8[esp]
+ add ecx,ebp
; 20_39 34
mov ebp,edx
- mov ebx,DWORD PTR 8[esp]
- ror edx,2
xor ebx,DWORD PTR 16[esp]
xor ebp,edi
xor ebx,DWORD PTR 40[esp]
xor ebp,esi
xor ebx,DWORD PTR 60[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR 8[esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 1859775393[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 1859775393[eax*1+ebx]
+ mov eax,DWORD PTR 12[esp]
+ add ebx,ebp
; 20_39 35
mov ebp,ecx
- mov eax,DWORD PTR 12[esp]
- ror ecx,2
xor eax,DWORD PTR 20[esp]
xor ebp,edx
xor eax,DWORD PTR 44[esp]
xor ebp,edi
xor eax,DWORD PTR [esp]
rol eax,1
- add ebp,esi
+ add esi,ebp
+ ror ecx,2
+ mov ebp,ebx
+ rol ebp,5
mov DWORD PTR 12[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 1859775393[ebp*1+eax]
- add eax,esi
+ lea eax,DWORD PTR 1859775393[esi*1+eax]
+ mov esi,DWORD PTR 16[esp]
+ add eax,ebp
; 20_39 36
mov ebp,ebx
- mov esi,DWORD PTR 16[esp]
- ror ebx,2
xor esi,DWORD PTR 24[esp]
xor ebp,ecx
xor esi,DWORD PTR 48[esp]
xor ebp,edx
xor esi,DWORD PTR 4[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 16[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 1859775393[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 1859775393[edi*1+esi]
+ mov edi,DWORD PTR 20[esp]
+ add esi,ebp
; 20_39 37
mov ebp,eax
- mov edi,DWORD PTR 20[esp]
- ror eax,2
xor edi,DWORD PTR 28[esp]
xor ebp,ebx
xor edi,DWORD PTR 52[esp]
xor ebp,ecx
xor edi,DWORD PTR 8[esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 20[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 1859775393[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 1859775393[edx*1+edi]
+ mov edx,DWORD PTR 24[esp]
+ add edi,ebp
; 20_39 38
mov ebp,esi
- mov edx,DWORD PTR 24[esp]
- ror esi,2
xor edx,DWORD PTR 32[esp]
xor ebp,eax
xor edx,DWORD PTR 56[esp]
xor ebp,ebx
xor edx,DWORD PTR 12[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 24[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 1859775393[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 1859775393[ecx*1+edx]
+ mov ecx,DWORD PTR 28[esp]
+ add edx,ebp
; 20_39 39
mov ebp,edi
- mov ecx,DWORD PTR 28[esp]
- ror edi,2
xor ecx,DWORD PTR 36[esp]
xor ebp,esi
xor ecx,DWORD PTR 60[esp]
xor ebp,eax
xor ecx,DWORD PTR 16[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 28[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 1859775393[ebp*1+ecx]
- add ecx,ebx
- ; 40_59 40
+ lea ecx,DWORD PTR 1859775393[ebx*1+ecx]
mov ebx,DWORD PTR 32[esp]
- mov ebp,DWORD PTR 40[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR [esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 20[esp]
- xor ebx,ebp
- mov ebp,edx
+ add ecx,ebp
+ ; 40_59 40
+ mov ebp,edi
+ xor ebx,DWORD PTR 40[esp]
+ xor ebp,esi
+ xor ebx,DWORD PTR [esp]
+ and ebp,edx
+ xor ebx,DWORD PTR 20[esp]
rol ebx,1
- or ebp,edi
- mov DWORD PTR 32[esp],ebx
- and ebp,esi
- lea ebx,DWORD PTR 2400959708[eax*1+ebx]
- mov eax,edx
+ add ebp,eax
ror edx,2
- and eax,edi
- or ebp,eax
mov eax,ecx
rol eax,5
- add ebx,ebp
+ mov DWORD PTR 32[esp],ebx
+ lea ebx,DWORD PTR 2400959708[ebp*1+ebx]
+ mov ebp,edi
add ebx,eax
- ; 40_59 41
+ and ebp,esi
mov eax,DWORD PTR 36[esp]
- mov ebp,DWORD PTR 44[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 4[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 24[esp]
- xor eax,ebp
- mov ebp,ecx
+ add ebx,ebp
+ ; 40_59 41
+ mov ebp,edx
+ xor eax,DWORD PTR 44[esp]
+ xor ebp,edi
+ xor eax,DWORD PTR 4[esp]
+ and ebp,ecx
+ xor eax,DWORD PTR 24[esp]
rol eax,1
- or ebp,edx
- mov DWORD PTR 36[esp],eax
- and ebp,edi
- lea eax,DWORD PTR 2400959708[esi*1+eax]
- mov esi,ecx
+ add ebp,esi
ror ecx,2
- and esi,edx
- or ebp,esi
mov esi,ebx
rol esi,5
- add eax,ebp
+ mov DWORD PTR 36[esp],eax
+ lea eax,DWORD PTR 2400959708[ebp*1+eax]
+ mov ebp,edx
add eax,esi
- ; 40_59 42
+ and ebp,edi
mov esi,DWORD PTR 40[esp]
- mov ebp,DWORD PTR 48[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 8[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 28[esp]
- xor esi,ebp
- mov ebp,ebx
+ add eax,ebp
+ ; 40_59 42
+ mov ebp,ecx
+ xor esi,DWORD PTR 48[esp]
+ xor ebp,edx
+ xor esi,DWORD PTR 8[esp]
+ and ebp,ebx
+ xor esi,DWORD PTR 28[esp]
rol esi,1
- or ebp,ecx
- mov DWORD PTR 40[esp],esi
- and ebp,edx
- lea esi,DWORD PTR 2400959708[edi*1+esi]
- mov edi,ebx
+ add ebp,edi
ror ebx,2
- and edi,ecx
- or ebp,edi
mov edi,eax
rol edi,5
- add esi,ebp
+ mov DWORD PTR 40[esp],esi
+ lea esi,DWORD PTR 2400959708[ebp*1+esi]
+ mov ebp,ecx
add esi,edi
- ; 40_59 43
+ and ebp,edx
mov edi,DWORD PTR 44[esp]
- mov ebp,DWORD PTR 52[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 12[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 32[esp]
- xor edi,ebp
- mov ebp,eax
+ add esi,ebp
+ ; 40_59 43
+ mov ebp,ebx
+ xor edi,DWORD PTR 52[esp]
+ xor ebp,ecx
+ xor edi,DWORD PTR 12[esp]
+ and ebp,eax
+ xor edi,DWORD PTR 32[esp]
rol edi,1
- or ebp,ebx
- mov DWORD PTR 44[esp],edi
- and ebp,ecx
- lea edi,DWORD PTR 2400959708[edx*1+edi]
- mov edx,eax
+ add ebp,edx
ror eax,2
- and edx,ebx
- or ebp,edx
mov edx,esi
rol edx,5
- add edi,ebp
+ mov DWORD PTR 44[esp],edi
+ lea edi,DWORD PTR 2400959708[ebp*1+edi]
+ mov ebp,ebx
add edi,edx
- ; 40_59 44
+ and ebp,ecx
mov edx,DWORD PTR 48[esp]
- mov ebp,DWORD PTR 56[esp]
- xor edx,ebp
- mov ebp,DWORD PTR 16[esp]
- xor edx,ebp
- mov ebp,DWORD PTR 36[esp]
- xor edx,ebp
- mov ebp,esi
+ add edi,ebp
+ ; 40_59 44
+ mov ebp,eax
+ xor edx,DWORD PTR 56[esp]
+ xor ebp,ebx
+ xor edx,DWORD PTR 16[esp]
+ and ebp,esi
+ xor edx,DWORD PTR 36[esp]
rol edx,1
- or ebp,eax
- mov DWORD PTR 48[esp],edx
- and ebp,ebx
- lea edx,DWORD PTR 2400959708[ecx*1+edx]
- mov ecx,esi
+ add ebp,ecx
ror esi,2
- and ecx,eax
- or ebp,ecx
mov ecx,edi
rol ecx,5
- add edx,ebp
+ mov DWORD PTR 48[esp],edx
+ lea edx,DWORD PTR 2400959708[ebp*1+edx]
+ mov ebp,eax
add edx,ecx
- ; 40_59 45
+ and ebp,ebx
mov ecx,DWORD PTR 52[esp]
- mov ebp,DWORD PTR 60[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR 20[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR 40[esp]
- xor ecx,ebp
- mov ebp,edi
+ add edx,ebp
+ ; 40_59 45
+ mov ebp,esi
+ xor ecx,DWORD PTR 60[esp]
+ xor ebp,eax
+ xor ecx,DWORD PTR 20[esp]
+ and ebp,edi
+ xor ecx,DWORD PTR 40[esp]
rol ecx,1
- or ebp,esi
- mov DWORD PTR 52[esp],ecx
- and ebp,eax
- lea ecx,DWORD PTR 2400959708[ebx*1+ecx]
- mov ebx,edi
+ add ebp,ebx
ror edi,2
- and ebx,esi
- or ebp,ebx
mov ebx,edx
rol ebx,5
- add ecx,ebp
+ mov DWORD PTR 52[esp],ecx
+ lea ecx,DWORD PTR 2400959708[ebp*1+ecx]
+ mov ebp,esi
add ecx,ebx
- ; 40_59 46
+ and ebp,eax
mov ebx,DWORD PTR 56[esp]
- mov ebp,DWORD PTR [esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 24[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 44[esp]
- xor ebx,ebp
- mov ebp,edx
+ add ecx,ebp
+ ; 40_59 46
+ mov ebp,edi
+ xor ebx,DWORD PTR [esp]
+ xor ebp,esi
+ xor ebx,DWORD PTR 24[esp]
+ and ebp,edx
+ xor ebx,DWORD PTR 44[esp]
rol ebx,1
- or ebp,edi
- mov DWORD PTR 56[esp],ebx
- and ebp,esi
- lea ebx,DWORD PTR 2400959708[eax*1+ebx]
- mov eax,edx
+ add ebp,eax
ror edx,2
- and eax,edi
- or ebp,eax
mov eax,ecx
rol eax,5
- add ebx,ebp
+ mov DWORD PTR 56[esp],ebx
+ lea ebx,DWORD PTR 2400959708[ebp*1+ebx]
+ mov ebp,edi
add ebx,eax
- ; 40_59 47
+ and ebp,esi
mov eax,DWORD PTR 60[esp]
- mov ebp,DWORD PTR 4[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 28[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 48[esp]
- xor eax,ebp
- mov ebp,ecx
+ add ebx,ebp
+ ; 40_59 47
+ mov ebp,edx
+ xor eax,DWORD PTR 4[esp]
+ xor ebp,edi
+ xor eax,DWORD PTR 28[esp]
+ and ebp,ecx
+ xor eax,DWORD PTR 48[esp]
rol eax,1
- or ebp,edx
- mov DWORD PTR 60[esp],eax
- and ebp,edi
- lea eax,DWORD PTR 2400959708[esi*1+eax]
- mov esi,ecx
+ add ebp,esi
ror ecx,2
- and esi,edx
- or ebp,esi
mov esi,ebx
rol esi,5
- add eax,ebp
+ mov DWORD PTR 60[esp],eax
+ lea eax,DWORD PTR 2400959708[ebp*1+eax]
+ mov ebp,edx
add eax,esi
- ; 40_59 48
+ and ebp,edi
mov esi,DWORD PTR [esp]
- mov ebp,DWORD PTR 8[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 32[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 52[esp]
- xor esi,ebp
- mov ebp,ebx
+ add eax,ebp
+ ; 40_59 48
+ mov ebp,ecx
+ xor esi,DWORD PTR 8[esp]
+ xor ebp,edx
+ xor esi,DWORD PTR 32[esp]
+ and ebp,ebx
+ xor esi,DWORD PTR 52[esp]
rol esi,1
- or ebp,ecx
- mov DWORD PTR [esp],esi
- and ebp,edx
- lea esi,DWORD PTR 2400959708[edi*1+esi]
- mov edi,ebx
+ add ebp,edi
ror ebx,2
- and edi,ecx
- or ebp,edi
mov edi,eax
rol edi,5
- add esi,ebp
+ mov DWORD PTR [esp],esi
+ lea esi,DWORD PTR 2400959708[ebp*1+esi]
+ mov ebp,ecx
add esi,edi
- ; 40_59 49
+ and ebp,edx
mov edi,DWORD PTR 4[esp]
- mov ebp,DWORD PTR 12[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 36[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 56[esp]
- xor edi,ebp
- mov ebp,eax
+ add esi,ebp
+ ; 40_59 49
+ mov ebp,ebx
+ xor edi,DWORD PTR 12[esp]
+ xor ebp,ecx
+ xor edi,DWORD PTR 36[esp]
+ and ebp,eax
+ xor edi,DWORD PTR 56[esp]
rol edi,1
- or ebp,ebx
- mov DWORD PTR 4[esp],edi
- and ebp,ecx
- lea edi,DWORD PTR 2400959708[edx*1+edi]
- mov edx,eax
+ add ebp,edx
ror eax,2
- and edx,ebx
- or ebp,edx
mov edx,esi
rol edx,5
- add edi,ebp
+ mov DWORD PTR 4[esp],edi
+ lea edi,DWORD PTR 2400959708[ebp*1+edi]
+ mov ebp,ebx
add edi,edx
- ; 40_59 50
+ and ebp,ecx
mov edx,DWORD PTR 8[esp]
- mov ebp,DWORD PTR 16[esp]
- xor edx,ebp
- mov ebp,DWORD PTR 40[esp]
- xor edx,ebp
- mov ebp,DWORD PTR 60[esp]
- xor edx,ebp
- mov ebp,esi
+ add edi,ebp
+ ; 40_59 50
+ mov ebp,eax
+ xor edx,DWORD PTR 16[esp]
+ xor ebp,ebx
+ xor edx,DWORD PTR 40[esp]
+ and ebp,esi
+ xor edx,DWORD PTR 60[esp]
rol edx,1
- or ebp,eax
- mov DWORD PTR 8[esp],edx
- and ebp,ebx
- lea edx,DWORD PTR 2400959708[ecx*1+edx]
- mov ecx,esi
+ add ebp,ecx
ror esi,2
- and ecx,eax
- or ebp,ecx
mov ecx,edi
rol ecx,5
- add edx,ebp
+ mov DWORD PTR 8[esp],edx
+ lea edx,DWORD PTR 2400959708[ebp*1+edx]
+ mov ebp,eax
add edx,ecx
- ; 40_59 51
+ and ebp,ebx
mov ecx,DWORD PTR 12[esp]
- mov ebp,DWORD PTR 20[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR 44[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR [esp]
- xor ecx,ebp
- mov ebp,edi
+ add edx,ebp
+ ; 40_59 51
+ mov ebp,esi
+ xor ecx,DWORD PTR 20[esp]
+ xor ebp,eax
+ xor ecx,DWORD PTR 44[esp]
+ and ebp,edi
+ xor ecx,DWORD PTR [esp]
rol ecx,1
- or ebp,esi
- mov DWORD PTR 12[esp],ecx
- and ebp,eax
- lea ecx,DWORD PTR 2400959708[ebx*1+ecx]
- mov ebx,edi
+ add ebp,ebx
ror edi,2
- and ebx,esi
- or ebp,ebx
mov ebx,edx
rol ebx,5
- add ecx,ebp
+ mov DWORD PTR 12[esp],ecx
+ lea ecx,DWORD PTR 2400959708[ebp*1+ecx]
+ mov ebp,esi
add ecx,ebx
- ; 40_59 52
+ and ebp,eax
mov ebx,DWORD PTR 16[esp]
- mov ebp,DWORD PTR 24[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 48[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 4[esp]
- xor ebx,ebp
- mov ebp,edx
+ add ecx,ebp
+ ; 40_59 52
+ mov ebp,edi
+ xor ebx,DWORD PTR 24[esp]
+ xor ebp,esi
+ xor ebx,DWORD PTR 48[esp]
+ and ebp,edx
+ xor ebx,DWORD PTR 4[esp]
rol ebx,1
- or ebp,edi
- mov DWORD PTR 16[esp],ebx
- and ebp,esi
- lea ebx,DWORD PTR 2400959708[eax*1+ebx]
- mov eax,edx
+ add ebp,eax
ror edx,2
- and eax,edi
- or ebp,eax
mov eax,ecx
rol eax,5
- add ebx,ebp
+ mov DWORD PTR 16[esp],ebx
+ lea ebx,DWORD PTR 2400959708[ebp*1+ebx]
+ mov ebp,edi
add ebx,eax
- ; 40_59 53
+ and ebp,esi
mov eax,DWORD PTR 20[esp]
- mov ebp,DWORD PTR 28[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 52[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 8[esp]
- xor eax,ebp
- mov ebp,ecx
+ add ebx,ebp
+ ; 40_59 53
+ mov ebp,edx
+ xor eax,DWORD PTR 28[esp]
+ xor ebp,edi
+ xor eax,DWORD PTR 52[esp]
+ and ebp,ecx
+ xor eax,DWORD PTR 8[esp]
rol eax,1
- or ebp,edx
- mov DWORD PTR 20[esp],eax
- and ebp,edi
- lea eax,DWORD PTR 2400959708[esi*1+eax]
- mov esi,ecx
+ add ebp,esi
ror ecx,2
- and esi,edx
- or ebp,esi
mov esi,ebx
rol esi,5
- add eax,ebp
+ mov DWORD PTR 20[esp],eax
+ lea eax,DWORD PTR 2400959708[ebp*1+eax]
+ mov ebp,edx
add eax,esi
- ; 40_59 54
+ and ebp,edi
mov esi,DWORD PTR 24[esp]
- mov ebp,DWORD PTR 32[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 56[esp]
- xor esi,ebp
- mov ebp,DWORD PTR 12[esp]
- xor esi,ebp
- mov ebp,ebx
+ add eax,ebp
+ ; 40_59 54
+ mov ebp,ecx
+ xor esi,DWORD PTR 32[esp]
+ xor ebp,edx
+ xor esi,DWORD PTR 56[esp]
+ and ebp,ebx
+ xor esi,DWORD PTR 12[esp]
rol esi,1
- or ebp,ecx
- mov DWORD PTR 24[esp],esi
- and ebp,edx
- lea esi,DWORD PTR 2400959708[edi*1+esi]
- mov edi,ebx
+ add ebp,edi
ror ebx,2
- and edi,ecx
- or ebp,edi
mov edi,eax
rol edi,5
- add esi,ebp
+ mov DWORD PTR 24[esp],esi
+ lea esi,DWORD PTR 2400959708[ebp*1+esi]
+ mov ebp,ecx
add esi,edi
- ; 40_59 55
+ and ebp,edx
mov edi,DWORD PTR 28[esp]
- mov ebp,DWORD PTR 36[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 60[esp]
- xor edi,ebp
- mov ebp,DWORD PTR 16[esp]
- xor edi,ebp
- mov ebp,eax
+ add esi,ebp
+ ; 40_59 55
+ mov ebp,ebx
+ xor edi,DWORD PTR 36[esp]
+ xor ebp,ecx
+ xor edi,DWORD PTR 60[esp]
+ and ebp,eax
+ xor edi,DWORD PTR 16[esp]
rol edi,1
- or ebp,ebx
- mov DWORD PTR 28[esp],edi
- and ebp,ecx
- lea edi,DWORD PTR 2400959708[edx*1+edi]
- mov edx,eax
+ add ebp,edx
ror eax,2
- and edx,ebx
- or ebp,edx
mov edx,esi
rol edx,5
- add edi,ebp
+ mov DWORD PTR 28[esp],edi
+ lea edi,DWORD PTR 2400959708[ebp*1+edi]
+ mov ebp,ebx
add edi,edx
- ; 40_59 56
+ and ebp,ecx
mov edx,DWORD PTR 32[esp]
- mov ebp,DWORD PTR 40[esp]
- xor edx,ebp
- mov ebp,DWORD PTR [esp]
- xor edx,ebp
- mov ebp,DWORD PTR 20[esp]
- xor edx,ebp
- mov ebp,esi
+ add edi,ebp
+ ; 40_59 56
+ mov ebp,eax
+ xor edx,DWORD PTR 40[esp]
+ xor ebp,ebx
+ xor edx,DWORD PTR [esp]
+ and ebp,esi
+ xor edx,DWORD PTR 20[esp]
rol edx,1
- or ebp,eax
- mov DWORD PTR 32[esp],edx
- and ebp,ebx
- lea edx,DWORD PTR 2400959708[ecx*1+edx]
- mov ecx,esi
+ add ebp,ecx
ror esi,2
- and ecx,eax
- or ebp,ecx
mov ecx,edi
rol ecx,5
- add edx,ebp
+ mov DWORD PTR 32[esp],edx
+ lea edx,DWORD PTR 2400959708[ebp*1+edx]
+ mov ebp,eax
add edx,ecx
- ; 40_59 57
+ and ebp,ebx
mov ecx,DWORD PTR 36[esp]
- mov ebp,DWORD PTR 44[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR 4[esp]
- xor ecx,ebp
- mov ebp,DWORD PTR 24[esp]
- xor ecx,ebp
- mov ebp,edi
+ add edx,ebp
+ ; 40_59 57
+ mov ebp,esi
+ xor ecx,DWORD PTR 44[esp]
+ xor ebp,eax
+ xor ecx,DWORD PTR 4[esp]
+ and ebp,edi
+ xor ecx,DWORD PTR 24[esp]
rol ecx,1
- or ebp,esi
- mov DWORD PTR 36[esp],ecx
- and ebp,eax
- lea ecx,DWORD PTR 2400959708[ebx*1+ecx]
- mov ebx,edi
+ add ebp,ebx
ror edi,2
- and ebx,esi
- or ebp,ebx
mov ebx,edx
rol ebx,5
- add ecx,ebp
+ mov DWORD PTR 36[esp],ecx
+ lea ecx,DWORD PTR 2400959708[ebp*1+ecx]
+ mov ebp,esi
add ecx,ebx
- ; 40_59 58
+ and ebp,eax
mov ebx,DWORD PTR 40[esp]
- mov ebp,DWORD PTR 48[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 8[esp]
- xor ebx,ebp
- mov ebp,DWORD PTR 28[esp]
- xor ebx,ebp
- mov ebp,edx
+ add ecx,ebp
+ ; 40_59 58
+ mov ebp,edi
+ xor ebx,DWORD PTR 48[esp]
+ xor ebp,esi
+ xor ebx,DWORD PTR 8[esp]
+ and ebp,edx
+ xor ebx,DWORD PTR 28[esp]
rol ebx,1
- or ebp,edi
- mov DWORD PTR 40[esp],ebx
- and ebp,esi
- lea ebx,DWORD PTR 2400959708[eax*1+ebx]
- mov eax,edx
+ add ebp,eax
ror edx,2
- and eax,edi
- or ebp,eax
mov eax,ecx
rol eax,5
- add ebx,ebp
+ mov DWORD PTR 40[esp],ebx
+ lea ebx,DWORD PTR 2400959708[ebp*1+ebx]
+ mov ebp,edi
add ebx,eax
- ; 40_59 59
+ and ebp,esi
mov eax,DWORD PTR 44[esp]
- mov ebp,DWORD PTR 52[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 12[esp]
- xor eax,ebp
- mov ebp,DWORD PTR 32[esp]
- xor eax,ebp
- mov ebp,ecx
+ add ebx,ebp
+ ; 40_59 59
+ mov ebp,edx
+ xor eax,DWORD PTR 52[esp]
+ xor ebp,edi
+ xor eax,DWORD PTR 12[esp]
+ and ebp,ecx
+ xor eax,DWORD PTR 32[esp]
rol eax,1
- or ebp,edx
- mov DWORD PTR 44[esp],eax
- and ebp,edi
- lea eax,DWORD PTR 2400959708[esi*1+eax]
- mov esi,ecx
+ add ebp,esi
ror ecx,2
- and esi,edx
- or ebp,esi
mov esi,ebx
rol esi,5
- add eax,ebp
+ mov DWORD PTR 44[esp],eax
+ lea eax,DWORD PTR 2400959708[ebp*1+eax]
+ mov ebp,edx
add eax,esi
+ and ebp,edi
+ mov esi,DWORD PTR 48[esp]
+ add eax,ebp
; 20_39 60
mov ebp,ebx
- mov esi,DWORD PTR 48[esp]
- ror ebx,2
xor esi,DWORD PTR 56[esp]
xor ebp,ecx
xor esi,DWORD PTR 16[esp]
xor ebp,edx
xor esi,DWORD PTR 36[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 48[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 3395469782[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 3395469782[edi*1+esi]
+ mov edi,DWORD PTR 52[esp]
+ add esi,ebp
; 20_39 61
mov ebp,eax
- mov edi,DWORD PTR 52[esp]
- ror eax,2
xor edi,DWORD PTR 60[esp]
xor ebp,ebx
xor edi,DWORD PTR 20[esp]
xor ebp,ecx
xor edi,DWORD PTR 40[esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 52[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 3395469782[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 3395469782[edx*1+edi]
+ mov edx,DWORD PTR 56[esp]
+ add edi,ebp
; 20_39 62
mov ebp,esi
- mov edx,DWORD PTR 56[esp]
- ror esi,2
xor edx,DWORD PTR [esp]
xor ebp,eax
xor edx,DWORD PTR 24[esp]
xor ebp,ebx
xor edx,DWORD PTR 44[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 56[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 3395469782[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 3395469782[ecx*1+edx]
+ mov ecx,DWORD PTR 60[esp]
+ add edx,ebp
; 20_39 63
mov ebp,edi
- mov ecx,DWORD PTR 60[esp]
- ror edi,2
xor ecx,DWORD PTR 4[esp]
xor ebp,esi
xor ecx,DWORD PTR 28[esp]
xor ebp,eax
xor ecx,DWORD PTR 48[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 60[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 3395469782[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 3395469782[ebx*1+ecx]
+ mov ebx,DWORD PTR [esp]
+ add ecx,ebp
; 20_39 64
mov ebp,edx
- mov ebx,DWORD PTR [esp]
- ror edx,2
xor ebx,DWORD PTR 8[esp]
xor ebp,edi
xor ebx,DWORD PTR 32[esp]
xor ebp,esi
xor ebx,DWORD PTR 52[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR [esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 3395469782[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 3395469782[eax*1+ebx]
+ mov eax,DWORD PTR 4[esp]
+ add ebx,ebp
; 20_39 65
mov ebp,ecx
- mov eax,DWORD PTR 4[esp]
- ror ecx,2
xor eax,DWORD PTR 12[esp]
xor ebp,edx
xor eax,DWORD PTR 36[esp]
xor ebp,edi
xor eax,DWORD PTR 56[esp]
rol eax,1
- add ebp,esi
+ add esi,ebp
+ ror ecx,2
+ mov ebp,ebx
+ rol ebp,5
mov DWORD PTR 4[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 3395469782[ebp*1+eax]
- add eax,esi
+ lea eax,DWORD PTR 3395469782[esi*1+eax]
+ mov esi,DWORD PTR 8[esp]
+ add eax,ebp
; 20_39 66
mov ebp,ebx
- mov esi,DWORD PTR 8[esp]
- ror ebx,2
xor esi,DWORD PTR 16[esp]
xor ebp,ecx
xor esi,DWORD PTR 40[esp]
xor ebp,edx
xor esi,DWORD PTR 60[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 8[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 3395469782[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 3395469782[edi*1+esi]
+ mov edi,DWORD PTR 12[esp]
+ add esi,ebp
; 20_39 67
mov ebp,eax
- mov edi,DWORD PTR 12[esp]
- ror eax,2
xor edi,DWORD PTR 20[esp]
xor ebp,ebx
xor edi,DWORD PTR 44[esp]
xor ebp,ecx
xor edi,DWORD PTR [esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 12[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 3395469782[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 3395469782[edx*1+edi]
+ mov edx,DWORD PTR 16[esp]
+ add edi,ebp
; 20_39 68
mov ebp,esi
- mov edx,DWORD PTR 16[esp]
- ror esi,2
xor edx,DWORD PTR 24[esp]
xor ebp,eax
xor edx,DWORD PTR 48[esp]
xor ebp,ebx
xor edx,DWORD PTR 4[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 16[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 3395469782[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 3395469782[ecx*1+edx]
+ mov ecx,DWORD PTR 20[esp]
+ add edx,ebp
; 20_39 69
mov ebp,edi
- mov ecx,DWORD PTR 20[esp]
- ror edi,2
xor ecx,DWORD PTR 28[esp]
xor ebp,esi
xor ecx,DWORD PTR 52[esp]
xor ebp,eax
xor ecx,DWORD PTR 8[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 20[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 3395469782[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 3395469782[ebx*1+ecx]
+ mov ebx,DWORD PTR 24[esp]
+ add ecx,ebp
; 20_39 70
mov ebp,edx
- mov ebx,DWORD PTR 24[esp]
- ror edx,2
xor ebx,DWORD PTR 32[esp]
xor ebp,edi
xor ebx,DWORD PTR 56[esp]
xor ebp,esi
xor ebx,DWORD PTR 12[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR 24[esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 3395469782[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 3395469782[eax*1+ebx]
+ mov eax,DWORD PTR 28[esp]
+ add ebx,ebp
; 20_39 71
mov ebp,ecx
- mov eax,DWORD PTR 28[esp]
- ror ecx,2
xor eax,DWORD PTR 36[esp]
xor ebp,edx
xor eax,DWORD PTR 60[esp]
xor ebp,edi
xor eax,DWORD PTR 16[esp]
rol eax,1
- add ebp,esi
+ add esi,ebp
+ ror ecx,2
+ mov ebp,ebx
+ rol ebp,5
mov DWORD PTR 28[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 3395469782[ebp*1+eax]
- add eax,esi
+ lea eax,DWORD PTR 3395469782[esi*1+eax]
+ mov esi,DWORD PTR 32[esp]
+ add eax,ebp
; 20_39 72
mov ebp,ebx
- mov esi,DWORD PTR 32[esp]
- ror ebx,2
xor esi,DWORD PTR 40[esp]
xor ebp,ecx
xor esi,DWORD PTR [esp]
xor ebp,edx
xor esi,DWORD PTR 20[esp]
rol esi,1
- add ebp,edi
+ add edi,ebp
+ ror ebx,2
+ mov ebp,eax
+ rol ebp,5
mov DWORD PTR 32[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 3395469782[ebp*1+esi]
- add esi,edi
+ lea esi,DWORD PTR 3395469782[edi*1+esi]
+ mov edi,DWORD PTR 36[esp]
+ add esi,ebp
; 20_39 73
mov ebp,eax
- mov edi,DWORD PTR 36[esp]
- ror eax,2
xor edi,DWORD PTR 44[esp]
xor ebp,ebx
xor edi,DWORD PTR 4[esp]
xor ebp,ecx
xor edi,DWORD PTR 24[esp]
rol edi,1
- add ebp,edx
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
mov DWORD PTR 36[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 3395469782[ebp*1+edi]
- add edi,edx
+ lea edi,DWORD PTR 3395469782[edx*1+edi]
+ mov edx,DWORD PTR 40[esp]
+ add edi,ebp
; 20_39 74
mov ebp,esi
- mov edx,DWORD PTR 40[esp]
- ror esi,2
xor edx,DWORD PTR 48[esp]
xor ebp,eax
xor edx,DWORD PTR 8[esp]
xor ebp,ebx
xor edx,DWORD PTR 28[esp]
rol edx,1
- add ebp,ecx
+ add ecx,ebp
+ ror esi,2
+ mov ebp,edi
+ rol ebp,5
mov DWORD PTR 40[esp],edx
- mov ecx,edi
- rol ecx,5
- lea edx,DWORD PTR 3395469782[ebp*1+edx]
- add edx,ecx
+ lea edx,DWORD PTR 3395469782[ecx*1+edx]
+ mov ecx,DWORD PTR 44[esp]
+ add edx,ebp
; 20_39 75
mov ebp,edi
- mov ecx,DWORD PTR 44[esp]
- ror edi,2
xor ecx,DWORD PTR 52[esp]
xor ebp,esi
xor ecx,DWORD PTR 12[esp]
xor ebp,eax
xor ecx,DWORD PTR 32[esp]
rol ecx,1
- add ebp,ebx
+ add ebx,ebp
+ ror edi,2
+ mov ebp,edx
+ rol ebp,5
mov DWORD PTR 44[esp],ecx
- mov ebx,edx
- rol ebx,5
- lea ecx,DWORD PTR 3395469782[ebp*1+ecx]
- add ecx,ebx
+ lea ecx,DWORD PTR 3395469782[ebx*1+ecx]
+ mov ebx,DWORD PTR 48[esp]
+ add ecx,ebp
; 20_39 76
mov ebp,edx
- mov ebx,DWORD PTR 48[esp]
- ror edx,2
xor ebx,DWORD PTR 56[esp]
xor ebp,edi
xor ebx,DWORD PTR 16[esp]
xor ebp,esi
xor ebx,DWORD PTR 36[esp]
rol ebx,1
- add ebp,eax
+ add eax,ebp
+ ror edx,2
+ mov ebp,ecx
+ rol ebp,5
mov DWORD PTR 48[esp],ebx
- mov eax,ecx
- rol eax,5
- lea ebx,DWORD PTR 3395469782[ebp*1+ebx]
- add ebx,eax
+ lea ebx,DWORD PTR 3395469782[eax*1+ebx]
+ mov eax,DWORD PTR 52[esp]
+ add ebx,ebp
; 20_39 77
mov ebp,ecx
- mov eax,DWORD PTR 52[esp]
- ror ecx,2
xor eax,DWORD PTR 60[esp]
xor ebp,edx
xor eax,DWORD PTR 20[esp]
xor ebp,edi
xor eax,DWORD PTR 40[esp]
rol eax,1
- add ebp,esi
- mov DWORD PTR 52[esp],eax
- mov esi,ebx
- rol esi,5
- lea eax,DWORD PTR 3395469782[ebp*1+eax]
- add eax,esi
- ; 20_39 78
+ add esi,ebp
+ ror ecx,2
mov ebp,ebx
+ rol ebp,5
+ lea eax,DWORD PTR 3395469782[esi*1+eax]
mov esi,DWORD PTR 56[esp]
- ror ebx,2
+ add eax,ebp
+ ; 20_39 78
+ mov ebp,ebx
xor esi,DWORD PTR [esp]
xor ebp,ecx
xor esi,DWORD PTR 24[esp]
xor ebp,edx
xor esi,DWORD PTR 44[esp]
rol esi,1
- add ebp,edi
- mov DWORD PTR 56[esp],esi
- mov edi,eax
- rol edi,5
- lea esi,DWORD PTR 3395469782[ebp*1+esi]
- add esi,edi
- ; 20_39 79
+ add edi,ebp
+ ror ebx,2
mov ebp,eax
+ rol ebp,5
+ lea esi,DWORD PTR 3395469782[edi*1+esi]
mov edi,DWORD PTR 60[esp]
- ror eax,2
+ add esi,ebp
+ ; 20_39 79
+ mov ebp,eax
xor edi,DWORD PTR 4[esp]
xor ebp,ebx
xor edi,DWORD PTR 28[esp]
xor ebp,ecx
xor edi,DWORD PTR 48[esp]
rol edi,1
- add ebp,edx
- mov DWORD PTR 60[esp],edi
- mov edx,esi
- rol edx,5
- lea edi,DWORD PTR 3395469782[ebp*1+edi]
- add edi,edx
- mov ebp,DWORD PTR 84[esp]
- mov edx,DWORD PTR 88[esp]
+ add edx,ebp
+ ror eax,2
+ mov ebp,esi
+ rol ebp,5
+ lea edi,DWORD PTR 3395469782[edx*1+edi]
+ add edi,ebp
+ mov ebp,DWORD PTR 96[esp]
+ mov edx,DWORD PTR 100[esp]
add edi,DWORD PTR [ebp]
add esi,DWORD PTR 4[ebp]
add eax,DWORD PTR 8[ebp]
@@ -1430,14 +1368,14 @@ $L000loop:
mov DWORD PTR [ebp],edi
add edx,64
mov DWORD PTR 4[ebp],esi
- cmp edx,DWORD PTR 92[esp]
+ cmp edx,DWORD PTR 104[esp]
mov DWORD PTR 8[ebp],eax
mov edi,ecx
mov DWORD PTR 12[ebp],ebx
mov esi,edx
mov DWORD PTR 16[ebp],ecx
jb $L000loop
- add esp,64
+ add esp,76
pop edi
pop esi
pop ebx
diff --git a/deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm b/deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm
index 75b1dc8ac..577c38ffa 100644
--- a/deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm
@@ -2,7 +2,7 @@ TITLE sha512-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
@@ -104,31 +104,30 @@ ALIGN 16
$L00300_15:
mov ebx,DWORD PTR 92[esp]
mov ecx,edx
- ror ecx,6
- mov edi,edx
- ror edi,11
+ ror ecx,14
mov esi,DWORD PTR 20[esp]
- xor ecx,edi
- ror edi,14
- xor ecx,edi
+ xor ecx,edx
+ ror ecx,5
+ xor ecx,edx
+ ror ecx,6
mov edi,DWORD PTR 24[esp]
add ebx,ecx
- mov DWORD PTR 16[esp],edx
xor esi,edi
+ mov DWORD PTR 16[esp],edx
mov ecx,eax
and esi,edx
mov edx,DWORD PTR 12[esp]
xor esi,edi
mov edi,eax
add ebx,esi
- ror ecx,2
+ ror ecx,9
add ebx,DWORD PTR 28[esp]
- ror edi,13
+ xor ecx,eax
+ ror ecx,11
mov esi,DWORD PTR 4[esp]
- xor ecx,edi
- ror edi,9
+ xor ecx,eax
+ ror ecx,2
add edx,ebx
- xor ecx,edi
mov edi,DWORD PTR 8[esp]
add ebx,ecx
mov DWORD PTR [esp],eax
@@ -150,48 +149,46 @@ ALIGN 16
$L00416_63:
mov esi,ebx
mov ecx,DWORD PTR 100[esp]
- shr ebx,3
- ror esi,7
- xor ebx,esi
ror esi,11
mov edi,ecx
+ xor esi,ebx
+ ror esi,7
+ shr ebx,3
+ ror edi,2
xor ebx,esi
- shr ecx,10
- mov esi,DWORD PTR 156[esp]
+ xor edi,ecx
ror edi,17
- xor ecx,edi
- ror edi,2
- add ebx,esi
+ shr ecx,10
+ add ebx,DWORD PTR 156[esp]
xor edi,ecx
- add ebx,edi
- mov ecx,edx
add ebx,DWORD PTR 120[esp]
- ror ecx,6
- mov edi,edx
- ror edi,11
+ mov ecx,edx
+ add ebx,edi
+ ror ecx,14
mov esi,DWORD PTR 20[esp]
- xor ecx,edi
- ror edi,14
+ xor ecx,edx
+ ror ecx,5
mov DWORD PTR 92[esp],ebx
- xor ecx,edi
+ xor ecx,edx
+ ror ecx,6
mov edi,DWORD PTR 24[esp]
add ebx,ecx
- mov DWORD PTR 16[esp],edx
xor esi,edi
+ mov DWORD PTR 16[esp],edx
mov ecx,eax
and esi,edx
mov edx,DWORD PTR 12[esp]
xor esi,edi
mov edi,eax
add ebx,esi
- ror ecx,2
+ ror ecx,9
add ebx,DWORD PTR 28[esp]
- ror edi,13
+ xor ecx,eax
+ ror ecx,11
mov esi,DWORD PTR 4[esp]
- xor ecx,edi
- ror edi,9
+ xor ecx,eax
+ ror ecx,2
add edx,ebx
- xor ecx,edi
mov edi,DWORD PTR 8[esp]
add ebx,ecx
mov DWORD PTR [esp],eax
diff --git a/deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm b/deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm
index 9f3249762..98c1c070d 100644
--- a/deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm
+++ b/deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm
@@ -2,7 +2,7 @@ TITLE sha512-586.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
diff --git a/deps/openssl/asm/x86-win32-masm/x86cpuid.asm b/deps/openssl/asm/x86-win32-masm/x86cpuid.asm
index 7e663d664..b9b1c2584 100644
--- a/deps/openssl/asm/x86-win32-masm/x86cpuid.asm
+++ b/deps/openssl/asm/x86-win32-masm/x86cpuid.asm
@@ -2,7 +2,7 @@ TITLE x86cpuid.asm
IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF @Version LT 800
@@ -27,9 +27,9 @@ $L_OPENSSL_ia32_cpuid_begin::
pushfd
pop eax
xor ecx,eax
- bt ecx,21
- jnc $L000done
xor eax,eax
+ bt ecx,21
+ jnc $L000nocpuid
cpuid
mov edi,eax
xor eax,eax
@@ -55,7 +55,14 @@ $L_OPENSSL_ia32_cpuid_begin::
jnz $L001intel
mov eax,2147483648
cpuid
- cmp eax,2147483656
+ cmp eax,2147483649
+ jb $L001intel
+ mov esi,eax
+ mov eax,2147483649
+ cpuid
+ or ebp,ecx
+ and ebp,2049
+ cmp esi,2147483656
jb $L001intel
mov eax,2147483656
cpuid
@@ -64,46 +71,68 @@ $L_OPENSSL_ia32_cpuid_begin::
mov eax,1
cpuid
bt edx,28
- jnc $L000done
+ jnc $L002generic
shr ebx,16
and ebx,255
cmp ebx,esi
- ja $L000done
+ ja $L002generic
and edx,4026531839
- jmp $L000done
+ jmp $L002generic
$L001intel:
cmp edi,4
mov edi,-1
- jb $L002nocacheinfo
+ jb $L003nocacheinfo
mov eax,4
mov ecx,0
cpuid
mov edi,eax
shr edi,14
and edi,4095
-$L002nocacheinfo:
+$L003nocacheinfo:
mov eax,1
cpuid
+ and edx,3220176895
cmp ebp,0
- jne $L003notP4
+ jne $L004notintel
+ or edx,1073741824
and ah,15
cmp ah,15
- jne $L003notP4
+ jne $L004notintel
or edx,1048576
-$L003notP4:
+$L004notintel:
bt edx,28
- jnc $L000done
+ jnc $L002generic
and edx,4026531839
cmp edi,0
- je $L000done
+ je $L002generic
or edx,268435456
shr ebx,16
cmp bl,1
- ja $L000done
+ ja $L002generic
and edx,4026531839
-$L000done:
- mov eax,edx
- mov edx,ecx
+$L002generic:
+ and ebp,2048
+ and ecx,4294965247
+ mov esi,edx
+ or ebp,ecx
+ bt ecx,27
+ jnc $L005clear_avx
+ xor ecx,ecx
+DB 15,1,208
+ and eax,6
+ cmp eax,6
+ je $L006done
+ cmp eax,2
+ je $L005clear_avx
+$L007clear_xmm:
+ and ebp,4261412861
+ and esi,4278190079
+$L005clear_avx:
+ and ebp,4026525695
+$L006done:
+ mov eax,esi
+ mov edx,ebp
+$L000nocpuid:
pop edi
pop esi
pop ebx
@@ -118,9 +147,9 @@ $L_OPENSSL_rdtsc_begin::
xor edx,edx
lea ecx,DWORD PTR _OPENSSL_ia32cap_P
bt DWORD PTR [ecx],4
- jnc $L004notsc
+ jnc $L008notsc
rdtsc
-$L004notsc:
+$L008notsc:
ret
_OPENSSL_rdtsc ENDP
ALIGN 16
@@ -128,14 +157,14 @@ _OPENSSL_instrument_halt PROC PUBLIC
$L_OPENSSL_instrument_halt_begin::
lea ecx,DWORD PTR _OPENSSL_ia32cap_P
bt DWORD PTR [ecx],4
- jnc $L005nohalt
+ jnc $L009nohalt
DD 2421723150
and eax,3
- jnz $L005nohalt
+ jnz $L009nohalt
pushfd
pop eax
bt eax,9
- jnc $L005nohalt
+ jnc $L009nohalt
rdtsc
push edx
push eax
@@ -145,7 +174,7 @@ DD 2421723150
sbb edx,DWORD PTR 4[esp]
add esp,8
ret
-$L005nohalt:
+$L009nohalt:
xor eax,eax
xor edx,edx
ret
@@ -156,21 +185,21 @@ $L_OPENSSL_far_spin_begin::
pushfd
pop eax
bt eax,9
- jnc $L006nospin
+ jnc $L010nospin
mov eax,DWORD PTR 4[esp]
mov ecx,DWORD PTR 8[esp]
DD 2430111262
xor eax,eax
mov edx,DWORD PTR [ecx]
- jmp $L007spin
+ jmp $L011spin
ALIGN 16
-$L007spin:
+$L011spin:
inc eax
cmp edx,DWORD PTR [ecx]
- je $L007spin
+ je $L011spin
DD 529567888
ret
-$L006nospin:
+$L010nospin:
xor eax,eax
xor edx,edx
ret
@@ -183,9 +212,9 @@ $L_OPENSSL_wipe_cpu_begin::
lea ecx,DWORD PTR _OPENSSL_ia32cap_P
mov ecx,DWORD PTR [ecx]
bt DWORD PTR [ecx],1
- jnc $L008no_x87
+ jnc $L012no_x87
DD 4007259865,4007259865,4007259865,4007259865,2430851995
-$L008no_x87:
+$L012no_x87:
lea eax,DWORD PTR 4[esp]
ret
_OPENSSL_wipe_cpu ENDP
@@ -197,11 +226,11 @@ $L_OPENSSL_atomic_add_begin::
push ebx
nop
mov eax,DWORD PTR [edx]
-$L009spin:
+$L013spin:
lea ebx,DWORD PTR [ecx*1+eax]
nop
DD 447811568
- jne $L009spin
+ jne $L013spin
mov eax,ebx
pop ebx
ret
@@ -238,37 +267,50 @@ $L_OPENSSL_cleanse_begin::
mov ecx,DWORD PTR 8[esp]
xor eax,eax
cmp ecx,7
- jae $L010lot
+ jae $L014lot
cmp ecx,0
- je $L011ret
-$L012little:
+ je $L015ret
+$L016little:
mov BYTE PTR [edx],al
sub ecx,1
lea edx,DWORD PTR 1[edx]
- jnz $L012little
-$L011ret:
+ jnz $L016little
+$L015ret:
ret
ALIGN 16
-$L010lot:
+$L014lot:
test edx,3
- jz $L013aligned
+ jz $L017aligned
mov BYTE PTR [edx],al
lea ecx,DWORD PTR [ecx-1]
lea edx,DWORD PTR 1[edx]
- jmp $L010lot
-$L013aligned:
+ jmp $L014lot
+$L017aligned:
mov DWORD PTR [edx],eax
lea ecx,DWORD PTR [ecx-4]
test ecx,-4
lea edx,DWORD PTR 4[edx]
- jnz $L013aligned
+ jnz $L017aligned
cmp ecx,0
- jne $L012little
+ jne $L016little
ret
_OPENSSL_cleanse ENDP
+ALIGN 16
+_OPENSSL_ia32_rdrand PROC PUBLIC
+$L_OPENSSL_ia32_rdrand_begin::
+ mov ecx,8
+$L018loop:
+DB 15,199,240
+ jc $L019break
+ loop $L018loop
+$L019break:
+ cmp eax,0
+ cmove eax,ecx
+ ret
+_OPENSSL_ia32_rdrand ENDP
.text$ ENDS
.bss SEGMENT 'BSS'
-COMM _OPENSSL_ia32cap_P:DWORD
+COMM _OPENSSL_ia32cap_P:QWORD
.bss ENDS
.CRT$XCU SEGMENT DWORD PUBLIC 'DATA'
EXTERN _OPENSSL_cpuid_setup:NEAR
diff --git a/deps/openssl/config/android/openssl/opensslconf.h b/deps/openssl/config/android/openssl/opensslconf.h
deleted file mode 100644
index 9280eb286..000000000
--- a/deps/openssl/config/android/openssl/opensslconf.h
+++ /dev/null
@@ -1,253 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_IDEA
-# define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
-#endif
-#ifndef OPENSSL_NO_SHA0
-# define OPENSSL_NO_SHA0
-#endif
-#ifndef OPENSSL_NO_WHRLPOOL
-# define OPENSSL_NO_WHRLPOOL
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST)
-# define NO_CAST
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
-# define NO_IDEA
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
-# define NO_MD2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
-# endif
-# if defined(OPENSSL_NO_SHA0) && !defined(NO_SHA0)
-# define NO_SHA0
-# endif
-# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
-# define NO_STORE
-# endif
-# if defined(OPENSSL_NO_WHRLPOOL) && !defined(NO_WHRLPOOL)
-# define NO_WHRLPOOL
-# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/ssl/lib/engines"
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned char
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#define RC4_CHUNK unsigned long
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned int
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#define BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#define BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#define DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/deps/openssl/config/k8/openssl/opensslconf-posix.h b/deps/openssl/config/k8/openssl/opensslconf-posix.h
deleted file mode 100644
index 1a6058fe9..000000000
--- a/deps/openssl/config/k8/openssl/opensslconf-posix.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_FIPS
-# define OPENSSL_NO_FIPS
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_IDEA
-# define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-# define NO_CAMELLIA
-# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-# define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-# define NO_CMS
-# endif
-# if defined(OPENSSL_NO_FIPS) && !defined(NO_FIPS)
-# define NO_FIPS
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
-# define NO_IDEA
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/ssl/lib/engines"
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-#if !defined(SWIG)
-#include <unistd.h>
-#endif
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#define RC4_CHUNK unsigned long
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned int
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#define SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#undef THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#define DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/deps/openssl/config/k8/openssl/opensslconf-win32.h b/deps/openssl/config/k8/openssl/opensslconf-win32.h
deleted file mode 100644
index 8a37db987..000000000
--- a/deps/openssl/config/k8/openssl/opensslconf-win32.h
+++ /dev/null
@@ -1,262 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_SYSNAME_WIN32
-# define OPENSSL_SYSNAME_WIN32
-#endif
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_IDEA
-# define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-# define NO_CAMELLIA
-# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-# define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-# define NO_CMS
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "ssl/lib/engines"
-#define OPENSSLDIR "ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#define RC4_CHUNK unsigned long long
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned int
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#define SIXTY_FOUR_BIT
-#undef THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/deps/openssl/config/k8/openssl/opensslconf.h b/deps/openssl/config/k8/openssl/opensslconf.h
deleted file mode 100644
index 0ea58de1b..000000000
--- a/deps/openssl/config/k8/openssl/opensslconf.h
+++ /dev/null
@@ -1,5 +0,0 @@
-#ifdef WIN32
-#include "opensslconf-win32.h"
-#else
-#include "opensslconf-posix.h"
-#endif
diff --git a/deps/openssl/config/piii/openssl/opensslconf-posix.h b/deps/openssl/config/piii/openssl/opensslconf-posix.h
deleted file mode 100644
index 36e305a2e..000000000
--- a/deps/openssl/config/piii/openssl/opensslconf-posix.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_FIPS
-# define OPENSSL_NO_FIPS
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_IDEA
-# define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-# define NO_CAMELLIA
-# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-# define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-# define NO_CMS
-# endif
-# if defined(OPENSSL_NO_FIPS) && !defined(NO_FIPS)
-# define NO_FIPS
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
-# define NO_IDEA
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/ssl/lib/engines"
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-#if !defined(SWIG)
-#include <unistd.h>
-#endif
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#define BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#define RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#define DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#define DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#define DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/deps/openssl/config/piii/openssl/opensslconf-win32.h b/deps/openssl/config/piii/openssl/opensslconf-win32.h
deleted file mode 100644
index 529aec6fd..000000000
--- a/deps/openssl/config/piii/openssl/opensslconf-win32.h
+++ /dev/null
@@ -1,274 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_SYSNAME_WIN32
-# define OPENSSL_SYSNAME_WIN32
-#endif
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-
-#ifndef OPENSSL_NO_CAMELLIA
-# define OPENSSL_NO_CAMELLIA
-#endif
-#ifndef OPENSSL_NO_CAPIENG
-# define OPENSSL_NO_CAPIENG
-#endif
-#ifndef OPENSSL_NO_CMS
-# define OPENSSL_NO_CMS
-#endif
-#ifndef OPENSSL_NO_FIPS
-# define OPENSSL_NO_FIPS
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_IDEA
-# define OPENSSL_NO_IDEA
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_MDC2
-# define OPENSSL_NO_MDC2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SEED
-# define OPENSSL_NO_SEED
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
- asks for it. This is a transient feature that is provided for those
- who haven't had the time to do the appropriate changes in their
- applications. */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
-# define NO_CAMELLIA
-# endif
-# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
-# define NO_CAPIENG
-# endif
-# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
-# define NO_CMS
-# endif
-# if defined(OPENSSL_NO_FIPS) && !defined(NO_FIPS)
-# define NO_FIPS
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-# define NO_GMP
-# endif
-# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
-# define NO_IDEA
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-# define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-# define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
-# define NO_MDC2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-# define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-# define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
-# define NO_SEED
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-#ifdef OPENSSL_DOING_MAKEDEPEND
-
-/* Include any symbols here that have to be explicitly set to enable a feature
- * that should be visible to makedepend.
- *
- * [Our "make depend" doesn't actually look at this, we use actual build settings
- * instead; we want to make it easy to remove subdirectories with disabled algorithms.]
- */
-
-#ifndef OPENSSL_FIPS
-#define OPENSSL_FIPS
-#endif
-
-#endif
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "ssl/lib/engines"
-#define OPENSSLDIR "ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#define BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#define RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units. It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
- CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
- even newer MIPS CPU's, but at the moment one size fits all for
- optimization options. Older Sparc's work better with only UNROLL, but
- there's no way to tell at compile time what it is you're running on */
-
-#if defined( sun ) /* Newer Sparc's */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#elif defined( __ultrix ) /* Older MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined( __osf1__ ) /* Alpha */
-# define DES_PTR
-# define DES_RISC2
-#elif defined ( _AIX ) /* RS6000 */
- /* Unknown */
-#elif defined( __hpux ) /* HP-PA */
- /* Unknown */
-#elif defined( __aux ) /* 68K */
- /* Unknown */
-#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-# define DES_UNROLL
-#elif defined( __sgi ) /* Newer MIPS */
-# define DES_PTR
-# define DES_RISC2
-# define DES_UNROLL
-#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
-# define DES_PTR
-# define DES_RISC1
-# define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
diff --git a/deps/openssl/config/piii/openssl/opensslconf.h b/deps/openssl/config/piii/openssl/opensslconf.h
deleted file mode 100644
index 0ea58de1b..000000000
--- a/deps/openssl/config/piii/openssl/opensslconf.h
+++ /dev/null
@@ -1,5 +0,0 @@
-#ifdef WIN32
-#include "opensslconf-win32.h"
-#else
-#include "opensslconf-posix.h"
-#endif
diff --git a/deps/openssl/openssl.gyp b/deps/openssl/openssl.gyp
index dba4c8a8f..77af4de8d 100644
--- a/deps/openssl/openssl.gyp
+++ b/deps/openssl/openssl.gyp
@@ -3,27 +3,26 @@
# found in the LICENSE file.
{
+ 'variables': {
+ 'is_clang': 0,
+ 'gcc_version': 0,
+ },
+
'targets': [
{
'target_name': 'openssl',
'type': '<(library)',
'defines': [
+ # No clue what these are for.
'L_ENDIAN',
- 'OPENSSL_THREADS',
'PURIFY',
'_REENTRANT',
- # We do not use TLS over UDP on Chromium so far.
- 'OPENSSL_NO_DTLS1',
- 'OPENSSL_NO_SOCK',
- 'OPENSSL_NO_DGRAM',
- # Work around brain dead SunOS linker.
- 'OPENSSL_NO_GOST',
- 'OPENSSL_NO_HW_PADLOCK',
- 'OPENSSL_NO_CAMELLIA',
- 'OPENSSL_NO_CMS',
- 'OPENSSL_NO_MDC2',
- 'OPENSSL_NO_SEED',
- 'OPENSSL_NO_IDEA',
+
+ # Heartbeat is a TLS extension, that couldn't be turned off or
+ # asked to be not advertised. Unfortunately this is unacceptable for
+ # Microsoft's IIS, which seems to be ignoring whole ClientHello after
+ # seeing this extension.
+ 'OPENSSL_NO_HEARTBEATS',
],
'sources': [
'openssl/ssl/bio_ssl.c',
@@ -33,6 +32,7 @@
'openssl/ssl/d1_lib.c',
'openssl/ssl/d1_meth.c',
'openssl/ssl/d1_pkt.c',
+ 'openssl/ssl/d1_srtp.c',
'openssl/ssl/d1_srvr.c',
'openssl/ssl/kssl.c',
'openssl/ssl/s23_clnt.c',
@@ -53,6 +53,7 @@
'openssl/ssl/s3_meth.c',
'openssl/ssl/s3_pkt.c',
'openssl/ssl/s3_srvr.c',
+ 'openssl/ssl/s3_cbc.c',
'openssl/ssl/ssl_algs.c',
'openssl/ssl/ssl_asn1.c',
'openssl/ssl/ssl_cert.c',
@@ -70,7 +71,7 @@
'openssl/ssl/t1_meth.c',
'openssl/ssl/t1_reneg.c',
'openssl/ssl/t1_srvr.c',
-
+ 'openssl/ssl/tls_srp.c',
'openssl/crypto/aes/aes_cfb.c',
'openssl/crypto/aes/aes_ctr.c',
'openssl/crypto/aes/aes_ecb.c',
@@ -204,12 +205,35 @@
'openssl/crypto/bn/bn_sqr.c',
'openssl/crypto/bn/bn_sqrt.c',
'openssl/crypto/bn/bn_word.c',
+ 'openssl/crypto/bn/bn_x931p.c',
'openssl/crypto/buffer/buf_err.c',
+ 'openssl/crypto/buffer/buf_str.c',
'openssl/crypto/buffer/buffer.c',
+ 'openssl/crypto/camellia/cmll_cfb.c',
+ 'openssl/crypto/camellia/cmll_ctr.c',
+ 'openssl/crypto/camellia/cmll_ecb.c',
+ 'openssl/crypto/camellia/cmll_ofb.c',
+ 'openssl/crypto/camellia/cmll_utl.c',
'openssl/crypto/cast/c_cfb64.c',
'openssl/crypto/cast/c_ecb.c',
'openssl/crypto/cast/c_ofb64.c',
'openssl/crypto/cast/c_skey.c',
+ 'openssl/crypto/cmac/cm_ameth.c',
+ 'openssl/crypto/cmac/cm_pmeth.c',
+ 'openssl/crypto/cmac/cmac.c',
+ 'openssl/crypto/cms/cms_asn1.c',
+ 'openssl/crypto/cms/cms_att.c',
+ 'openssl/crypto/cms/cms_cd.c',
+ 'openssl/crypto/cms/cms_dd.c',
+ 'openssl/crypto/cms/cms_enc.c',
+ 'openssl/crypto/cms/cms_env.c',
+ 'openssl/crypto/cms/cms_err.c',
+ 'openssl/crypto/cms/cms_ess.c',
+ 'openssl/crypto/cms/cms_io.c',
+ 'openssl/crypto/cms/cms_lib.c',
+ 'openssl/crypto/cms/cms_pwri.c',
+ 'openssl/crypto/cms/cms_sd.c',
+ 'openssl/crypto/cms/cms_smime.c',
'openssl/crypto/comp/c_rle.c',
'openssl/crypto/comp/c_zlib.c',
'openssl/crypto/comp/comp_err.c',
@@ -271,15 +295,20 @@
'openssl/crypto/dsa/dsa_sign.c',
'openssl/crypto/dsa/dsa_vrf.c',
'openssl/crypto/dso/dso_beos.c',
+ 'openssl/crypto/dso/dso_dl.c',
+ 'openssl/crypto/dso/dso_dlfcn.c',
'openssl/crypto/dso/dso_err.c',
'openssl/crypto/dso/dso_lib.c',
'openssl/crypto/dso/dso_null.c',
'openssl/crypto/dso/dso_openssl.c',
+ 'openssl/crypto/dso/dso_vms.c',
+ 'openssl/crypto/dso/dso_win32.c',
'openssl/crypto/ebcdic.c',
'openssl/crypto/ec/ec2_mult.c',
+ 'openssl/crypto/ec/ec2_oct.c',
'openssl/crypto/ec/ec2_smpl.c',
- 'openssl/crypto/ec/ec_asn1.c',
'openssl/crypto/ec/ec_ameth.c',
+ 'openssl/crypto/ec/ec_asn1.c',
'openssl/crypto/ec/ec_check.c',
'openssl/crypto/ec/ec_curve.c',
'openssl/crypto/ec/ec_cvt.c',
@@ -287,11 +316,17 @@
'openssl/crypto/ec/ec_key.c',
'openssl/crypto/ec/ec_lib.c',
'openssl/crypto/ec/ec_mult.c',
+ 'openssl/crypto/ec/ec_oct.c',
'openssl/crypto/ec/ec_pmeth.c',
'openssl/crypto/ec/ec_print.c',
'openssl/crypto/ec/eck_prn.c',
'openssl/crypto/ec/ecp_mont.c',
'openssl/crypto/ec/ecp_nist.c',
+ 'openssl/crypto/ec/ecp_nistp224.c',
+ 'openssl/crypto/ec/ecp_nistp256.c',
+ 'openssl/crypto/ec/ecp_nistp521.c',
+ 'openssl/crypto/ec/ecp_nistputil.c',
+ 'openssl/crypto/ec/ecp_oct.c',
'openssl/crypto/ec/ecp_smpl.c',
'openssl/crypto/ecdh/ech_err.c',
'openssl/crypto/ecdh/ech_key.c',
@@ -315,6 +350,8 @@
'openssl/crypto/engine/eng_list.c',
'openssl/crypto/engine/eng_openssl.c',
'openssl/crypto/engine/eng_pkey.c',
+ 'openssl/crypto/engine/eng_rdrand.c',
+ 'openssl/crypto/engine/eng_rsax.c',
'openssl/crypto/engine/eng_table.c',
'openssl/crypto/engine/tb_asnmth.c',
'openssl/crypto/engine/tb_cipher.c',
@@ -339,20 +376,27 @@
'openssl/crypto/evp/c_alld.c',
'openssl/crypto/evp/digest.c',
'openssl/crypto/evp/e_aes.c',
+ 'openssl/crypto/evp/e_aes_cbc_hmac_sha1.c',
'openssl/crypto/evp/e_bf.c',
+ 'openssl/crypto/evp/e_camellia.c',
'openssl/crypto/evp/e_cast.c',
'openssl/crypto/evp/e_des.c',
'openssl/crypto/evp/e_des3.c',
+ 'openssl/crypto/evp/e_idea.c',
'openssl/crypto/evp/e_null.c',
'openssl/crypto/evp/e_old.c',
'openssl/crypto/evp/e_rc2.c',
'openssl/crypto/evp/e_rc4.c',
+ 'openssl/crypto/evp/e_rc4_hmac_md5.c',
'openssl/crypto/evp/e_rc5.c',
+ 'openssl/crypto/evp/e_seed.c',
'openssl/crypto/evp/e_xcbc_d.c',
'openssl/crypto/evp/encode.c',
'openssl/crypto/evp/evp_acnf.c',
+ 'openssl/crypto/evp/evp_cnf.c',
'openssl/crypto/evp/evp_enc.c',
'openssl/crypto/evp/evp_err.c',
+ 'openssl/crypto/evp/evp_fips.c',
'openssl/crypto/evp/evp_key.c',
'openssl/crypto/evp/evp_lib.c',
'openssl/crypto/evp/evp_pbe.c',
@@ -363,6 +407,7 @@
'openssl/crypto/evp/m_md2.c',
'openssl/crypto/evp/m_md4.c',
'openssl/crypto/evp/m_md5.c',
+ 'openssl/crypto/evp/m_mdc2.c',
'openssl/crypto/evp/m_null.c',
'openssl/crypto/evp/m_ripemd.c',
'openssl/crypto/evp/m_sha.c',
@@ -383,24 +428,39 @@
'openssl/crypto/evp/pmeth_gn.c',
'openssl/crypto/evp/pmeth_lib.c',
'openssl/crypto/ex_data.c',
+ 'openssl/crypto/fips_ers.c',
'openssl/crypto/hmac/hm_ameth.c',
'openssl/crypto/hmac/hm_pmeth.c',
'openssl/crypto/hmac/hmac.c',
+ 'openssl/crypto/idea/i_cbc.c',
+ 'openssl/crypto/idea/i_cfb64.c',
+ 'openssl/crypto/idea/i_ecb.c',
+ 'openssl/crypto/idea/i_ofb64.c',
+ 'openssl/crypto/idea/i_skey.c',
'openssl/crypto/krb5/krb5_asn.c',
'openssl/crypto/lhash/lh_stats.c',
'openssl/crypto/lhash/lhash.c',
+ 'openssl/crypto/md2/md2_dgst.c',
+ 'openssl/crypto/md2/md2_one.c',
'openssl/crypto/md4/md4_dgst.c',
'openssl/crypto/md4/md4_one.c',
'openssl/crypto/md5/md5_dgst.c',
'openssl/crypto/md5/md5_one.c',
+ 'openssl/crypto/mdc2/mdc2_one.c',
+ 'openssl/crypto/mdc2/mdc2dgst.c',
'openssl/crypto/mem.c',
'openssl/crypto/mem_dbg.c',
'openssl/crypto/modes/cbc128.c',
+ 'openssl/crypto/modes/ccm128.c',
'openssl/crypto/modes/cfb128.c',
'openssl/crypto/modes/ctr128.c',
'openssl/crypto/modes/cts128.c',
+ 'openssl/crypto/modes/gcm128.c',
'openssl/crypto/modes/ofb128.c',
+ 'openssl/crypto/modes/xts128.c',
'openssl/crypto/o_dir.c',
+ 'openssl/crypto/o_fips.c',
+ 'openssl/crypto/o_init.c',
'openssl/crypto/o_str.c',
'openssl/crypto/o_time.c',
'openssl/crypto/objects/o_names.c',
@@ -467,11 +527,13 @@
'openssl/crypto/rc2/rc2_skey.c',
'openssl/crypto/rc2/rc2cfb64.c',
'openssl/crypto/rc2/rc2ofb64.c',
+ 'openssl/crypto/rc4/rc4_utl.c',
'openssl/crypto/ripemd/rmd_dgst.c',
'openssl/crypto/ripemd/rmd_one.c',
'openssl/crypto/rsa/rsa_ameth.c',
'openssl/crypto/rsa/rsa_asn1.c',
'openssl/crypto/rsa/rsa_chk.c',
+ 'openssl/crypto/rsa/rsa_crpt.c',
'openssl/crypto/rsa/rsa_depr.c',
'openssl/crypto/rsa/rsa_eay.c',
'openssl/crypto/rsa/rsa_err.c',
@@ -488,13 +550,24 @@
'openssl/crypto/rsa/rsa_sign.c',
'openssl/crypto/rsa/rsa_ssl.c',
'openssl/crypto/rsa/rsa_x931.c',
+ 'openssl/crypto/seed/seed.c',
+ 'openssl/crypto/seed/seed_cbc.c',
+ 'openssl/crypto/seed/seed_cfb.c',
+ 'openssl/crypto/seed/seed_ecb.c',
+ 'openssl/crypto/seed/seed_ofb.c',
'openssl/crypto/sha/sha1_one.c',
'openssl/crypto/sha/sha1dgst.c',
'openssl/crypto/sha/sha256.c',
'openssl/crypto/sha/sha512.c',
'openssl/crypto/sha/sha_dgst.c',
'openssl/crypto/sha/sha_one.c',
+ 'openssl/crypto/srp/srp_lib.c',
+ 'openssl/crypto/srp/srp_vfy.c',
'openssl/crypto/stack/stack.c',
+ 'openssl/crypto/store/str_err.c',
+ 'openssl/crypto/store/str_lib.c',
+ 'openssl/crypto/store/str_mem.c',
+ 'openssl/crypto/store/str_meth.c',
'openssl/crypto/ts/ts_asn1.c',
'openssl/crypto/ts/ts_conf.c',
'openssl/crypto/ts/ts_err.c',
@@ -585,25 +658,32 @@
'openssl/engines/e_sureware.c',
'openssl/engines/e_ubsec.c'
],
+ 'sources/': [
+ ['exclude', 'md2/.*$'],
+ ['exclude', 'store/.*$']
+ ],
'conditions': [
['target_arch!="ia32" and target_arch!="x64"', {
# Disable asm
'defines': [
'OPENSSL_NO_ASM'
- ],
+ ],
'sources': [
'openssl/crypto/aes/aes_cbc.c',
'openssl/crypto/aes/aes_core.c',
'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/bn/bn_asm.c',
'openssl/crypto/cast/c_enc.c',
+ 'openssl/crypto/camellia/camellia.c',
+ 'openssl/crypto/camellia/cmll_cbc.c',
+ 'openssl/crypto/camellia/cmll_misc.c',
'openssl/crypto/des/des_enc.c',
'openssl/crypto/des/fcrypt_b.c',
'openssl/crypto/mem_clr.c',
'openssl/crypto/rc4/rc4_enc.c',
'openssl/crypto/rc4/rc4_skey.c',
'openssl/crypto/whrlpool/wp_block.c'
- ]
+ ]
}, {
# Enable asm
'defines': [
@@ -624,6 +704,7 @@
['OS!="win" and OS!="mac" and target_arch=="ia32"', {
'sources': [
'asm/x86-elf-gas/aes/aes-586.s',
+ 'asm/x86-elf-gas/aes/aesni-x86.s',
'asm/x86-elf-gas/bf/bf-686.s',
'asm/x86-elf-gas/bn/x86-mont.s',
'asm/x86-elf-gas/bn/x86.s',
@@ -646,10 +727,14 @@
['OS!="win" and OS!="mac" and target_arch=="x64"', {
'sources': [
'asm/x64-elf-gas/aes/aes-x86_64.s',
+ 'asm/x64-elf-gas/aes/aesni-x86_64.s',
+ 'asm/x64-elf-gas/aes/aesni-sha1-x86_64.s',
+ 'asm/x64-elf-gas/bn/modexp512-x86_64.s',
'asm/x64-elf-gas/bn/x86_64-mont.s',
'asm/x64-elf-gas/camellia/cmll-x86_64.s',
'asm/x64-elf-gas/md5/md5-x86_64.s',
'asm/x64-elf-gas/rc4/rc4-x86_64.s',
+ 'asm/x64-elf-gas/rc4/rc4-md5-x86_64.s',
'asm/x64-elf-gas/sha/sha1-x86_64.s',
'asm/x64-elf-gas/sha/sha512-x86_64.s',
'asm/x64-elf-gas/whrlpool/wp-x86_64.s',
@@ -657,15 +742,17 @@
# Non-generated asm
'openssl/crypto/bn/asm/x86_64-gcc.c',
# No asm available
+ 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/cast/c_enc.c',
+ 'openssl/crypto/camellia/cmll_misc.c',
'openssl/crypto/des/des_enc.c',
- 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/des/fcrypt_b.c'
]
}],
['OS=="mac" and target_arch=="ia32"', {
'sources': [
'asm/x86-macosx-gas/aes/aes-586.s',
+ 'asm/x86-macosx-gas/aes/aesni-x86.s',
'asm/x86-macosx-gas/bf/bf-686.s',
'asm/x86-macosx-gas/bn/x86-mont.s',
'asm/x86-macosx-gas/bn/x86.s',
@@ -688,10 +775,14 @@
['OS=="mac" and target_arch=="x64"', {
'sources': [
'asm/x64-macosx-gas/aes/aes-x86_64.s',
+ 'asm/x64-macosx-gas/aes/aesni-x86_64.s',
+ 'asm/x64-macosx-gas/aes/aesni-sha1-x86_64.s',
+ 'asm/x64-macosx-gas/bn/modexp512-x86_64.s',
'asm/x64-macosx-gas/bn/x86_64-mont.s',
'asm/x64-macosx-gas/camellia/cmll-x86_64.s',
'asm/x64-macosx-gas/md5/md5-x86_64.s',
'asm/x64-macosx-gas/rc4/rc4-x86_64.s',
+ 'asm/x64-macosx-gas/rc4/rc4-md5-x86_64.s',
'asm/x64-macosx-gas/sha/sha1-x86_64.s',
'asm/x64-macosx-gas/sha/sha512-x86_64.s',
'asm/x64-macosx-gas/whrlpool/wp-x86_64.s',
@@ -699,15 +790,17 @@
# Non-generated asm
'openssl/crypto/bn/asm/x86_64-gcc.c',
# No asm available
+ 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/cast/c_enc.c',
+ 'openssl/crypto/camellia/cmll_misc.c',
'openssl/crypto/des/des_enc.c',
- 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/des/fcrypt_b.c'
]
}],
['OS=="win" and target_arch=="ia32"', {
'sources': [
'asm/x86-win32-masm/aes/aes-586.asm',
+ 'asm/x86-win32-masm/aes/aesni-x86.asm',
'asm/x86-win32-masm/bf/bf-686.asm',
'asm/x86-win32-masm/bn/x86-mont.asm',
'asm/x86-win32-masm/bn/x86.asm',
@@ -749,10 +842,14 @@
['OS=="win" and target_arch=="x64"', {
'sources': [
'asm/x64-win32-masm/aes/aes-x86_64.asm',
+ 'asm/x64-win32-masm/aes/aesni-x86_64.asm',
+ 'asm/x64-win32-masm/aes/aesni-sha1-x86_64.asm',
+ 'asm/x64-win32-masm/bn/modexp512-x86_64.asm',
'asm/x64-win32-masm/bn/x86_64-mont.asm',
'asm/x64-win32-masm/camellia/cmll-x86_64.asm',
'asm/x64-win32-masm/md5/md5-x86_64.asm',
'asm/x64-win32-masm/rc4/rc4-x86_64.asm',
+ 'asm/x64-win32-masm/rc4/rc4-md5-x86_64.asm',
'asm/x64-win32-masm/sha/sha1-x86_64.asm',
'asm/x64-win32-masm/sha/sha512-x86_64.asm',
'asm/x64-win32-masm/whrlpool/wp-x86_64.asm',
@@ -760,9 +857,10 @@
# Non-generated asm
'openssl/crypto/bn/asm/x86_64-win32-masm.asm',
# No asm available
+ 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/cast/c_enc.c',
+ 'openssl/crypto/camellia/cmll_misc.c',
'openssl/crypto/des/des_enc.c',
- 'openssl/crypto/bf/bf_enc.c',
'openssl/crypto/des/fcrypt_b.c'
],
'rules': [
@@ -789,8 +887,14 @@
['OS=="win"', {
'defines': [
'MK1MF_BUILD',
- 'WIN32_LEAN_AND_MEAN',
- ]
+ 'WIN32_LEAN_AND_MEAN'
+ ],
+ 'link_settings': {
+ 'libraries': [
+ '-lgdi32.lib',
+ '-luser32.lib',
+ ]
+ }
}, {
'defines': [
# ENGINESDIR must be defined if OPENSSLDIR is.
@@ -800,40 +904,31 @@
'OPENSSLDIR="/etc/ssl"',
'TERMIOS',
],
+ 'cflags': ['-Wno-missing-field-initializers'],
+ }],
+ ['is_clang==1 or gcc_version>=43', {
+ 'cflags': ['-Wno-old-style-declaration'],
}],
['OS=="solaris"', {
'defines': ['__EXTENSIONS__'],
}],
- ['target_arch=="ia32"', {
- 'variables': {'openssl_config_path': 'config/piii'},
- }],
- ['target_arch=="x64"', {
- 'variables': {'openssl_config_path': 'config/k8'},
- }],
['target_arch=="arm"', {
- 'variables': {'openssl_config_path': 'config/android'},
+ 'sources': ['openssl/crypto/armcap.c'],
}],
],
- 'sources/': [
- ['exclude', 'camellia/.*$'],
- ['exclude', 'cms/.*$'],
- ['exclude', 'mdc2/.*$'],
- ],
'include_dirs': [
'.',
'openssl',
'openssl/crypto',
'openssl/crypto/asn1',
'openssl/crypto/evp',
+ 'openssl/crypto/md2',
+ 'openssl/crypto/modes',
'openssl/crypto/store',
'openssl/include',
- '<@(openssl_config_path)',
],
'direct_dependent_settings': {
- 'include_dirs': [
- 'openssl/include',
- '<@(openssl_config_path)',
- ],
+ 'include_dirs': ['openssl/include'],
},
},
],
diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES
index 03e744a04..ca82ad295 100644
--- a/deps/openssl/openssl/CHANGES
+++ b/deps/openssl/openssl/CHANGES
@@ -2,6 +2,434 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
+
+ *)
+
+ Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
+
+ *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+ This addresses the flaw in CBC record processing discovered by
+ Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+ at: http://www.isg.rhul.ac.uk/tls/
+
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+ Emilia Käsper for the initial patch.
+ (CVE-2013-0169)
+ [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+ *) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
+ ciphersuites which can be exploited in a denial of service attack.
+ Thanks go to and to Adam Langley <agl@chromium.org> for discovering
+ and detecting this bug and to Wolfgang Ettlinger
+ <wolfgang.ettlinger@gmail.com> for independently discovering this issue.
+ (CVE-2012-2686)
+ [Adam Langley]
+
+ *) Return an error when checking OCSP signatures when key is NULL.
+ This fixes a DoS attack. (CVE-2013-0166)
+ [Steve Henson]
+
+ *) Make openssl verify return errors.
+ [Chris Palmer <palmer@google.com> and Ben Laurie]
+
+ *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+ the right response is stapled. Also change SSL_get_certificate()
+ so it returns the certificate actually sent.
+ See http://rt.openssl.org/Ticket/Display.html?id=2836.
+ [Rob Stradling <rob.stradling@comodo.com>]
+
+ *) Fix possible deadlock when decoding public keys.
+ [Steve Henson]
+
+ *) Don't use TLS 1.0 record version number in initial client hello
+ if renegotiating.
+ [Steve Henson]
+
+ Changes between 1.0.1b and 1.0.1c [10 May 2012]
+
+ *) Sanity check record length before skipping explicit IV in TLS
+ 1.2, 1.1 and DTLS to fix DoS attack.
+
+ Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+ fuzzing as a service testing platform.
+ (CVE-2012-2333)
+ [Steve Henson]
+
+ *) Initialise tkeylen properly when encrypting CMS messages.
+ Thanks to Solar Designer of Openwall for reporting this issue.
+ [Steve Henson]
+
+ *) In FIPS mode don't try to use composite ciphers as they are not
+ approved.
+ [Steve Henson]
+
+ Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
+
+ *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
+ 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
+ mean any application compiled against OpenSSL 1.0.0 headers setting
+ SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
+ TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
+ 0x10000000L Any application which was previously compiled against
+ OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
+ will need to be recompiled as a result. Letting be results in
+ inability to disable specifically TLS 1.1 and in client context,
+ in unlike event, limit maximum offered version to TLS 1.0 [see below].
+ [Steve Henson]
+
+ *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not
+ disable just protocol X, but all protocols above X *if* there are
+ protocols *below* X still enabled. In more practical terms it means
+ that if application wants to disable TLS1.0 in favor of TLS1.1 and
+ above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass
+ SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to
+ client side.
+ [Andy Polyakov]
+
+ Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
+
+ *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+ BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+ in CRYPTO_realloc_clean.
+
+ Thanks to Tavis Ormandy, Google Security Team, for discovering this
+ issue and to Adam Langley <agl@chromium.org> for fixing it.
+ (CVE-2012-2110)
+ [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
+ [Adam Langley]
+
+ *) Workarounds for some broken servers that "hang" if a client hello
+ record length exceeds 255 bytes.
+
+ 1. Do not use record version number > TLS 1.0 in initial client
+ hello: some (but not all) hanging servers will now work.
+ 2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
+ the number of ciphers sent in the client hello. This should be
+ set to an even number, such as 50, for example by passing:
+ -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
+ Most broken servers should now work.
+ 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
+ TLS 1.2 client support entirely.
+ [Steve Henson]
+
+ *) Fix SEGV in Vector Permutation AES module observed in OpenSSH.
+ [Andy Polyakov]
+
+ Changes between 1.0.0h and 1.0.1 [14 Mar 2012]
+
+ *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
+ STRING form instead of a DigestInfo.
+ [Steve Henson]
+
+ *) The format used for MDC2 RSA signatures is inconsistent between EVP
+ and the RSA_sign/RSA_verify functions. This was made more apparent when
+ OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular
+ those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect
+ the correct format in RSA_verify so both forms transparently work.
+ [Steve Henson]
+
+ *) Some servers which support TLS 1.0 can choke if we initially indicate
+ support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
+ encrypted premaster secret. As a workaround use the maximum pemitted
+ client version in client hello, this should keep such servers happy
+ and still work with previous versions of OpenSSL.
+ [Steve Henson]
+
+ *) Add support for TLS/DTLS heartbeats.
+ [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+ *) Add support for SCTP.
+ [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+ *) Improved PRNG seeding for VOS.
+ [Paul Green <Paul.Green@stratus.com>]
+
+ *) Extensive assembler packs updates, most notably:
+
+ - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support;
+ - x86[_64]: SSSE3 support (SHA1, vector-permutation AES);
+ - x86_64: bit-sliced AES implementation;
+ - ARM: NEON support, contemporary platforms optimizations;
+ - s390x: z196 support;
+ - *: GHASH and GF(2^m) multiplication implementations;
+
+ [Andy Polyakov]
+
+ *) Make TLS-SRP code conformant with RFC 5054 API cleanup
+ (removal of unnecessary code)
+ [Peter Sylvester <peter.sylvester@edelweb.fr>]
+
+ *) Add TLS key material exporter from RFC 5705.
+ [Eric Rescorla]
+
+ *) Add DTLS-SRTP negotiation from RFC 5764.
+ [Eric Rescorla]
+
+ *) Add Next Protocol Negotiation,
+ http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
+ disabled with a no-npn flag to config or Configure. Code donated
+ by Google.
+ [Adam Langley <agl@google.com> and Ben Laurie]
+
+ *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
+ NIST-P256, NIST-P521, with constant-time single point multiplication on
+ typical inputs. Compiler support for the nonstandard type __uint128_t is
+ required to use this (present in gcc 4.4 and later, for 64-bit builds).
+ Code made available under Apache License version 2.0.
+
+ Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
+ line to include this in your build of OpenSSL, and run "make depend" (or
+ "make update"). This enables the following EC_METHODs:
+
+ EC_GFp_nistp224_method()
+ EC_GFp_nistp256_method()
+ EC_GFp_nistp521_method()
+
+ EC_GROUP_new_by_curve_name() will automatically use these (while
+ EC_GROUP_new_curve_GFp() currently prefers the more flexible
+ implementations).
+ [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
+
+ *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+ all platforms. Move ssize_t definition from e_os.h to the public
+ header file e_os2.h as it now appears in public header file cms.h
+ [Steve Henson]
+
+ *) New -sigopt option to the ca, req and x509 utilities. Additional
+ signature parameters can be passed using this option and in
+ particular PSS.
+ [Steve Henson]
+
+ *) Add RSA PSS signing function. This will generate and set the
+ appropriate AlgorithmIdentifiers for PSS based on those in the
+ corresponding EVP_MD_CTX structure. No application support yet.
+ [Steve Henson]
+
+ *) Support for companion algorithm specific ASN1 signing routines.
+ New function ASN1_item_sign_ctx() signs a pre-initialised
+ EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+ the appropriate parameters.
+ [Steve Henson]
+
+ *) Add new algorithm specific ASN1 verification initialisation function
+ to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+ handling will be the same no matter what EVP_PKEY_METHOD is used.
+ Add a PSS handler to support verification of PSS signatures: checked
+ against a number of sample certificates.
+ [Steve Henson]
+
+ *) Add signature printing for PSS. Add PSS OIDs.
+ [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
+
+ *) Add algorithm specific signature printing. An individual ASN1 method
+ can now print out signatures instead of the standard hex dump.
+
+ More complex signatures (e.g. PSS) can print out more meaningful
+ information. Include DSA version that prints out the signature
+ parameters r, s.
+ [Steve Henson]
+
+ *) Password based recipient info support for CMS library: implementing
+ RFC3211.
+ [Steve Henson]
+
+ *) Split password based encryption into PBES2 and PBKDF2 functions. This
+ neatly separates the code into cipher and PBE sections and is required
+ for some algorithms that split PBES2 into separate pieces (such as
+ password based CMS).
+ [Steve Henson]
+
+ *) Session-handling fixes:
+ - Fix handling of connections that are resuming with a session ID,
+ but also support Session Tickets.
+ - Fix a bug that suppressed issuing of a new ticket if the client
+ presented a ticket with an expired session.
+ - Try to set the ticket lifetime hint to something reasonable.
+ - Make tickets shorter by excluding irrelevant information.
+ - On the client side, don't ignore renewed tickets.
+ [Adam Langley, Bodo Moeller (Google)]
+
+ *) Fix PSK session representation.
+ [Bodo Moeller]
+
+ *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
+
+ This work was sponsored by Intel.
+ [Andy Polyakov]
+
+ *) Add GCM support to TLS library. Some custom code is needed to split
+ the IV between the fixed (from PRF) and explicit (from TLS record)
+ portions. This adds all GCM ciphersuites supported by RFC5288 and
+ RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+ add a special AESGCM string for GCM only.
+ [Steve Henson]
+
+ *) Expand range of ctrls for AES GCM. Permit setting invocation
+ field on decrypt and retrieval of invocation field only on encrypt.
+ [Steve Henson]
+
+ *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
+ As required by RFC5289 these ciphersuites cannot be used if for
+ versions of TLS earlier than 1.2.
+ [Steve Henson]
+
+ *) For FIPS capable OpenSSL interpret a NULL default public key method
+ as unset and return the appopriate default but do *not* set the default.
+ This means we can return the appopriate method in applications that
+ swicth between FIPS and non-FIPS modes.
+ [Steve Henson]
+
+ *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
+ ENGINE is used then we cannot handle that in the FIPS module so we
+ keep original code iff non-FIPS operations are allowed.
+ [Steve Henson]
+
+ *) Add -attime option to openssl utilities.
+ [Peter Eckersley <pde@eff.org>, Ben Laurie and Steve Henson]
+
+ *) Redirect DSA and DH operations to FIPS module in FIPS mode.
+ [Steve Henson]
+
+ *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use
+ FIPS EC methods unconditionally for now.
+ [Steve Henson]
+
+ *) New build option no-ec2m to disable characteristic 2 code.
+ [Steve Henson]
+
+ *) Backport libcrypto audit of return value checking from 1.1.0-dev; not
+ all cases can be covered as some introduce binary incompatibilities.
+ [Steve Henson]
+
+ *) Redirect RSA operations to FIPS module including keygen,
+ encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
+ [Steve Henson]
+
+ *) Add similar low level API blocking to ciphers.
+ [Steve Henson]
+
+ *) Low level digest APIs are not approved in FIPS mode: any attempt
+ to use these will cause a fatal error. Applications that *really* want
+ to use them can use the private_* version instead.
+ [Steve Henson]
+
+ *) Redirect cipher operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Redirect digest operations to FIPS module for FIPS builds.
+ [Steve Henson]
+
+ *) Update build system to add "fips" flag which will link in fipscanister.o
+ for static and shared library builds embedding a signature if needed.
+ [Steve Henson]
+
+ *) Output TLS supported curves in preference order instead of numerical
+ order. This is currently hardcoded for the highest order curves first.
+ This should be configurable so applications can judge speed vs strength.
+ [Steve Henson]
+
+ *) Add TLS v1.2 server support for client authentication.
+ [Steve Henson]
+
+ *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
+ and enable MD5.
+ [Steve Henson]
+
+ *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
+ FIPS modules versions.
+ [Steve Henson]
+
+ *) Add TLS v1.2 client side support for client authentication. Keep cache
+ of handshake records longer as we don't know the hash algorithm to use
+ until after the certificate request message is received.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 client support. Add a default signature algorithms
+ extension including all the algorithms we support. Parse new signature
+ format in client key exchange. Relax some ECC signing restrictions for
+ TLS v1.2 as indicated in RFC5246.
+ [Steve Henson]
+
+ *) Add server support for TLS v1.2 signature algorithms extension. Switch
+ to new signature format when needed using client digest preference.
+ All server ciphersuites should now work correctly in TLS v1.2. No client
+ support yet and no support for client certificates.
+ [Steve Henson]
+
+ *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
+ to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
+ ciphersuites. At present only RSA key exchange ciphersuites work with
+ TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
+ SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
+ and version checking.
+ [Steve Henson]
+
+ *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
+ with this defined it will not be affected by any changes to ssl internal
+ structures. Add several utility functions to allow openssl application
+ to work with OPENSSL_NO_SSL_INTERN defined.
+ [Steve Henson]
+
+ *) Add SRP support.
+ [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
+
+ *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
+ [Steve Henson]
+
+ *) Permit abbreviated handshakes when renegotiating using the function
+ SSL_renegotiate_abbreviated().
+ [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+ *) Add call to ENGINE_register_all_complete() to
+ ENGINE_load_builtin_engines(), so some implementations get used
+ automatically instead of needing explicit application support.
+ [Steve Henson]
+
+ *) Add support for TLS key exporter as described in RFC5705.
+ [Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
+
+ *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
+ a few changes are required:
+
+ Add SSL_OP_NO_TLSv1_1 flag.
+ Add TLSv1_1 methods.
+ Update version checking logic to handle version 1.1.
+ Add explicit IV handling (ported from DTLS code).
+ Add command line options to s_client/s_server.
+ [Steve Henson]
+
+ Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
+
+ *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+ in CMS and PKCS7 code. When RSA decryption fails use a random key for
+ content decryption and always return the same error. Note: this attack
+ needs on average 2^20 messages so it only affects automated senders. The
+ old behaviour can be reenabled in the CMS code by setting the
+ CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+ an MMA defence is not necessary.
+ Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
+ this issue. (CVE-2012-0884)
+ [Steve Henson]
+
+ *) Fix CVE-2011-4619: make sure we really are receiving a
+ client hello before rejecting multiple SGC restarts. Thanks to
+ Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
+ [Steve Henson]
+
+ Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
+
+ *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+ Thanks to Antonio Martin, Enterprise Secure Access Research and
+ Development, Cisco Systems, Inc. for discovering this bug and
+ preparing a fix. (CVE-2012-0050)
+ [Antonio Martin]
+
Changes between 1.0.0e and 1.0.0f [4 Jan 2012]
*) Nadhem Alfardan and Kenny Paterson have discovered an extension
@@ -22,7 +450,9 @@
(CVE-2011-4576)
[Adam Langley (Google)]
- *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
+ *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
+ Kadianakis <desnacked@gmail.com> for discovering this issue and
+ Adam Langley for preparing the fix. (CVE-2011-4619)
[Adam Langley (Google)]
*) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
@@ -963,8 +1393,47 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
+
+ Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
+
+ *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+ Thanks to Antonio Martin, Enterprise Secure Access Research and
+ Development, Cisco Systems, Inc. for discovering this bug and
+ preparing a fix. (CVE-2012-0050)
+ [Antonio Martin]
- Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
+ Changes between 0.9.8r and 0.9.8s [4 Jan 2012]
+
+ *) Nadhem Alfardan and Kenny Paterson have discovered an extension
+ of the Vaudenay padding oracle attack on CBC mode encryption
+ which enables an efficient plaintext recovery attack against
+ the OpenSSL implementation of DTLS. Their attack exploits timing
+ differences arising during decryption processing. A research
+ paper describing this attack can be found at:
+ http://www.isg.rhul.ac.uk/~kp/dtls.pdf
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
+ <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de>
+ for preparing the fix. (CVE-2011-4108)
+ [Robin Seggelmann, Michael Tuexen]
+
+ *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109)
+ [Ben Laurie, Kasper <ekasper@google.com>]
+
+ *) Clear bytes used for block padding of SSL 3.0 records.
+ (CVE-2011-4576)
+ [Adam Langley (Google)]
+
+ *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
+ Kadianakis <desnacked@gmail.com> for discovering this issue and
+ Adam Langley for preparing the fix. (CVE-2011-4619)
+ [Adam Langley (Google)]
+
+ *) Prevent malformed RFC3779 data triggering an assertion failure.
+ Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
+ and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577)
+ [Rob Austein <sra@hactrn.net>]
*) Fix ssl_ciph.c set-up race.
[Adam Langley (Google)]
diff --git a/deps/openssl/openssl/Configure b/deps/openssl/openssl/Configure
index 7941c93f6..9c803dc06 100755
--- a/deps/openssl/openssl/Configure
+++ b/deps/openssl/openssl/Configure
@@ -10,7 +10,7 @@ use strict;
# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
# Options:
#
@@ -56,6 +56,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
+# sctp include SCTP support
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
@@ -123,21 +124,24 @@ my $tlib="-lnsl -lsocket";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
-my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes-586.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o";
+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
my $x86_elf_asm="$x86_asm:elf";
-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o";
-my $ia64_asm="ia64cpuid.o:bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::void";
-my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::void";
-my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::void";
-my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::::::::void";
-my $mips3_asm=":bn-mips3.o::::::::::::void";
-my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o::aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::void";
-my $armv4_asm=":bn_asm.o armv4-mont.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::void";
-my $ppc32_asm="ppccpuid.o:bn-ppc.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::";
-my $ppc64_asm="ppccpuid.o:bn-ppc.o ppc-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::";
-my $no_asm=":::::::::::::void";
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o modexp512-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o:";
+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::ghash-sparcv9.o::void";
+my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::::void";
+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o:::::sha1-alpha.o:::::::ghash-alpha.o::void";
+my $mips32_asm=":bn-mips.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o::::::::";
+my $mips64_asm=":bn-mips.o mips-mont.o::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
+my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o::void";
+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
+my $ppc32_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::::";
+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::::";
+my $no_asm=":::::::::::::::void";
# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
@@ -148,7 +152,7 @@ my $no_asm=":::::::::::::void";
# seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
-#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
+#config-string $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
my %table=(
# File 'TABLE' (created by 'make TABLE') contains the data from this list,
@@ -163,32 +167,36 @@ my %table=(
# Our development configs
"purify", "purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
"debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
-"debug-ben", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG_UNUSED -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
+"debug-ben", "gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe::(unknown):::::",
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-debug-64", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
+"debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
+"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo", "gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-x86_64", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@@ -214,7 +222,7 @@ my %table=(
# actually recommend to consider using gcc shared build even with vendor
# compiler:-)
# <appro@fy.chalmers.se>
-"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -237,7 +245,7 @@ my %table=(
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs::/64",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -248,16 +256,16 @@ my %table=(
#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IRIX 6.x configs
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
# N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
#### Unified HP-UX ANSI C configs.
# Special notes:
@@ -290,17 +298,18 @@ my %table=(
# Since there is mention of this in shlib/hpux10-cc.sh
"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::::void:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+"hpux-parisc1_1-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${parisc11_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
# More attempts at unified 10.X and 11.X targets for HP C compiler.
#
# Chris Ruemmler <ruemmler@cup.hp.com>
# Kevin Steves <ks@hp.se>
"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::::void:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::void:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
# HP/UX IA-64 targets
"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
@@ -351,8 +360,22 @@ my %table=(
"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### So called "highgprs" target for z/Architecture CPUs
+# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
+# /proc/cpuinfo. The idea is to preserve most significant bits of
+# general purpose registers not only upon 32-bit process context
+# switch, but even on asynchronous signal delivery to such process.
+# This makes it possible to deploy 64-bit instructions even in legacy
+# application context and achieve better [or should we say adequate]
+# performance. The build is binary compatible with linux-generic32,
+# and the idea is to be able to install the resulting libcrypto.so
+# alongside generic one, e.g. as /lib/highgprs/libcrypto.so.x.y, for
+# ldconfig and run-time linker to autodiscover. Unfortunately it
+# doesn't work just yet, because of couple of bugs in glibc
+# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
+"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
#### SPARC Linux setups
# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
# assisted with debugging of following two configs.
@@ -380,6 +403,11 @@ my %table=(
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+# Android: linux-* but without -DTERMIO and pointers to headers and libs.
+"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
#### *BSD [do see comment about ${BSDthreads} above!]
"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -393,7 +421,7 @@ my %table=(
# triggered by RIPEMD160 code.
"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -438,8 +466,8 @@ my %table=(
"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
#
# Cray T90 and similar (SDSC)
@@ -490,13 +518,13 @@ my %table=(
# Visual C targets
#
# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
-"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
-"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
-"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
-"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
# Unified CE target
"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
@@ -551,10 +579,12 @@ my %table=(
"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+# iPhoneOS/iOS
+"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
##### A/UX
"aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -569,18 +599,21 @@ my %table=(
"OS2-EMX", "gcc::::::::",
##### VxWorks for various targets
+"vxworks-ppc60x","ccppc:-D_REENTRANT -mrtp -mhard-float -mstrict-align -fno-implicit-fp -DPPC32_fp60x -O2 -fstrength-reduce -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/common:::::",
+"vxworks-ppcgen","ccppc:-D_REENTRANT -mrtp -msoft-float -mstrict-align -O1 -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/sfcommon:::::",
"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
-"vxworks-mipsle","ccmips:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -DL_ENDIAN -EL -Wl,-EL -mips2 -mno-branch-likely -G 0 -fno-builtin -msoft-float -DCPU=MIPS32 -DMIPSEL -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r::${no_asm}::::::ranlibmips:",
+"vxworks-simlinux","ccpentium:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DL_ENDIAN -DCPU=SIMLINUX -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/h -I\$(WIND_BASE)/target/h/wrn/coreip -DOPENSSL_NO_HW_PADLOCK:::VXWORKS:-r::${no_asm}::::::ranlibpentium:",
+"vxworks-mips","ccmips:-mrtp -mips2 -O -G 0 -B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DCPU=MIPS32 -msoft-float -mno-branch-likely -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/h/wrn/coreip::-D_REENTRANT:VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/mips/MIPSI32/sfcommon::${mips32_asm}:o32::::::ranlibmips:",
##### Compaq Non-Stop Kernel (Tandem)
"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
# uClinux
-"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
-"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
);
@@ -612,6 +645,8 @@ my $idx_rmd160_obj = $idx++;
my $idx_rc5_obj = $idx++;
my $idx_wp_obj = $idx++;
my $idx_cmll_obj = $idx++;
+my $idx_modes_obj = $idx++;
+my $idx_engines_obj = $idx++;
my $idx_perlasm_scheme = $idx++;
my $idx_dso_scheme = $idx++;
my $idx_shared_target = $idx++;
@@ -628,6 +663,9 @@ my $openssldir="";
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
+my $fipsdir="/usr/local/ssl/fips-2.0";
+my $fipslibdir="";
+my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
@@ -662,26 +700,34 @@ my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $processor="";
my $default_ranlib;
my $perl;
+my $fips=0;
+if (exists $ENV{FIPSDIR})
+ {
+ $fipsdir = $ENV{FIPSDIR};
+ $fipsdir =~ s/\/$//;
+ }
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
+ "ec_nistp_64_gcc_128" => "default",
"gmp" => "default",
- "jpake" => "experimental",
- "md2" => "default",
- "rc5" => "default",
+ "jpake" => "experimental",
+ "md2" => "default",
+ "rc5" => "default",
"rfc3779" => "default",
- "shared" => "default",
+ "sctp" => "default",
+ "shared" => "default",
"store" => "experimental",
- "zlib" => "default",
- "zlib-dynamic" => "default"
- );
+ "zlib" => "default",
+ "zlib-dynamic" => "default"
+ );
my @experimental = ();
# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
-my $default_depflags = " -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE";
+my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE";
# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
@@ -739,6 +785,7 @@ PROCESS_ARGS:
# rewrite some options in "enable-..." form
s /^-?-?shared$/enable-shared/;
+ s /^sctp$/enable-sctp/;
s /^threads$/enable-threads/;
s /^zlib$/enable-zlib/;
s /^zlib-dynamic$/enable-zlib-dynamic/;
@@ -808,6 +855,10 @@ PROCESS_ARGS:
}
elsif (/^386$/)
{ $processor=386; }
+ elsif (/^fips$/)
+ {
+ $fips=1;
+ }
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
@@ -822,6 +873,7 @@ PROCESS_ARGS:
}
elsif (/^-[^-]/ or /^\+/)
{
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
$flags.=$_." ";
}
elsif (/^--prefix=(.*)$/)
@@ -852,6 +904,18 @@ PROCESS_ARGS:
{
$withargs{"zlib-include"}="-I$1";
}
+ elsif (/^--with-fipsdir=(.*)$/)
+ {
+ $fipsdir="$1";
+ }
+ elsif (/^--with-fipslibdir=(.*)$/)
+ {
+ $fipslibdir="$1";
+ }
+ elsif (/^--with-baseaddr=(.*)$/)
+ {
+ $baseaddr="$1";
+ }
elsif (/^--cross-compile-prefix=(.*)$/)
{
$cross_compile_prefix=$1;
@@ -926,6 +990,17 @@ if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
$disabled{"ssl2"} = "forced";
}
+if ($fips && $fipslibdir eq "")
+ {
+ $fipslibdir = $fipsdir . "/lib/";
+ }
+
+# RSAX ENGINE sets default non-FIPS RSA method.
+if ($fips)
+ {
+ $disabled{"rsax"} = "forced";
+ }
+
# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
@@ -946,6 +1021,13 @@ if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
$disabled{"gost"} = "forced";
}
+# SRP and HEARTBEATS require TLSEXT
+if (defined($disabled{"tlsext"}))
+ {
+ $disabled{"srp"} = "forced";
+ $disabled{"heartbeats"} = "forced";
+ }
+
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
@@ -995,7 +1077,7 @@ foreach (sort (keys %disabled))
else
{
my ($ALGO, $algo);
- ($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/;
+ ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
@@ -1015,6 +1097,8 @@ foreach (sort (keys %disabled))
else
{
push @skip, $algo;
+ # fix-up crypto/directory name(s)
+ @skip[$#skip]="whrlpool" if $algo eq "whirlpool";
print " (skip dir)";
$depflags .= " -DOPENSSL_NO_$ALGO";
@@ -1085,6 +1169,8 @@ my $rmd160_obj = $fields[$idx_rmd160_obj];
my $rc5_obj = $fields[$idx_rc5_obj];
my $wp_obj = $fields[$idx_wp_obj];
my $cmll_obj = $fields[$idx_cmll_obj];
+my $modes_obj = $fields[$idx_modes_obj];
+my $engines_obj = $fields[$idx_engines_obj];
my $perlasm_scheme = $fields[$idx_perlasm_scheme];
my $dso_scheme = $fields[$idx_dso_scheme];
my $shared_target = $fields[$idx_shared_target];
@@ -1245,7 +1331,7 @@ if ($no_asm)
{
$cpuid_obj=$bn_obj=
$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
- $sha1_obj=$md5_obj=$rmd160_obj=$wp_obj="";
+ $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
}
if (!$no_shared)
@@ -1309,7 +1395,7 @@ if (!$IsMK1MF)
}
}
-$cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
+$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
#
# Platform fix-ups
@@ -1377,6 +1463,14 @@ $cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
+$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
+
+if ($fips)
+ {
+ $openssl_other_defines.="#define OPENSSL_FIPS\n";
+ $cflags .= " -I\$(FIPSDIR)/include";
+ }
$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
@@ -1410,12 +1504,20 @@ if ($rmd160_obj =~ /\.o$/)
if ($aes_obj =~ /\.o$/)
{
$cflags.=" -DAES_ASM";
+ # aes-ctr.o is not a real file, only indication that assembler
+ # module implements AES_ctr32_encrypt...
+ $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
+ # aes-xts.o indicates presense of AES_xts_[en|de]crypt...
+ $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
+ $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
+ $cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
+ $cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
}
else {
$aes_obj=$aes_enc;
}
$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
-if ($wp_obj =~ /\.o$/)
+if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
{
$cflags.=" -DWHIRLPOOL_ASM";
}
@@ -1423,6 +1525,10 @@ else {
$wp_obj="wp_block.o";
}
$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);
+if ($modes_obj =~ /ghash/)
+ {
+ $cflags.=" -DGHASH_ASM";
+ }
# "Stringify" the C flags string. This permits it to be made part of a string
# and works as well on command lines.
@@ -1537,6 +1643,8 @@ while (<IN>)
s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+ s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
+ s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
@@ -1545,6 +1653,12 @@ while (<IN>)
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
+
+ s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
+ s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
+ s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
+ s/^BASEADDR=.*/BASEADDR=$baseaddr/;
+
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@@ -1588,7 +1702,9 @@ print "RC5_ENC =$rc5_obj\n";
print "MD5_OBJ_ASM =$md5_obj\n";
print "SHA1_OBJ_ASM =$sha1_obj\n";
print "RMD160_OBJ_ASM=$rmd160_obj\n";
-print "CMLL_ENC= =$cmll_obj\n";
+print "CMLL_ENC =$cmll_obj\n";
+print "MODES_OBJ =$modes_obj\n";
+print "ENGINES_OBJ =$engines_obj\n";
print "PROCESSOR =$processor\n";
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
@@ -1981,7 +2097,8 @@ sub print_table_entry
(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
- my $rc5_obj,my $wp_obj,my $cmll_obj,my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
+ my $rc5_obj,my $wp_obj,my $cmll_obj,my $modes_obj, my $engines_obj,
+ my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
@@ -2008,6 +2125,8 @@ sub print_table_entry
\$rc5_obj = $rc5_obj
\$wp_obj = $wp_obj
\$cmll_obj = $cmll_obj
+\$modes_obj = $modes_obj
+\$engines_obj = $engines_obj
\$perlasm_scheme = $perlasm_scheme
\$dso_scheme = $dso_scheme
\$shared_target= $shared_target
diff --git a/deps/openssl/openssl/FAQ b/deps/openssl/openssl/FAQ
index 3b07cd363..35780f807 100644
--- a/deps/openssl/openssl/FAQ
+++ b/deps/openssl/openssl/FAQ
@@ -10,6 +10,7 @@ OpenSSL - Frequently Asked Questions
* Why aren't tools like 'autoconf' and 'libtool' used?
* What is an 'engine' version?
* How do I check the authenticity of the OpenSSL distribution?
+* How does the versioning scheme work?
[LEGAL] Legal questions
@@ -82,11 +83,11 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.0f was released on Jan 4th, 2012.
+OpenSSL 1.0.1e was released on Feb 11th, 2013.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
-ftp://ftp.openssl.org/snapshot/>, or get it by anonymous CVS access.
+ftp://ftp.openssl.org/snapshot/>, or get it by anonymous Git access.
* Where is the documentation?
@@ -108,7 +109,9 @@ In addition, you can read the most current versions at
<URL: http://www.openssl.org/docs/>. Note that the online documents refer
to the very latest development versions of OpenSSL and may include features
not present in released versions. If in doubt refer to the documentation
-that came with the version of OpenSSL you are using.
+that came with the version of OpenSSL you are using. The pod format
+documentation is included in each OpenSSL distribution under the docs
+directory.
For information on parts of libcrypto that are not yet documented, you
might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
@@ -173,6 +176,19 @@ just do:
pgp TARBALL.asc
+* How does the versioning scheme work?
+
+After the release of OpenSSL 1.0.0 the versioning scheme changed. Letter
+releases (e.g. 1.0.1a) can only contain bug and security fixes and no
+new features. Minor releases change the last number (e.g. 1.0.2) and
+can contain new features that retain binary compatibility. Changes to
+the middle number are considered major releases and neither source nor
+binary compatibility is guaranteed.
+
+Therefore the answer to the common question "when will feature X be
+backported to OpenSSL 1.0.0/0.9.8?" is "never" but it could appear
+in the next minor release.
+
[LEGAL] =======================================================================
* Do I need patent licenses to use OpenSSL?
@@ -284,7 +300,7 @@ current directory in this case, but this has changed with 0.9.6a.)
Check out the CA.pl(1) manual page. This provides a simple wrapper round
the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
out the manual pages for the individual utilities and the certificate
-extensions documentation (currently in doc/openssl.txt).
+extensions documentation (in ca(1), req(1), x509v3_config(5) )
* Why can't I create certificate requests?
diff --git a/deps/openssl/openssl/INSTALL.W32 b/deps/openssl/openssl/INSTALL.W32
index d23c4baf6..80e538273 100644
--- a/deps/openssl/openssl/INSTALL.W32
+++ b/deps/openssl/openssl/INSTALL.W32
@@ -29,7 +29,7 @@
is required if you intend to utilize assembler modules. Note that NASM
is now the only supported assembler.
- If you are compiling from a tarball or a CVS snapshot then the Win32 files
+ If you are compiling from a tarball or a Git snapshot then the Win32 files
may well be not up to date. This may mean that some "tweaking" is required to
get it all to work. See the trouble shooting section later on for if (when?)
it goes wrong.
@@ -257,7 +257,7 @@
then ms\do_XXX should not give a warning any more. However the numbers that
get assigned by this technique may not match those that eventually get
- assigned in the CVS tree: so anything linked against this version of the
+ assigned in the Git tree: so anything linked against this version of the
library may need to be recompiled.
If you get errors about unresolved symbols there are several possible
diff --git a/deps/openssl/openssl/Makefile b/deps/openssl/openssl/Makefile
index 8fe888587..54e354161 100644
--- a/deps/openssl/openssl/Makefile
+++ b/deps/openssl/openssl/Makefile
@@ -4,16 +4,16 @@
## Makefile for OpenSSL
##
-VERSION=1.0.0f
+VERSION=1.0.1e
MAJOR=1
-MINOR=0.0
+MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
SHLIB_VERSION_HISTORY=
SHLIB_MAJOR=1
SHLIB_MINOR=0.0
SHLIB_EXT=
PLATFORM=dist
-OPTIONS= no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-shared no-store no-zlib no-zlib-dynamic static-engine
+OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-zlib no-zlib-dynamic static-engine
CONFIGURE_ARGS=dist
SHLIB_TARGET=
@@ -61,7 +61,7 @@ OPENSSLDIR=/usr/local/ssl
CC= cc
CFLAG= -O
-DEPFLAG= -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE
+DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE
PEX_LIBS=
EX_LIBS=
EXE_EXT=
@@ -71,7 +71,7 @@ RANLIB= /usr/bin/ranlib
NM= nm
PERL= /usr/bin/perl
TAR= tar
-TARFLAGS= --no-recursion
+TARFLAGS= --no-recursion --record-size=10240
MAKEDEPPROG=makedepend
LIBDIR=lib
@@ -101,6 +101,8 @@ SHA1_ASM_OBJ=
RMD160_ASM_OBJ=
WP_ASM_OBJ= wp_block.o
CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
PERLASM_SCHEME=
# KRB5 stuff
@@ -111,6 +113,30 @@ LIBKRB5=
ZLIB_INCLUDE=
LIBZLIB=
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=0xFB00000
+
DIRS= crypto ssl engines apps test tools
ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
@@ -123,7 +149,7 @@ SDIRS= \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts
+ cms pqueue ts srp cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@@ -174,7 +200,7 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
$${EXHEADER+EXHEADER} $${HEADER+HEADER} \
$${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
@@ -206,7 +232,12 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+ FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
+ FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@@ -260,9 +291,20 @@ all_testapps: build_libs build_testapps
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-libcrypto$(SHLIB_EXT): libcrypto.a
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- $(MAKE) SHLIBDIRS=crypto build-shared; \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@@ -324,7 +366,8 @@ libcrypto.pc: Makefile
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
libssl.pc: Makefile
@@ -337,7 +380,8 @@ libssl.pc: Makefile
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
openssl.pc: Makefile
@@ -350,7 +394,8 @@ openssl.pc: Makefile
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile: Makefile.org Configure config
@@ -359,7 +404,7 @@ Makefile: Makefile.org Configure config
@false
libclean:
- rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
clean: libclean
rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
@@ -401,7 +446,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs) && \
+ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
else :; fi
@@ -426,9 +471,9 @@ tags:
find . -name '[^.]*.[ch]' | xargs etags -a
errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
- $(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@@ -511,7 +556,7 @@ install_sw:
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; for i in $(LIBS) ;\
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
diff --git a/deps/openssl/openssl/Makefile.org b/deps/openssl/openssl/Makefile.org
index fb0af7ecc..2db31ead6 100644
--- a/deps/openssl/openssl/Makefile.org
+++ b/deps/openssl/openssl/Makefile.org
@@ -69,7 +69,7 @@ RANLIB= ranlib
NM= nm
PERL= perl
TAR= tar
-TARFLAGS= --no-recursion
+TARFLAGS= --no-recursion --record-size=10240
MAKEDEPPROG=makedepend
LIBDIR=lib
@@ -99,6 +99,8 @@ SHA1_ASM_OBJ=
RMD160_ASM_OBJ=
WP_ASM_OBJ=
CMLL_ENC=
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
PERLASM_SCHEME=
# KRB5 stuff
@@ -109,6 +111,30 @@ LIBKRB5=
ZLIB_INCLUDE=
LIBZLIB=
+# TOP level FIPS install directory.
+FIPSDIR=
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=
+
DIRS= crypto ssl engines apps test tools
ENGDIRS= ccgost
SHLIBDIRS= crypto ssl
@@ -121,7 +147,7 @@ SDIRS= \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
- cms pqueue ts jpake store
+ cms pqueue ts jpake srp store cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...
@@ -172,7 +198,7 @@ CLEARENV= TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS} \
$${EXHEADER+EXHEADER} $${HEADER+HEADER} \
$${GENERAL+GENERAL} $${CFLAGS+CFLAGS} \
$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS} \
- $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} \
+ $${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS} \
$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS} \
$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
@@ -204,7 +230,12 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
WP_ASM_OBJ='$(WP_ASM_OBJ)' \
+ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
+ ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)' \
PERLASM_SCHEME='$(PERLASM_SCHEME)' \
+ FIPSLIBDIR='${FIPSLIBDIR}' \
+ FIPSDIR='${FIPSDIR}' \
+ FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \
THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
# which in turn eliminates ambiguities in variable treatment with -e.
@@ -258,9 +289,20 @@ all_testapps: build_libs build_testapps
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-libcrypto$(SHLIB_EXT): libcrypto.a
+fips_premain_dso$(EXE_EXT): libcrypto.a
+ [ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+ -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ \
+ $(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+ libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- $(MAKE) SHLIBDIRS=crypto build-shared; \
+ if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+ FIPSLD_LIBCRYPTO=libcrypto.a ; \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+ fi; \
+ $(MAKE) -e SHLIBDIRS=crypto build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
@@ -322,7 +364,8 @@ libcrypto.pc: Makefile
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
libssl.pc: Makefile
@@ -335,7 +378,8 @@ libssl.pc: Makefile
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
openssl.pc: Makefile
@@ -348,7 +392,8 @@ openssl.pc: Makefile
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
Makefile: Makefile.org Configure config
@@ -357,7 +402,7 @@ Makefile: Makefile.org Configure config
@false
libclean:
- rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
+ rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
clean: libclean
rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
@@ -399,7 +444,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \
- $(PERL) tools/c_rehash certs) && \
+ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \
else :; fi
@@ -424,9 +469,9 @@ tags:
find . -name '[^.]*.[ch]' | xargs etags -a
errors:
+ $(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
- $(PERL) util/ck_errf.pl */*.c */*/*.c
stacks:
$(PERL) util/mkstack.pl -write
@@ -509,7 +554,7 @@ install_sw:
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; for i in $(LIBS) ;\
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
( echo installing $$i; \
diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS
index 1fb25c626..0269f2277 100644
--- a/deps/openssl/openssl/NEWS
+++ b/deps/openssl/openssl/NEWS
@@ -5,6 +5,58 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
+
+ o Corrected fix for CVE-2013-0169
+
+ Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
+
+ o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+ o Include the fips configuration module.
+ o Fix OCSP bad key DoS attack CVE-2013-0166
+ o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+ o Fix for TLS AESNI record handling flaw CVE-2012-2686
+
+ Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
+
+ o Fix TLS/DTLS record length checking bug CVE-2012-2333
+ o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
+
+ Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b:
+
+ o Fix compilation error on non-x86 platforms.
+ o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
+ o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
+
+ Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a:
+
+ o Fix for ASN1 overflow bug CVE-2012-2110
+ o Workarounds for some servers that hang on long client hellos.
+ o Fix SEGV in AES code.
+
+ Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1:
+
+ o TLS/DTLS heartbeat support.
+ o SCTP support.
+ o RFC 5705 TLS key material exporter.
+ o RFC 5764 DTLS-SRTP negotiation.
+ o Next Protocol Negotiation.
+ o PSS signatures in certificates, requests and CRLs.
+ o Support for password based recipient info for CMS.
+ o Support TLS v1.2 and TLS v1.1.
+ o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
+ o SRP support.
+
+ Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h:
+
+ o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+ o Corrected fix for CVE-2011-4619
+ o Various DTLS fixes.
+
+ Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g:
+
+ o Fix for DTLS DoS issue CVE-2012-0050
+
Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f:
o Fix for DTLS plaintext recovery attack CVE-2011-4108
diff --git a/deps/openssl/openssl/PROBLEMS b/deps/openssl/openssl/PROBLEMS
index d247470f0..3eaab01f2 100644
--- a/deps/openssl/openssl/PROBLEMS
+++ b/deps/openssl/openssl/PROBLEMS
@@ -197,3 +197,17 @@ reconfigure with additional no-sse2 [or 386] option passed to ./config.
We don't have framework to associate -ldl with no-dso, therefore the only
way is to edit Makefile right after ./config no-dso and remove -ldl from
EX_LIBS line.
+
+* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH.
+
+Compiler bug, presumably at particular patch level. Remaining
+hpux*-parisc*-cc configurations can be affected too. Drop optimization
+level to +O2 when compiling bn_nist.o.
+
+* solaris64-sparcv9-cc link failure
+
+Solaris 8 ar can fail to maintain symbol table in .a, which results in
+link failures. Apply 109147-09 or later or modify Makefile generated
+by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with
+
+ RANLIB= /usr/ccs/bin/ar rs
diff --git a/deps/openssl/openssl/README b/deps/openssl/openssl/README
index 50d54d570..ad2d90f0d 100644
--- a/deps/openssl/openssl/README
+++ b/deps/openssl/openssl/README
@@ -1,5 +1,5 @@
- OpenSSL 1.0.0f 4 Jan 2012
+ OpenSSL 1.0.1e 11 Feb 2013
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -190,7 +190,7 @@
reason as to why that feature isn't implemented.
Patches should be as up to date as possible, preferably relative to the
- current CVS or the last snapshot. They should follow the coding style of
+ current Git or the last snapshot. They should follow the coding style of
OpenSSL and compile without warnings. Some of the core team developer targets
can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
compiles on many varied platforms: try to ensure you only use portable
diff --git a/deps/openssl/openssl/VMS/install-vms.com b/deps/openssl/openssl/VMS/install-vms.com
index 7da8b2153..7da8b2153 100644..100755
--- a/deps/openssl/openssl/VMS/install-vms.com
+++ b/deps/openssl/openssl/VMS/install-vms.com
diff --git a/deps/openssl/openssl/VMS/openssl_startup.com b/deps/openssl/openssl/VMS/openssl_startup.com
index 04bbbde88..04bbbde88 100644..100755
--- a/deps/openssl/openssl/VMS/openssl_startup.com
+++ b/deps/openssl/openssl/VMS/openssl_startup.com
diff --git a/deps/openssl/openssl/VMS/openssl_undo.com b/deps/openssl/openssl/VMS/openssl_undo.com
index d1623a316..d1623a316 100644..100755
--- a/deps/openssl/openssl/VMS/openssl_undo.com
+++ b/deps/openssl/openssl/VMS/openssl_undo.com
diff --git a/deps/openssl/openssl/config b/deps/openssl/openssl/config
index cf64ec563..88b9bc69d 100755
--- a/deps/openssl/openssl/config
+++ b/deps/openssl/openssl/config
@@ -370,6 +370,10 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
NONSTOP_KERNEL*)
echo "nsr-tandem-nsk"; exit 0;
;;
+
+ vxworks*)
+ echo "${MACHINE}-whatever-vxworks"; exit 0;
+ ;;
esac
#
@@ -407,23 +411,18 @@ exit 0
# this is where the translation occurs into SSLeay terms
# ---------------------------------------------------------------------------
-GCCVER=`(gcc -dumpversion) 2>/dev/null`
-if [ "$GCCVER" != "" ]; then
- # then strip off whatever prefix egcs prepends the number with...
- # Hopefully, this will work for any future prefixes as well.
- GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
- # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
- # does give us what we want though, so we use that. We just just the
- # major and minor version numbers.
- # peak single digit before and after first dot, e.g. 2.95.1 gives 29
- GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
-fi
-
# Only set CC if not supplied already
-if [ -z "$CC" ]; then
-# figure out if gcc is available and if so we use it otherwise
-# we fallback to whatever cc does on the system
+if [ -z "$CROSS_COMPILE$CC" ]; then
+ GCCVER=`sh -c "gcc -dumpversion" 2>/dev/null`
if [ "$GCCVER" != "" ]; then
+ # then strip off whatever prefix egcs prepends the number with...
+ # Hopefully, this will work for any future prefixes as well.
+ GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
+ # Since gcc 3.1 gcc --version behaviour has changed. gcc -dumpversion
+ # does give us what we want though, so we use that. We just just the
+ # major and minor version numbers.
+ # peak single digit before and after first dot, e.g. 2.95.1 gives 29
+ GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
CC=gcc
else
CC=cc
@@ -539,7 +538,7 @@ case "$GUESSOS" in
ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
ppc-apple-darwin*)
ISA64=`(sysctl -n hw.optional.64bitops) 2>/dev/null`
- if [ "$ISA64" = "1" ]; then
+ if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure darwin64-ppc-cc' *manually*."
if [ "$TEST" = "false" -a -t 1 ]; then
@@ -547,10 +546,14 @@ case "$GUESSOS" in
(trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
fi
fi
- OUT="darwin-ppc-cc" ;;
+ if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="darwin64-ppc-cc"
+ else
+ OUT="darwin-ppc-cc"
+ fi ;;
i?86-apple-darwin*)
ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
- if [ "$ISA64" = "1" ]; then
+ if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure darwin64-x86_64-cc' *manually*."
if [ "$TEST" = "false" -a -t 1 ]; then
@@ -558,7 +561,17 @@ case "$GUESSOS" in
(trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
fi
fi
- OUT="darwin-i386-cc" ;;
+ if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="darwin64-x86_64-cc"
+ else
+ OUT="darwin-i386-cc"
+ fi ;;
+ armv6+7-*-iphoneos)
+ options="$options -arch%20armv6 -arch%20armv7"
+ OUT="iphoneos-cross" ;;
+ *-*-iphoneos)
+ options="$options -arch%20${MACHINE}"
+ OUT="iphoneos-cross" ;;
alpha-*-linux2)
ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
case ${ISA:-generic} in
@@ -583,6 +596,11 @@ case "$GUESSOS" in
OUT="linux-ppc"
;;
ppc-*-linux2) OUT="linux-ppc" ;;
+ ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;;
+ ppcgen-*-vxworks*) OUT="vxworks-ppcgen" ;;
+ pentium-*-vxworks*) OUT="vxworks-pentium" ;;
+ simlinux-*-vxworks*) OUT="vxworks-simlinux" ;;
+ mips-*-vxworks*) OUT="vxworks-mips";;
ia64-*-linux?) OUT="linux-ia64" ;;
sparc64-*-linux2)
echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
@@ -624,12 +642,24 @@ case "$GUESSOS" in
options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH"
OUT="linux-generic32" ;;
armv[1-3]*-*-linux2) OUT="linux-generic32" ;;
+ armv[7-9]*-*-linux2) OUT="linux-armv4"; options="$options -march=armv7-a" ;;
arm*-*-linux2) OUT="linux-armv4" ;;
sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
- s390x-*-linux2) OUT="linux-s390x" ;;
+ s390x-*-linux2)
+ # To be uncommented when glibc bug is fixed, see Configure...
+ #if egrep -e '^features.* highgprs' /proc/cpuinfo >/dev/null ; then
+ # echo "WARNING! If you wish to build \"highgprs\" 32-bit library, then you"
+ # echo " have to invoke './Configure linux32-s390x' *manually*."
+ # if [ "$TEST" = "false" -a -t -1 ]; then
+ # echo " You have about 5 seconds to press Ctrl-C to abort."
+ # (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+ # fi
+ #fi
+ OUT="linux64-s390x"
+ ;;
x86_64-*-linux?) OUT="linux-x86_64" ;;
*86-*-linux2) OUT="linux-elf"
if [ "$GCCVER" -gt 28 ]; then
@@ -648,7 +678,7 @@ case "$GUESSOS" in
sun4[uv]*-*-solaris2)
OUT="solaris-sparcv9-$CC"
ISA64=`(isalist) 2>/dev/null | grep sparcv9`
- if [ "$ISA64" != "" ]; then
+ if [ "$ISA64" != "" -a "$KERNEL_BITS" = "" ]; then
if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
echo "WARNING! If you wish to build 64-bit library, then you have to"
echo " invoke './Configure solaris64-sparcv9-cc' *manually*."
@@ -678,13 +708,16 @@ case "$GUESSOS" in
fi
fi
fi
+ if [ "$ISA64" != "" -a "$KERNEL_BITS" = "64" ]; then
+ OUT="solaris64-sparcv9-$CC"
+ fi
;;
sun4m-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
sun4d-*-solaris2) OUT="solaris-sparcv8-$CC" ;;
sun4*-*-solaris2) OUT="solaris-sparcv7-$CC" ;;
*86*-*-solaris2)
ISA64=`(isalist) 2>/dev/null | grep amd64`
- if [ "$ISA64" != "" ]; then
+ if [ "$ISA64" != "" -a ${KERNEL_BITS:-64} -eq 64 ]; then
OUT="solaris64-x86_64-$CC"
else
OUT="solaris-x86-$CC"
@@ -736,20 +769,17 @@ case "$GUESSOS" in
if [ $CC = "gcc" -a $GCC_BITS = "64" ]; then
OUT="hpux64-parisc2-gcc"
fi
- KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
+ [ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
KERNEL_BITS=${KERNEL_BITS:-32}
CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`
CPU_VERSION=${CPU_VERSION:-0}
# See <sys/unistd.h> for further info on CPU_VERSION.
if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU
- echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
- echo " If you wish to build 32-bit library, the you have to"
- echo " invoke './Configure hpux-ia64-cc' *manually*."
- if [ "$TEST" = "false" -a -t 1 ]; then
- echo " You have about 5 seconds to press Ctrl-C to abort."
- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
- fi
- OUT="hpux64-ia64-cc"
+ if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
+ OUT="hpux64-ia64-cc"
+ else
+ OUT="hpux-ia64-cc"
+ fi
elif [ $CPU_VERSION -ge 532 ]; then # PA-RISC 2.x CPU
OUT=${OUT:-"hpux-parisc2-${CC}"}
if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
@@ -770,7 +800,7 @@ case "$GUESSOS" in
options="$options -D_REENTRANT" ;;
*-hpux) OUT="hpux-parisc-$CC" ;;
*-aix)
- KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
+ [ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
KERNEL_BITS=${KERNEL_BITS:-32}
OBJECT_MODE=${OBJECT_MODE:-32}
if [ "$CC" = "gcc" ]; then
@@ -810,6 +840,8 @@ case "$GUESSOS" in
beos-*) OUT="$GUESSOS" ;;
x86pc-*-qnx6) OUT="QNX6-i386" ;;
*-*-qnx6) OUT="QNX6" ;;
+ x86-*-android|i?86-*-android) OUT="android-x86" ;;
+ armv[7-9]*-*-android) OUT="android-armv7" ;;
*) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
esac
@@ -825,9 +857,11 @@ esac
# options="$options -DATALLA"
#fi
-($CC -Wa,--help -c -o /dev/null -x assembler /dev/null 2>&1 | \
- grep \\--noexecstack) 2>&1 > /dev/null && \
+if expr "$options" : '.*no\-asm' > /dev/null; then :; else
+ sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \
+ grep \\--noexecstack >/dev/null && \
options="$options -Wa,--noexecstack"
+fi
# gcc < 2.8 does not support -march=ultrasparc
if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
diff --git a/deps/openssl/openssl/crypto/Makefile b/deps/openssl/openssl/crypto/Makefile
index 85d9f249c..947dd5d44 100644
--- a/deps/openssl/openssl/crypto/Makefile
+++ b/deps/openssl/openssl/crypto/Makefile
@@ -7,7 +7,7 @@ TOP= ..
CC= cc
INCLUDE= -I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
# INCLUDES targets sudbirs!
-INCLUDES= -I.. -I../.. -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
+INCLUDES= -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
CFLAG= -g
MAKEDEPPROG= makedepend
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
@@ -34,8 +34,10 @@ GENERAL=Makefile README crypto-lib.com install.com
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
-LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
+LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o \
+ uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o $(CPUID_OBJ)
SRC= $(LIBSRC)
@@ -67,14 +69,13 @@ applink.o: $(TOP)/ms/applink.c
uplink.o: $(TOP)/ms/uplink.c applink.o
$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
-uplink-cof.s: $(TOP)/ms/uplink.pl
- $(PERL) $(TOP)/ms/uplink.pl coff > $@
+uplink-x86.s: $(TOP)/ms/uplink-x86.pl
+ $(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) > $@
-x86_64cpuid.s: x86_64cpuid.pl
- $(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
-ia64cpuid.s: ia64cpuid.S
- $(CC) $(CFLAGS) -E ia64cpuid.S > $@
+x86_64cpuid.s: x86_64cpuid.pl; $(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
alphacpuid.s: alphacpuid.pl
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
@@ -102,6 +103,7 @@ lib: $(LIB)
@touch lib
$(LIB): $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
+ [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
$(RANLIB) $(LIB) || echo Never mind.
shared: buildinf.h lib subdirs
@@ -171,6 +173,7 @@ ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
ex_data.o: ex_data.c
+fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
@@ -191,6 +194,19 @@ mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
mem_dbg.o: mem_dbg.c
o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
o_dir.o: LPdir_unix.c o_dir.c o_dir.h
+o_fips.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+o_fips.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+o_fips.o: ../include/openssl/err.h ../include/openssl/lhash.h
+o_fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+o_fips.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+o_fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+o_fips.o: o_fips.c
+o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
+o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+o_init.o: ../include/openssl/symhacks.h o_init.c
o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
o_str.o: o_str.c o_str.h
o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
diff --git a/deps/openssl/openssl/crypto/aes/Makefile b/deps/openssl/openssl/crypto/aes/Makefile
index c501a43a8..45ede0a0b 100644
--- a/deps/openssl/openssl/crypto/aes/Makefile
+++ b/deps/openssl/openssl/crypto/aes/Makefile
@@ -50,9 +50,21 @@ aes-ia64.s: asm/aes-ia64.S
aes-586.s: asm/aes-586.pl ../perlasm/x86asm.pl
$(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+vpaes-x86.s: asm/vpaes-x86.pl ../perlasm/x86asm.pl
+ $(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+aesni-x86.s: asm/aesni-x86.pl ../perlasm/x86asm.pl
+ $(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
aes-x86_64.s: asm/aes-x86_64.pl
$(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
+vpaes-x86_64.s: asm/vpaes-x86_64.pl
+ $(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) > $@
+bsaes-x86_64.s: asm/bsaes-x86_64.pl
+ $(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-x86_64.s: asm/aesni-x86_64.pl
+ $(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha1-x86_64.s: asm/aesni-sha1-x86_64.pl
+ $(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) > $@
aes-sparcv9.s: asm/aes-sparcv9.pl
$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
@@ -60,8 +72,15 @@ aes-sparcv9.s: asm/aes-sparcv9.pl
aes-ppc.s: asm/aes-ppc.pl
$(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+aes-parisc.s: asm/aes-parisc.pl
+ $(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+
+aes-mips.S: asm/aes-mips.pl
+ $(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+
# GNU make "catch all"
-aes-%.s: asm/aes-%.pl; $(PERL) $< $(CFLAGS) > $@
+aes-%.S: asm/aes-%.pl; $(PERL) $< $(PERLASM_SCHEME) > $@
+aes-armv4.o: aes-armv4.S
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -117,9 +136,11 @@ aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
-aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_misc.o: ../../include/openssl/opensslconf.h
-aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/crypto.h
+aes_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_misc.o: ../../include/openssl/symhacks.h aes_locl.h aes_misc.c
aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
aes_ofb.o: ../../include/openssl/opensslconf.h aes_ofb.c
aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h
diff --git a/deps/openssl/openssl/crypto/aes/aes.h b/deps/openssl/openssl/crypto/aes/aes.h
index d2c99730f..031abf01b 100644
--- a/deps/openssl/openssl/crypto/aes/aes.h
+++ b/deps/openssl/openssl/crypto/aes/aes.h
@@ -90,6 +90,11 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+
void AES_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void AES_decrypt(const unsigned char *in, unsigned char *out,
diff --git a/deps/openssl/openssl/crypto/aes/aes_core.c b/deps/openssl/openssl/crypto/aes/aes_core.c
index a7ec54f4d..8f5210ac7 100644
--- a/deps/openssl/openssl/crypto/aes/aes_core.c
+++ b/deps/openssl/openssl/crypto/aes/aes_core.c
@@ -625,7 +625,7 @@ static const u32 rcon[] = {
/**
* Expand the cipher key into the encryption key schedule.
*/
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key) {
u32 *rk;
@@ -726,7 +726,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
/**
* Expand the cipher key into the decryption key schedule.
*/
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key) {
u32 *rk;
@@ -734,7 +734,7 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
u32 temp;
/* first, start with an encryption schedule */
- status = AES_set_encrypt_key(userKey, bits, key);
+ status = private_AES_set_encrypt_key(userKey, bits, key);
if (status < 0)
return status;
@@ -1201,7 +1201,7 @@ static const u32 rcon[] = {
/**
* Expand the cipher key into the encryption key schedule.
*/
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key) {
u32 *rk;
int i = 0;
@@ -1301,7 +1301,7 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
/**
* Expand the cipher key into the decryption key schedule.
*/
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key) {
u32 *rk;
@@ -1309,7 +1309,7 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
u32 temp;
/* first, start with an encryption schedule */
- status = AES_set_encrypt_key(userKey, bits, key);
+ status = private_AES_set_encrypt_key(userKey, bits, key);
if (status < 0)
return status;
diff --git a/deps/openssl/openssl/crypto/aes/aes_misc.c b/deps/openssl/openssl/crypto/aes/aes_misc.c
index 4fead1b4c..f083488ec 100644
--- a/deps/openssl/openssl/crypto/aes/aes_misc.c
+++ b/deps/openssl/openssl/crypto/aes/aes_misc.c
@@ -50,6 +50,7 @@
*/
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/aes.h>
#include "aes_locl.h"
@@ -62,3 +63,23 @@ const char *AES_options(void) {
return "aes(partial)";
#endif
}
+
+/* FIPS wrapper functions to block low level AES calls in FIPS mode */
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+ {
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_encrypt_key(userKey, bits, key);
+ }
+
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key)
+ {
+#ifdef OPENSSL_FIPS
+ fips_cipher_abort(AES);
+#endif
+ return private_AES_set_decrypt_key(userKey, bits, key);
+ }
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-586.pl b/deps/openssl/openssl/crypto/aes/asm/aes-586.pl
index fed3150f8..6eb479035 100755
--- a/deps/openssl/openssl/crypto/aes/asm/aes-586.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-586.pl
@@ -39,7 +39,7 @@
# but exhibits up to 10% improvement on other cores.
#
# Second version is "monolithic" replacement for aes_core.c, which in
-# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
+# addition to AES_[de|en]crypt implements private_AES_set_[de|en]cryption_key.
# This made it possible to implement little-endian variant of the
# algorithm without modifying the base C code. Motivating factor for
# the undertaken effort was that it appeared that in tight IA-32
@@ -2854,12 +2854,12 @@ sub enckey()
&set_label("exit");
&function_end("_x86_AES_set_encrypt_key");
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
-&function_begin_B("AES_set_encrypt_key");
+&function_begin_B("private_AES_set_encrypt_key");
&call ("_x86_AES_set_encrypt_key");
&ret ();
-&function_end_B("AES_set_encrypt_key");
+&function_end_B("private_AES_set_encrypt_key");
sub deckey()
{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
@@ -2916,9 +2916,9 @@ sub deckey()
&mov (&DWP(4*$i,$key),$tp1);
}
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
-&function_begin_B("AES_set_decrypt_key");
+&function_begin_B("private_AES_set_decrypt_key");
&call ("_x86_AES_set_encrypt_key");
&cmp ("eax",0);
&je (&label("proceed"));
@@ -2974,7 +2974,7 @@ sub deckey()
&jb (&label("permute"));
&xor ("eax","eax"); # return success
-&function_end("AES_set_decrypt_key");
+&function_end("private_AES_set_decrypt_key");
&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl b/deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl
index c51ee1fbf..86b86c4a0 100644
--- a/deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-armv4.pl
@@ -27,6 +27,11 @@
# Rescheduling for dual-issue pipeline resulted in 12% improvement on
# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~21.5 cycles per byte.
+
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
@@ -46,6 +51,7 @@ $key="r11";
$rounds="r12";
$code=<<___;
+#include "arm_arch.h"
.text
.code 32
@@ -166,7 +172,7 @@ AES_encrypt:
mov $rounds,r0 @ inp
mov $key,r2
sub $tbl,r3,#AES_encrypt-AES_Te @ Te
-
+#if __ARM_ARCH__<7
ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
ldrb $t1,[$rounds,#2] @ manner...
ldrb $t2,[$rounds,#1]
@@ -195,10 +201,33 @@ AES_encrypt:
orr $s3,$s3,$t1,lsl#8
orr $s3,$s3,$t2,lsl#16
orr $s3,$s3,$t3,lsl#24
-
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+#endif
bl _armv4_AES_encrypt
ldr $rounds,[sp],#4 @ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$rounds,#0]
+ str $s1,[$rounds,#4]
+ str $s2,[$rounds,#8]
+ str $s3,[$rounds,#12]
+#else
mov $t1,$s0,lsr#24 @ write output in endian-neutral
mov $t2,$s0,lsr#16 @ manner...
mov $t3,$s0,lsr#8
@@ -227,11 +256,15 @@ AES_encrypt:
strb $t2,[$rounds,#13]
strb $t3,[$rounds,#14]
strb $s3,[$rounds,#15]
-
+#endif
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
ldmia sp!,{r4-r12,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
+#endif
.size AES_encrypt,.-AES_encrypt
.type _armv4_AES_encrypt,%function
@@ -271,11 +304,11 @@ _armv4_AES_encrypt:
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$t3,$i3,ror#8
and $i3,lr,$s2
- eor $s1,$s1,$t1,ror#24
ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
+ eor $s1,$s1,$t1,ror#24
+ ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
mov $s2,$s2,lsr#24
- ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
eor $s0,$s0,$i1,ror#16
ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
@@ -284,16 +317,16 @@ _armv4_AES_encrypt:
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$t3,$i3,ror#16
and $i3,lr,$s3,lsr#16 @ i2
- eor $s2,$s2,$t2,ror#16
ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
+ eor $s2,$s2,$t2,ror#16
+ ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
mov $s3,$s3,lsr#24
- ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
eor $s0,$s0,$i1,ror#24
- ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
- eor $s1,$s1,$i2,ror#16
ldr $i1,[$key],#16
+ eor $s1,$s1,$i2,ror#16
+ ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
eor $s2,$s2,$i3,ror#8
ldr $t1,[$key,#-12]
eor $s3,$s3,$t3,ror#8
@@ -333,11 +366,11 @@ _armv4_AES_encrypt:
and $i2,lr,$s2,lsr#16 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s2
- eor $s1,$t1,$s1,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
+ eor $s1,$t1,$s1,lsl#24
+ ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
mov $s2,$s2,lsr#24
- ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
eor $s0,$i1,$s0,lsl#8
ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
@@ -346,15 +379,15 @@ _armv4_AES_encrypt:
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,lsl#8
and $i3,lr,$s3,lsr#16 @ i2
- eor $s2,$t2,$s2,lsl#24
ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
+ eor $s2,$t2,$s2,lsl#24
+ ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
mov $s3,$s3,lsr#24
- ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
eor $s0,$i1,$s0,lsl#8
- ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
ldr $i1,[$key,#0]
+ ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
eor $s1,$s1,$i2,lsl#8
ldr $t1,[$key,#4]
eor $s2,$s2,$i3,lsl#16
@@ -371,10 +404,11 @@ _armv4_AES_encrypt:
ldr pc,[sp],#4 @ pop and return
.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
-.global AES_set_encrypt_key
-.type AES_set_encrypt_key,%function
+.global private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,%function
.align 5
-AES_set_encrypt_key:
+private_AES_set_encrypt_key:
+_armv4_AES_set_encrypt_key:
sub r3,pc,#8 @ AES_set_encrypt_key
teq r0,#0
moveq r0,#-1
@@ -392,12 +426,13 @@ AES_set_encrypt_key:
bne .Labrt
.Lok: stmdb sp!,{r4-r12,lr}
- sub $tbl,r3,#AES_set_encrypt_key-AES_Te-1024 @ Te4
+ sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
mov $rounds,r0 @ inp
mov lr,r1 @ bits
mov $key,r2 @ key
+#if __ARM_ARCH__<7
ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
ldrb $t1,[$rounds,#2] @ manner...
ldrb $t2,[$rounds,#1]
@@ -430,6 +465,22 @@ AES_set_encrypt_key:
orr $s3,$s3,$t3,lsl#24
str $s2,[$key,#-8]
str $s3,[$key,#-4]
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$key],#16
+ str $s1,[$key,#-12]
+ str $s2,[$key,#-8]
+ str $s3,[$key,#-4]
+#endif
teq lr,#128
bne .Lnot128
@@ -466,6 +517,7 @@ AES_set_encrypt_key:
b .Ldone
.Lnot128:
+#if __ARM_ARCH__<7
ldrb $i2,[$rounds,#19]
ldrb $t1,[$rounds,#18]
ldrb $t2,[$rounds,#17]
@@ -482,6 +534,16 @@ AES_set_encrypt_key:
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
+#else
+ ldr $i2,[$rounds,#16]
+ ldr $i3,[$rounds,#20]
+#ifdef __ARMEL__
+ rev $i2,$i2
+ rev $i3,$i3
+#endif
+ str $i2,[$key],#8
+ str $i3,[$key,#-4]
+#endif
teq lr,#192
bne .Lnot192
@@ -526,6 +588,7 @@ AES_set_encrypt_key:
b .L192_loop
.Lnot192:
+#if __ARM_ARCH__<7
ldrb $i2,[$rounds,#27]
ldrb $t1,[$rounds,#26]
ldrb $t2,[$rounds,#25]
@@ -542,6 +605,16 @@ AES_set_encrypt_key:
str $i2,[$key],#8
orr $i3,$i3,$t3,lsl#24
str $i3,[$key,#-4]
+#else
+ ldr $i2,[$rounds,#24]
+ ldr $i3,[$rounds,#28]
+#ifdef __ARMEL__
+ rev $i2,$i2
+ rev $i3,$i3
+#endif
+ str $i2,[$key],#8
+ str $i3,[$key,#-4]
+#endif
mov $rounds,#14
str $rounds,[$key,#240-32]
@@ -606,14 +679,14 @@ AES_set_encrypt_key:
.Labrt: tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
-.global AES_set_decrypt_key
-.type AES_set_decrypt_key,%function
+.global private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,%function
.align 5
-AES_set_decrypt_key:
+private_AES_set_decrypt_key:
str lr,[sp,#-4]! @ push lr
- bl AES_set_encrypt_key
+ bl _armv4_AES_set_encrypt_key
teq r0,#0
ldrne lr,[sp],#4 @ pop lr
bne .Labrt
@@ -692,11 +765,15 @@ $code.=<<___;
bne .Lmix
mov r0,#0
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
ldmia sp!,{r4-r12,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
-.size AES_set_decrypt_key,.-AES_set_decrypt_key
+#endif
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
.type AES_Td,%object
.align 5
@@ -811,7 +888,7 @@ AES_decrypt:
mov $rounds,r0 @ inp
mov $key,r2
sub $tbl,r3,#AES_decrypt-AES_Td @ Td
-
+#if __ARM_ARCH__<7
ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
ldrb $t1,[$rounds,#2] @ manner...
ldrb $t2,[$rounds,#1]
@@ -840,10 +917,33 @@ AES_decrypt:
orr $s3,$s3,$t1,lsl#8
orr $s3,$s3,$t2,lsl#16
orr $s3,$s3,$t3,lsl#24
-
+#else
+ ldr $s0,[$rounds,#0]
+ ldr $s1,[$rounds,#4]
+ ldr $s2,[$rounds,#8]
+ ldr $s3,[$rounds,#12]
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+#endif
bl _armv4_AES_decrypt
ldr $rounds,[sp],#4 @ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+ rev $s0,$s0
+ rev $s1,$s1
+ rev $s2,$s2
+ rev $s3,$s3
+#endif
+ str $s0,[$rounds,#0]
+ str $s1,[$rounds,#4]
+ str $s2,[$rounds,#8]
+ str $s3,[$rounds,#12]
+#else
mov $t1,$s0,lsr#24 @ write output in endian-neutral
mov $t2,$s0,lsr#16 @ manner...
mov $t3,$s0,lsr#8
@@ -872,11 +972,15 @@ AES_decrypt:
strb $t2,[$rounds,#13]
strb $t3,[$rounds,#14]
strb $s3,[$rounds,#15]
-
+#endif
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
ldmia sp!,{r4-r12,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
+#endif
.size AES_decrypt,.-AES_decrypt
.type _armv4_AES_decrypt,%function
@@ -916,11 +1020,11 @@ _armv4_AES_decrypt:
and $i2,lr,$s2 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s2,lsr#16
- eor $s1,$s1,$t1,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
+ eor $s1,$s1,$t1,ror#8
+ ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
mov $s2,$s2,lsr#24
- ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
eor $s0,$s0,$i1,ror#16
ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
@@ -929,22 +1033,22 @@ _armv4_AES_decrypt:
and $i2,lr,$s3,lsr#8 @ i1
eor $t3,$i3,$t3,ror#8
and $i3,lr,$s3 @ i2
- eor $s2,$s2,$t2,ror#8
ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
+ eor $s2,$s2,$t2,ror#8
+ ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
mov $s3,$s3,lsr#24
- ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
eor $s0,$s0,$i1,ror#8
- ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
+ ldr $i1,[$key],#16
eor $s1,$s1,$i2,ror#16
+ ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
eor $s2,$s2,$i3,ror#24
- ldr $i1,[$key],#16
- eor $s3,$s3,$t3,ror#8
ldr $t1,[$key,#-12]
- ldr $t2,[$key,#-8]
eor $s0,$s0,$i1
+ ldr $t2,[$key,#-8]
+ eor $s3,$s3,$t3,ror#8
ldr $t3,[$key,#-4]
and $i1,lr,$s0,lsr#16
eor $s1,$s1,$t1
@@ -985,11 +1089,11 @@ _armv4_AES_decrypt:
and $i1,lr,$s2,lsr#8 @ i0
eor $t2,$t2,$i2,lsl#8
and $i2,lr,$s2 @ i1
- eor $t3,$t3,$i3,lsl#8
ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
+ eor $t3,$t3,$i3,lsl#8
+ ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
and $i3,lr,$s2,lsr#16
- ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
eor $s0,$s0,$i1,lsl#8
ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
@@ -997,11 +1101,11 @@ _armv4_AES_decrypt:
and $i1,lr,$s3,lsr#16 @ i0
eor $s2,$t2,$s2,lsl#16
and $i2,lr,$s3,lsr#8 @ i1
- eor $t3,$t3,$i3,lsl#16
ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
+ eor $t3,$t3,$i3,lsl#16
+ ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
and $i3,lr,$s3 @ i2
- ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
eor $s0,$s0,$i1,lsl#16
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl b/deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl
index f82c5e181..7c52cbe5f 100644
--- a/deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl
@@ -7,7 +7,7 @@
# details see http://www.openssl.org/~appro/cryptogams/.
# ====================================================================
-# Needs more work: key setup, page boundaries, CBC routine...
+# Needs more work: key setup, CBC routine...
#
# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with
# 128-bit key, which is ~40% better than 64-bit code generated by gcc
@@ -18,7 +18,7 @@
# February 2010
#
-# Rescheduling instructions to favour Power6 pipeline gives 10%
+# Rescheduling instructions to favour Power6 pipeline gave 10%
# performance improvement on the platfrom in question (and marginal
# improvement even on others). It should be noted that Power6 fails
# to process byte in 18 cycles, only in 23, because it fails to issue
@@ -33,11 +33,13 @@ $flavour = shift;
if ($flavour =~ /64/) {
$SIZE_T =8;
+ $LRSAVE =2*$SIZE_T;
$STU ="stdu";
$POP ="ld";
$PUSH ="std";
} elsif ($flavour =~ /32/) {
$SIZE_T =4;
+ $LRSAVE =$SIZE_T;
$STU ="stwu";
$POP ="lwz";
$PUSH ="stw";
@@ -116,15 +118,19 @@ LAES_Te:
addi $Tbl0,$Tbl0,`128-8`
mtlr r0
blr
- .space `32-24`
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `64-9*4`
LAES_Td:
mflr r0
bcl 20,31,\$+4
mflr $Tbl0 ; vvvvvvvv "distance" between . and 1st data entry
- addi $Tbl0,$Tbl0,`128-8-32+2048+256`
+ addi $Tbl0,$Tbl0,`128-64-8+2048+256`
mtlr r0
blr
- .space `128-32-24`
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `128-64-9*4`
___
&_data_word(
0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
@@ -328,10 +334,9 @@ $code.=<<___;
.globl .AES_encrypt
.align 7
.AES_encrypt:
- mflr r0
$STU $sp,-$FRAME($sp)
+ mflr r0
- $PUSH r0,`$FRAME-$SIZE_T*21`($sp)
$PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
$PUSH r13,`$FRAME-$SIZE_T*19`($sp)
$PUSH r14,`$FRAME-$SIZE_T*18`($sp)
@@ -352,7 +357,14 @@ $code.=<<___;
$PUSH r29,`$FRAME-$SIZE_T*3`($sp)
$PUSH r30,`$FRAME-$SIZE_T*2`($sp)
$PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+
+ andi. $t0,$inp,3
+ andi. $t1,$out,3
+ or. $t0,$t0,$t1
+ bne Lenc_unaligned
+Lenc_unaligned_ok:
lwz $s0,0($inp)
lwz $s1,4($inp)
lwz $s2,8($inp)
@@ -363,8 +375,80 @@ $code.=<<___;
stw $s1,4($out)
stw $s2,8($out)
stw $s3,12($out)
+ b Lenc_done
+
+Lenc_unaligned:
+ subfic $t0,$inp,4096
+ subfic $t1,$out,4096
+ andi. $t0,$t0,4096-16
+ beq Lenc_xpage
+ andi. $t1,$t1,4096-16
+ bne Lenc_unaligned_ok
+
+Lenc_xpage:
+ lbz $acc00,0($inp)
+ lbz $acc01,1($inp)
+ lbz $acc02,2($inp)
+ lbz $s0,3($inp)
+ lbz $acc04,4($inp)
+ lbz $acc05,5($inp)
+ lbz $acc06,6($inp)
+ lbz $s1,7($inp)
+ lbz $acc08,8($inp)
+ lbz $acc09,9($inp)
+ lbz $acc10,10($inp)
+ insrwi $s0,$acc00,8,0
+ lbz $s2,11($inp)
+ insrwi $s1,$acc04,8,0
+ lbz $acc12,12($inp)
+ insrwi $s0,$acc01,8,8
+ lbz $acc13,13($inp)
+ insrwi $s1,$acc05,8,8
+ lbz $acc14,14($inp)
+ insrwi $s0,$acc02,8,16
+ lbz $s3,15($inp)
+ insrwi $s1,$acc06,8,16
+ insrwi $s2,$acc08,8,0
+ insrwi $s3,$acc12,8,0
+ insrwi $s2,$acc09,8,8
+ insrwi $s3,$acc13,8,8
+ insrwi $s2,$acc10,8,16
+ insrwi $s3,$acc14,8,16
+
+ bl LAES_Te
+ bl Lppc_AES_encrypt_compact
+
+ extrwi $acc00,$s0,8,0
+ extrwi $acc01,$s0,8,8
+ stb $acc00,0($out)
+ extrwi $acc02,$s0,8,16
+ stb $acc01,1($out)
+ stb $acc02,2($out)
+ extrwi $acc04,$s1,8,0
+ stb $s0,3($out)
+ extrwi $acc05,$s1,8,8
+ stb $acc04,4($out)
+ extrwi $acc06,$s1,8,16
+ stb $acc05,5($out)
+ stb $acc06,6($out)
+ extrwi $acc08,$s2,8,0
+ stb $s1,7($out)
+ extrwi $acc09,$s2,8,8
+ stb $acc08,8($out)
+ extrwi $acc10,$s2,8,16
+ stb $acc09,9($out)
+ stb $acc10,10($out)
+ extrwi $acc12,$s3,8,0
+ stb $s2,11($out)
+ extrwi $acc13,$s3,8,8
+ stb $acc12,12($out)
+ extrwi $acc14,$s3,8,16
+ stb $acc13,13($out)
+ stb $acc14,14($out)
+ stb $s3,15($out)
- $POP r0,`$FRAME-$SIZE_T*21`($sp)
+Lenc_done:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
$POP $toc,`$FRAME-$SIZE_T*20`($sp)
$POP r13,`$FRAME-$SIZE_T*19`($sp)
$POP r14,`$FRAME-$SIZE_T*18`($sp)
@@ -388,18 +472,21 @@ $code.=<<___;
mtlr r0
addi $sp,$sp,$FRAME
blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
.align 5
Lppc_AES_encrypt:
lwz $acc00,240($key)
- lwz $t0,0($key)
- lwz $t1,4($key)
- lwz $t2,8($key)
- lwz $t3,12($key)
addi $Tbl1,$Tbl0,3
+ lwz $t0,0($key)
addi $Tbl2,$Tbl0,2
+ lwz $t1,4($key)
addi $Tbl3,$Tbl0,1
+ lwz $t2,8($key)
addi $acc00,$acc00,-1
+ lwz $t3,12($key)
addi $key,$key,16
xor $s0,$s0,$t0
xor $s1,$s1,$t1
@@ -413,44 +500,44 @@ Lenc_loop:
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t0,0($key)
- lwz $t1,4($key)
rlwinm $acc04,$s1,`32-16+3`,21,28
+ lwz $t1,4($key)
rlwinm $acc05,$s2,`32-16+3`,21,28
lwz $t2,8($key)
- lwz $t3,12($key)
rlwinm $acc06,$s3,`32-16+3`,21,28
+ lwz $t3,12($key)
rlwinm $acc07,$s0,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
- lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
+ lwzx $acc01,$Tbl0,$acc01
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc02,$Tbl0,$acc02
- lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
+ lwzx $acc03,$Tbl0,$acc03
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
- lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0+3`,21,28
+ lwzx $acc05,$Tbl1,$acc05
rlwinm $acc13,$s0,`0+3`,21,28
lwzx $acc06,$Tbl1,$acc06
- lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0+3`,21,28
+ lwzx $acc07,$Tbl1,$acc07
rlwinm $acc15,$s2,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
- lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
+ lwzx $acc09,$Tbl2,$acc09
xor $t1,$t1,$acc01
lwzx $acc10,$Tbl2,$acc10
- lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
+ lwzx $acc11,$Tbl2,$acc11
xor $t3,$t3,$acc03
lwzx $acc12,$Tbl3,$acc12
- lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
+ lwzx $acc13,$Tbl3,$acc13
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
- lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
+ lwzx $acc15,$Tbl3,$acc15
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
xor $t1,$t1,$acc09
@@ -466,60 +553,60 @@ Lenc_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $t0,0($key)
- lwz $t1,4($key)
rlwinm $acc00,$s0,`32-24`,24,31
+ lwz $t1,4($key)
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
- lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
+ lwz $t3,12($key)
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4
- lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s1,`32-16`,24,31
+ lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc05,$s2,`32-16`,24,31
lwz $acc10,`2048+64`($Tbl0)
- lwz $acc11,`2048+96`($Tbl0)
rlwinm $acc06,$s3,`32-16`,24,31
+ lwz $acc11,`2048+96`($Tbl0)
rlwinm $acc07,$s0,`32-16`,24,31
lwz $acc12,`2048+128`($Tbl0)
- lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
+ lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc09,$s3,`32-8`,24,31
lwz $acc14,`2048+192`($Tbl0)
- lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc10,$s0,`32-8`,24,31
+ lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc00,$Tbl2,$acc00
- lbzx $acc01,$Tbl2,$acc01
rlwinm $acc12,$s3,`0`,24,31
+ lbzx $acc01,$Tbl2,$acc01
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc02,$Tbl2,$acc02
- lbzx $acc03,$Tbl2,$acc03
rlwinm $acc14,$s1,`0`,24,31
+ lbzx $acc03,$Tbl2,$acc03
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc04,$Tbl2,$acc04
- lbzx $acc05,$Tbl2,$acc05
rlwinm $s0,$acc00,24,0,7
+ lbzx $acc05,$Tbl2,$acc05
rlwinm $s1,$acc01,24,0,7
lbzx $acc06,$Tbl2,$acc06
- lbzx $acc07,$Tbl2,$acc07
rlwinm $s2,$acc02,24,0,7
+ lbzx $acc07,$Tbl2,$acc07
rlwinm $s3,$acc03,24,0,7
lbzx $acc08,$Tbl2,$acc08
- lbzx $acc09,$Tbl2,$acc09
rlwimi $s0,$acc04,16,8,15
+ lbzx $acc09,$Tbl2,$acc09
rlwimi $s1,$acc05,16,8,15
lbzx $acc10,$Tbl2,$acc10
- lbzx $acc11,$Tbl2,$acc11
rlwimi $s2,$acc06,16,8,15
+ lbzx $acc11,$Tbl2,$acc11
rlwimi $s3,$acc07,16,8,15
lbzx $acc12,$Tbl2,$acc12
- lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc08,8,16,23
+ lbzx $acc13,$Tbl2,$acc13
rlwimi $s1,$acc09,8,16,23
lbzx $acc14,$Tbl2,$acc14
- lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc10,8,16,23
+ lbzx $acc15,$Tbl2,$acc15
rlwimi $s3,$acc11,8,16,23
or $s0,$s0,$acc12
or $s1,$s1,$acc13
@@ -530,29 +617,31 @@ Lenc_loop:
xor $s2,$s2,$t2
xor $s3,$s3,$t3
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.align 4
Lppc_AES_encrypt_compact:
lwz $acc00,240($key)
- lwz $t0,0($key)
- lwz $t1,4($key)
- lwz $t2,8($key)
- lwz $t3,12($key)
addi $Tbl1,$Tbl0,2048
+ lwz $t0,0($key)
lis $mask80,0x8080
+ lwz $t1,4($key)
lis $mask1b,0x1b1b
- addi $key,$key,16
+ lwz $t2,8($key)
ori $mask80,$mask80,0x8080
+ lwz $t3,12($key)
ori $mask1b,$mask1b,0x1b1b
+ addi $key,$key,16
mtctr $acc00
.align 4
Lenc_compact_loop:
xor $s0,$s0,$t0
xor $s1,$s1,$t1
- xor $s2,$s2,$t2
- xor $s3,$s3,$t3
rlwinm $acc00,$s0,`32-24`,24,31
+ xor $s2,$s2,$t2
rlwinm $acc01,$s1,`32-24`,24,31
+ xor $s3,$s3,$t3
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc04,$s1,`32-16`,24,31
@@ -560,48 +649,48 @@ Lenc_compact_loop:
rlwinm $acc06,$s3,`32-16`,24,31
rlwinm $acc07,$s0,`32-16`,24,31
lbzx $acc00,$Tbl1,$acc00
- lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
+ lbzx $acc01,$Tbl1,$acc01
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc02,$Tbl1,$acc02
- lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl1,$acc03
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc04,$Tbl1,$acc04
- lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s3,`0`,24,31
+ lbzx $acc05,$Tbl1,$acc05
rlwinm $acc13,$s0,`0`,24,31
lbzx $acc06,$Tbl1,$acc06
- lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s1,`0`,24,31
+ lbzx $acc07,$Tbl1,$acc07
rlwinm $acc15,$s2,`0`,24,31
lbzx $acc08,$Tbl1,$acc08
- lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl1,$acc09
rlwinm $s1,$acc01,24,0,7
lbzx $acc10,$Tbl1,$acc10
- lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl1,$acc11
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
- lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl1,$acc13
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
- lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl1,$acc15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
rlwimi $s1,$acc09,8,16,23
rlwimi $s2,$acc10,8,16,23
rlwimi $s3,$acc11,8,16,23
lwz $t0,0($key)
- lwz $t1,4($key)
or $s0,$s0,$acc12
+ lwz $t1,4($key)
or $s1,$s1,$acc13
lwz $t2,8($key)
- lwz $t3,12($key)
or $s2,$s2,$acc14
+ lwz $t3,12($key)
or $s3,$s3,$acc15
addi $key,$key,16
@@ -612,12 +701,12 @@ Lenc_compact_loop:
and $acc02,$s2,$mask80
and $acc03,$s3,$mask80
srwi $acc04,$acc00,7 # r1>>7
- srwi $acc05,$acc01,7
- srwi $acc06,$acc02,7
- srwi $acc07,$acc03,7
andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f
+ srwi $acc05,$acc01,7
andc $acc09,$s1,$mask80
+ srwi $acc06,$acc02,7
andc $acc10,$s2,$mask80
+ srwi $acc07,$acc03,7
andc $acc11,$s3,$mask80
sub $acc00,$acc00,$acc04 # r1-(r1>>7)
sub $acc01,$acc01,$acc05
@@ -633,32 +722,32 @@ Lenc_compact_loop:
and $acc03,$acc03,$mask1b
xor $acc00,$acc00,$acc08 # r2
xor $acc01,$acc01,$acc09
+ rotlwi $acc12,$s0,16 # ROTATE(r0,16)
xor $acc02,$acc02,$acc10
+ rotlwi $acc13,$s1,16
xor $acc03,$acc03,$acc11
+ rotlwi $acc14,$s2,16
- rotlwi $acc12,$s0,16 # ROTATE(r0,16)
- rotlwi $acc13,$s1,16
- rotlwi $acc14,$s2,16
- rotlwi $acc15,$s3,16
xor $s0,$s0,$acc00 # r0^r2
+ rotlwi $acc15,$s3,16
xor $s1,$s1,$acc01
- xor $s2,$s2,$acc02
- xor $s3,$s3,$acc03
rotrwi $s0,$s0,24 # ROTATE(r2^r0,24)
+ xor $s2,$s2,$acc02
rotrwi $s1,$s1,24
+ xor $s3,$s3,$acc03
rotrwi $s2,$s2,24
- rotrwi $s3,$s3,24
xor $s0,$s0,$acc00 # ROTATE(r2^r0,24)^r2
+ rotrwi $s3,$s3,24
xor $s1,$s1,$acc01
xor $s2,$s2,$acc02
xor $s3,$s3,$acc03
rotlwi $acc08,$acc12,8 # ROTATE(r0,24)
- rotlwi $acc09,$acc13,8
- rotlwi $acc10,$acc14,8
- rotlwi $acc11,$acc15,8
xor $s0,$s0,$acc12 #
+ rotlwi $acc09,$acc13,8
xor $s1,$s1,$acc13
+ rotlwi $acc10,$acc14,8
xor $s2,$s2,$acc14
+ rotlwi $acc11,$acc15,8
xor $s3,$s3,$acc15
xor $s0,$s0,$acc08 #
xor $s1,$s1,$acc09
@@ -673,14 +762,15 @@ Lenc_compact_done:
xor $s2,$s2,$t2
xor $s3,$s3,$t3
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.globl .AES_decrypt
.align 7
.AES_decrypt:
- mflr r0
$STU $sp,-$FRAME($sp)
+ mflr r0
- $PUSH r0,`$FRAME-$SIZE_T*21`($sp)
$PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
$PUSH r13,`$FRAME-$SIZE_T*19`($sp)
$PUSH r14,`$FRAME-$SIZE_T*18`($sp)
@@ -701,7 +791,14 @@ Lenc_compact_done:
$PUSH r29,`$FRAME-$SIZE_T*3`($sp)
$PUSH r30,`$FRAME-$SIZE_T*2`($sp)
$PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
+ andi. $t0,$inp,3
+ andi. $t1,$out,3
+ or. $t0,$t0,$t1
+ bne Ldec_unaligned
+
+Ldec_unaligned_ok:
lwz $s0,0($inp)
lwz $s1,4($inp)
lwz $s2,8($inp)
@@ -712,8 +809,80 @@ Lenc_compact_done:
stw $s1,4($out)
stw $s2,8($out)
stw $s3,12($out)
+ b Ldec_done
+
+Ldec_unaligned:
+ subfic $t0,$inp,4096
+ subfic $t1,$out,4096
+ andi. $t0,$t0,4096-16
+ beq Ldec_xpage
+ andi. $t1,$t1,4096-16
+ bne Ldec_unaligned_ok
+
+Ldec_xpage:
+ lbz $acc00,0($inp)
+ lbz $acc01,1($inp)
+ lbz $acc02,2($inp)
+ lbz $s0,3($inp)
+ lbz $acc04,4($inp)
+ lbz $acc05,5($inp)
+ lbz $acc06,6($inp)
+ lbz $s1,7($inp)
+ lbz $acc08,8($inp)
+ lbz $acc09,9($inp)
+ lbz $acc10,10($inp)
+ insrwi $s0,$acc00,8,0
+ lbz $s2,11($inp)
+ insrwi $s1,$acc04,8,0
+ lbz $acc12,12($inp)
+ insrwi $s0,$acc01,8,8
+ lbz $acc13,13($inp)
+ insrwi $s1,$acc05,8,8
+ lbz $acc14,14($inp)
+ insrwi $s0,$acc02,8,16
+ lbz $s3,15($inp)
+ insrwi $s1,$acc06,8,16
+ insrwi $s2,$acc08,8,0
+ insrwi $s3,$acc12,8,0
+ insrwi $s2,$acc09,8,8
+ insrwi $s3,$acc13,8,8
+ insrwi $s2,$acc10,8,16
+ insrwi $s3,$acc14,8,16
+
+ bl LAES_Td
+ bl Lppc_AES_decrypt_compact
- $POP r0,`$FRAME-$SIZE_T*21`($sp)
+ extrwi $acc00,$s0,8,0
+ extrwi $acc01,$s0,8,8
+ stb $acc00,0($out)
+ extrwi $acc02,$s0,8,16
+ stb $acc01,1($out)
+ stb $acc02,2($out)
+ extrwi $acc04,$s1,8,0
+ stb $s0,3($out)
+ extrwi $acc05,$s1,8,8
+ stb $acc04,4($out)
+ extrwi $acc06,$s1,8,16
+ stb $acc05,5($out)
+ stb $acc06,6($out)
+ extrwi $acc08,$s2,8,0
+ stb $s1,7($out)
+ extrwi $acc09,$s2,8,8
+ stb $acc08,8($out)
+ extrwi $acc10,$s2,8,16
+ stb $acc09,9($out)
+ stb $acc10,10($out)
+ extrwi $acc12,$s3,8,0
+ stb $s2,11($out)
+ extrwi $acc13,$s3,8,8
+ stb $acc12,12($out)
+ extrwi $acc14,$s3,8,16
+ stb $acc13,13($out)
+ stb $acc14,14($out)
+ stb $s3,15($out)
+
+Ldec_done:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
$POP $toc,`$FRAME-$SIZE_T*20`($sp)
$POP r13,`$FRAME-$SIZE_T*19`($sp)
$POP r14,`$FRAME-$SIZE_T*18`($sp)
@@ -737,18 +906,21 @@ Lenc_compact_done:
mtlr r0
addi $sp,$sp,$FRAME
blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
.align 5
Lppc_AES_decrypt:
lwz $acc00,240($key)
- lwz $t0,0($key)
- lwz $t1,4($key)
- lwz $t2,8($key)
- lwz $t3,12($key)
addi $Tbl1,$Tbl0,3
+ lwz $t0,0($key)
addi $Tbl2,$Tbl0,2
+ lwz $t1,4($key)
addi $Tbl3,$Tbl0,1
+ lwz $t2,8($key)
addi $acc00,$acc00,-1
+ lwz $t3,12($key)
addi $key,$key,16
xor $s0,$s0,$t0
xor $s1,$s1,$t1
@@ -762,44 +934,44 @@ Ldec_loop:
rlwinm $acc02,$s2,`32-24+3`,21,28
rlwinm $acc03,$s3,`32-24+3`,21,28
lwz $t0,0($key)
- lwz $t1,4($key)
rlwinm $acc04,$s3,`32-16+3`,21,28
+ lwz $t1,4($key)
rlwinm $acc05,$s0,`32-16+3`,21,28
lwz $t2,8($key)
- lwz $t3,12($key)
rlwinm $acc06,$s1,`32-16+3`,21,28
+ lwz $t3,12($key)
rlwinm $acc07,$s2,`32-16+3`,21,28
lwzx $acc00,$Tbl0,$acc00
- lwzx $acc01,$Tbl0,$acc01
rlwinm $acc08,$s2,`32-8+3`,21,28
+ lwzx $acc01,$Tbl0,$acc01
rlwinm $acc09,$s3,`32-8+3`,21,28
lwzx $acc02,$Tbl0,$acc02
- lwzx $acc03,$Tbl0,$acc03
rlwinm $acc10,$s0,`32-8+3`,21,28
+ lwzx $acc03,$Tbl0,$acc03
rlwinm $acc11,$s1,`32-8+3`,21,28
lwzx $acc04,$Tbl1,$acc04
- lwzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0+3`,21,28
+ lwzx $acc05,$Tbl1,$acc05
rlwinm $acc13,$s2,`0+3`,21,28
lwzx $acc06,$Tbl1,$acc06
- lwzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0+3`,21,28
+ lwzx $acc07,$Tbl1,$acc07
rlwinm $acc15,$s0,`0+3`,21,28
lwzx $acc08,$Tbl2,$acc08
- lwzx $acc09,$Tbl2,$acc09
xor $t0,$t0,$acc00
+ lwzx $acc09,$Tbl2,$acc09
xor $t1,$t1,$acc01
lwzx $acc10,$Tbl2,$acc10
- lwzx $acc11,$Tbl2,$acc11
xor $t2,$t2,$acc02
+ lwzx $acc11,$Tbl2,$acc11
xor $t3,$t3,$acc03
lwzx $acc12,$Tbl3,$acc12
- lwzx $acc13,$Tbl3,$acc13
xor $t0,$t0,$acc04
+ lwzx $acc13,$Tbl3,$acc13
xor $t1,$t1,$acc05
lwzx $acc14,$Tbl3,$acc14
- lwzx $acc15,$Tbl3,$acc15
xor $t2,$t2,$acc06
+ lwzx $acc15,$Tbl3,$acc15
xor $t3,$t3,$acc07
xor $t0,$t0,$acc08
xor $t1,$t1,$acc09
@@ -815,56 +987,56 @@ Ldec_loop:
addi $Tbl2,$Tbl0,2048
nop
lwz $t0,0($key)
- lwz $t1,4($key)
rlwinm $acc00,$s0,`32-24`,24,31
+ lwz $t1,4($key)
rlwinm $acc01,$s1,`32-24`,24,31
lwz $t2,8($key)
- lwz $t3,12($key)
rlwinm $acc02,$s2,`32-24`,24,31
+ lwz $t3,12($key)
rlwinm $acc03,$s3,`32-24`,24,31
lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4
- lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc04,$s3,`32-16`,24,31
+ lwz $acc09,`2048+32`($Tbl0)
rlwinm $acc05,$s0,`32-16`,24,31
lwz $acc10,`2048+64`($Tbl0)
- lwz $acc11,`2048+96`($Tbl0)
lbzx $acc00,$Tbl2,$acc00
+ lwz $acc11,`2048+96`($Tbl0)
lbzx $acc01,$Tbl2,$acc01
lwz $acc12,`2048+128`($Tbl0)
- lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc06,$s1,`32-16`,24,31
+ lwz $acc13,`2048+160`($Tbl0)
rlwinm $acc07,$s2,`32-16`,24,31
lwz $acc14,`2048+192`($Tbl0)
- lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc08,$s2,`32-8`,24,31
+ lwz $acc15,`2048+224`($Tbl0)
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc02,$Tbl2,$acc02
- lbzx $acc03,$Tbl2,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl2,$acc03
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc04,$Tbl2,$acc04
- lbzx $acc05,$Tbl2,$acc05
rlwinm $acc12,$s1,`0`,24,31
+ lbzx $acc05,$Tbl2,$acc05
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc06,$Tbl2,$acc06
- lbzx $acc07,$Tbl2,$acc07
rlwinm $acc14,$s3,`0`,24,31
+ lbzx $acc07,$Tbl2,$acc07
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc08,$Tbl2,$acc08
- lbzx $acc09,$Tbl2,$acc09
rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl2,$acc09
rlwinm $s1,$acc01,24,0,7
lbzx $acc10,$Tbl2,$acc10
- lbzx $acc11,$Tbl2,$acc11
rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl2,$acc11
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl2,$acc12
- lbzx $acc13,$Tbl2,$acc13
rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl2,$acc13
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl2,$acc14
- lbzx $acc15,$Tbl2,$acc15
rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl2,$acc15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
rlwimi $s1,$acc09,8,16,23
@@ -879,20 +1051,22 @@ Ldec_loop:
xor $s2,$s2,$t2
xor $s3,$s3,$t3
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.align 4
Lppc_AES_decrypt_compact:
lwz $acc00,240($key)
- lwz $t0,0($key)
- lwz $t1,4($key)
- lwz $t2,8($key)
- lwz $t3,12($key)
addi $Tbl1,$Tbl0,2048
+ lwz $t0,0($key)
lis $mask80,0x8080
+ lwz $t1,4($key)
lis $mask1b,0x1b1b
- addi $key,$key,16
+ lwz $t2,8($key)
ori $mask80,$mask80,0x8080
+ lwz $t3,12($key)
ori $mask1b,$mask1b,0x1b1b
+ addi $key,$key,16
___
$code.=<<___ if ($SIZE_T==8);
insrdi $mask80,$mask80,32,0
@@ -904,10 +1078,10 @@ $code.=<<___;
Ldec_compact_loop:
xor $s0,$s0,$t0
xor $s1,$s1,$t1
- xor $s2,$s2,$t2
- xor $s3,$s3,$t3
rlwinm $acc00,$s0,`32-24`,24,31
+ xor $s2,$s2,$t2
rlwinm $acc01,$s1,`32-24`,24,31
+ xor $s3,$s3,$t3
rlwinm $acc02,$s2,`32-24`,24,31
rlwinm $acc03,$s3,`32-24`,24,31
rlwinm $acc04,$s3,`32-16`,24,31
@@ -915,48 +1089,48 @@ Ldec_compact_loop:
rlwinm $acc06,$s1,`32-16`,24,31
rlwinm $acc07,$s2,`32-16`,24,31
lbzx $acc00,$Tbl1,$acc00
- lbzx $acc01,$Tbl1,$acc01
rlwinm $acc08,$s2,`32-8`,24,31
+ lbzx $acc01,$Tbl1,$acc01
rlwinm $acc09,$s3,`32-8`,24,31
lbzx $acc02,$Tbl1,$acc02
- lbzx $acc03,$Tbl1,$acc03
rlwinm $acc10,$s0,`32-8`,24,31
+ lbzx $acc03,$Tbl1,$acc03
rlwinm $acc11,$s1,`32-8`,24,31
lbzx $acc04,$Tbl1,$acc04
- lbzx $acc05,$Tbl1,$acc05
rlwinm $acc12,$s1,`0`,24,31
+ lbzx $acc05,$Tbl1,$acc05
rlwinm $acc13,$s2,`0`,24,31
lbzx $acc06,$Tbl1,$acc06
- lbzx $acc07,$Tbl1,$acc07
rlwinm $acc14,$s3,`0`,24,31
+ lbzx $acc07,$Tbl1,$acc07
rlwinm $acc15,$s0,`0`,24,31
lbzx $acc08,$Tbl1,$acc08
- lbzx $acc09,$Tbl1,$acc09
rlwinm $s0,$acc00,24,0,7
+ lbzx $acc09,$Tbl1,$acc09
rlwinm $s1,$acc01,24,0,7
lbzx $acc10,$Tbl1,$acc10
- lbzx $acc11,$Tbl1,$acc11
rlwinm $s2,$acc02,24,0,7
+ lbzx $acc11,$Tbl1,$acc11
rlwinm $s3,$acc03,24,0,7
lbzx $acc12,$Tbl1,$acc12
- lbzx $acc13,$Tbl1,$acc13
rlwimi $s0,$acc04,16,8,15
+ lbzx $acc13,$Tbl1,$acc13
rlwimi $s1,$acc05,16,8,15
lbzx $acc14,$Tbl1,$acc14
- lbzx $acc15,$Tbl1,$acc15
rlwimi $s2,$acc06,16,8,15
+ lbzx $acc15,$Tbl1,$acc15
rlwimi $s3,$acc07,16,8,15
rlwimi $s0,$acc08,8,16,23
rlwimi $s1,$acc09,8,16,23
rlwimi $s2,$acc10,8,16,23
rlwimi $s3,$acc11,8,16,23
lwz $t0,0($key)
- lwz $t1,4($key)
or $s0,$s0,$acc12
+ lwz $t1,4($key)
or $s1,$s1,$acc13
lwz $t2,8($key)
- lwz $t3,12($key)
or $s2,$s2,$acc14
+ lwz $t3,12($key)
or $s3,$s3,$acc15
addi $key,$key,16
@@ -1030,12 +1204,12 @@ $code.=<<___ if ($SIZE_T==4);
and $acc02,$s2,$mask80
and $acc03,$s3,$mask80
srwi $acc04,$acc00,7 # r1>>7
- srwi $acc05,$acc01,7
- srwi $acc06,$acc02,7
- srwi $acc07,$acc03,7
andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f
+ srwi $acc05,$acc01,7
andc $acc09,$s1,$mask80
+ srwi $acc06,$acc02,7
andc $acc10,$s2,$mask80
+ srwi $acc07,$acc03,7
andc $acc11,$s3,$mask80
sub $acc00,$acc00,$acc04 # r1-(r1>>7)
sub $acc01,$acc01,$acc05
@@ -1059,12 +1233,12 @@ $code.=<<___ if ($SIZE_T==4);
and $acc06,$acc02,$mask80
and $acc07,$acc03,$mask80
srwi $acc08,$acc04,7 # r1>>7
- srwi $acc09,$acc05,7
- srwi $acc10,$acc06,7
- srwi $acc11,$acc07,7
andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f
+ srwi $acc09,$acc05,7
andc $acc13,$acc01,$mask80
+ srwi $acc10,$acc06,7
andc $acc14,$acc02,$mask80
+ srwi $acc11,$acc07,7
andc $acc15,$acc03,$mask80
sub $acc04,$acc04,$acc08 # r1-(r1>>7)
sub $acc05,$acc05,$acc09
@@ -1085,13 +1259,13 @@ $code.=<<___ if ($SIZE_T==4);
and $acc08,$acc04,$mask80 # r1=r4&0x80808080
and $acc09,$acc05,$mask80
- and $acc10,$acc06,$mask80
- and $acc11,$acc07,$mask80
srwi $acc12,$acc08,7 # r1>>7
+ and $acc10,$acc06,$mask80
srwi $acc13,$acc09,7
+ and $acc11,$acc07,$mask80
srwi $acc14,$acc10,7
- srwi $acc15,$acc11,7
sub $acc08,$acc08,$acc12 # r1-(r1>>7)
+ srwi $acc15,$acc11,7
sub $acc09,$acc09,$acc13
sub $acc10,$acc10,$acc14
sub $acc11,$acc11,$acc15
@@ -1124,10 +1298,10 @@ ___
$code.=<<___;
rotrwi $s0,$s0,8 # = ROTATE(r0,8)
rotrwi $s1,$s1,8
- rotrwi $s2,$s2,8
- rotrwi $s3,$s3,8
xor $s0,$s0,$acc00 # ^= r2^r0
+ rotrwi $s2,$s2,8
xor $s1,$s1,$acc01
+ rotrwi $s3,$s3,8
xor $s2,$s2,$acc02
xor $s3,$s3,$acc03
xor $acc00,$acc00,$acc08
@@ -1135,32 +1309,32 @@ $code.=<<___;
xor $acc02,$acc02,$acc10
xor $acc03,$acc03,$acc11
xor $s0,$s0,$acc04 # ^= r4^r0
- xor $s1,$s1,$acc05
- xor $s2,$s2,$acc06
- xor $s3,$s3,$acc07
rotrwi $acc00,$acc00,24
+ xor $s1,$s1,$acc05
rotrwi $acc01,$acc01,24
+ xor $s2,$s2,$acc06
rotrwi $acc02,$acc02,24
+ xor $s3,$s3,$acc07
rotrwi $acc03,$acc03,24
xor $acc04,$acc04,$acc08
xor $acc05,$acc05,$acc09
xor $acc06,$acc06,$acc10
xor $acc07,$acc07,$acc11
xor $s0,$s0,$acc08 # ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)]
- xor $s1,$s1,$acc09
- xor $s2,$s2,$acc10
- xor $s3,$s3,$acc11
rotrwi $acc04,$acc04,16
+ xor $s1,$s1,$acc09
rotrwi $acc05,$acc05,16
+ xor $s2,$s2,$acc10
rotrwi $acc06,$acc06,16
+ xor $s3,$s3,$acc11
rotrwi $acc07,$acc07,16
xor $s0,$s0,$acc00 # ^= ROTATE(r8^r2^r0,24)
- xor $s1,$s1,$acc01
- xor $s2,$s2,$acc02
- xor $s3,$s3,$acc03
rotrwi $acc08,$acc08,8
+ xor $s1,$s1,$acc01
rotrwi $acc09,$acc09,8
+ xor $s2,$s2,$acc02
rotrwi $acc10,$acc10,8
+ xor $s3,$s3,$acc03
rotrwi $acc11,$acc11,8
xor $s0,$s0,$acc04 # ^= ROTATE(r8^r4^r0,16)
xor $s1,$s1,$acc05
@@ -1179,7 +1353,9 @@ Ldec_compact_done:
xor $s2,$s2,$t2
xor $s3,$s3,$t3
blr
-.long 0
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
.asciz "AES for PPC, CRYPTOGAMS by <appro\@openssl.org>"
.align 7
___
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl b/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
index 7e0188929..e75dcd031 100644
--- a/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
@@ -44,12 +44,57 @@
# Unlike previous version hardware support detection takes place only
# at the moment of key schedule setup, which is denoted in key->rounds.
# This is done, because deferred key setup can't be made MT-safe, not
-# for key lengthes longer than 128 bits.
+# for keys longer than 128 bits.
#
# Add AES_cbc_encrypt, which gives incredible performance improvement,
# it was measured to be ~6.6x. It's less than previously mentioned 8x,
# because software implementation was optimized.
+# May 2010.
+#
+# Add AES_ctr32_encrypt. If hardware-assisted, it provides up to 4.3x
+# performance improvement over "generic" counter mode routine relying
+# on single-block, also hardware-assisted, AES_encrypt. "Up to" refers
+# to the fact that exact throughput value depends on current stack
+# frame alignment within 4KB page. In worst case you get ~75% of the
+# maximum, but *on average* it would be as much as ~98%. Meaning that
+# worst case is unlike, it's like hitting ravine on plateau.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 2x better than code generated by gcc 4.3.
+
+# December 2010.
+#
+# Add support for z196 "cipher message with counter" instruction.
+# Note however that it's disengaged, because it was measured to
+# perform ~12% worse than vanilla km-based code...
+
+# February 2011.
+#
+# Add AES_xts_[en|de]crypt. This includes support for z196 km-xts-aes
+# instructions, which deliver ~70% improvement at 8KB block size over
+# vanilla km-based code, 37% - at most like 512-bytes block size.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
$softonly=0; # allow hardware support
$t0="%r0"; $mask="%r0";
@@ -69,6 +114,8 @@ $rounds="%r13";
$ra="%r14";
$sp="%r15";
+$stdframe=16*$SIZE_T+4*8;
+
sub _data_word()
{ my $i;
while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
@@ -210,7 +257,7 @@ $code.=<<___ if (!$softonly);
.Lesoft:
___
$code.=<<___;
- stmg %r3,$ra,24($sp)
+ stm${g} %r3,$ra,3*$SIZE_T($sp)
llgf $s0,0($inp)
llgf $s1,4($inp)
@@ -220,20 +267,20 @@ $code.=<<___;
larl $tbl,AES_Te
bras $ra,_s390x_AES_encrypt
- lg $out,24($sp)
+ l${g} $out,3*$SIZE_T($sp)
st $s0,0($out)
st $s1,4($out)
st $s2,8($out)
st $s3,12($out)
- lmg %r6,$ra,48($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_encrypt,.-AES_encrypt
.type _s390x_AES_encrypt,\@function
.align 16
_s390x_AES_encrypt:
- stg $ra,152($sp)
+ st${g} $ra,15*$SIZE_T($sp)
x $s0,0($key)
x $s1,4($key)
x $s2,8($key)
@@ -397,7 +444,7 @@ _s390x_AES_encrypt:
or $s2,$i3
or $s3,$t3
- lg $ra,152($sp)
+ l${g} $ra,15*$SIZE_T($sp)
xr $s0,$t0
xr $s1,$t2
x $s2,24($key)
@@ -536,7 +583,7 @@ $code.=<<___ if (!$softonly);
.Ldsoft:
___
$code.=<<___;
- stmg %r3,$ra,24($sp)
+ stm${g} %r3,$ra,3*$SIZE_T($sp)
llgf $s0,0($inp)
llgf $s1,4($inp)
@@ -546,20 +593,20 @@ $code.=<<___;
larl $tbl,AES_Td
bras $ra,_s390x_AES_decrypt
- lg $out,24($sp)
+ l${g} $out,3*$SIZE_T($sp)
st $s0,0($out)
st $s1,4($out)
st $s2,8($out)
st $s3,12($out)
- lmg %r6,$ra,48($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_decrypt,.-AES_decrypt
.type _s390x_AES_decrypt,\@function
.align 16
_s390x_AES_decrypt:
- stg $ra,152($sp)
+ st${g} $ra,15*$SIZE_T($sp)
x $s0,0($key)
x $s1,4($key)
x $s2,8($key)
@@ -703,7 +750,7 @@ _s390x_AES_decrypt:
nr $i1,$mask
nr $i2,$mask
- lg $ra,152($sp)
+ l${g} $ra,15*$SIZE_T($sp)
or $s1,$t1
l $t0,16($key)
l $t1,20($key)
@@ -732,14 +779,15 @@ ___
$code.=<<___;
# void AES_set_encrypt_key(const unsigned char *in, int bits,
# AES_KEY *key) {
-.globl AES_set_encrypt_key
-.type AES_set_encrypt_key,\@function
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,\@function
.align 16
-AES_set_encrypt_key:
+private_AES_set_encrypt_key:
+_s390x_AES_set_encrypt_key:
lghi $t0,0
- clgr $inp,$t0
+ cl${g}r $inp,$t0
je .Lminus1
- clgr $key,$t0
+ cl${g}r $key,$t0
je .Lminus1
lghi $t0,128
@@ -789,7 +837,8 @@ $code.=<<___ if (!$softonly);
je 1f
lg %r1,24($inp)
stg %r1,24($key)
-1: st $bits,236($key) # save bits
+1: st $bits,236($key) # save bits [for debugging purposes]
+ lgr $t0,%r5
st %r5,240($key) # save km code
lghi %r2,0
br %r14
@@ -797,7 +846,7 @@ ___
$code.=<<___;
.align 16
.Lekey_internal:
- stmg %r6,%r13,48($sp) # all non-volatile regs
+ stm${g} %r4,%r13,4*$SIZE_T($sp) # all non-volatile regs and $key
larl $tbl,AES_Te+2048
@@ -857,8 +906,9 @@ $code.=<<___;
la $key,16($key) # key+=4
la $t3,4($t3) # i++
brct $rounds,.L128_loop
+ lghi $t0,10
lghi %r2,0
- lmg %r6,%r13,48($sp)
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
br $ra
.align 16
@@ -905,8 +955,9 @@ $code.=<<___;
st $s2,32($key)
st $s3,36($key)
brct $rounds,.L192_continue
+ lghi $t0,12
lghi %r2,0
- lmg %r6,%r13,48($sp)
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
br $ra
.align 16
@@ -967,8 +1018,9 @@ $code.=<<___;
st $s2,40($key)
st $s3,44($key)
brct $rounds,.L256_continue
+ lghi $t0,14
lghi %r2,0
- lmg %r6,%r13,48($sp)
+ lm${g} %r4,%r13,4*$SIZE_T($sp)
br $ra
.align 16
@@ -1011,42 +1063,34 @@ $code.=<<___;
.Lminus1:
lghi %r2,-1
br $ra
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
# void AES_set_decrypt_key(const unsigned char *in, int bits,
# AES_KEY *key) {
-.globl AES_set_decrypt_key
-.type AES_set_decrypt_key,\@function
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,\@function
.align 16
-AES_set_decrypt_key:
- stg $key,32($sp) # I rely on AES_set_encrypt_key to
- stg $ra,112($sp) # save non-volatile registers!
- bras $ra,AES_set_encrypt_key
- lg $key,32($sp)
- lg $ra,112($sp)
+private_AES_set_decrypt_key:
+ #st${g} $key,4*$SIZE_T($sp) # I rely on AES_set_encrypt_key to
+ st${g} $ra,14*$SIZE_T($sp) # save non-volatile registers and $key!
+ bras $ra,_s390x_AES_set_encrypt_key
+ #l${g} $key,4*$SIZE_T($sp)
+ l${g} $ra,14*$SIZE_T($sp)
ltgr %r2,%r2
bnzr $ra
___
$code.=<<___ if (!$softonly);
- l $t0,240($key)
+ #l $t0,240($key)
lhi $t1,16
cr $t0,$t1
jl .Lgo
oill $t0,0x80 # set "decrypt" bit
st $t0,240($key)
br $ra
-
-.align 16
-.Ldkey_internal:
- stg $key,32($sp)
- stg $ra,40($sp)
- bras $ra,.Lekey_internal
- lg $key,32($sp)
- lg $ra,40($sp)
___
$code.=<<___;
-
-.Lgo: llgf $rounds,240($key)
+.align 16
+.Lgo: lgr $rounds,$t0 #llgf $rounds,240($key)
la $i1,0($key)
sllg $i2,$rounds,4
la $i2,0($i2,$key)
@@ -1123,13 +1167,14 @@ $code.=<<___;
la $key,4($key)
brct $rounds,.Lmix
- lmg %r6,%r13,48($sp)# as was saved by AES_set_encrypt_key!
+ lm${g} %r6,%r13,6*$SIZE_T($sp)# as was saved by AES_set_encrypt_key!
lghi %r2,0
br $ra
-.size AES_set_decrypt_key,.-AES_set_decrypt_key
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
___
-#void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+########################################################################
+# void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
# size_t length, const AES_KEY *key,
# unsigned char *ivec, const int enc)
{
@@ -1163,7 +1208,7 @@ $code.=<<___ if (!$softonly);
l %r0,240($key) # load kmc code
lghi $key,15 # res=len%16, len-=res;
ngr $key,$len
- slgr $len,$key
+ sl${g}r $len,$key
la %r1,16($sp) # parameter block - ivec || key
jz .Lkmc_truncated
.long 0xb92f0042 # kmc %r4,%r2
@@ -1181,34 +1226,34 @@ $code.=<<___ if (!$softonly);
tmll %r0,0x80
jnz .Lkmc_truncated_dec
lghi %r1,0
- stg %r1,128($sp)
- stg %r1,136($sp)
+ stg %r1,16*$SIZE_T($sp)
+ stg %r1,16*$SIZE_T+8($sp)
bras %r1,1f
- mvc 128(1,$sp),0($inp)
+ mvc 16*$SIZE_T(1,$sp),0($inp)
1: ex $key,0(%r1)
la %r1,16($sp) # restore parameter block
- la $inp,128($sp)
+ la $inp,16*$SIZE_T($sp)
lghi $len,16
.long 0xb92f0042 # kmc %r4,%r2
j .Lkmc_done
.align 16
.Lkmc_truncated_dec:
- stg $out,64($sp)
- la $out,128($sp)
+ st${g} $out,4*$SIZE_T($sp)
+ la $out,16*$SIZE_T($sp)
lghi $len,16
.long 0xb92f0042 # kmc %r4,%r2
- lg $out,64($sp)
+ l${g} $out,4*$SIZE_T($sp)
bras %r1,2f
- mvc 0(1,$out),128($sp)
+ mvc 0(1,$out),16*$SIZE_T($sp)
2: ex $key,0(%r1)
j .Lkmc_done
.align 16
.Lcbc_software:
___
$code.=<<___;
- stmg $key,$ra,40($sp)
+ stm${g} $key,$ra,5*$SIZE_T($sp)
lhi %r0,0
- cl %r0,164($sp)
+ cl %r0,`$stdframe+$SIZE_T-4`($sp)
je .Lcbc_decrypt
larl $tbl,AES_Te
@@ -1219,10 +1264,10 @@ $code.=<<___;
llgf $s3,12($ivp)
lghi $t0,16
- slgr $len,$t0
+ sl${g}r $len,$t0
brc 4,.Lcbc_enc_tail # if borrow
.Lcbc_enc_loop:
- stmg $inp,$out,16($sp)
+ stm${g} $inp,$out,2*$SIZE_T($sp)
x $s0,0($inp)
x $s1,4($inp)
x $s2,8($inp)
@@ -1231,7 +1276,7 @@ $code.=<<___;
bras $ra,_s390x_AES_encrypt
- lmg $inp,$key,16($sp)
+ lm${g} $inp,$key,2*$SIZE_T($sp)
st $s0,0($out)
st $s1,4($out)
st $s2,8($out)
@@ -1240,33 +1285,33 @@ $code.=<<___;
la $inp,16($inp)
la $out,16($out)
lghi $t0,16
- ltgr $len,$len
+ lt${g}r $len,$len
jz .Lcbc_enc_done
- slgr $len,$t0
+ sl${g}r $len,$t0
brc 4,.Lcbc_enc_tail # if borrow
j .Lcbc_enc_loop
.align 16
.Lcbc_enc_done:
- lg $ivp,48($sp)
+ l${g} $ivp,6*$SIZE_T($sp)
st $s0,0($ivp)
st $s1,4($ivp)
st $s2,8($ivp)
st $s3,12($ivp)
- lmg %r7,$ra,56($sp)
+ lm${g} %r7,$ra,7*$SIZE_T($sp)
br $ra
.align 16
.Lcbc_enc_tail:
aghi $len,15
lghi $t0,0
- stg $t0,128($sp)
- stg $t0,136($sp)
+ stg $t0,16*$SIZE_T($sp)
+ stg $t0,16*$SIZE_T+8($sp)
bras $t1,3f
- mvc 128(1,$sp),0($inp)
+ mvc 16*$SIZE_T(1,$sp),0($inp)
3: ex $len,0($t1)
lghi $len,0
- la $inp,128($sp)
+ la $inp,16*$SIZE_T($sp)
j .Lcbc_enc_loop
.align 16
@@ -1275,10 +1320,10 @@ $code.=<<___;
lg $t0,0($ivp)
lg $t1,8($ivp)
- stmg $t0,$t1,128($sp)
+ stmg $t0,$t1,16*$SIZE_T($sp)
.Lcbc_dec_loop:
- stmg $inp,$out,16($sp)
+ stm${g} $inp,$out,2*$SIZE_T($sp)
llgf $s0,0($inp)
llgf $s1,4($inp)
llgf $s2,8($inp)
@@ -1287,7 +1332,7 @@ $code.=<<___;
bras $ra,_s390x_AES_decrypt
- lmg $inp,$key,16($sp)
+ lm${g} $inp,$key,2*$SIZE_T($sp)
sllg $s0,$s0,32
sllg $s2,$s2,32
lr $s0,$s1
@@ -1295,15 +1340,15 @@ $code.=<<___;
lg $t0,0($inp)
lg $t1,8($inp)
- xg $s0,128($sp)
- xg $s2,136($sp)
+ xg $s0,16*$SIZE_T($sp)
+ xg $s2,16*$SIZE_T+8($sp)
lghi $s1,16
- slgr $len,$s1
+ sl${g}r $len,$s1
brc 4,.Lcbc_dec_tail # if borrow
brc 2,.Lcbc_dec_done # if zero
stg $s0,0($out)
stg $s2,8($out)
- stmg $t0,$t1,128($sp)
+ stmg $t0,$t1,16*$SIZE_T($sp)
la $inp,16($inp)
la $out,16($out)
@@ -1313,7 +1358,7 @@ $code.=<<___;
stg $s0,0($out)
stg $s2,8($out)
.Lcbc_dec_exit:
- lmg $ivp,$ra,48($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
stmg $t0,$t1,0($ivp)
br $ra
@@ -1321,19 +1366,872 @@ $code.=<<___;
.align 16
.Lcbc_dec_tail:
aghi $len,15
- stg $s0,128($sp)
- stg $s2,136($sp)
+ stg $s0,16*$SIZE_T($sp)
+ stg $s2,16*$SIZE_T+8($sp)
bras $s1,4f
- mvc 0(1,$out),128($sp)
+ mvc 0(1,$out),16*$SIZE_T($sp)
4: ex $len,0($s1)
j .Lcbc_dec_exit
.size AES_cbc_encrypt,.-AES_cbc_encrypt
-.comm OPENSSL_s390xcap_P,8,8
+___
+}
+########################################################################
+# void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+# size_t blocks, const AES_KEY *key,
+# const unsigned char *ivec)
+{
+my $inp="%r2";
+my $out="%r4"; # blocks and out are swapped
+my $len="%r3";
+my $key="%r5"; my $iv0="%r5";
+my $ivp="%r6";
+my $fp ="%r7";
+
+$code.=<<___;
+.globl AES_ctr32_encrypt
+.type AES_ctr32_encrypt,\@function
+.align 16
+AES_ctr32_encrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+ llgfr $len,$len # safe in ctr32 subroutine even in 64-bit case
+___
+$code.=<<___ if (!$softonly);
+ l %r0,240($key)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lctr32_software
+
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ slgr $out,$inp
+ la %r1,0($key) # %r1 is permanent copy of $key
+ lg $iv0,0($ivp) # load ivec
+ lg $ivp,8($ivp)
+
+ # prepare and allocate stack frame at the top of 4K page
+ # with 1K reserved for eventual signal handling
+ lghi $s0,-1024-256-16# guarantee at least 256-bytes buffer
+ lghi $s1,-4096
+ algr $s0,$sp
+ lgr $fp,$sp
+ ngr $s0,$s1 # align at page boundary
+ slgr $fp,$s0 # total buffer size
+ lgr $s2,$sp
+ lghi $s1,1024+16 # sl[g]fi is extended-immediate facility
+ slgr $fp,$s1 # deduct reservation to get usable buffer size
+ # buffer size is at lest 256 and at most 3072+256-16
+
+ la $sp,1024($s0) # alloca
+ srlg $fp,$fp,4 # convert bytes to blocks, minimum 16
+ st${g} $s2,0($sp) # back-chain
+ st${g} $fp,$SIZE_T($sp)
+
+ slgr $len,$fp
+ brc 1,.Lctr32_hw_switch # not zero, no borrow
+ algr $fp,$len # input is shorter than allocated buffer
+ lghi $len,0
+ st${g} $fp,$SIZE_T($sp)
+
+.Lctr32_hw_switch:
+___
+$code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
+ larl $s0,OPENSSL_s390xcap_P
+ lg $s0,8($s0)
+ tmhh $s0,0x0004 # check for message_security-assist-4
+ jz .Lctr32_km_loop
+
+ llgfr $s0,%r0
+ lgr $s1,%r1
+ lghi %r0,0
+ la %r1,16($sp)
+ .long 0xb92d2042 # kmctr %r4,%r2,%r2
+
+ llihh %r0,0x8000 # check if kmctr supports the function code
+ srlg %r0,%r0,0($s0)
+ ng %r0,16($sp)
+ lgr %r0,$s0
+ lgr %r1,$s1
+ jz .Lctr32_km_loop
+
+####### kmctr code
+ algr $out,$inp # restore $out
+ lgr $s1,$len # $s1 undertakes $len
+ j .Lctr32_kmctr_loop
+.align 16
+.Lctr32_kmctr_loop:
+ la $s2,16($sp)
+ lgr $s3,$fp
+.Lctr32_kmctr_prepare:
+ stg $iv0,0($s2)
+ stg $ivp,8($s2)
+ la $s2,16($s2)
+ ahi $ivp,1 # 32-bit increment, preserves upper half
+ brct $s3,.Lctr32_kmctr_prepare
+
+ #la $inp,0($inp) # inp
+ sllg $len,$fp,4 # len
+ #la $out,0($out) # out
+ la $s2,16($sp) # iv
+ .long 0xb92da042 # kmctr $out,$s2,$inp
+ brc 1,.-4 # pay attention to "partial completion"
+
+ slgr $s1,$fp
+ brc 1,.Lctr32_kmctr_loop # not zero, no borrow
+ algr $fp,$s1
+ lghi $s1,0
+ brc 4+1,.Lctr32_kmctr_loop # not zero
+
+ l${g} $sp,0($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+___
+$code.=<<___;
+.Lctr32_km_loop:
+ la $s2,16($sp)
+ lgr $s3,$fp
+.Lctr32_km_prepare:
+ stg $iv0,0($s2)
+ stg $ivp,8($s2)
+ la $s2,16($s2)
+ ahi $ivp,1 # 32-bit increment, preserves upper half
+ brct $s3,.Lctr32_km_prepare
+
+ la $s0,16($sp) # inp
+ sllg $s1,$fp,4 # len
+ la $s2,16($sp) # out
+ .long 0xb92e00a8 # km %r10,%r8
+ brc 1,.-4 # pay attention to "partial completion"
+
+ la $s2,16($sp)
+ lgr $s3,$fp
+ slgr $s2,$inp
+.Lctr32_km_xor:
+ lg $s0,0($inp)
+ lg $s1,8($inp)
+ xg $s0,0($s2,$inp)
+ xg $s1,8($s2,$inp)
+ stg $s0,0($out,$inp)
+ stg $s1,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lctr32_km_xor
+
+ slgr $len,$fp
+ brc 1,.Lctr32_km_loop # not zero, no borrow
+ algr $fp,$len
+ lghi $len,0
+ brc 4+1,.Lctr32_km_loop # not zero
+
+ l${g} $s0,0($sp)
+ l${g} $s1,$SIZE_T($sp)
+ la $s2,16($sp)
+.Lctr32_km_zap:
+ stg $s0,0($s2)
+ stg $s0,8($s2)
+ la $s2,16($s2)
+ brct $s1,.Lctr32_km_zap
+
+ la $sp,0($s0)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lctr32_software:
+___
+$code.=<<___;
+ stm${g} $key,$ra,5*$SIZE_T($sp)
+ sl${g}r $inp,$out
+ larl $tbl,AES_Te
+ llgf $t1,12($ivp)
+
+.Lctr32_loop:
+ stm${g} $inp,$out,2*$SIZE_T($sp)
+ llgf $s0,0($ivp)
+ llgf $s1,4($ivp)
+ llgf $s2,8($ivp)
+ lgr $s3,$t1
+ st $t1,16*$SIZE_T($sp)
+ lgr %r4,$key
+
+ bras $ra,_s390x_AES_encrypt
+
+ lm${g} $inp,$ivp,2*$SIZE_T($sp)
+ llgf $t1,16*$SIZE_T($sp)
+ x $s0,0($inp,$out)
+ x $s1,4($inp,$out)
+ x $s2,8($inp,$out)
+ x $s3,12($inp,$out)
+ stm $s0,$s3,0($out)
+
+ la $out,16($out)
+ ahi $t1,1 # 32-bit increment
+ brct $len,.Lctr32_loop
+
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_ctr32_encrypt,.-AES_ctr32_encrypt
+___
+}
+
+########################################################################
+# void AES_xts_encrypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2,
+# const unsigned char iv[16]);
+#
+{
+my $inp="%r2";
+my $out="%r4"; # len and out are swapped
+my $len="%r3";
+my $key1="%r5"; # $i1
+my $key2="%r6"; # $i2
+my $fp="%r7"; # $i3
+my $tweak=16*$SIZE_T+16; # or $stdframe-16, bottom of the frame...
+
+$code.=<<___;
+.type _s390x_xts_km,\@function
+.align 16
+_s390x_xts_km:
+___
+$code.=<<___ if(1);
+ llgfr $s0,%r0 # put aside the function code
+ lghi $s1,0x7f
+ nr $s1,%r0
+ lghi %r0,0 # query capability vector
+ la %r1,$tweak-16($sp)
+ .long 0xb92e0042 # km %r4,%r2
+ llihh %r1,0x8000
+ srlg %r1,%r1,32($s1) # check for 32+function code
+ ng %r1,$tweak-16($sp)
+ lgr %r0,$s0 # restore the function code
+ la %r1,0($key1) # restore $key1
+ jz .Lxts_km_vanilla
+
+ lmg $i2,$i3,$tweak($sp) # put aside the tweak value
+ algr $out,$inp
+
+ oill %r0,32 # switch to xts function code
+ aghi $s1,-18 #
+ sllg $s1,$s1,3 # (function code - 18)*8, 0 or 16
+ la %r1,$tweak-16($sp)
+ slgr %r1,$s1 # parameter block position
+ lmg $s0,$s3,0($key1) # load 256 bits of key material,
+ stmg $s0,$s3,0(%r1) # and copy it to parameter block.
+ # yes, it contains junk and overlaps
+ # with the tweak in 128-bit case.
+ # it's done to avoid conditional
+ # branch.
+ stmg $i2,$i3,$tweak($sp) # "re-seat" the tweak value
+
+ .long 0xb92e0042 # km %r4,%r2
+ brc 1,.-4 # pay attention to "partial completion"
+
+ lrvg $s0,$tweak+0($sp) # load the last tweak
+ lrvg $s1,$tweak+8($sp)
+ stmg %r0,%r3,$tweak-32($sp) # wipe copy of the key
+
+ nill %r0,0xffdf # switch back to original function code
+ la %r1,0($key1) # restore pointer to $key1
+ slgr $out,$inp
+
+ llgc $len,2*$SIZE_T-1($sp)
+ nill $len,0x0f # $len%=16
+ br $ra
+
+.align 16
+.Lxts_km_vanilla:
+___
+$code.=<<___;
+ # prepare and allocate stack frame at the top of 4K page
+ # with 1K reserved for eventual signal handling
+ lghi $s0,-1024-256-16# guarantee at least 256-bytes buffer
+ lghi $s1,-4096
+ algr $s0,$sp
+ lgr $fp,$sp
+ ngr $s0,$s1 # align at page boundary
+ slgr $fp,$s0 # total buffer size
+ lgr $s2,$sp
+ lghi $s1,1024+16 # sl[g]fi is extended-immediate facility
+ slgr $fp,$s1 # deduct reservation to get usable buffer size
+ # buffer size is at lest 256 and at most 3072+256-16
+
+ la $sp,1024($s0) # alloca
+ nill $fp,0xfff0 # round to 16*n
+ st${g} $s2,0($sp) # back-chain
+ nill $len,0xfff0 # redundant
+ st${g} $fp,$SIZE_T($sp)
+
+ slgr $len,$fp
+ brc 1,.Lxts_km_go # not zero, no borrow
+ algr $fp,$len # input is shorter than allocated buffer
+ lghi $len,0
+ st${g} $fp,$SIZE_T($sp)
+
+.Lxts_km_go:
+ lrvg $s0,$tweak+0($s2) # load the tweak value in little-endian
+ lrvg $s1,$tweak+8($s2)
+
+ la $s2,16($sp) # vector of ascending tweak values
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+ j .Lxts_km_start
+
+.Lxts_km_loop:
+ la $s2,16($sp)
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+.Lxts_km_prepare:
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+.Lxts_km_start:
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ stg $i1,0($s2,$inp)
+ stg $i2,8($s2,$inp)
+ xg $i1,0($inp)
+ xg $i2,8($inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lxts_km_prepare
+
+ slgr $inp,$fp # rewind $inp
+ la $s2,0($out,$inp)
+ lgr $s3,$fp
+ .long 0xb92e00aa # km $s2,$s2
+ brc 1,.-4 # pay attention to "partial completion"
+
+ la $s2,16($sp)
+ slgr $s2,$inp
+ srlg $s3,$fp,4
+.Lxts_km_xor:
+ lg $i1,0($out,$inp)
+ lg $i2,8($out,$inp)
+ xg $i1,0($s2,$inp)
+ xg $i2,8($s2,$inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $inp,16($inp)
+ brct $s3,.Lxts_km_xor
+
+ slgr $len,$fp
+ brc 1,.Lxts_km_loop # not zero, no borrow
+ algr $fp,$len
+ lghi $len,0
+ brc 4+1,.Lxts_km_loop # not zero
+
+ l${g} $i1,0($sp) # back-chain
+ llgf $fp,`2*$SIZE_T-4`($sp) # bytes used
+ la $i2,16($sp)
+ srlg $fp,$fp,4
+.Lxts_km_zap:
+ stg $i1,0($i2)
+ stg $i1,8($i2)
+ la $i2,16($i2)
+ brct $fp,.Lxts_km_zap
+
+ la $sp,0($i1)
+ llgc $len,2*$SIZE_T-1($i1)
+ nill $len,0x0f # $len%=16
+ bzr $ra
+
+ # generate one more tweak...
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+
+ ltr $len,$len # clear zero flag
+ br $ra
+.size _s390x_xts_km,.-_s390x_xts_km
+
+.globl AES_xts_encrypt
+.type AES_xts_encrypt,\@function
+.align 16
+AES_xts_encrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+ llgfr $len,$len
+___
+$code.=<<___;
+ st${g} $len,1*$SIZE_T($sp) # save copy of $len
+ srag $len,$len,4 # formally wrong, because it expands
+ # sign byte, but who can afford asking
+ # to process more than 2^63-1 bytes?
+ # I use it, because it sets condition
+ # code...
+ bcr 8,$ra # abort if zero (i.e. less than 16)
+___
+$code.=<<___ if (!$softonly);
+ llgf %r0,240($key2)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lxts_enc_software
+
+ st${g} $ra,5*$SIZE_T($sp)
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ sllg $len,$len,4 # $len&=~15
+ slgr $out,$inp
+
+ # generate the tweak value
+ l${g} $s3,$stdframe($sp) # pointer to iv
+ la $s2,$tweak($sp)
+ lmg $s0,$s1,0($s3)
+ lghi $s3,16
+ stmg $s0,$s1,0($s2)
+ la %r1,0($key2) # $key2 is not needed anymore
+ .long 0xb92e00aa # km $s2,$s2, generate the tweak
+ brc 1,.-4 # can this happen?
+
+ l %r0,240($key1)
+ la %r1,0($key1) # $key1 is not needed anymore
+ bras $ra,_s390x_xts_km
+ jz .Lxts_enc_km_done
+
+ aghi $inp,-16 # take one step back
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_enc_km_steal:
+ llgc $i1,16($inp)
+ llgc $i2,0($out,$inp)
+ stc $i1,0($out,$inp)
+ stc $i2,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_enc_km_steal
+
+ la $s2,0($i3)
+ lghi $s3,16
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ xg $i1,0($s2)
+ xg $i2,8($s2)
+ stg $i1,0($s2)
+ stg $i2,8($s2)
+ .long 0xb92e00aa # km $s2,$s2
+ brc 1,.-4 # can this happen?
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+ xg $i1,0($i3)
+ xg $i2,8($i3)
+ stg $i1,0($i3)
+ stg $i2,8($i3)
+
+.Lxts_enc_km_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$tweak+8($sp)
+ l${g} $ra,5*$SIZE_T($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lxts_enc_software:
+___
+$code.=<<___;
+ stm${g} %r6,$ra,6*$SIZE_T($sp)
+
+ slgr $out,$inp
+
+ l${g} $s3,$stdframe($sp) # ivp
+ llgf $s0,0($s3) # load iv
+ llgf $s1,4($s3)
+ llgf $s2,8($s3)
+ llgf $s3,12($s3)
+ stm${g} %r2,%r5,2*$SIZE_T($sp)
+ la $key,0($key2)
+ larl $tbl,AES_Te
+ bras $ra,_s390x_AES_encrypt # generate the tweak
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ stm $s0,$s3,$tweak($sp) # save the tweak
+ j .Lxts_enc_enter
+
+.align 16
+.Lxts_enc_loop:
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+ la $inp,16($inp) # $inp+=16
+.Lxts_enc_enter:
+ x $s0,0($inp) # ^=*($inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp) # only two registers are changing
+ la $key,0($key1)
+ bras $ra,_s390x_AES_encrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+ brct${g} $len,.Lxts_enc_loop
+
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ jz .Lxts_enc_done
+
+ la $i3,0($inp,$out) # put aside real $out
+.Lxts_enc_steal:
+ llgc %r0,16($inp)
+ llgc %r1,0($out,$inp)
+ stc %r0,0($out,$inp)
+ stc %r1,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_enc_steal
+ la $out,0($i3) # restore real $out
+
+ # generate last tweak...
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+
+ x $s0,0($out) # ^=*(inp)|stolen cipther-text
+ x $s1,4($out)
+ x $s2,8($out)
+ x $s3,12($out)
+ st${g} $out,4*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_encrypt
+ l${g} $out,4*$SIZE_T($sp)
+ x $s0,`$tweak+0`($sp) # ^=tweak
+ x $s1,`$tweak+4`($sp)
+ x $s2,`$tweak+8`($sp)
+ x $s3,`$tweak+12`($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+
+.Lxts_enc_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$twesk+8($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_xts_encrypt,.-AES_xts_encrypt
+___
+# void AES_xts_decrypt(const char *inp,char *out,size_t len,
+# const AES_KEY *key1, const AES_KEY *key2,
+# const unsigned char iv[16]);
+#
+$code.=<<___;
+.globl AES_xts_decrypt
+.type AES_xts_decrypt,\@function
+.align 16
+AES_xts_decrypt:
+ xgr %r3,%r4 # flip %r3 and %r4, $out and $len
+ xgr %r4,%r3
+ xgr %r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+ llgfr $len,$len
+___
+$code.=<<___;
+ st${g} $len,1*$SIZE_T($sp) # save copy of $len
+ aghi $len,-16
+ bcr 4,$ra # abort if less than zero. formally
+ # wrong, because $len is unsigned,
+ # but who can afford asking to
+ # process more than 2^63-1 bytes?
+ tmll $len,0x0f
+ jnz .Lxts_dec_proceed
+ aghi $len,16
+.Lxts_dec_proceed:
+___
+$code.=<<___ if (!$softonly);
+ llgf %r0,240($key2)
+ lhi %r1,16
+ clr %r0,%r1
+ jl .Lxts_dec_software
+
+ st${g} $ra,5*$SIZE_T($sp)
+ stm${g} %r6,$s3,6*$SIZE_T($sp)
+
+ nill $len,0xfff0 # $len&=~15
+ slgr $out,$inp
+
+ # generate the tweak value
+ l${g} $s3,$stdframe($sp) # pointer to iv
+ la $s2,$tweak($sp)
+ lmg $s0,$s1,0($s3)
+ lghi $s3,16
+ stmg $s0,$s1,0($s2)
+ la %r1,0($key2) # $key2 is not needed past this point
+ .long 0xb92e00aa # km $s2,$s2, generate the tweak
+ brc 1,.-4 # can this happen?
+
+ l %r0,240($key1)
+ la %r1,0($key1) # $key1 is not needed anymore
+
+ ltgr $len,$len
+ jz .Lxts_dec_km_short
+ bras $ra,_s390x_xts_km
+ jz .Lxts_dec_km_done
+
+ lrvgr $s2,$s0 # make copy in reverse byte order
+ lrvgr $s3,$s1
+ j .Lxts_dec_km_2ndtweak
+
+.Lxts_dec_km_short:
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%=16
+ lrvg $s0,$tweak+0($sp) # load the tweak
+ lrvg $s1,$tweak+8($sp)
+ lrvgr $s2,$s0 # make copy in reverse byte order
+ lrvgr $s3,$s1
+
+.Lxts_dec_km_2ndtweak:
+ lghi $i1,0x87
+ srag $i2,$s1,63 # broadcast upper bit
+ ngr $i1,$i2 # rem
+ algr $s0,$s0
+ alcgr $s1,$s1
+ xgr $s0,$i1
+ lrvgr $i1,$s0 # flip byte order
+ lrvgr $i2,$s1
+
+ xg $i1,0($inp)
+ xg $i2,8($inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+ la $i2,0($out,$inp)
+ lghi $i3,16
+ .long 0xb92e0066 # km $i2,$i2
+ brc 1,.-4 # can this happen?
+ lrvgr $i1,$s0
+ lrvgr $i2,$s1
+ xg $i1,0($out,$inp)
+ xg $i2,8($out,$inp)
+ stg $i1,0($out,$inp)
+ stg $i2,8($out,$inp)
+
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_dec_km_steal:
+ llgc $i1,16($inp)
+ llgc $i2,0($out,$inp)
+ stc $i1,0($out,$inp)
+ stc $i2,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_dec_km_steal
+
+ lgr $s0,$s2
+ lgr $s1,$s3
+ xg $s0,0($i3)
+ xg $s1,8($i3)
+ stg $s0,0($i3)
+ stg $s1,8($i3)
+ la $s0,0($i3)
+ lghi $s1,16
+ .long 0xb92e0088 # km $s0,$s0
+ brc 1,.-4 # can this happen?
+ xg $s2,0($i3)
+ xg $s3,8($i3)
+ stg $s2,0($i3)
+ stg $s3,8($i3)
+.Lxts_dec_km_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$tweak+8($sp)
+ l${g} $ra,5*$SIZE_T($sp)
+ lm${g} %r6,$s3,6*$SIZE_T($sp)
+ br $ra
+.align 16
+.Lxts_dec_software:
+___
+$code.=<<___;
+ stm${g} %r6,$ra,6*$SIZE_T($sp)
+
+ srlg $len,$len,4
+ slgr $out,$inp
+
+ l${g} $s3,$stdframe($sp) # ivp
+ llgf $s0,0($s3) # load iv
+ llgf $s1,4($s3)
+ llgf $s2,8($s3)
+ llgf $s3,12($s3)
+ stm${g} %r2,%r5,2*$SIZE_T($sp)
+ la $key,0($key2)
+ larl $tbl,AES_Te
+ bras $ra,_s390x_AES_encrypt # generate the tweak
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ larl $tbl,AES_Td
+ lt${g}r $len,$len
+ stm $s0,$s3,$tweak($sp) # save the tweak
+ jz .Lxts_dec_short
+ j .Lxts_dec_enter
+
+.align 16
+.Lxts_dec_loop:
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak+0($sp) # save the tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak+8($sp)
+ llgfr $s3,$s3
+.Lxts_dec_enter:
+ x $s0,0($inp) # tweak^=*(inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp) # only two registers are changing
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+ la $inp,16($inp)
+ brct${g} $len,.Lxts_dec_loop
+
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ jz .Lxts_dec_done
+
+ # generate pair of tweaks...
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $i2,$s1 # flip byte order
+ lrvgr $i3,$s3
+ stmg $i2,$i3,$tweak($sp) # save the 1st tweak
+ j .Lxts_dec_2ndtweak
+
+.align 16
+.Lxts_dec_short:
+ llgc $len,`2*$SIZE_T-1`($sp)
+ nill $len,0x0f # $len%16
+ lrvg $s1,$tweak+0($sp) # load the tweak in little-endian
+ lrvg $s3,$tweak+8($sp)
+.Lxts_dec_2ndtweak:
+ lghi %r1,0x87
+ srag %r0,$s3,63 # broadcast upper bit
+ ngr %r1,%r0 # rem
+ algr $s1,$s1
+ alcgr $s3,$s3
+ xgr $s1,%r1
+ lrvgr $s1,$s1 # flip byte order
+ lrvgr $s3,$s3
+ srlg $s0,$s1,32 # smash the tweak to 4x32-bits
+ stg $s1,$tweak-16+0($sp) # save the 2nd tweak
+ llgfr $s1,$s1
+ srlg $s2,$s3,32
+ stg $s3,$tweak-16+8($sp)
+ llgfr $s3,$s3
+
+ x $s0,0($inp) # tweak_the_2nd^=*(inp)
+ x $s1,4($inp)
+ x $s2,8($inp)
+ x $s3,12($inp)
+ stm${g} %r2,%r3,2*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ lm${g} %r2,%r5,2*$SIZE_T($sp)
+ x $s0,$tweak-16+0($sp) # ^=tweak_the_2nd
+ x $s1,$tweak-16+4($sp)
+ x $s2,$tweak-16+8($sp)
+ x $s3,$tweak-16+12($sp)
+ st $s0,0($out,$inp)
+ st $s1,4($out,$inp)
+ st $s2,8($out,$inp)
+ st $s3,12($out,$inp)
+
+ la $i3,0($out,$inp) # put aside real $out
+.Lxts_dec_steal:
+ llgc %r0,16($inp)
+ llgc %r1,0($out,$inp)
+ stc %r0,0($out,$inp)
+ stc %r1,16($out,$inp)
+ la $inp,1($inp)
+ brct $len,.Lxts_dec_steal
+ la $out,0($i3) # restore real $out
+
+ lm $s0,$s3,$tweak($sp) # load the 1st tweak
+ x $s0,0($out) # tweak^=*(inp)|stolen cipher-text
+ x $s1,4($out)
+ x $s2,8($out)
+ x $s3,12($out)
+ st${g} $out,4*$SIZE_T($sp)
+ la $key,0($key1)
+ bras $ra,_s390x_AES_decrypt
+ l${g} $out,4*$SIZE_T($sp)
+ x $s0,$tweak+0($sp) # ^=tweak
+ x $s1,$tweak+4($sp)
+ x $s2,$tweak+8($sp)
+ x $s3,$tweak+12($sp)
+ st $s0,0($out)
+ st $s1,4($out)
+ st $s2,8($out)
+ st $s3,12($out)
+ stg $sp,$tweak-16+0($sp) # wipe 2nd tweak
+ stg $sp,$tweak-16+8($sp)
+.Lxts_dec_done:
+ stg $sp,$tweak+0($sp) # wipe tweak
+ stg $sp,$twesk+8($sp)
+ lm${g} %r6,$ra,6*$SIZE_T($sp)
+ br $ra
+.size AES_xts_decrypt,.-AES_xts_decrypt
___
}
$code.=<<___;
.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm OPENSSL_s390xcap_P,16,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
+close STDOUT; # force flush
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-sparcv9.pl b/deps/openssl/openssl/crypto/aes/asm/aes-sparcv9.pl
index c57b3a2d6..403c4d129 100644..100755
--- a/deps/openssl/openssl/crypto/aes/asm/aes-sparcv9.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-sparcv9.pl
@@ -1176,6 +1176,7 @@ ___
# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have
# undesired effect, so just omit them and sacrifice some portion of
# percent in performance...
-$code =~ s/fmovs.*$//gem;
+$code =~ s/fmovs.*$//gm;
print $code;
+close STDOUT; # ensure flush
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl b/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
index 83aad2354..9fa4ff5a6 100755
--- a/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
@@ -36,7 +36,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
$verticalspin=1; # unlike 32-bit version $verticalspin performs
# ~15% better on both AMD and Intel cores
@@ -588,6 +589,9 @@ $code.=<<___;
.globl AES_encrypt
.type AES_encrypt,\@function,3
.align 16
+.globl asm_AES_encrypt
+.hidden asm_AES_encrypt
+asm_AES_encrypt:
AES_encrypt:
push %rbx
push %rbp
@@ -1184,6 +1188,9 @@ $code.=<<___;
.globl AES_decrypt
.type AES_decrypt,\@function,3
.align 16
+.globl asm_AES_decrypt
+.hidden asm_AES_decrypt
+asm_AES_decrypt:
AES_decrypt:
push %rbx
push %rbp
@@ -1277,13 +1284,13 @@ $code.=<<___;
___
}
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
$code.=<<___;
-.globl AES_set_encrypt_key
-.type AES_set_encrypt_key,\@function,3
+.globl private_AES_set_encrypt_key
+.type private_AES_set_encrypt_key,\@function,3
.align 16
-AES_set_encrypt_key:
+private_AES_set_encrypt_key:
push %rbx
push %rbp
push %r12 # redundant, but allows to share
@@ -1304,7 +1311,7 @@ AES_set_encrypt_key:
add \$56,%rsp
.Lenc_key_epilogue:
ret
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent
.align 16
@@ -1547,13 +1554,13 @@ $code.=<<___;
___
}
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
# AES_KEY *key)
$code.=<<___;
-.globl AES_set_decrypt_key
-.type AES_set_decrypt_key,\@function,3
+.globl private_AES_set_decrypt_key
+.type private_AES_set_decrypt_key,\@function,3
.align 16
-AES_set_decrypt_key:
+private_AES_set_decrypt_key:
push %rbx
push %rbp
push %r12
@@ -1622,7 +1629,7 @@ $code.=<<___;
add \$56,%rsp
.Ldec_key_epilogue:
ret
-.size AES_set_decrypt_key,.-AES_set_decrypt_key
+.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
___
# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
@@ -1648,6 +1655,9 @@ $code.=<<___;
.type AES_cbc_encrypt,\@function,6
.align 16
.extern OPENSSL_ia32cap_P
+.globl asm_AES_cbc_encrypt
+.hidden asm_AES_cbc_encrypt
+asm_AES_cbc_encrypt:
AES_cbc_encrypt:
cmp \$0,%rdx # check length
je .Lcbc_epilogue
@@ -2766,13 +2776,13 @@ cbc_se_handler:
.rva .LSEH_end_AES_decrypt
.rva .LSEH_info_AES_decrypt
- .rva .LSEH_begin_AES_set_encrypt_key
- .rva .LSEH_end_AES_set_encrypt_key
- .rva .LSEH_info_AES_set_encrypt_key
+ .rva .LSEH_begin_private_AES_set_encrypt_key
+ .rva .LSEH_end_private_AES_set_encrypt_key
+ .rva .LSEH_info_private_AES_set_encrypt_key
- .rva .LSEH_begin_AES_set_decrypt_key
- .rva .LSEH_end_AES_set_decrypt_key
- .rva .LSEH_info_AES_set_decrypt_key
+ .rva .LSEH_begin_private_AES_set_decrypt_key
+ .rva .LSEH_end_private_AES_set_decrypt_key
+ .rva .LSEH_info_private_AES_set_decrypt_key
.rva .LSEH_begin_AES_cbc_encrypt
.rva .LSEH_end_AES_cbc_encrypt
@@ -2788,11 +2798,11 @@ cbc_se_handler:
.byte 9,0,0,0
.rva block_se_handler
.rva .Ldec_prologue,.Ldec_epilogue # HandlerData[]
-.LSEH_info_AES_set_encrypt_key:
+.LSEH_info_private_AES_set_encrypt_key:
.byte 9,0,0,0
.rva key_se_handler
.rva .Lenc_key_prologue,.Lenc_key_epilogue # HandlerData[]
-.LSEH_info_AES_set_decrypt_key:
+.LSEH_info_private_AES_set_decrypt_key:
.byte 9,0,0,0
.rva key_se_handler
.rva .Ldec_key_prologue,.Ldec_key_epilogue # HandlerData[]
diff --git a/deps/openssl/openssl/crypto/asn1/Makefile b/deps/openssl/openssl/crypto/asn1/Makefile
index 160544eed..f7787005d 100644
--- a/deps/openssl/openssl/crypto/asn1/Makefile
+++ b/deps/openssl/openssl/crypto/asn1/Makefile
@@ -639,7 +639,7 @@ t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_x509.o: ../cryptlib.h t_x509.c
+t_x509.o: ../cryptlib.h asn1_locl.h t_x509.c
t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/deps/openssl/openssl/crypto/asn1/a_digest.c b/deps/openssl/openssl/crypto/asn1/a_digest.c
index d00d9e22b..cbdeea6ac 100644
--- a/deps/openssl/openssl/crypto/asn1/a_digest.c
+++ b/deps/openssl/openssl/crypto/asn1/a_digest.c
@@ -87,7 +87,8 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
p=str;
i2d(data,&p);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return(1);
}
@@ -104,7 +105,8 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
i=ASN1_item_i2d(asn,&str, it);
if (!str) return(0);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return(1);
}
diff --git a/deps/openssl/openssl/crypto/asn1/a_int.c b/deps/openssl/openssl/crypto/asn1/a_int.c
index 3348b8762..ad0d2506f 100644
--- a/deps/openssl/openssl/crypto/asn1/a_int.c
+++ b/deps/openssl/openssl/crypto/asn1/a_int.c
@@ -386,8 +386,8 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a)
if (a->length > (int)sizeof(long))
{
- /* hmm... a bit ugly */
- return(0xffffffffL);
+ /* hmm... a bit ugly, return all ones */
+ return -1;
}
if (a->data == NULL)
return 0;
diff --git a/deps/openssl/openssl/crypto/asn1/a_sign.c b/deps/openssl/openssl/crypto/asn1/a_sign.c
index ff63bfc7b..7b4a193d6 100644
--- a/deps/openssl/openssl/crypto/asn1/a_sign.c
+++ b/deps/openssl/openssl/crypto/asn1/a_sign.c
@@ -184,9 +184,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
p=buf_in;
i2d(data,&p);
- EVP_SignInit_ex(&ctx,type, NULL);
- EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
- if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+ if (!EVP_SignInit_ex(&ctx,type, NULL)
+ || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
+ || !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
(unsigned int *)&outl,pkey))
{
outl=0;
@@ -218,65 +218,100 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
const EVP_MD *type)
{
EVP_MD_CTX ctx;
+ EVP_MD_CTX_init(&ctx);
+ if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey))
+ {
+ EVP_MD_CTX_cleanup(&ctx);
+ return 0;
+ }
+ return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
+ }
+
+
+int ASN1_item_sign_ctx(const ASN1_ITEM *it,
+ X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
+ {
+ const EVP_MD *type;
+ EVP_PKEY *pkey;
unsigned char *buf_in=NULL,*buf_out=NULL;
- int inl=0,outl=0,outll=0;
+ size_t inl=0,outl=0,outll=0;
int signid, paramtype;
+ int rv;
+
+ type = EVP_MD_CTX_md(ctx);
+ pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
- if (type == NULL)
+ if (!type || !pkey)
{
- int def_nid;
- if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
- type = EVP_get_digestbynid(def_nid);
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
+ return 0;
}
- if (type == NULL)
+ if (pkey->ameth->item_sign)
{
- ASN1err(ASN1_F_ASN1_ITEM_SIGN, ASN1_R_NO_DEFAULT_DIGEST);
- return 0;
+ rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
+ signature);
+ if (rv == 1)
+ outl = signature->length;
+ /* Return value meanings:
+ * <=0: error.
+ * 1: method does everything.
+ * 2: carry on as normal.
+ * 3: ASN1 method sets algorithm identifiers: just sign.
+ */
+ if (rv <= 0)
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
+ if (rv <= 1)
+ goto err;
}
+ else
+ rv = 2;
- if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
+ if (rv == 2)
{
- if (!pkey->ameth ||
- !OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type),
- pkey->ameth->pkey_id))
+ if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
{
- ASN1err(ASN1_F_ASN1_ITEM_SIGN,
- ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
- return 0;
+ if (!pkey->ameth ||
+ !OBJ_find_sigid_by_algs(&signid,
+ EVP_MD_nid(type),
+ pkey->ameth->pkey_id))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
+ ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+ return 0;
+ }
}
- }
- else
- signid = type->pkey_type;
+ else
+ signid = type->pkey_type;
- if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
- paramtype = V_ASN1_NULL;
- else
- paramtype = V_ASN1_UNDEF;
+ if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
+ paramtype = V_ASN1_NULL;
+ else
+ paramtype = V_ASN1_UNDEF;
- if (algor1)
- X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
- if (algor2)
- X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
+ if (algor1)
+ X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
+ if (algor2)
+ X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
+
+ }
- EVP_MD_CTX_init(&ctx);
inl=ASN1_item_i2d(asn,&buf_in, it);
outll=outl=EVP_PKEY_size(pkey);
- buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
+ buf_out=OPENSSL_malloc((unsigned int)outl);
if ((buf_in == NULL) || (buf_out == NULL))
{
outl=0;
- ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE);
goto err;
}
- EVP_SignInit_ex(&ctx,type, NULL);
- EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
- if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
- (unsigned int *)&outl,pkey))
+ if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
+ || !EVP_DigestSignFinal(ctx, buf_out, &outl))
{
outl=0;
- ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB);
goto err;
}
if (signature->data != NULL) OPENSSL_free(signature->data);
@@ -289,7 +324,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(ctx);
if (buf_in != NULL)
{ OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
if (buf_out != NULL)
diff --git a/deps/openssl/openssl/crypto/asn1/a_strex.c b/deps/openssl/openssl/crypto/asn1/a_strex.c
index 8a467abd7..bf63330f0 100644
--- a/deps/openssl/openssl/crypto/asn1/a_strex.c
+++ b/deps/openssl/openssl/crypto/asn1/a_strex.c
@@ -568,6 +568,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
mbflag |= MBSTRING_FLAG;
memset(&stmp, 0, sizeof(stmp));
stmp.data = NULL;
+ stmp.length = 0;
ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
if(ret < 0) return ret;
*out = stmp.data;
diff --git a/deps/openssl/openssl/crypto/asn1/a_verify.c b/deps/openssl/openssl/crypto/asn1/a_verify.c
index cecdb13c7..fc84cd3d1 100644
--- a/deps/openssl/openssl/crypto/asn1/a_verify.c
+++ b/deps/openssl/openssl/crypto/asn1/a_verify.c
@@ -101,8 +101,13 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
p=buf_in;
i2d(data,&p);
- EVP_VerifyInit_ex(&ctx,type, NULL);
- EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_VerifyInit_ex(&ctx,type, NULL)
+ || !EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
OPENSSL_cleanse(buf_in,(unsigned int)inl);
OPENSSL_free(buf_in);
@@ -126,16 +131,21 @@ err:
#endif
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature,
- void *asn, EVP_PKEY *pkey)
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
+ ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
{
EVP_MD_CTX ctx;
- const EVP_MD *type = NULL;
unsigned char *buf_in=NULL;
int ret= -1,inl;
int mdnid, pknid;
+ if (!pkey)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+ return -1;
+ }
+
EVP_MD_CTX_init(&ctx);
/* Convert signature OID into digest and public key OIDs */
@@ -144,25 +154,47 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
goto err;
}
- type=EVP_get_digestbynid(mdnid);
- if (type == NULL)
+ if (mdnid == NID_undef)
{
- ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
- goto err;
+ if (!pkey->ameth || !pkey->ameth->item_verify)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+ goto err;
+ }
+ ret = pkey->ameth->item_verify(&ctx, it, asn, a,
+ signature, pkey);
+ /* Return value of 2 means carry on, anything else means we
+ * exit straight away: either a fatal error of the underlying
+ * verification routine handles all verification.
+ */
+ if (ret != 2)
+ goto err;
+ ret = -1;
}
-
- /* Check public key OID matches public key type */
- if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id)
+ else
{
- ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
- goto err;
- }
+ const EVP_MD *type;
+ type=EVP_get_digestbynid(mdnid);
+ if (type == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+ goto err;
+ }
+
+ /* Check public key OID matches public key type */
+ if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
+ goto err;
+ }
+
+ if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
- if (!EVP_VerifyInit_ex(&ctx,type, NULL))
- {
- ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
- ret=0;
- goto err;
}
inl = ASN1_item_i2d(asn, &buf_in, it);
@@ -173,13 +205,18 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto err;
}
- EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
OPENSSL_cleanse(buf_in,(unsigned int)inl);
OPENSSL_free(buf_in);
- if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
- (unsigned int)signature->length,pkey) <= 0)
+ if (EVP_DigestVerifyFinal(&ctx,signature->data,
+ (size_t)signature->length) <= 0)
{
ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
ret=0;
diff --git a/deps/openssl/openssl/crypto/asn1/ameth_lib.c b/deps/openssl/openssl/crypto/asn1/ameth_lib.c
index 5a581b90e..a19e058fc 100644
--- a/deps/openssl/openssl/crypto/asn1/ameth_lib.c
+++ b/deps/openssl/openssl/crypto/asn1/ameth_lib.c
@@ -69,6 +69,7 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
/* Keep this sorted in type order !! */
static const EVP_PKEY_ASN1_METHOD *standard_methods[] =
@@ -90,7 +91,8 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] =
#ifndef OPENSSL_NO_EC
&eckey_asn1_meth,
#endif
- &hmac_asn1_meth
+ &hmac_asn1_meth,
+ &cmac_asn1_meth
};
typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
@@ -291,6 +293,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
if (!ameth)
return NULL;
+ memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD));
+
ameth->pkey_id = id;
ameth->pkey_base_id = id;
ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
@@ -325,6 +329,9 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
ameth->old_priv_encode = 0;
ameth->old_priv_decode = 0;
+ ameth->item_verify = 0;
+ ameth->item_sign = 0;
+
ameth->pkey_size = 0;
ameth->pkey_bits = 0;
@@ -376,6 +383,9 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
dst->pkey_free = src->pkey_free;
dst->pkey_ctrl = src->pkey_ctrl;
+ dst->item_sign = src->item_sign;
+ dst->item_verify = src->item_verify;
+
}
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
diff --git a/deps/openssl/openssl/crypto/asn1/asn1.h b/deps/openssl/openssl/crypto/asn1/asn1.h
index 59540e4e7..220a0c8c6 100644
--- a/deps/openssl/openssl/crypto/asn1/asn1.h
+++ b/deps/openssl/openssl/crypto/asn1/asn1.h
@@ -235,7 +235,7 @@ typedef struct asn1_object_st
*/
#define ASN1_STRING_FLAG_MSTRING 0x040
/* This is the base type that holds just about everything :-) */
-typedef struct asn1_string_st
+struct asn1_string_st
{
int length;
int type;
@@ -245,7 +245,7 @@ typedef struct asn1_string_st
* input data has a non-zero 'unused bits' value, it will be
* handled correctly */
long flags;
- } ASN1_STRING;
+ };
/* ASN1_ENCODING structure: this is used to save the received
* encoding of an ASN1 type. This is useful to get round
@@ -293,7 +293,6 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
* see asn1t.h
*/
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct ASN1_TLC_st ASN1_TLC;
/* This is just an opaque pointer */
typedef struct ASN1_VALUE_st ASN1_VALUE;
@@ -1194,6 +1193,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_ITEM_I2D_FP 193
#define ASN1_F_ASN1_ITEM_PACK 198
#define ASN1_F_ASN1_ITEM_SIGN 195
+#define ASN1_F_ASN1_ITEM_SIGN_CTX 220
#define ASN1_F_ASN1_ITEM_UNPACK 199
#define ASN1_F_ASN1_ITEM_VERIFY 197
#define ASN1_F_ASN1_MBSTRING_NCOPY 122
@@ -1266,6 +1266,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_PKCS5_PBE2_SET_IV 167
#define ASN1_F_PKCS5_PBE_SET 202
#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
+#define ASN1_F_PKCS5_PBKDF2_SET 219
#define ASN1_F_SMIME_READ_ASN1 212
#define ASN1_F_SMIME_TEXT 213
#define ASN1_F_X509_CINF_NEW 168
@@ -1291,6 +1292,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
#define ASN1_R_BUFFER_TOO_SMALL 107
#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+#define ASN1_R_CONTEXT_NOT_INITIALISED 217
#define ASN1_R_DATA_IS_WRONG 109
#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
diff --git a/deps/openssl/openssl/crypto/asn1/asn1_err.c b/deps/openssl/openssl/crypto/asn1/asn1_err.c
index 6e04d08f3..1a30bf119 100644
--- a/deps/openssl/openssl/crypto/asn1/asn1_err.c
+++ b/deps/openssl/openssl/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
- * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -107,6 +107,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
@@ -179,6 +180,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
+{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
@@ -207,6 +209,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"},
{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
+{ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED),"context not initialised"},
{ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"},
{ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"},
diff --git a/deps/openssl/openssl/crypto/asn1/asn1_locl.h b/deps/openssl/openssl/crypto/asn1/asn1_locl.h
index 5aa65e28f..9fcf0d953 100644
--- a/deps/openssl/openssl/crypto/asn1/asn1_locl.h
+++ b/deps/openssl/openssl/crypto/asn1/asn1_locl.h
@@ -102,6 +102,10 @@ struct evp_pkey_asn1_method_st
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
+ int (*sig_print)(BIO *out,
+ const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+ int indent, ASN1_PCTX *pctx);
+
void (*pkey_free)(EVP_PKEY *pkey);
int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
@@ -111,6 +115,13 @@ struct evp_pkey_asn1_method_st
int (*old_priv_decode)(EVP_PKEY *pkey,
const unsigned char **pder, int derlen);
int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+ /* Custom ASN1 signature verification */
+ int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *a, ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey);
+ int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *alg1, X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig);
} /* EVP_PKEY_ASN1_METHOD */;
diff --git a/deps/openssl/openssl/crypto/asn1/asn_mime.c b/deps/openssl/openssl/crypto/asn1/asn_mime.c
index c1d1b1229..54a704a96 100644
--- a/deps/openssl/openssl/crypto/asn1/asn_mime.c
+++ b/deps/openssl/openssl/crypto/asn1/asn_mime.c
@@ -377,8 +377,12 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
BIO *tmpbio;
const ASN1_AUX *aux = it->funcs;
ASN1_STREAM_ARG sarg;
+ int rv = 1;
- if (!(flags & SMIME_DETACHED))
+ /* If data is not deteched or resigning then the output BIO is
+ * already set up to finalise when it is written through.
+ */
+ if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST))
{
SMIME_crlf_copy(data, out, flags);
return 1;
@@ -405,7 +409,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
/* Finalize structure */
if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
- return 0;
+ rv = 0;
/* Now remove any digests prepended to the BIO */
@@ -416,7 +420,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
sarg.ndef_bio = tmpbio;
}
- return 1;
+ return rv;
}
@@ -486,9 +490,9 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
strcmp(hdr->value, "application/pkcs7-signature")) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_SIG_INVALID_MIME_TYPE);
ERR_add_error_data(2, "type: ", hdr->value);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
sk_BIO_pop_free(parts, BIO_vfree);
return NULL;
}
@@ -801,7 +805,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
if(name) {
if(!(tmpname = BUF_strdup(name))) return NULL;
for(p = tmpname ; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if(isupper(c)) {
c = tolower(c);
*p = c;
@@ -811,7 +815,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
if(value) {
if(!(tmpval = BUF_strdup(value))) return NULL;
for(p = tmpval ; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if(isupper(c)) {
c = tolower(c);
*p = c;
@@ -835,7 +839,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
tmpname = BUF_strdup(name);
if(!tmpname) return 0;
for(p = tmpname ; *p; p++) {
- c = *p;
+ c = (unsigned char)*p;
if(isupper(c)) {
c = tolower(c);
*p = c;
@@ -858,12 +862,17 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
static int mime_hdr_cmp(const MIME_HEADER * const *a,
const MIME_HEADER * const *b)
{
+ if (!(*a)->name || !(*b)->name)
+ return !!(*a)->name - !!(*b)->name;
+
return(strcmp((*a)->name, (*b)->name));
}
static int mime_param_cmp(const MIME_PARAM * const *a,
const MIME_PARAM * const *b)
{
+ if (!(*a)->param_name || !(*b)->param_name)
+ return !!(*a)->param_name - !!(*b)->param_name;
return(strcmp((*a)->param_name, (*b)->param_name));
}
diff --git a/deps/openssl/openssl/crypto/asn1/n_pkey.c b/deps/openssl/openssl/crypto/asn1/n_pkey.c
index e7d043906..e25173993 100644
--- a/deps/openssl/openssl/crypto/asn1/n_pkey.c
+++ b/deps/openssl/openssl/crypto/asn1/n_pkey.c
@@ -129,6 +129,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
unsigned char buf[256],*zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
if (a == NULL) return(0);
@@ -206,24 +207,28 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
i = strlen((char *)buf);
/* If the key is used for SGC the algorithm is modified a little. */
if(sgckey) {
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+ if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+ goto err;
OPENSSL_cleanse(buf,256);
/* Encrypt private key in place */
zz = enckey->enckey->digest->data;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
- EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
- EVP_EncryptFinal_ex(&ctx,zz + i,&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL))
+ goto err;
+ if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen))
+ goto err;
+ if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j))
+ goto err;
ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_ENCRYPTED_PKEY_free(enckey);
NETSCAPE_PKEY_free(pkey);
return(ret);
@@ -288,6 +293,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
const unsigned char *zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
i=cb((char *)buf,256,"Enter Private Key password:",0);
if (i != 0)
@@ -298,19 +304,22 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
i = strlen((char *)buf);
if(sgckey){
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+ if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+ goto err;
OPENSSL_cleanse(buf,256);
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
- EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
- EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j))
+ goto err;
os->length=i+j;
zz=os->data;
@@ -328,6 +337,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
goto err;
}
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_PKEY_free(pkey);
return(ret);
}
diff --git a/deps/openssl/openssl/crypto/asn1/p5_pbev2.c b/deps/openssl/openssl/crypto/asn1/p5_pbev2.c
index cb49b6651..4ea683036 100644
--- a/deps/openssl/openssl/crypto/asn1/p5_pbev2.c
+++ b/deps/openssl/openssl/crypto/asn1/p5_pbev2.c
@@ -91,12 +91,10 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *aiv, int prf_nid)
{
X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
- int alg_nid;
+ int alg_nid, keylen;
EVP_CIPHER_CTX ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
- PBKDF2PARAM *kdf = NULL;
PBE2PARAM *pbe2 = NULL;
- ASN1_OCTET_STRING *osalt = NULL;
ASN1_OBJECT *obj;
alg_nid = EVP_CIPHER_type(cipher);
@@ -127,7 +125,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
EVP_CIPHER_CTX_init(&ctx);
/* Dummy cipherinit to just setup the IV, and PRF */
- EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
+ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+ goto err;
if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
@@ -145,55 +144,21 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
}
EVP_CIPHER_CTX_cleanup(&ctx);
- if(!(kdf = PBKDF2PARAM_new())) goto merr;
- if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
-
- if (!saltlen) saltlen = PKCS5_SALT_LEN;
- if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
- osalt->length = saltlen;
- if (salt) memcpy (osalt->data, salt, saltlen);
- else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
-
- if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
- if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
-
- /* Now include salt in kdf structure */
- kdf->salt->value.octet_string = osalt;
- kdf->salt->type = V_ASN1_OCTET_STRING;
- osalt = NULL;
-
/* If its RC2 then we'd better setup the key length */
- if(alg_nid == NID_rc2_cbc) {
- if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
- if(!ASN1_INTEGER_set (kdf->keylength,
- EVP_CIPHER_key_length(cipher))) goto merr;
- }
-
- /* prf can stay NULL if we are using hmacWithSHA1 */
- if (prf_nid != NID_hmacWithSHA1)
- {
- kdf->prf = X509_ALGOR_new();
- if (!kdf->prf)
- goto merr;
- X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
- V_ASN1_NULL, NULL);
- }
-
- /* Now setup the PBE2PARAM keyfunc structure */
+ if(alg_nid == NID_rc2_cbc)
+ keylen = EVP_CIPHER_key_length(cipher);
+ else
+ keylen = -1;
- pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+ /* Setup keyfunc */
- /* Encode PBKDF2PARAM into parameter of pbe2 */
+ X509_ALGOR_free(pbe2->keyfunc);
- if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
+ pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
- if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
- &pbe2->keyfunc->parameter->value.sequence)) goto merr;
- pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
- PBKDF2PARAM_free(kdf);
- kdf = NULL;
+ if (!pbe2->keyfunc)
+ goto merr;
/* Now set up top level AlgorithmIdentifier */
@@ -219,8 +184,6 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
err:
PBE2PARAM_free(pbe2);
/* Note 'scheme' is freed as part of pbe2 */
- M_ASN1_OCTET_STRING_free(osalt);
- PBKDF2PARAM_free(kdf);
X509_ALGOR_free(kalg);
X509_ALGOR_free(ret);
@@ -233,3 +196,85 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
{
return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
}
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen)
+ {
+ X509_ALGOR *keyfunc = NULL;
+ PBKDF2PARAM *kdf = NULL;
+ ASN1_OCTET_STRING *osalt = NULL;
+
+ if(!(kdf = PBKDF2PARAM_new()))
+ goto merr;
+ if(!(osalt = M_ASN1_OCTET_STRING_new()))
+ goto merr;
+
+ kdf->salt->value.octet_string = osalt;
+ kdf->salt->type = V_ASN1_OCTET_STRING;
+
+ if (!saltlen)
+ saltlen = PKCS5_SALT_LEN;
+ if (!(osalt->data = OPENSSL_malloc (saltlen)))
+ goto merr;
+
+ osalt->length = saltlen;
+
+ if (salt)
+ memcpy (osalt->data, salt, saltlen);
+ else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0)
+ goto merr;
+
+ if(iter <= 0)
+ iter = PKCS5_DEFAULT_ITER;
+
+ if(!ASN1_INTEGER_set(kdf->iter, iter))
+ goto merr;
+
+ /* If have a key len set it up */
+
+ if(keylen > 0)
+ {
+ if(!(kdf->keylength = M_ASN1_INTEGER_new()))
+ goto merr;
+ if(!ASN1_INTEGER_set (kdf->keylength, keylen))
+ goto merr;
+ }
+
+ /* prf can stay NULL if we are using hmacWithSHA1 */
+ if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1)
+ {
+ kdf->prf = X509_ALGOR_new();
+ if (!kdf->prf)
+ goto merr;
+ X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
+ V_ASN1_NULL, NULL);
+ }
+
+ /* Finally setup the keyfunc structure */
+
+ keyfunc = X509_ALGOR_new();
+ if (!keyfunc)
+ goto merr;
+
+ keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+
+ /* Encode PBKDF2PARAM into parameter of pbe2 */
+
+ if(!(keyfunc->parameter = ASN1_TYPE_new()))
+ goto merr;
+
+ if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
+ &keyfunc->parameter->value.sequence))
+ goto merr;
+ keyfunc->parameter->type = V_ASN1_SEQUENCE;
+
+ PBKDF2PARAM_free(kdf);
+ return keyfunc;
+
+ merr:
+ ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);
+ PBKDF2PARAM_free(kdf);
+ X509_ALGOR_free(keyfunc);
+ return NULL;
+ }
+
diff --git a/deps/openssl/openssl/crypto/asn1/t_crl.c b/deps/openssl/openssl/crypto/asn1/t_crl.c
index ee5a687ce..c61169208 100644
--- a/deps/openssl/openssl/crypto/asn1/t_crl.c
+++ b/deps/openssl/openssl/crypto/asn1/t_crl.c
@@ -94,8 +94,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
l = X509_CRL_get_version(x);
BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l);
i = OBJ_obj2nid(x->sig_alg->algorithm);
- BIO_printf(out, "%8sSignature Algorithm: %s\n", "",
- (i == NID_undef) ? "NONE" : OBJ_nid2ln(i));
+ X509_signature_print(out, x->sig_alg, NULL);
p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0);
BIO_printf(out,"%8sIssuer: %s\n","",p);
OPENSSL_free(p);
diff --git a/deps/openssl/openssl/crypto/asn1/t_x509.c b/deps/openssl/openssl/crypto/asn1/t_x509.c
index e061f2ffa..edbb39a02 100644
--- a/deps/openssl/openssl/crypto/asn1/t_x509.c
+++ b/deps/openssl/openssl/crypto/asn1/t_x509.c
@@ -72,6 +72,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "asn1_locl.h"
#ifndef OPENSSL_NO_FP_API
int X509_print_fp(FILE *fp, X509 *x)
@@ -137,10 +138,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
bs=X509_get_serialNumber(x);
- if (bs->length <= 4)
+ if (bs->length <= (int)sizeof(long))
{
l=ASN1_INTEGER_get(bs);
- if (l < 0)
+ if (bs->type == V_ASN1_NEG_INTEGER)
{
l= -l;
neg="-";
@@ -167,12 +168,16 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
if(!(cflag & X509_FLAG_NO_SIGNAME))
{
+ if(X509_signature_print(bp, x->sig_alg, NULL) <= 0)
+ goto err;
+#if 0
if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
goto err;
if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
goto err;
if (BIO_puts(bp, "\n") <= 0)
goto err;
+#endif
}
if(!(cflag & X509_FLAG_NO_ISSUER))
@@ -255,7 +260,8 @@ int X509_ocspid_print (BIO *bp, X509 *x)
goto err;
i2d_X509_NAME(x->cert_info->subject, &dertmp);
- EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
@@ -268,8 +274,10 @@ int X509_ocspid_print (BIO *bp, X509 *x)
if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
goto err;
- EVP_Digest(x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length,
+ SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
@@ -283,23 +291,50 @@ err:
return(0);
}
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
{
- unsigned char *s;
+ const unsigned char *s;
int i, n;
- if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0;
- if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
n=sig->length;
s=sig->data;
for (i=0; i<n; i++)
{
if ((i%18) == 0)
- if (BIO_write(bp,"\n ",9) <= 0) return 0;
+ {
+ if (BIO_write(bp,"\n",1) <= 0) return 0;
+ if (BIO_indent(bp, indent, indent) <= 0) return 0;
+ }
if (BIO_printf(bp,"%02x%s",s[i],
((i+1) == n)?"":":") <= 0) return 0;
}
if (BIO_write(bp,"\n",1) != 1) return 0;
+
+ return 1;
+}
+
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+{
+ int sig_nid;
+ if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0;
+ if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
+
+ sig_nid = OBJ_obj2nid(sigalg->algorithm);
+ if (sig_nid != NID_undef)
+ {
+ int pkey_nid, dig_nid;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid))
+ {
+ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
+ if (ameth && ameth->sig_print)
+ return ameth->sig_print(bp, sigalg, sig, 9, 0);
+ }
+ }
+ if (sig)
+ return X509_signature_dump(bp, sig, 9);
+ else if (BIO_puts(bp, "\n") <= 0)
+ return 0;
return 1;
}
diff --git a/deps/openssl/openssl/crypto/asn1/tasn_prn.c b/deps/openssl/openssl/crypto/asn1/tasn_prn.c
index 453698012..542a091a6 100644
--- a/deps/openssl/openssl/crypto/asn1/tasn_prn.c
+++ b/deps/openssl/openssl/crypto/asn1/tasn_prn.c
@@ -446,11 +446,11 @@ static int asn1_print_fsname(BIO *out, int indent,
return 1;
}
-static int asn1_print_boolean_ctx(BIO *out, const int bool,
+static int asn1_print_boolean_ctx(BIO *out, int boolval,
const ASN1_PCTX *pctx)
{
const char *str;
- switch (bool)
+ switch (boolval)
{
case -1:
str = "BOOL ABSENT";
@@ -574,10 +574,10 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
{
case V_ASN1_BOOLEAN:
{
- int bool = *(int *)fld;
- if (bool == -1)
- bool = it->size;
- ret = asn1_print_boolean_ctx(out, bool, pctx);
+ int boolval = *(int *)fld;
+ if (boolval == -1)
+ boolval = it->size;
+ ret = asn1_print_boolean_ctx(out, boolval, pctx);
}
break;
diff --git a/deps/openssl/openssl/crypto/asn1/x_algor.c b/deps/openssl/openssl/crypto/asn1/x_algor.c
index 99e53429b..274e456c7 100644
--- a/deps/openssl/openssl/crypto/asn1/x_algor.c
+++ b/deps/openssl/openssl/crypto/asn1/x_algor.c
@@ -128,3 +128,17 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
}
}
+/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
+
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
+ {
+ int param_type;
+
+ if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
+ param_type = V_ASN1_UNDEF;
+ else
+ param_type = V_ASN1_NULL;
+
+ X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
+
+ }
diff --git a/deps/openssl/openssl/crypto/asn1/x_name.c b/deps/openssl/openssl/crypto/asn1/x_name.c
index 49be08b4d..d7c231869 100644
--- a/deps/openssl/openssl/crypto/asn1/x_name.c
+++ b/deps/openssl/openssl/crypto/asn1/x_name.c
@@ -399,8 +399,7 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
/* If type not in bitmask just copy string across */
if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON))
{
- out->type = in->type;
- if (!ASN1_STRING_set(out, in->data, in->length))
+ if (!ASN1_STRING_copy(out, in))
return 0;
return 1;
}
diff --git a/deps/openssl/openssl/crypto/asn1/x_pubkey.c b/deps/openssl/openssl/crypto/asn1/x_pubkey.c
index d42b6a2c5..b649e1fcf 100644
--- a/deps/openssl/openssl/crypto/asn1/x_pubkey.c
+++ b/deps/openssl/openssl/crypto/asn1/x_pubkey.c
@@ -171,7 +171,19 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
goto error;
}
- key->pkey = ret;
+ /* Check to see if another thread set key->pkey first */
+ CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ if (key->pkey)
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ EVP_PKEY_free(ret);
+ ret = key->pkey;
+ }
+ else
+ {
+ key->pkey = ret;
+ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ }
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
return ret;
diff --git a/deps/openssl/openssl/crypto/bf/Makefile b/deps/openssl/openssl/crypto/bf/Makefile
index dd2c2c708..d01bfaa31 100644
--- a/deps/openssl/openssl/crypto/bf/Makefile
+++ b/deps/openssl/openssl/crypto/bf/Makefile
@@ -94,5 +94,8 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/deps/openssl/openssl/crypto/bf/bf_skey.c b/deps/openssl/openssl/crypto/bf/bf_skey.c
index 3673cdee6..3b0bca41a 100644
--- a/deps/openssl/openssl/crypto/bf/bf_skey.c
+++ b/deps/openssl/openssl/crypto/bf/bf_skey.c
@@ -58,11 +58,19 @@
#include <stdio.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/blowfish.h>
#include "bf_locl.h"
#include "bf_pi.h"
void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(BLOWFISH);
+ private_BF_set_key(key, len, data);
+ }
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#endif
{
int i;
BF_LONG *p,ri,in[2];
diff --git a/deps/openssl/openssl/crypto/bf/blowfish.h b/deps/openssl/openssl/crypto/bf/blowfish.h
index b97e76f9a..4b6c8920a 100644
--- a/deps/openssl/openssl/crypto/bf/blowfish.h
+++ b/deps/openssl/openssl/crypto/bf/blowfish.h
@@ -104,7 +104,9 @@ typedef struct bf_key_st
BF_LONG S[4*256];
} BF_KEY;
-
+#ifdef OPENSSL_FIPS
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+#endif
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
void BF_encrypt(BF_LONG *data,const BF_KEY *key);
diff --git a/deps/openssl/openssl/crypto/bio/bio.h b/deps/openssl/openssl/crypto/bio/bio.h
index ab47abcf1..05699ab21 100644
--- a/deps/openssl/openssl/crypto/bio/bio.h
+++ b/deps/openssl/openssl/crypto/bio/bio.h
@@ -68,6 +68,14 @@
#include <openssl/crypto.h>
+#ifndef OPENSSL_NO_SCTP
+# ifndef OPENSSL_SYS_VMS
+# include <stdint.h>
+# else
+# include <inttypes.h>
+# endif
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -95,6 +103,9 @@ extern "C" {
#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
#define BIO_TYPE_DGRAM (21|0x0400|0x0100)
+#ifndef OPENSSL_NO_SCTP
+#define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
+#endif
#define BIO_TYPE_ASN1 (22|0x0200) /* filter */
#define BIO_TYPE_COMP (23|0x0200) /* filter */
@@ -146,6 +157,7 @@ extern "C" {
/* #endif */
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
+#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
@@ -161,7 +173,22 @@ extern "C" {
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
- * adjust socket timeouts */
+ * adjust socket timeouts */
+
+#ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+#define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+#define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+#define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+#define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+#define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+#define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+#define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+#define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+#define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+#define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+#define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+#endif
/* modifiers */
#define BIO_FP_READ 0x02
@@ -331,6 +358,34 @@ typedef struct bio_f_buffer_ctx_struct
/* Prefix and suffix callback in ASN1 BIO */
typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+#ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo
+ {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+ };
+
+struct bio_dgram_sctp_rcvinfo
+ {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+ };
+
+struct bio_dgram_sctp_prinfo
+ {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+ };
+#endif
+
/* connect BIO stuff */
#define BIO_CONN_S_BEFORE 1
#define BIO_CONN_S_GET_IP 2
@@ -628,6 +683,9 @@ BIO_METHOD *BIO_f_linebuffer(void);
BIO_METHOD *BIO_f_nbio_test(void);
#ifndef OPENSSL_NO_DGRAM
BIO_METHOD *BIO_s_datagram(void);
+#ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+#endif
#endif
/* BIO_METHOD *BIO_f_ber(void); */
@@ -670,6 +728,15 @@ int BIO_set_tcp_ndelay(int sock,int turn_on);
BIO *BIO_new_socket(int sock, int close_flag);
BIO *BIO_new_dgram(int fd, int close_flag);
+#ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications)(BIO *bio, void *context, void *buf),
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+#endif
BIO *BIO_new_fd(int fd, int close_flag);
BIO *BIO_new_connect(char *host_port);
BIO *BIO_new_accept(char *host_port);
@@ -734,6 +801,7 @@ void ERR_load_BIO_strings(void);
#define BIO_F_BUFFER_CTRL 114
#define BIO_F_CONN_CTRL 127
#define BIO_F_CONN_STATE 115
+#define BIO_F_DGRAM_SCTP_READ 132
#define BIO_F_FILE_CTRL 116
#define BIO_F_FILE_READ 130
#define BIO_F_LINEBUFFER_CTRL 129
diff --git a/deps/openssl/openssl/crypto/bio/bio_err.c b/deps/openssl/openssl/crypto/bio/bio_err.c
index a224edd5a..0dbfbd80d 100644
--- a/deps/openssl/openssl/crypto/bio/bio_err.c
+++ b/deps/openssl/openssl/crypto/bio/bio_err.c
@@ -1,6 +1,6 @@
/* crypto/bio/bio_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -95,6 +95,7 @@ static ERR_STRING_DATA BIO_str_functs[]=
{ERR_FUNC(BIO_F_BUFFER_CTRL), "BUFFER_CTRL"},
{ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
{ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
+{ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "DGRAM_SCTP_READ"},
{ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
{ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
{ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
diff --git a/deps/openssl/openssl/crypto/bio/bio_lib.c b/deps/openssl/openssl/crypto/bio/bio_lib.c
index e12bc3a2c..9c9646afa 100644
--- a/deps/openssl/openssl/crypto/bio/bio_lib.c
+++ b/deps/openssl/openssl/crypto/bio/bio_lib.c
@@ -521,40 +521,40 @@ void BIO_free_all(BIO *bio)
BIO *BIO_dup_chain(BIO *in)
{
- BIO *ret=NULL,*eoc=NULL,*bio,*new;
+ BIO *ret=NULL,*eoc=NULL,*bio,*new_bio;
for (bio=in; bio != NULL; bio=bio->next_bio)
{
- if ((new=BIO_new(bio->method)) == NULL) goto err;
- new->callback=bio->callback;
- new->cb_arg=bio->cb_arg;
- new->init=bio->init;
- new->shutdown=bio->shutdown;
- new->flags=bio->flags;
+ if ((new_bio=BIO_new(bio->method)) == NULL) goto err;
+ new_bio->callback=bio->callback;
+ new_bio->cb_arg=bio->cb_arg;
+ new_bio->init=bio->init;
+ new_bio->shutdown=bio->shutdown;
+ new_bio->flags=bio->flags;
/* This will let SSL_s_sock() work with stdin/stdout */
- new->num=bio->num;
+ new_bio->num=bio->num;
- if (!BIO_dup_state(bio,(char *)new))
+ if (!BIO_dup_state(bio,(char *)new_bio))
{
- BIO_free(new);
+ BIO_free(new_bio);
goto err;
}
/* copy app data */
- if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new->ex_data,
+ if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data,
&bio->ex_data))
goto err;
if (ret == NULL)
{
- eoc=new;
+ eoc=new_bio;
ret=eoc;
}
else
{
- BIO_push(eoc,new);
- eoc=new;
+ BIO_push(eoc,new_bio);
+ eoc=new_bio;
}
}
return(ret);
diff --git a/deps/openssl/openssl/crypto/bio/bss_bio.c b/deps/openssl/openssl/crypto/bio/bss_bio.c
index 76bd48e76..52ef0ebcb 100644
--- a/deps/openssl/openssl/crypto/bio/bss_bio.c
+++ b/deps/openssl/openssl/crypto/bio/bss_bio.c
@@ -277,10 +277,10 @@ static int bio_read(BIO *bio, char *buf, int size_)
*/
/* WARNING: The non-copying interface is largely untested as of yet
* and may contain bugs. */
-static ssize_t bio_nread0(BIO *bio, char **buf)
+static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
{
struct bio_bio_st *b, *peer_b;
- ssize_t num;
+ ossl_ssize_t num;
BIO_clear_retry_flags(bio);
@@ -315,15 +315,15 @@ static ssize_t bio_nread0(BIO *bio, char **buf)
return num;
}
-static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
+static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b, *peer_b;
- ssize_t num, available;
+ ossl_ssize_t num, available;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
- num = (ssize_t)num_;
+ num = (ossl_ssize_t)num_;
available = bio_nread0(bio, buf);
if (num > available)
@@ -428,7 +428,7 @@ static int bio_write(BIO *bio, const char *buf, int num_)
* (example usage: bio_nwrite0(), write to buffer, bio_nwrite()
* or just bio_nwrite(), write to buffer)
*/
-static ssize_t bio_nwrite0(BIO *bio, char **buf)
+static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
{
struct bio_bio_st *b;
size_t num;
@@ -476,15 +476,15 @@ static ssize_t bio_nwrite0(BIO *bio, char **buf)
return num;
}
-static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
+static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
{
struct bio_bio_st *b;
- ssize_t num, space;
+ ossl_ssize_t num, space;
if (num_ > SSIZE_MAX)
num = SSIZE_MAX;
else
- num = (ssize_t)num_;
+ num = (ossl_ssize_t)num_;
space = bio_nwrite0(bio, buf);
if (num > space)
diff --git a/deps/openssl/openssl/crypto/bio/bss_dgram.c b/deps/openssl/openssl/crypto/bio/bss_dgram.c
index 71ebe987b..899090997 100644
--- a/deps/openssl/openssl/crypto/bio/bss_dgram.c
+++ b/deps/openssl/openssl/crypto/bio/bss_dgram.c
@@ -70,10 +70,27 @@
#include <sys/timeb.h>
#endif
-#ifdef OPENSSL_SYS_LINUX
+#ifndef OPENSSL_NO_SCTP
+#include <netinet/sctp.h>
+#include <fcntl.h>
+#define OPENSSL_SCTP_DATA_CHUNK_TYPE 0x00
+#define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
+#endif
+
+#if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
#define IP_MTU 14 /* linux is lame */
#endif
+#if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
+/* Standard definition causes type-punning problems. */
+#undef IN6_IS_ADDR_V4MAPPED
+#define s6_addr32 __u6_addr.__u6_addr32
+#define IN6_IS_ADDR_V4MAPPED(a) \
+ (((a)->s6_addr32[0] == 0) && \
+ ((a)->s6_addr32[1] == 0) && \
+ ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+#endif
+
#ifdef WATT32
#define sock_write SockWrite /* Watt-32 uses same names */
#define sock_read SockRead
@@ -88,6 +105,18 @@ static int dgram_new(BIO *h);
static int dgram_free(BIO *data);
static int dgram_clear(BIO *bio);
+#ifndef OPENSSL_NO_SCTP
+static int dgram_sctp_write(BIO *h, const char *buf, int num);
+static int dgram_sctp_read(BIO *h, char *buf, int size);
+static int dgram_sctp_puts(BIO *h, const char *str);
+static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_sctp_new(BIO *h);
+static int dgram_sctp_free(BIO *data);
+#ifdef SCTP_AUTHENTICATION_EVENT
+static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp);
+#endif
+#endif
+
static int BIO_dgram_should_retry(int s);
static void get_current_time(struct timeval *t);
@@ -106,6 +135,22 @@ static BIO_METHOD methods_dgramp=
NULL,
};
+#ifndef OPENSSL_NO_SCTP
+static BIO_METHOD methods_dgramp_sctp=
+ {
+ BIO_TYPE_DGRAM_SCTP,
+ "datagram sctp socket",
+ dgram_sctp_write,
+ dgram_sctp_read,
+ dgram_sctp_puts,
+ NULL, /* dgram_gets, */
+ dgram_sctp_ctrl,
+ dgram_sctp_new,
+ dgram_sctp_free,
+ NULL,
+ };
+#endif
+
typedef struct bio_dgram_data_st
{
union {
@@ -122,6 +167,40 @@ typedef struct bio_dgram_data_st
struct timeval socket_timeout;
} bio_dgram_data;
+#ifndef OPENSSL_NO_SCTP
+typedef struct bio_dgram_sctp_save_message_st
+ {
+ BIO *bio;
+ char *data;
+ int length;
+ } bio_dgram_sctp_save_message;
+
+typedef struct bio_dgram_sctp_data_st
+ {
+ union {
+ struct sockaddr sa;
+ struct sockaddr_in sa_in;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_in6 sa_in6;
+#endif
+ } peer;
+ unsigned int connected;
+ unsigned int _errno;
+ unsigned int mtu;
+ struct bio_dgram_sctp_sndinfo sndinfo;
+ struct bio_dgram_sctp_rcvinfo rcvinfo;
+ struct bio_dgram_sctp_prinfo prinfo;
+ void (*handle_notifications)(BIO *bio, void *context, void *buf);
+ void* notification_context;
+ int in_handshake;
+ int ccs_rcvd;
+ int ccs_sent;
+ int save_shutdown;
+ int peer_auth_tested;
+ bio_dgram_sctp_save_message saved_message;
+ } bio_dgram_sctp_data;
+#endif
+
BIO_METHOD *BIO_s_datagram(void)
{
return(&methods_dgramp);
@@ -186,7 +265,7 @@ static void dgram_adjust_rcv_timeout(BIO *b)
{
#if defined(SO_RCVTIMEO)
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
- int sz = sizeof(int);
+ union { size_t s; int i; } sz = {0};
/* Is a timer active? */
if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
@@ -196,8 +275,10 @@ static void dgram_adjust_rcv_timeout(BIO *b)
/* Read current socket timeout */
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void*)&timeout, &sz) < 0)
+ (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); }
else
{
@@ -205,9 +286,12 @@ static void dgram_adjust_rcv_timeout(BIO *b)
data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
}
#else
+ sz.i = sizeof(data->socket_timeout);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
&(data->socket_timeout), (void *)&sz) < 0)
{ perror("getsockopt"); }
+ else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
+ OPENSSL_assert(sz.s<=sizeof(data->socket_timeout));
#endif
/* Get current time */
@@ -376,11 +460,10 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
int *ip;
struct sockaddr *to = NULL;
bio_dgram_data *data = NULL;
-#if defined(IP_MTU_DISCOVER) || defined(IP_MTU)
- long sockopt_val = 0;
- unsigned int sockopt_len = 0;
-#endif
-#ifdef OPENSSL_SYS_LINUX
+#if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
+ int sockopt_val = 0;
+ socklen_t sockopt_len; /* assume that system supporting IP_MTU is
+ * modern enough to define socklen_t */
socklen_t addr_len;
union {
struct sockaddr sa;
@@ -462,7 +545,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
/* (Linux)kernel sets DF bit on outgoing IP packets */
case BIO_CTRL_DGRAM_MTU_DISCOVER:
-#ifdef OPENSSL_SYS_LINUX
+#if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@@ -470,7 +553,6 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0;
break;
}
- sockopt_len = sizeof(sockopt_val);
switch (addr.sa.sa_family)
{
case AF_INET:
@@ -479,7 +561,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
&sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt");
break;
-#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER)
+#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
case AF_INET6:
sockopt_val = IPV6_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
@@ -496,7 +578,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
#endif
case BIO_CTRL_DGRAM_QUERY_MTU:
-#ifdef OPENSSL_SYS_LINUX
+#if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@@ -547,6 +629,27 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0;
#endif
break;
+ case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
+ switch (data->peer.sa.sa_family)
+ {
+ case AF_INET:
+ ret = 576 - 20 - 8;
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+#ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ ret = 576 - 20 - 8;
+ else
+#endif
+ ret = 1280 - 40 - 8;
+ break;
+#endif
+ default:
+ ret = 576 - 20 - 8;
+ break;
+ }
+ break;
case BIO_CTRL_DGRAM_GET_MTU:
return data->mtu;
break;
@@ -637,12 +740,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
break;
case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
-#ifdef OPENSSL_SYS_WINDOWS
{
- int timeout, sz = sizeof(timeout);
+ union { size_t s; int i; } sz = {0};
+#ifdef OPENSSL_SYS_WINDOWS
+ int timeout;
struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- (void*)&timeout, &sz) < 0)
+ (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; }
else
{
@@ -650,12 +756,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
- }
#else
+ sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- ptr, (void *)&ret) < 0)
+ ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; }
+ else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
+ {
+ OPENSSL_assert(sz.s<=sizeof(struct timeval));
+ ret = (int)sz.s;
+ }
+ else
+ ret = sz.i;
#endif
+ }
break;
#endif
#if defined(SO_SNDTIMEO)
@@ -675,12 +789,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif
break;
case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
-#ifdef OPENSSL_SYS_WINDOWS
{
- int timeout, sz = sizeof(timeout);
+ union { size_t s; int i; } sz = {0};
+#ifdef OPENSSL_SYS_WINDOWS
+ int timeout;
struct timeval *tv = (struct timeval *)ptr;
+
+ sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- (void*)&timeout, &sz) < 0)
+ (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; }
else
{
@@ -688,12 +805,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv);
}
- }
#else
+ sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- ptr, (void *)&ret) < 0)
+ ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; }
+ else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
+ {
+ OPENSSL_assert(sz.s<=sizeof(struct timeval));
+ ret = (int)sz.s;
+ }
+ else
+ ret = sz.i;
#endif
+ }
break;
#endif
case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
@@ -738,6 +863,910 @@ static int dgram_puts(BIO *bp, const char *str)
return(ret);
}
+#ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void)
+ {
+ return(&methods_dgramp_sctp);
+ }
+
+BIO *BIO_new_dgram_sctp(int fd, int close_flag)
+ {
+ BIO *bio;
+ int ret, optval = 20000;
+ int auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunk auth;
+ struct sctp_authchunks *authchunks;
+ socklen_t sockopt_len;
+#ifdef SCTP_AUTHENTICATION_EVENT
+#ifdef SCTP_EVENT
+ struct sctp_event event;
+#else
+ struct sctp_event_subscribe event;
+#endif
+#endif
+
+ bio=BIO_new(BIO_s_datagram_sctp());
+ if (bio == NULL) return(NULL);
+ BIO_set_fd(bio,fd,close_flag);
+
+ /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
+ auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
+ ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
+ OPENSSL_assert(ret >= 0);
+ auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
+ ret = setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth, sizeof(struct sctp_authchunk));
+ OPENSSL_assert(ret >= 0);
+
+ /* Test if activation was successful. When using accept(),
+ * SCTP-AUTH has to be activated for the listening socket
+ * already, otherwise the connected socket won't use it. */
+ sockopt_len = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(sockopt_len);
+ memset(authchunks, 0, sizeof(sockopt_len));
+ ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
+ OPENSSL_assert(ret >= 0);
+
+ for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+ p < (unsigned char*) authchunks + sockopt_len;
+ p += sizeof(uint8_t))
+ {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ OPENSSL_assert(auth_data);
+ OPENSSL_assert(auth_forward);
+
+#ifdef SCTP_AUTHENTICATION_EVENT
+#ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_AUTHENTICATION_EVENT;
+ event.se_on = 1;
+ ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
+ OPENSSL_assert(ret >= 0);
+#else
+ sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
+ OPENSSL_assert(ret >= 0);
+
+ event.sctp_authentication_event = 1;
+
+ ret = setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
+ OPENSSL_assert(ret >= 0);
+#endif
+#endif
+
+ /* Disable partial delivery by setting the min size
+ * larger than the max record size of 2^14 + 2048 + 13
+ */
+ ret = setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval, sizeof(optval));
+ OPENSSL_assert(ret >= 0);
+
+ return(bio);
+ }
+
+int BIO_dgram_is_sctp(BIO *bio)
+ {
+ return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
+ }
+
+static int dgram_sctp_new(BIO *bi)
+ {
+ bio_dgram_sctp_data *data = NULL;
+
+ bi->init=0;
+ bi->num=0;
+ data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
+ if (data == NULL)
+ return 0;
+ memset(data, 0x00, sizeof(bio_dgram_sctp_data));
+#ifdef SCTP_PR_SCTP_NONE
+ data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
+#endif
+ bi->ptr = data;
+
+ bi->flags=0;
+ return(1);
+ }
+
+static int dgram_sctp_free(BIO *a)
+ {
+ bio_dgram_sctp_data *data;
+
+ if (a == NULL) return(0);
+ if ( ! dgram_clear(a))
+ return 0;
+
+ data = (bio_dgram_sctp_data *)a->ptr;
+ if(data != NULL) OPENSSL_free(data);
+
+ return(1);
+ }
+
+#ifdef SCTP_AUTHENTICATION_EVENT
+void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
+ {
+ int ret;
+ struct sctp_authkey_event* authkeyevent = &snp->sn_auth_event;
+
+ if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY)
+ {
+ struct sctp_authkeyid authkeyid;
+
+ /* delete key */
+ authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ }
+ }
+#endif
+
+static int dgram_sctp_read(BIO *b, char *out, int outl)
+ {
+ int ret = 0, n = 0, i, optval;
+ socklen_t optlen;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
+ union sctp_notification *snp;
+ struct msghdr msg;
+ struct iovec iov;
+ struct cmsghdr *cmsg;
+ char cmsgbuf[512];
+
+ if (out != NULL)
+ {
+ clear_socket_error();
+
+ do
+ {
+ memset(&data->rcvinfo, 0x00, sizeof(struct bio_dgram_sctp_rcvinfo));
+ iov.iov_base = out;
+ iov.iov_len = outl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = cmsgbuf;
+ msg.msg_controllen = 512;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (msg.msg_controllen > 0)
+ {
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg))
+ {
+ if (cmsg->cmsg_level != IPPROTO_SCTP)
+ continue;
+#ifdef SCTP_RCVINFO
+ if (cmsg->cmsg_type == SCTP_RCVINFO)
+ {
+ struct sctp_rcvinfo *rcvinfo;
+
+ rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
+ data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
+ data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
+ data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
+ data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
+ data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
+ data->rcvinfo.rcv_context = rcvinfo->rcv_context;
+ }
+#endif
+#ifdef SCTP_SNDRCV
+ if (cmsg->cmsg_type == SCTP_SNDRCV)
+ {
+ struct sctp_sndrcvinfo *sndrcvinfo;
+
+ sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
+ data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
+ data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
+ data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
+ data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
+ data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
+ data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
+ }
+#endif
+ }
+ }
+
+ if (n <= 0)
+ {
+ if (n < 0)
+ ret = n;
+ break;
+ }
+
+ if (msg.msg_flags & MSG_NOTIFICATION)
+ {
+ snp = (union sctp_notification*) out;
+ if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT)
+ {
+#ifdef SCTP_EVENT
+ struct sctp_event event;
+#else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+#endif
+ /* If a message has been delayed until the socket
+ * is dry, it can be sent now.
+ */
+ if (data->saved_message.length > 0)
+ {
+ dgram_sctp_write(data->saved_message.bio, data->saved_message.data,
+ data->saved_message.length);
+ OPENSSL_free(data->saved_message.data);
+ data->saved_message.length = 0;
+ }
+
+ /* disable sender dry event */
+#ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
+ OPENSSL_assert(i >= 0);
+#else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+ OPENSSL_assert(i >= 0);
+
+ event.sctp_sender_dry_event = 0;
+
+ i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
+ OPENSSL_assert(i >= 0);
+#endif
+ }
+
+#ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, snp);
+#endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context, (void*) out);
+
+ memset(out, 0, outl);
+ }
+ else
+ ret += n;
+ }
+ while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR) && (ret < outl));
+
+ if (ret > 0 && !(msg.msg_flags & MSG_EOR))
+ {
+ /* Partial message read, this should never happen! */
+
+ /* The buffer was too small, this means the peer sent
+ * a message that was larger than allowed. */
+ if (ret == outl)
+ return -1;
+
+ /* Test if socket buffer can handle max record
+ * size (2^14 + 2048 + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
+ OPENSSL_assert(ret >= 0);
+ OPENSSL_assert(optval >= 18445);
+
+ /* Test if SCTP doesn't partially deliver below
+ * max record size (2^14 + 2048 + 13)
+ */
+ optlen = (socklen_t) sizeof(int);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
+ &optval, &optlen);
+ OPENSSL_assert(ret >= 0);
+ OPENSSL_assert(optval >= 18445);
+
+ /* Partially delivered notification??? Probably a bug.... */
+ OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
+
+ /* Everything seems ok till now, so it's most likely
+ * a message dropped by PR-SCTP.
+ */
+ memset(out, 0, outl);
+ BIO_set_retry_read(b);
+ return -1;
+ }
+
+ BIO_clear_retry_flags(b);
+ if (ret < 0)
+ {
+ if (BIO_dgram_should_retry(ret))
+ {
+ BIO_set_retry_read(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+
+ /* Test if peer uses SCTP-AUTH before continuing */
+ if (!data->peer_auth_tested)
+ {
+ int ii, auth_data = 0, auth_forward = 0;
+ unsigned char *p;
+ struct sctp_authchunks *authchunks;
+
+ optlen = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+ authchunks = OPENSSL_malloc(optlen);
+ memset(authchunks, 0, sizeof(optlen));
+ ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
+ OPENSSL_assert(ii >= 0);
+
+ for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+ p < (unsigned char*) authchunks + optlen;
+ p += sizeof(uint8_t))
+ {
+ if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE) auth_data = 1;
+ if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE) auth_forward = 1;
+ }
+
+ OPENSSL_free(authchunks);
+
+ if (!auth_data || !auth_forward)
+ {
+ BIOerr(BIO_F_DGRAM_SCTP_READ,BIO_R_CONNECT_ERROR);
+ return -1;
+ }
+
+ data->peer_auth_tested = 1;
+ }
+ }
+ return(ret);
+ }
+
+static int dgram_sctp_write(BIO *b, const char *in, int inl)
+ {
+ int ret;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
+ struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
+ struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
+ struct bio_dgram_sctp_sndinfo handshake_sinfo;
+ struct iovec iov[1];
+ struct msghdr msg;
+ struct cmsghdr *cmsg;
+#if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) + CMSG_SPACE(sizeof(struct sctp_prinfo))];
+ struct sctp_sndinfo *sndinfo;
+ struct sctp_prinfo *prinfo;
+#else
+ char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
+ struct sctp_sndrcvinfo *sndrcvinfo;
+#endif
+
+ clear_socket_error();
+
+ /* If we're send anything else than application data,
+ * disable all user parameters and flags.
+ */
+ if (in[0] != 23) {
+ memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
+#ifdef SCTP_SACK_IMMEDIATELY
+ handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
+#endif
+ sinfo = &handshake_sinfo;
+ }
+
+ /* If we have to send a shutdown alert message and the
+ * socket is not dry yet, we have to save it and send it
+ * as soon as the socket gets dry.
+ */
+ if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b))
+ {
+ data->saved_message.bio = b;
+ data->saved_message.length = inl;
+ data->saved_message.data = OPENSSL_malloc(inl);
+ memcpy(data->saved_message.data, in, inl);
+ return inl;
+ }
+
+ iov[0].iov_base = (char *)in;
+ iov[0].iov_len = inl;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = (caddr_t)cmsgbuf;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+#if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
+ sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
+ memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
+ sndinfo->snd_sid = sinfo->snd_sid;
+ sndinfo->snd_flags = sinfo->snd_flags;
+ sndinfo->snd_ppid = sinfo->snd_ppid;
+ sndinfo->snd_context = sinfo->snd_context;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
+
+ cmsg = (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_PRINFO;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
+ prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
+ memset(prinfo, 0, sizeof(struct sctp_prinfo));
+ prinfo->pr_policy = pinfo->pr_policy;
+ prinfo->pr_value = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
+#else
+ cmsg = (struct cmsghdr *)cmsgbuf;
+ cmsg->cmsg_level = IPPROTO_SCTP;
+ cmsg->cmsg_type = SCTP_SNDRCV;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+ memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
+ sndrcvinfo->sinfo_stream = sinfo->snd_sid;
+ sndrcvinfo->sinfo_flags = sinfo->snd_flags;
+#ifdef __FreeBSD__
+ sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
+#endif
+ sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
+ sndrcvinfo->sinfo_context = sinfo->snd_context;
+ sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
+ msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
+#endif
+
+ ret = sendmsg(b->num, &msg, 0);
+
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+ if (BIO_dgram_should_retry(ret))
+ {
+ BIO_set_retry_write(b);
+ data->_errno = get_last_socket_error();
+ }
+ }
+ return(ret);
+ }
+
+static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
+ {
+ long ret=1;
+ bio_dgram_sctp_data *data = NULL;
+ socklen_t sockopt_len = 0;
+ struct sctp_authkeyid authkeyid;
+ struct sctp_authkey *authkey;
+
+ data = (bio_dgram_sctp_data *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_DGRAM_QUERY_MTU:
+ /* Set to maximum (2^14)
+ * and ignore user input to enable transport
+ * protocol fragmentation.
+ * Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_MTU:
+ /* Set to maximum (2^14)
+ * and ignore input to enable transport
+ * protocol fragmentation.
+ * Returns always 2^14.
+ */
+ data->mtu = 16384;
+ ret = data->mtu;
+ break;
+ case BIO_CTRL_DGRAM_SET_CONNECTED:
+ case BIO_CTRL_DGRAM_CONNECT:
+ /* Returns always -1. */
+ ret = -1;
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ /* SCTP doesn't need the DTLS timer
+ * Returns always 1.
+ */
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+ if (num > 0)
+ data->in_handshake = 1;
+ else
+ data->in_handshake = 0;
+
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY, &data->in_handshake, sizeof(int));
+ break;
+ case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
+ /* New shared key for SCTP AUTH.
+ * Returns 0 on success, -1 otherwise.
+ */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
+ if (ret < 0) break;
+
+ /* Add new key */
+ sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
+ authkey = OPENSSL_malloc(sockopt_len);
+ memset(authkey, 0x00, sockopt_len);
+ authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
+#ifndef __FreeBSD__
+ /* This field is missing in FreeBSD 8.2 and earlier,
+ * and FreeBSD 8.3 and higher work without it.
+ */
+ authkey->sca_keylength = 64;
+#endif
+ memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
+
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len);
+ if (ret < 0) break;
+
+ /* Reset active key */
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0) break;
+
+ break;
+ case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
+ if (ret < 0) break;
+
+ /* Set active key */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0) break;
+
+ /* CCS has been sent, so remember that and fall through
+ * to check if we need to deactivate an old key
+ */
+ data->ccs_sent = 1;
+
+ case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
+ /* Returns 0 on success, -1 otherwise. */
+
+ /* Has this command really been called or is this just a fall-through? */
+ if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
+ data->ccs_rcvd = 1;
+
+ /* CSS has been both, received and sent, so deactivate an old key */
+ if (data->ccs_rcvd == 1 && data->ccs_sent == 1)
+ {
+ /* Get active key */
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid, &sockopt_len);
+ if (ret < 0) break;
+
+ /* Deactivate key or delete second last key if
+ * SCTP_AUTHENTICATION_EVENT is not available.
+ */
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+#ifdef SCTP_AUTH_DEACTIVATE_KEY
+ sockopt_len = sizeof(struct sctp_authkeyid);
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
+ &authkeyid, sockopt_len);
+ if (ret < 0) break;
+#endif
+#ifndef SCTP_AUTHENTICATION_EVENT
+ if (authkeyid.scact_keynumber > 0)
+ {
+ authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+ &authkeyid, sizeof(struct sctp_authkeyid));
+ if (ret < 0) break;
+ }
+#endif
+
+ data->ccs_rcvd = 0;
+ data->ccs_sent = 0;
+ }
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(ptr, &(data->sndinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_sndinfo))
+ num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+ memcpy(&(data->sndinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(ptr, &data->rcvinfo, num);
+
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_rcvinfo))
+ num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+ memcpy(&(data->rcvinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(ptr, &(data->prinfo), num);
+ ret = num;
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
+ /* Returns the size of the copied struct. */
+ if (num > (long) sizeof(struct bio_dgram_sctp_prinfo))
+ num = sizeof(struct bio_dgram_sctp_prinfo);
+
+ memcpy(&(data->prinfo), ptr, num);
+ break;
+ case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
+ /* Returns always 1. */
+ if (num > 0)
+ data->save_shutdown = 1;
+ else
+ data->save_shutdown = 0;
+ break;
+
+ default:
+ /* Pass to default ctrl function to
+ * process SCTP unspecific commands
+ */
+ ret=dgram_ctrl(b, cmd, num, ptr);
+ break;
+ }
+ return(ret);
+ }
+
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications)(BIO *bio, void *context, void *buf),
+ void *context)
+ {
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+ if (handle_notifications != NULL)
+ {
+ data->handle_notifications = handle_notifications;
+ data->notification_context = context;
+ }
+ else
+ return -1;
+
+ return 0;
+ }
+
+int BIO_dgram_sctp_wait_for_dry(BIO *b)
+{
+ int is_dry = 0;
+ int n, sockflags, ret;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+#ifdef SCTP_EVENT
+ struct sctp_event event;
+#else
+ struct sctp_event_subscribe event;
+ socklen_t eventsize;
+#endif
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
+
+ /* set sender dry event */
+#ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 1;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
+#else
+ eventsize = sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 1;
+
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
+#endif
+ if (ret < 0)
+ return -1;
+
+ /* peek for notification */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ if (n <= 0)
+ {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return 0;
+ }
+
+ /* if we find a notification, process it and try again if necessary */
+ while (msg.msg_flags & MSG_NOTIFICATION)
+ {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ n = recvmsg(b->num, &msg, 0);
+ if (n <= 0)
+ {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+
+ if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT)
+ {
+ is_dry = 1;
+
+ /* disable sender dry event */
+#ifdef SCTP_EVENT
+ memset(&event, 0, sizeof(struct sctp_event));
+ event.se_assoc_id = 0;
+ event.se_type = SCTP_SENDER_DRY_EVENT;
+ event.se_on = 0;
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event, sizeof(struct sctp_event));
+#else
+ eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
+ ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+ if (ret < 0)
+ return -1;
+
+ event.sctp_sender_dry_event = 0;
+
+ ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, sizeof(struct sctp_event_subscribe));
+#endif
+ if (ret < 0)
+ return -1;
+ }
+
+#ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+#endif
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context, (void*) &snp);
+
+ /* found notification, peek again */
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ /* if we have seen the dry already, don't wait */
+ if (is_dry)
+ {
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ }
+
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+
+ if (is_dry)
+ {
+ fcntl(b->num, F_SETFL, sockflags);
+ }
+
+ if (n <= 0)
+ {
+ if ((n < 0) && (get_last_socket_error() != EAGAIN) && (get_last_socket_error() != EWOULDBLOCK))
+ return -1;
+ else
+ return is_dry;
+ }
+ }
+
+ /* read anything else */
+ return is_dry;
+}
+
+int BIO_dgram_sctp_msg_waiting(BIO *b)
+ {
+ int n, sockflags;
+ union sctp_notification snp;
+ struct msghdr msg;
+ struct iovec iov;
+ bio_dgram_sctp_data *data = (bio_dgram_sctp_data *)b->ptr;
+
+ /* Check if there are any messages waiting to be read */
+ do
+ {
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+
+ sockflags = fcntl(b->num, F_GETFL, 0);
+ fcntl(b->num, F_SETFL, O_NONBLOCK);
+ n = recvmsg(b->num, &msg, MSG_PEEK);
+ fcntl(b->num, F_SETFL, sockflags);
+
+ /* if notification, process and try again */
+ if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION))
+ {
+#ifdef SCTP_AUTHENTICATION_EVENT
+ if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+ dgram_sctp_handle_auth_free_key_event(b, &snp);
+#endif
+
+ memset(&snp, 0x00, sizeof(union sctp_notification));
+ iov.iov_base = (char *)&snp;
+ iov.iov_len = sizeof(union sctp_notification);
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+ n = recvmsg(b->num, &msg, 0);
+
+ if (data->handle_notifications != NULL)
+ data->handle_notifications(b, data->notification_context, (void*) &snp);
+ }
+
+ } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
+
+ /* Return 1 if there is a message to be read, return 0 otherwise. */
+ if (n > 0)
+ return 1;
+ else
+ return 0;
+ }
+
+static int dgram_sctp_puts(BIO *bp, const char *str)
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=dgram_sctp_write(bp,str,n);
+ return(ret);
+ }
+#endif
+
static int BIO_dgram_should_retry(int i)
{
int err;
diff --git a/deps/openssl/openssl/crypto/bn/Makefile b/deps/openssl/openssl/crypto/bn/Makefile
index aabc4f56b..672773454 100644
--- a/deps/openssl/openssl/crypto/bn/Makefile
+++ b/deps/openssl/openssl/crypto/bn/Makefile
@@ -26,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
- bn_depr.c bn_const.c
+ bn_depr.c bn_const.c bn_x931p.c
LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
- bn_depr.o bn_const.o
+ bn_depr.o bn_const.o bn_x931p.o
SRC= $(LIBSRC)
@@ -66,6 +66,8 @@ co-586.s: asm/co-586.pl ../perlasm/x86asm.pl
$(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
x86-mont.s: asm/x86-mont.pl ../perlasm/x86asm.pl
$(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s: asm/x86-gf2m.pl ../perlasm/x86asm.pl
+ $(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
sparcv8.o: asm/sparcv8.S
$(CC) $(CFLAGS) -c asm/sparcv8.S
@@ -82,16 +84,31 @@ bn-mips3.o: asm/mips3.s
as -$$ABI -O -o $@ asm/mips3.s; \
else $(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+bn-mips.s: asm/mips.pl
+ $(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s: asm/mips-mont.pl
+ $(PERL) asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
bn-s390x.o: asm/s390x.S
$(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s: asm/s390x-gf2m.pl
+ $(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
x86_64-gcc.o: asm/x86_64-gcc.c
$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
x86_64-mont.s: asm/x86_64-mont.pl
$(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s: asm/x86_64-mont5.pl
+ $(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s: asm/x86_64-gf2m.pl
+ $(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s: asm/modexp512-x86_64.pl
+ $(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
bn-ia64.s: asm/ia64.S
$(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s: asm/ia64-mont.pl
+ $(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
# GNU assembler fails to compile PA-RISC2 modules, insist on calling
# vendor assembler...
@@ -99,16 +116,22 @@ pa-risc2W.o: asm/pa-risc2W.s
/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
pa-risc2.o: asm/pa-risc2.s
/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s: asm/parisc-mont.pl
+ $(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
# ppc - AIX, Linux, MacOS X...
bn-ppc.s: asm/ppc.pl; $(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
alpha-mont.s: asm/alpha-mont.pl
$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
# GNU make "catch all"
-%-mont.s: asm/%-mont.pl; $(PERL) $< $(CFLAGS) > $@
+%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S: asm/%-gf2m.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-gf2m.o: armv4-gf2m.S
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -345,3 +368,8 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
diff --git a/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl b/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
index 14e0d2d1d..f78a8b5f0 100644
--- a/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/armv4-mont.pl
@@ -23,6 +23,9 @@
# than 1/2KB. Windows CE port would be trivial, as it's exclusively
# about decorations, ABI and instruction syntax are identical.
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
$num="r0"; # starts as num argument, but holds &tp[num-1]
$ap="r1";
$bp="r2"; $bi="r2"; $rp="r2";
@@ -89,9 +92,9 @@ bn_mul_mont:
.L1st:
ldr $aj,[$ap],#4 @ ap[j],ap++
mov $alo,$ahi
+ ldr $nj,[$np],#4 @ np[j],np++
mov $ahi,#0
umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[0]
- ldr $nj,[$np],#4 @ np[j],np++
mov $nhi,#0
umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0
adds $nlo,$nlo,$alo
@@ -101,21 +104,21 @@ bn_mul_mont:
bne .L1st
adds $nlo,$nlo,$ahi
+ ldr $tp,[$_bp] @ restore bp
mov $nhi,#0
+ ldr $n0,[$_n0] @ restore n0
adc $nhi,$nhi,#0
- ldr $tp,[$_bp] @ restore bp
str $nlo,[$num] @ tp[num-1]=
- ldr $n0,[$_n0] @ restore n0
str $nhi,[$num,#4] @ tp[num]=
.Louter:
sub $tj,$num,sp @ "original" $num-1 value
sub $ap,$ap,$tj @ "rewind" ap to &ap[1]
- sub $np,$np,$tj @ "rewind" np to &np[1]
ldr $bi,[$tp,#4]! @ *(++bp)
+ sub $np,$np,$tj @ "rewind" np to &np[1]
ldr $aj,[$ap,#-4] @ ap[0]
- ldr $nj,[$np,#-4] @ np[0]
ldr $alo,[sp] @ tp[0]
+ ldr $nj,[$np,#-4] @ np[0]
ldr $tj,[sp,#4] @ tp[1]
mov $ahi,#0
@@ -129,13 +132,13 @@ bn_mul_mont:
.Linner:
ldr $aj,[$ap],#4 @ ap[j],ap++
adds $alo,$ahi,$tj @ +=tp[j]
+ ldr $nj,[$np],#4 @ np[j],np++
mov $ahi,#0
umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[i]
- ldr $nj,[$np],#4 @ np[j],np++
mov $nhi,#0
umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0
- ldr $tj,[$tp,#8] @ tp[j+1]
adc $ahi,$ahi,#0
+ ldr $tj,[$tp,#8] @ tp[j+1]
adds $nlo,$nlo,$alo
str $nlo,[$tp],#4 @ tp[j-1]=,tp++
adc $nlo,$nhi,#0
@@ -144,13 +147,13 @@ bn_mul_mont:
adds $nlo,$nlo,$ahi
mov $nhi,#0
+ ldr $tp,[$_bp] @ restore bp
adc $nhi,$nhi,#0
+ ldr $n0,[$_n0] @ restore n0
adds $nlo,$nlo,$tj
- adc $nhi,$nhi,#0
- ldr $tp,[$_bp] @ restore bp
ldr $tj,[$_bpend] @ restore &bp[num]
+ adc $nhi,$nhi,#0
str $nlo,[$num] @ tp[num-1]=
- ldr $n0,[$_n0] @ restore n0
str $nhi,[$num,#4] @ tp[num]=
cmp $tp,$tj
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl b/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
index 7849eae95..f9b6992cc 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
@@ -31,7 +31,6 @@ if ($flavour =~ /32/) {
$BNSZ= $BITS/8;
$SIZE_T=4;
$RZONE= 224;
- $FRAME= $SIZE_T*16;
$LD= "lwz"; # load
$LDU= "lwzu"; # load and update
@@ -51,7 +50,6 @@ if ($flavour =~ /32/) {
$BNSZ= $BITS/8;
$SIZE_T=8;
$RZONE= 288;
- $FRAME= $SIZE_T*16;
# same as above, but 64-bit mnemonics...
$LD= "ld"; # load
@@ -69,6 +67,9 @@ if ($flavour =~ /32/) {
$POP= $LD;
} else { die "nonsense $flavour"; }
+$FRAME=8*$SIZE_T+$RZONE;
+$LOCALS=8*$SIZE_T;
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
@@ -89,18 +90,18 @@ $aj="r10";
$nj="r11";
$tj="r12";
# non-volatile registers
-$i="r14";
-$j="r15";
-$tp="r16";
-$m0="r17";
-$m1="r18";
-$lo0="r19";
-$hi0="r20";
-$lo1="r21";
-$hi1="r22";
-$alo="r23";
-$ahi="r24";
-$nlo="r25";
+$i="r20";
+$j="r21";
+$tp="r22";
+$m0="r23";
+$m1="r24";
+$lo0="r25";
+$hi0="r26";
+$lo1="r27";
+$hi1="r28";
+$alo="r29";
+$ahi="r30";
+$nlo="r31";
#
$nhi="r0";
@@ -108,42 +109,48 @@ $code=<<___;
.machine "any"
.text
-.globl .bn_mul_mont
+.globl .bn_mul_mont_int
.align 4
-.bn_mul_mont:
+.bn_mul_mont_int:
cmpwi $num,4
mr $rp,r3 ; $rp is reassigned
li r3,0
bltlr
-
+___
+$code.=<<___ if ($BNSZ==4);
+ cmpwi $num,32 ; longer key performance is not better
+ bgelr
+___
+$code.=<<___;
slwi $num,$num,`log($BNSZ)/log(2)`
li $tj,-4096
- addi $ovf,$num,`$FRAME+$RZONE`
+ addi $ovf,$num,$FRAME
subf $ovf,$ovf,$sp ; $sp-$ovf
and $ovf,$ovf,$tj ; minimize TLB usage
subf $ovf,$sp,$ovf ; $ovf-$sp
+ mr $tj,$sp
srwi $num,$num,`log($BNSZ)/log(2)`
$STUX $sp,$sp,$ovf
- $PUSH r14,`4*$SIZE_T`($sp)
- $PUSH r15,`5*$SIZE_T`($sp)
- $PUSH r16,`6*$SIZE_T`($sp)
- $PUSH r17,`7*$SIZE_T`($sp)
- $PUSH r18,`8*$SIZE_T`($sp)
- $PUSH r19,`9*$SIZE_T`($sp)
- $PUSH r20,`10*$SIZE_T`($sp)
- $PUSH r21,`11*$SIZE_T`($sp)
- $PUSH r22,`12*$SIZE_T`($sp)
- $PUSH r23,`13*$SIZE_T`($sp)
- $PUSH r24,`14*$SIZE_T`($sp)
- $PUSH r25,`15*$SIZE_T`($sp)
+ $PUSH r20,`-12*$SIZE_T`($tj)
+ $PUSH r21,`-11*$SIZE_T`($tj)
+ $PUSH r22,`-10*$SIZE_T`($tj)
+ $PUSH r23,`-9*$SIZE_T`($tj)
+ $PUSH r24,`-8*$SIZE_T`($tj)
+ $PUSH r25,`-7*$SIZE_T`($tj)
+ $PUSH r26,`-6*$SIZE_T`($tj)
+ $PUSH r27,`-5*$SIZE_T`($tj)
+ $PUSH r28,`-4*$SIZE_T`($tj)
+ $PUSH r29,`-3*$SIZE_T`($tj)
+ $PUSH r30,`-2*$SIZE_T`($tj)
+ $PUSH r31,`-1*$SIZE_T`($tj)
$LD $n0,0($n0) ; pull n0[0] value
addi $num,$num,-2 ; adjust $num for counter register
$LD $m0,0($bp) ; m0=bp[0]
$LD $aj,0($ap) ; ap[0]
- addi $tp,$sp,$FRAME
+ addi $tp,$sp,$LOCALS
$UMULL $lo0,$aj,$m0 ; ap[0]*bp[0]
$UMULH $hi0,$aj,$m0
@@ -205,8 +212,8 @@ L1st:
Louter:
$LDX $m0,$bp,$i ; m0=bp[i]
$LD $aj,0($ap) ; ap[0]
- addi $tp,$sp,$FRAME
- $LD $tj,$FRAME($sp) ; tp[0]
+ addi $tp,$sp,$LOCALS
+ $LD $tj,$LOCALS($sp); tp[0]
$UMULL $lo0,$aj,$m0 ; ap[0]*bp[i]
$UMULH $hi0,$aj,$m0
$LD $aj,$BNSZ($ap) ; ap[1]
@@ -273,7 +280,7 @@ Linner:
addi $num,$num,2 ; restore $num
subfc $j,$j,$j ; j=0 and "clear" XER[CA]
- addi $tp,$sp,$FRAME
+ addi $tp,$sp,$LOCALS
mtctr $num
.align 4
@@ -299,23 +306,27 @@ Lcopy: ; copy or in-place refresh
addi $j,$j,$BNSZ
bdnz- Lcopy
- $POP r14,`4*$SIZE_T`($sp)
- $POP r15,`5*$SIZE_T`($sp)
- $POP r16,`6*$SIZE_T`($sp)
- $POP r17,`7*$SIZE_T`($sp)
- $POP r18,`8*$SIZE_T`($sp)
- $POP r19,`9*$SIZE_T`($sp)
- $POP r20,`10*$SIZE_T`($sp)
- $POP r21,`11*$SIZE_T`($sp)
- $POP r22,`12*$SIZE_T`($sp)
- $POP r23,`13*$SIZE_T`($sp)
- $POP r24,`14*$SIZE_T`($sp)
- $POP r25,`15*$SIZE_T`($sp)
- $POP $sp,0($sp)
+ $POP $tj,0($sp)
li r3,1
+ $POP r20,`-12*$SIZE_T`($tj)
+ $POP r21,`-11*$SIZE_T`($tj)
+ $POP r22,`-10*$SIZE_T`($tj)
+ $POP r23,`-9*$SIZE_T`($tj)
+ $POP r24,`-8*$SIZE_T`($tj)
+ $POP r25,`-7*$SIZE_T`($tj)
+ $POP r26,`-6*$SIZE_T`($tj)
+ $POP r27,`-5*$SIZE_T`($tj)
+ $POP r28,`-4*$SIZE_T`($tj)
+ $POP r29,`-3*$SIZE_T`($tj)
+ $POP r30,`-2*$SIZE_T`($tj)
+ $POP r31,`-1*$SIZE_T`($tj)
+ mr $sp,$tj
blr
.long 0
-.asciz "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+ .byte 0,12,4,0,0x80,12,6,0
+ .long 0
+
+.asciz "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@openssl.org>"
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc.pl b/deps/openssl/openssl/crypto/bn/asm/ppc.pl
index f4093177e..1249ce229 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc.pl
@@ -389,7 +389,9 @@ $data=<<EOF;
$ST r9,`6*$BNSZ`(r3) #r[6]=c1
$ST r10,`7*$BNSZ`(r3) #r[7]=c2
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -814,8 +816,9 @@ $data=<<EOF;
blr
-
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -966,7 +969,9 @@ $data=<<EOF;
$ST r10,`6*$BNSZ`(r3) #r[6]=c1
$ST r11,`7*$BNSZ`(r3) #r[7]=c2
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1502,7 +1507,9 @@ $data=<<EOF;
$ST r12,`14*$BNSZ`(r3) #r[14]=c3;
$ST r10,`15*$BNSZ`(r3) #r[15]=c1;
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1550,8 +1557,9 @@ Lppcasm_sub_adios:
subfze r3,r0 # if carry bit is set then r3 = 0 else -1
andi. r3,r3,1 # keep only last bit.
blr
- .long 0x00000000
-
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1594,7 +1602,9 @@ Lppcasm_add_mainloop:
Lppcasm_add_adios:
addze r3,r0 #return carry bit.
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1707,7 +1717,9 @@ Lppcasm_div8:
Lppcasm_div9:
or r3,r8,r0
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1746,8 +1758,9 @@ Lppcasm_sqr_mainloop:
bdnz- Lppcasm_sqr_mainloop
Lppcasm_sqr_adios:
blr
- .long 0x00000000
-
+ .long 0
+ .byte 0,12,0x14,0,0,0,3,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1850,7 +1863,9 @@ Lppcasm_mw_REM:
Lppcasm_mw_OVER:
addi r3,r12,0
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
#
# NOTE: The following label name should be changed to
@@ -1973,7 +1988,9 @@ Lppcasm_maw_leftover:
Lppcasm_maw_adios:
addi r3,r12,0
blr
- .long 0x00000000
+ .long 0
+ .byte 0,12,0x14,0,0,0,4,0
+ .long 0
.align 4
EOF
$data =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
index 3449b3585..a14e769ad 100644
--- a/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
@@ -45,23 +45,40 @@
# on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive
# in absolute terms, but it's apparently the way Power 6 is...
+# December 2009
+
+# Adapted for 32-bit build this module delivers 25-120%, yes, more
+# than *twice* for longer keys, performance improvement over 32-bit
+# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes
+# even 64-bit integer operations and the trouble is that most PPC
+# operating systems don't preserve upper halves of general purpose
+# registers upon 32-bit signal delivery. They do preserve them upon
+# context switch, but not signalling:-( This means that asynchronous
+# signals have to be blocked upon entry to this subroutine. Signal
+# masking (and of course complementary unmasking) has quite an impact
+# on performance, naturally larger for shorter keys. It's so severe
+# that 512-bit key performance can be as low as 1/3 of expected one.
+# This is why this routine can be engaged for longer key operations
+# only on these OSes, see crypto/ppccap.c for further details. MacOS X
+# is an exception from this and doesn't require signal masking, and
+# that's where above improvement coefficients were collected. For
+# others alternative would be to break dependence on upper halves of
+# GPRs by sticking to 32-bit integer operations...
+
$flavour = shift;
if ($flavour =~ /32/) {
$SIZE_T=4;
$RZONE= 224;
- $FRAME= $SIZE_T*12+8*12;
- $fname= "bn_mul_mont_ppc64";
+ $fname= "bn_mul_mont_fpu64";
$STUX= "stwux"; # store indexed and update
$PUSH= "stw";
$POP= "lwz";
- die "not implemented yet";
} elsif ($flavour =~ /64/) {
$SIZE_T=8;
$RZONE= 288;
- $FRAME= $SIZE_T*12+8*12;
- $fname= "bn_mul_mont";
+ $fname= "bn_mul_mont_fpu64";
# same as above, but 64-bit mnemonics...
$STUX= "stdux"; # store indexed and update
@@ -76,7 +93,7 @@ die "can't locate ppc-xlate.pl";
open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-$FRAME=($FRAME+63)&~63;
+$FRAME=64; # padded frame header
$TRANSFER=16*8;
$carry="r0";
@@ -93,16 +110,16 @@ $tp="r10";
$j="r11";
$i="r12";
# non-volatile registers
-$nap_d="r14"; # interleaved ap and np in double format
-$a0="r15"; # ap[0]
-$t0="r16"; # temporary registers
-$t1="r17";
-$t2="r18";
-$t3="r19";
-$t4="r20";
-$t5="r21";
-$t6="r22";
-$t7="r23";
+$nap_d="r22"; # interleaved ap and np in double format
+$a0="r23"; # ap[0]
+$t0="r24"; # temporary registers
+$t1="r25";
+$t2="r26";
+$t3="r27";
+$t4="r28";
+$t5="r29";
+$t6="r30";
+$t7="r31";
# PPC offers enough register bank capacity to unroll inner loops twice
#
@@ -132,28 +149,17 @@ $ba="f0"; $bb="f1"; $bc="f2"; $bd="f3";
$na="f4"; $nb="f5"; $nc="f6"; $nd="f7";
$dota="f8"; $dotb="f9";
$A0="f10"; $A1="f11"; $A2="f12"; $A3="f13";
-$N0="f14"; $N1="f15"; $N2="f16"; $N3="f17";
-$T0a="f18"; $T0b="f19";
-$T1a="f20"; $T1b="f21";
-$T2a="f22"; $T2b="f23";
-$T3a="f24"; $T3b="f25";
+$N0="f20"; $N1="f21"; $N2="f22"; $N3="f23";
+$T0a="f24"; $T0b="f25";
+$T1a="f26"; $T1b="f27";
+$T2a="f28"; $T2b="f29";
+$T3a="f30"; $T3b="f31";
# sp----------->+-------------------------------+
# | saved sp |
# +-------------------------------+
-# | |
-# +-------------------------------+
-# | 10 saved gpr, r14-r23 |
-# . .
-# . .
-# +12*size_t +-------------------------------+
-# | 12 saved fpr, f14-f25 |
# . .
-# . .
-# +12*8 +-------------------------------+
-# | padding to 64 byte boundary |
-# . .
-# +X +-------------------------------+
+# +64 +-------------------------------+
# | 16 gpr<->fpr transfer zone |
# . .
# . .
@@ -173,6 +179,16 @@ $T3a="f24"; $T3b="f25";
# . .
# . .
# +-------------------------------+
+# . .
+# -12*size_t +-------------------------------+
+# | 10 saved gpr, r22-r31 |
+# . .
+# . .
+# -12*8 +-------------------------------+
+# | 12 saved fpr, f20-f31 |
+# . .
+# . .
+# +-------------------------------+
$code=<<___;
.machine "any"
@@ -181,14 +197,14 @@ $code=<<___;
.globl .$fname
.align 5
.$fname:
- cmpwi $num,4
+ cmpwi $num,`3*8/$SIZE_T`
mr $rp,r3 ; $rp is reassigned
li r3,0 ; possible "not handled" return code
bltlr-
- andi. r0,$num,1 ; $num has to be even
+ andi. r0,$num,`16/$SIZE_T-1` ; $num has to be "even"
bnelr-
- slwi $num,$num,3 ; num*=8
+ slwi $num,$num,`log($SIZE_T)/log(2)` ; num*=sizeof(BN_LONG)
li $i,-4096
slwi $tp,$num,2 ; place for {an}p_{lh}[num], i.e. 4*num
add $tp,$tp,$num ; place for tp[num+1]
@@ -196,35 +212,50 @@ $code=<<___;
subf $tp,$tp,$sp ; $sp-$tp
and $tp,$tp,$i ; minimize TLB usage
subf $tp,$sp,$tp ; $tp-$sp
+ mr $i,$sp
$STUX $sp,$sp,$tp ; alloca
- $PUSH r14,`2*$SIZE_T`($sp)
- $PUSH r15,`3*$SIZE_T`($sp)
- $PUSH r16,`4*$SIZE_T`($sp)
- $PUSH r17,`5*$SIZE_T`($sp)
- $PUSH r18,`6*$SIZE_T`($sp)
- $PUSH r19,`7*$SIZE_T`($sp)
- $PUSH r20,`8*$SIZE_T`($sp)
- $PUSH r21,`9*$SIZE_T`($sp)
- $PUSH r22,`10*$SIZE_T`($sp)
- $PUSH r23,`11*$SIZE_T`($sp)
- stfd f14,`12*$SIZE_T+0`($sp)
- stfd f15,`12*$SIZE_T+8`($sp)
- stfd f16,`12*$SIZE_T+16`($sp)
- stfd f17,`12*$SIZE_T+24`($sp)
- stfd f18,`12*$SIZE_T+32`($sp)
- stfd f19,`12*$SIZE_T+40`($sp)
- stfd f20,`12*$SIZE_T+48`($sp)
- stfd f21,`12*$SIZE_T+56`($sp)
- stfd f22,`12*$SIZE_T+64`($sp)
- stfd f23,`12*$SIZE_T+72`($sp)
- stfd f24,`12*$SIZE_T+80`($sp)
- stfd f25,`12*$SIZE_T+88`($sp)
-
+ $PUSH r22,`-12*8-10*$SIZE_T`($i)
+ $PUSH r23,`-12*8-9*$SIZE_T`($i)
+ $PUSH r24,`-12*8-8*$SIZE_T`($i)
+ $PUSH r25,`-12*8-7*$SIZE_T`($i)
+ $PUSH r26,`-12*8-6*$SIZE_T`($i)
+ $PUSH r27,`-12*8-5*$SIZE_T`($i)
+ $PUSH r28,`-12*8-4*$SIZE_T`($i)
+ $PUSH r29,`-12*8-3*$SIZE_T`($i)
+ $PUSH r30,`-12*8-2*$SIZE_T`($i)
+ $PUSH r31,`-12*8-1*$SIZE_T`($i)
+ stfd f20,`-12*8`($i)
+ stfd f21,`-11*8`($i)
+ stfd f22,`-10*8`($i)
+ stfd f23,`-9*8`($i)
+ stfd f24,`-8*8`($i)
+ stfd f25,`-7*8`($i)
+ stfd f26,`-6*8`($i)
+ stfd f27,`-5*8`($i)
+ stfd f28,`-4*8`($i)
+ stfd f29,`-3*8`($i)
+ stfd f30,`-2*8`($i)
+ stfd f31,`-1*8`($i)
+___
+$code.=<<___ if ($SIZE_T==8);
ld $a0,0($ap) ; pull ap[0] value
ld $n0,0($n0) ; pull n0[0] value
ld $t3,0($bp) ; bp[0]
-
+___
+$code.=<<___ if ($SIZE_T==4);
+ mr $t1,$n0
+ lwz $a0,0($ap) ; pull ap[0,1] value
+ lwz $t0,4($ap)
+ lwz $n0,0($t1) ; pull n0[0,1] value
+ lwz $t1,4($t1)
+ lwz $t3,0($bp) ; bp[0,1]
+ lwz $t2,4($bp)
+ insrdi $a0,$t0,32,0
+ insrdi $n0,$t1,32,0
+ insrdi $t3,$t2,32,0
+___
+$code.=<<___;
addi $tp,$sp,`$FRAME+$TRANSFER+8+64`
li $i,-64
add $nap_d,$tp,$num
@@ -258,6 +289,8 @@ $code=<<___;
std $t5,`$FRAME+40`($sp)
std $t6,`$FRAME+48`($sp)
std $t7,`$FRAME+56`($sp)
+___
+$code.=<<___ if ($SIZE_T==8);
lwz $t0,4($ap) ; load a[j] as 32-bit word pair
lwz $t1,0($ap)
lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair
@@ -266,6 +299,18 @@ $code=<<___;
lwz $t5,0($np)
lwz $t6,12($np) ; load n[j+1] as 32-bit word pair
lwz $t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+ lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs
+ lwz $t1,4($ap)
+ lwz $t2,8($ap)
+ lwz $t3,12($ap)
+ lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs
+ lwz $t5,4($np)
+ lwz $t6,8($np)
+ lwz $t7,12($np)
+___
+$code.=<<___;
lfd $ba,`$FRAME+0`($sp)
lfd $bb,`$FRAME+8`($sp)
lfd $bc,`$FRAME+16`($sp)
@@ -374,6 +419,8 @@ $code=<<___;
.align 5
L1st:
+___
+$code.=<<___ if ($SIZE_T==8);
lwz $t0,4($ap) ; load a[j] as 32-bit word pair
lwz $t1,0($ap)
lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair
@@ -382,6 +429,18 @@ L1st:
lwz $t5,0($np)
lwz $t6,12($np) ; load n[j+1] as 32-bit word pair
lwz $t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+ lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs
+ lwz $t1,4($ap)
+ lwz $t2,8($ap)
+ lwz $t3,12($ap)
+ lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs
+ lwz $t5,4($np)
+ lwz $t6,8($np)
+ lwz $t7,12($np)
+___
+$code.=<<___;
std $t0,`$FRAME+64`($sp)
std $t1,`$FRAME+72`($sp)
std $t2,`$FRAME+80`($sp)
@@ -559,7 +618,17 @@ L1st:
li $i,8 ; i=1
.align 5
Louter:
+___
+$code.=<<___ if ($SIZE_T==8);
ldx $t3,$bp,$i ; bp[i]
+___
+$code.=<<___ if ($SIZE_T==4);
+ add $t0,$bp,$i
+ lwz $t3,0($t0) ; bp[i,i+1]
+ lwz $t0,4($t0)
+ insrdi $t3,$t0,32,0
+___
+$code.=<<___;
ld $t6,`$FRAME+$TRANSFER+8`($sp) ; tp[0]
mulld $t7,$a0,$t3 ; ap[0]*bp[i]
@@ -761,6 +830,13 @@ Linner:
stfd $T0b,`$FRAME+8`($sp)
add $t7,$t7,$carry
addc $t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t0,$t0,32,0
+ extrdi $t1,$t1,32,0
+ adde $t0,$t0,$t1
+___
+$code.=<<___;
stfd $T1a,`$FRAME+16`($sp)
stfd $T1b,`$FRAME+24`($sp)
insrdi $t4,$t7,16,0 ; 64..127 bits
@@ -768,6 +844,13 @@ Linner:
stfd $T2a,`$FRAME+32`($sp)
stfd $T2b,`$FRAME+40`($sp)
adde $t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t4,$t4,32,0
+ extrdi $t2,$t2,32,0
+ adde $t4,$t4,$t2
+___
+$code.=<<___;
stfd $T3a,`$FRAME+48`($sp)
stfd $T3b,`$FRAME+56`($sp)
addze $carry,$carry
@@ -816,7 +899,21 @@ Linner:
ld $t7,`$FRAME+72`($sp)
addc $t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t0,$t0,32,0
+ extrdi $t1,$t1,32,0
+ adde $t0,$t0,$t1
+___
+$code.=<<___;
adde $t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4); # adjust XER[CA]
+ extrdi $t4,$t4,32,0
+ extrdi $t2,$t2,32,0
+ adde $t4,$t4,$t2
+___
+$code.=<<___;
addze $carry,$carry
std $t3,-16($tp) ; tp[j-1]
@@ -835,7 +932,9 @@ Linner:
subf $nap_d,$t7,$nap_d ; rewind pointer
cmpw $i,$num
blt- Louter
+___
+$code.=<<___ if ($SIZE_T==8);
subf $np,$num,$np ; rewind np
addi $j,$j,1 ; restore counter
subfc $i,$i,$i ; j=0 and "clear" XER[CA]
@@ -883,34 +982,105 @@ Lcopy: ; copy or in-place refresh
stdx $i,$t4,$i
addi $i,$i,16
bdnz- Lcopy
+___
+$code.=<<___ if ($SIZE_T==4);
+ subf $np,$num,$np ; rewind np
+ addi $j,$j,1 ; restore counter
+ subfc $i,$i,$i ; j=0 and "clear" XER[CA]
+ addi $tp,$sp,`$FRAME+$TRANSFER`
+ addi $np,$np,-4
+ addi $rp,$rp,-4
+ addi $ap,$sp,`$FRAME+$TRANSFER+4`
+ mtctr $j
+
+.align 4
+Lsub: ld $t0,8($tp) ; load tp[j..j+3] in 64-bit word order
+ ldu $t2,16($tp)
+ lwz $t4,4($np) ; load np[j..j+3] in 32-bit word order
+ lwz $t5,8($np)
+ lwz $t6,12($np)
+ lwzu $t7,16($np)
+ extrdi $t1,$t0,32,0
+ extrdi $t3,$t2,32,0
+ subfe $t4,$t4,$t0 ; tp[j]-np[j]
+ stw $t0,4($ap) ; save tp[j..j+3] in 32-bit word order
+ subfe $t5,$t5,$t1 ; tp[j+1]-np[j+1]
+ stw $t1,8($ap)
+ subfe $t6,$t6,$t2 ; tp[j+2]-np[j+2]
+ stw $t2,12($ap)
+ subfe $t7,$t7,$t3 ; tp[j+3]-np[j+3]
+ stwu $t3,16($ap)
+ stw $t4,4($rp)
+ stw $t5,8($rp)
+ stw $t6,12($rp)
+ stwu $t7,16($rp)
+ bdnz- Lsub
+
+ li $i,0
+ subfe $ovf,$i,$ovf ; handle upmost overflow bit
+ addi $tp,$sp,`$FRAME+$TRANSFER+4`
+ subf $rp,$num,$rp ; rewind rp
+ and $ap,$tp,$ovf
+ andc $np,$rp,$ovf
+ or $ap,$ap,$np ; ap=borrow?tp:rp
+ addi $tp,$sp,`$FRAME+$TRANSFER`
+ mtctr $j
+
+.align 4
+Lcopy: ; copy or in-place refresh
+ lwz $t0,4($ap)
+ lwz $t1,8($ap)
+ lwz $t2,12($ap)
+ lwzu $t3,16($ap)
+ std $i,8($nap_d) ; zap nap_d
+ std $i,16($nap_d)
+ std $i,24($nap_d)
+ std $i,32($nap_d)
+ std $i,40($nap_d)
+ std $i,48($nap_d)
+ std $i,56($nap_d)
+ stdu $i,64($nap_d)
+ stw $t0,4($rp)
+ stw $t1,8($rp)
+ stw $t2,12($rp)
+ stwu $t3,16($rp)
+ std $i,8($tp) ; zap tp at once
+ stdu $i,16($tp)
+ bdnz- Lcopy
+___
- $POP r14,`2*$SIZE_T`($sp)
- $POP r15,`3*$SIZE_T`($sp)
- $POP r16,`4*$SIZE_T`($sp)
- $POP r17,`5*$SIZE_T`($sp)
- $POP r18,`6*$SIZE_T`($sp)
- $POP r19,`7*$SIZE_T`($sp)
- $POP r20,`8*$SIZE_T`($sp)
- $POP r21,`9*$SIZE_T`($sp)
- $POP r22,`10*$SIZE_T`($sp)
- $POP r23,`11*$SIZE_T`($sp)
- lfd f14,`12*$SIZE_T+0`($sp)
- lfd f15,`12*$SIZE_T+8`($sp)
- lfd f16,`12*$SIZE_T+16`($sp)
- lfd f17,`12*$SIZE_T+24`($sp)
- lfd f18,`12*$SIZE_T+32`($sp)
- lfd f19,`12*$SIZE_T+40`($sp)
- lfd f20,`12*$SIZE_T+48`($sp)
- lfd f21,`12*$SIZE_T+56`($sp)
- lfd f22,`12*$SIZE_T+64`($sp)
- lfd f23,`12*$SIZE_T+72`($sp)
- lfd f24,`12*$SIZE_T+80`($sp)
- lfd f25,`12*$SIZE_T+88`($sp)
- $POP $sp,0($sp)
+$code.=<<___;
+ $POP $i,0($sp)
li r3,1 ; signal "handled"
+ $POP r22,`-12*8-10*$SIZE_T`($i)
+ $POP r23,`-12*8-9*$SIZE_T`($i)
+ $POP r24,`-12*8-8*$SIZE_T`($i)
+ $POP r25,`-12*8-7*$SIZE_T`($i)
+ $POP r26,`-12*8-6*$SIZE_T`($i)
+ $POP r27,`-12*8-5*$SIZE_T`($i)
+ $POP r28,`-12*8-4*$SIZE_T`($i)
+ $POP r29,`-12*8-3*$SIZE_T`($i)
+ $POP r30,`-12*8-2*$SIZE_T`($i)
+ $POP r31,`-12*8-1*$SIZE_T`($i)
+ lfd f20,`-12*8`($i)
+ lfd f21,`-11*8`($i)
+ lfd f22,`-10*8`($i)
+ lfd f23,`-9*8`($i)
+ lfd f24,`-8*8`($i)
+ lfd f25,`-7*8`($i)
+ lfd f26,`-6*8`($i)
+ lfd f27,`-5*8`($i)
+ lfd f28,`-4*8`($i)
+ lfd f29,`-3*8`($i)
+ lfd f30,`-2*8`($i)
+ lfd f31,`-1*8`($i)
+ mr $sp,$i
blr
.long 0
-.asciz "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+ .byte 0,12,4,0,0x8c,10,6,0
+ .long 0
+
+.asciz "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl b/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
index f61246f5b..9fd64e81e 100644
--- a/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/s390x-mont.pl
@@ -32,6 +32,33 @@
# Reschedule to minimize/avoid Address Generation Interlock hazard,
# make inner loops counter-based.
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. Compatibility with 32-bit BN_ULONG
+# is achieved by swapping words after 64-bit loads, follow _dswap-s.
+# On z990 it was measured to perform 2.6-2.2 times better than
+# compiler-generated code, less for longer keys...
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$stdframe=16*$SIZE_T+4*8;
+
$mn0="%r0";
$num="%r1";
@@ -60,34 +87,44 @@ $code.=<<___;
.globl bn_mul_mont
.type bn_mul_mont,\@function
bn_mul_mont:
- lgf $num,164($sp) # pull $num
- sla $num,3 # $num to enumerate bytes
+ lgf $num,`$stdframe+$SIZE_T-4`($sp) # pull $num
+ sla $num,`log($SIZE_T)/log(2)` # $num to enumerate bytes
la $bp,0($num,$bp)
- stg %r2,16($sp)
+ st${g} %r2,2*$SIZE_T($sp)
cghi $num,16 #
lghi %r2,0 #
blr %r14 # if($num<16) return 0;
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+ tmll $num,4
+ bnzr %r14 # if ($num&1) return 0;
+___
+$code.=<<___ if ($flavour !~ /3[12]/);
cghi $num,96 #
bhr %r14 # if($num>96) return 0;
+___
+$code.=<<___;
+ stm${g} %r3,%r15,3*$SIZE_T($sp)
- stmg %r3,%r15,24($sp)
-
- lghi $rp,-160-8 # leave room for carry bit
+ lghi $rp,-$stdframe-8 # leave room for carry bit
lcgr $j,$num # -$num
lgr %r0,$sp
la $rp,0($rp,$sp)
la $sp,0($j,$rp) # alloca
- stg %r0,0($sp) # back chain
+ st${g} %r0,0($sp) # back chain
sra $num,3 # restore $num
la $bp,0($j,$bp) # restore $bp
ahi $num,-1 # adjust $num for inner loop
lg $n0,0($n0) # pull n0
+ _dswap $n0
lg $bi,0($bp)
+ _dswap $bi
lg $alo,0($ap)
+ _dswap $alo
mlgr $ahi,$bi # ap[0]*bp[0]
lgr $AHI,$ahi
@@ -95,6 +132,7 @@ bn_mul_mont:
msgr $mn0,$n0
lg $nlo,0($np) #
+ _dswap $nlo
mlgr $nhi,$mn0 # np[0]*m1
algr $nlo,$alo # +="tp[0]"
lghi $NHI,0
@@ -106,12 +144,14 @@ bn_mul_mont:
.align 16
.L1st:
lg $alo,0($j,$ap)
+ _dswap $alo
mlgr $ahi,$bi # ap[j]*bp[0]
algr $alo,$AHI
lghi $AHI,0
alcgr $AHI,$ahi
lg $nlo,0($j,$np)
+ _dswap $nlo
mlgr $nhi,$mn0 # np[j]*m1
algr $nlo,$NHI
lghi $NHI,0
@@ -119,22 +159,24 @@ bn_mul_mont:
algr $nlo,$alo
alcgr $NHI,$nhi
- stg $nlo,160-8($j,$sp) # tp[j-1]=
+ stg $nlo,$stdframe-8($j,$sp) # tp[j-1]=
la $j,8($j) # j++
brct $count,.L1st
algr $NHI,$AHI
lghi $AHI,0
alcgr $AHI,$AHI # upmost overflow bit
- stg $NHI,160-8($j,$sp)
- stg $AHI,160($j,$sp)
+ stg $NHI,$stdframe-8($j,$sp)
+ stg $AHI,$stdframe($j,$sp)
la $bp,8($bp) # bp++
.Louter:
lg $bi,0($bp) # bp[i]
+ _dswap $bi
lg $alo,0($ap)
+ _dswap $alo
mlgr $ahi,$bi # ap[0]*bp[i]
- alg $alo,160($sp) # +=tp[0]
+ alg $alo,$stdframe($sp) # +=tp[0]
lghi $AHI,0
alcgr $AHI,$ahi
@@ -142,6 +184,7 @@ bn_mul_mont:
msgr $mn0,$n0 # tp[0]*n0
lg $nlo,0($np) # np[0]
+ _dswap $nlo
mlgr $nhi,$mn0 # np[0]*m1
algr $nlo,$alo # +="tp[0]"
lghi $NHI,0
@@ -153,14 +196,16 @@ bn_mul_mont:
.align 16
.Linner:
lg $alo,0($j,$ap)
+ _dswap $alo
mlgr $ahi,$bi # ap[j]*bp[i]
algr $alo,$AHI
lghi $AHI,0
alcgr $ahi,$AHI
- alg $alo,160($j,$sp)# +=tp[j]
+ alg $alo,$stdframe($j,$sp)# +=tp[j]
alcgr $AHI,$ahi
lg $nlo,0($j,$np)
+ _dswap $nlo
mlgr $nhi,$mn0 # np[j]*m1
algr $nlo,$NHI
lghi $NHI,0
@@ -168,31 +213,33 @@ bn_mul_mont:
algr $nlo,$alo # +="tp[j]"
alcgr $NHI,$nhi
- stg $nlo,160-8($j,$sp) # tp[j-1]=
+ stg $nlo,$stdframe-8($j,$sp) # tp[j-1]=
la $j,8($j) # j++
brct $count,.Linner
algr $NHI,$AHI
lghi $AHI,0
alcgr $AHI,$AHI
- alg $NHI,160($j,$sp)# accumulate previous upmost overflow bit
+ alg $NHI,$stdframe($j,$sp)# accumulate previous upmost overflow bit
lghi $ahi,0
alcgr $AHI,$ahi # new upmost overflow bit
- stg $NHI,160-8($j,$sp)
- stg $AHI,160($j,$sp)
+ stg $NHI,$stdframe-8($j,$sp)
+ stg $AHI,$stdframe($j,$sp)
la $bp,8($bp) # bp++
- clg $bp,160+8+32($j,$sp) # compare to &bp[num]
+ cl${g} $bp,`$stdframe+8+4*$SIZE_T`($j,$sp) # compare to &bp[num]
jne .Louter
- lg $rp,160+8+16($j,$sp) # reincarnate rp
- la $ap,160($sp)
+ l${g} $rp,`$stdframe+8+2*$SIZE_T`($j,$sp) # reincarnate rp
+ la $ap,$stdframe($sp)
ahi $num,1 # restore $num, incidentally clears "borrow"
la $j,0(%r0)
lr $count,$num
.Lsub: lg $alo,0($j,$ap)
- slbg $alo,0($j,$np)
+ lg $nlo,0($j,$np)
+ _dswap $nlo
+ slbgr $alo,$nlo
stg $alo,0($j,$rp)
la $j,8($j)
brct $count,.Lsub
@@ -207,19 +254,24 @@ bn_mul_mont:
la $j,0(%r0)
lgr $count,$num
-.Lcopy: lg $alo,0($j,$ap) # copy or in-place refresh
- stg $j,160($j,$sp) # zap tp
+.Lcopy: lg $alo,0($j,$ap) # copy or in-place refresh
+ _dswap $alo
+ stg $j,$stdframe($j,$sp) # zap tp
stg $alo,0($j,$rp)
la $j,8($j)
brct $count,.Lcopy
- la %r1,160+8+48($j,$sp)
- lmg %r6,%r15,0(%r1)
+ la %r1,`$stdframe+8+6*$SIZE_T`($j,$sp)
+ lm${g} %r6,%r15,0(%r1)
lghi %r2,1 # signal "processed"
br %r14
.size bn_mul_mont,.-bn_mul_mont
.string "Montgomery Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
___
-print $code;
+foreach (split("\n",$code)) {
+ s/\`([^\`]*)\`/eval $1/ge;
+ s/_dswap\s+(%r[0-9]+)/sprintf("rllg\t%s,%s,32",$1,$1) if($SIZE_T==4)/e;
+ print $_,"\n";
+}
close STDOUT;
diff --git a/deps/openssl/openssl/crypto/bn/asm/s390x.S b/deps/openssl/openssl/crypto/bn/asm/s390x.S
index 43fcb79bc..43fcb79bc 100644..100755
--- a/deps/openssl/openssl/crypto/bn/asm/s390x.S
+++ b/deps/openssl/openssl/crypto/bn/asm/s390x.S
diff --git a/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl b/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
index a14205f2f..a14205f2f 100644..100755
--- a/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/sparcv9a-mont.pl
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
index e8f6b0508..e8f6b0508 100644..100755
--- a/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
diff --git a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
index 3b7a6f243..17fb94c84 100755
--- a/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/.
@@ -15,6 +15,20 @@
# respectful 50%. It remains to be seen if loop unrolling and
# dedicated squaring routine can provide further improvement...
+# July 2011.
+#
+# Add dedicated squaring procedure. Performance improvement varies
+# from platform to platform, but in average it's ~5%/15%/25%/33%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+# August 2011.
+#
+# Unroll and modulo-schedule inner loops in such manner that they
+# are "fallen through" for input lengths of 8, which is critical for
+# 1024-bit RSA *sign*. Average performance improvement in comparison
+# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
$flavour = shift;
$output = shift;
if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
@@ -26,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
# int bn_mul_mont(
$rp="%rdi"; # BN_ULONG *rp,
@@ -37,7 +52,6 @@ $n0="%r8"; # const BN_ULONG *n0,
$num="%r9"; # int num);
$lo0="%r10";
$hi0="%r11";
-$bp="%r12"; # reassign $bp
$hi1="%r13";
$i="%r14";
$j="%r15";
@@ -51,6 +65,16 @@ $code=<<___;
.type bn_mul_mont,\@function,6
.align 16
bn_mul_mont:
+ test \$3,${num}d
+ jnz .Lmul_enter
+ cmp \$8,${num}d
+ jb .Lmul_enter
+ cmp $ap,$bp
+ jne .Lmul4x_enter
+ jmp .Lsqr4x_enter
+
+.align 16
+.Lmul_enter:
push %rbx
push %rbp
push %r12
@@ -66,48 +90,66 @@ bn_mul_mont:
and \$-1024,%rsp # minimize TLB usage
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
-.Lprologue:
- mov %rdx,$bp # $bp reassigned, remember?
-
+.Lmul_body:
+ mov $bp,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
xor $i,$i # i=0
xor $j,$j # j=0
- mov ($bp),$m0 # m0=bp[0]
- mov ($ap),%rax
+ mov $n0,$m1
mulq $m0 # ap[0]*bp[0]
mov %rax,$lo0
- mov %rdx,$hi0
+ mov ($np),%rax
- imulq $n0,%rax # "tp[0]"*n0
- mov %rax,$m1
+ imulq $lo0,$m1 # "tp[0]"*n0
+ mov %rdx,$hi0
- mulq ($np) # np[0]*m1
- add $lo0,%rax # discarded
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
adc \$0,%rdx
mov %rdx,$hi1
lea 1($j),$j # j++
+ jmp .L1st_enter
+
+.align 16
.L1st:
+ add %rax,$hi1
mov ($ap,$j,8),%rax
- mulq $m0 # ap[j]*bp[0]
- add $hi0,%rax
adc \$0,%rdx
- mov %rax,$lo0
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
+ mov $lo0,$hi0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.L1st_enter:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$hi0
mov ($np,$j,8),%rax
- mov %rdx,$hi0
+ adc \$0,%rdx
+ lea 1($j),$j # j++
+ mov %rdx,$lo0
mulq $m1 # np[j]*m1
- add $hi1,%rax
- lea 1($j),$j # j++
+ cmp $num,$j
+ jne .L1st
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
adc \$0,%rdx
- add $lo0,%rax # np[j]*m1+ap[j]*bp[0]
+ add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0]
adc \$0,%rdx
- mov %rax,-16(%rsp,$j,8) # tp[j-1]
- cmp $num,$j
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
mov %rdx,$hi1
- jl .L1st
+ mov $lo0,$hi0
xor %rdx,%rdx
add $hi0,$hi1
@@ -116,50 +158,64 @@ bn_mul_mont:
mov %rdx,(%rsp,$num,8) # store upmost overflow bit
lea 1($i),$i # i++
-.align 4
+ jmp .Louter
+.align 16
.Louter:
- xor $j,$j # j=0
-
mov ($bp,$i,8),$m0 # m0=bp[i]
- mov ($ap),%rax # ap[0]
+ xor $j,$j # j=0
+ mov $n0,$m1
+ mov (%rsp),$lo0
mulq $m0 # ap[0]*bp[i]
- add (%rsp),%rax # ap[0]*bp[i]+tp[0]
+ add %rax,$lo0 # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
adc \$0,%rdx
- mov %rax,$lo0
- mov %rdx,$hi0
- imulq $n0,%rax # tp[0]*n0
- mov %rax,$m1
+ imulq $lo0,$m1 # tp[0]*n0
+ mov %rdx,$hi0
- mulq ($np,$j,8) # np[0]*m1
- add $lo0,%rax # discarded
- mov 8(%rsp),$lo0 # tp[1]
+ mulq $m1 # np[0]*m1
+ add %rax,$lo0 # discarded
+ mov 8($ap),%rax
adc \$0,%rdx
+ mov 8(%rsp),$lo0 # tp[1]
mov %rdx,$hi1
lea 1($j),$j # j++
-.align 4
+ jmp .Linner_enter
+
+.align 16
.Linner:
+ add %rax,$hi1
mov ($ap,$j,8),%rax
- mulq $m0 # ap[j]*bp[i]
- add $hi0,%rax
adc \$0,%rdx
- add %rax,$lo0 # ap[j]*bp[i]+tp[j]
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
+ mov (%rsp,$j,8),$lo0
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$hi1
+
+.Linner_enter:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$hi0
mov ($np,$j,8),%rax
adc \$0,%rdx
+ add $hi0,$lo0 # ap[j]*bp[i]+tp[j]
mov %rdx,$hi0
+ adc \$0,$hi0
+ lea 1($j),$j # j++
mulq $m1 # np[j]*m1
- add $hi1,%rax
- lea 1($j),$j # j++
- adc \$0,%rdx
- add $lo0,%rax # np[j]*m1+ap[j]*bp[i]+tp[j]
+ cmp $num,$j
+ jne .Linner
+
+ add %rax,$hi1
+ mov ($ap),%rax # ap[0]
adc \$0,%rdx
+ add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j]
mov (%rsp,$j,8),$lo0
- cmp $num,$j
- mov %rax,-16(%rsp,$j,8) # tp[j-1]
+ adc \$0,%rdx
+ mov $hi1,-16(%rsp,$j,8) # tp[j-1]
mov %rdx,$hi1
- jl .Linner
xor %rdx,%rdx
add $hi0,$hi1
@@ -173,35 +229,449 @@ bn_mul_mont:
cmp $num,$i
jl .Louter
- lea (%rsp),$ap # borrow ap for tp
- lea -1($num),$j # j=num-1
-
- mov ($ap),%rax # tp[0]
xor $i,$i # i=0 and clear CF!
+ mov (%rsp),%rax # tp[0]
+ lea (%rsp),$ap # borrow ap for tp
+ mov $num,$j # j=num
jmp .Lsub
.align 16
.Lsub: sbb ($np,$i,8),%rax
mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i]
- dec $j # doesn't affect CF!
mov 8($ap,$i,8),%rax # tp[i+1]
lea 1($i),$i # i++
- jge .Lsub
+ dec $j # doesnn't affect CF!
+ jnz .Lsub
sbb \$0,%rax # handle upmost overflow bit
+ xor $i,$i
and %rax,$ap
not %rax
mov $rp,$np
and %rax,$np
- lea -1($num),$j
+ mov $num,$j # j=num
or $np,$ap # ap=borrow?tp:rp
.align 16
.Lcopy: # copy or in-place refresh
+ mov ($ap,$i,8),%rax
+ mov $i,(%rsp,$i,8) # zap temporary vector
+ mov %rax,($rp,$i,8) # rp[i]=tp[i]
+ lea 1($i),$i
+ sub \$1,$j
+ jnz .Lcopy
+
+ mov 8(%rsp,$num,8),%rsi # restore %rsp
+ mov \$1,%rax
+ mov (%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lmul_epilogue:
+ ret
+.size bn_mul_mont,.-bn_mul_mont
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type bn_mul4x_mont,\@function,6
+.align 16
+bn_mul4x_mont:
+.Lmul4x_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ mov ${num}d,${num}d
+ lea 4($num),%r10
+ mov %rsp,%r11
+ neg %r10
+ lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4))
+ and \$-1024,%rsp # minimize TLB usage
+
+ mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
+.Lmul4x_body:
+ mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
+ mov %rdx,%r12 # reassign $bp
+___
+ $bp="%r12";
+$code.=<<___;
+ mov ($n0),$n0 # pull n0[0] value
+ mov ($bp),$m0 # m0=bp[0]
+ mov ($ap),%rax
+
+ xor $i,$i # i=0
+ xor $j,$j # j=0
+
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[0]
+ mov %rax,$A[0]
+ mov ($np),%rax
+
+ imulq $A[0],$m1 # "tp[0]"*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ lea 4($j),$j # j++
+ adc \$0,%rdx
+ mov $N[1],(%rsp)
+ mov %rdx,$N[0]
+ jmp .L1st4x
+.align 16
+.L1st4x:
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
mov ($ap,$j,8),%rax
- mov %rax,($rp,$j,8) # rp[i]=tp[i]
- mov $i,(%rsp,$j,8) # zap temporary vector
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .L1st4x
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[0]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ lea 1($i),$i # i++
+.align 4
+.Louter4x:
+ mov ($bp,$i,8),$m0 # m0=bp[i]
+ xor $j,$j # j=0
+ mov (%rsp),$A[0]
+ mov $n0,$m1
+ mulq $m0 # ap[0]*bp[i]
+ add %rax,$A[0] # ap[0]*bp[i]+tp[0]
+ mov ($np),%rax
+ adc \$0,%rdx
+
+ imulq $A[0],$m1 # tp[0]*n0
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[0]*m1
+ add %rax,$A[0] # "$N[0]", discarded
+ mov 8($ap),%rax
+ adc \$0,%rdx
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np),%rax
+ adc \$0,%rdx
+ add 8(%rsp),$A[1] # +tp[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov 16($ap),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j]
+ lea 4($j),$j # j+=2
+ adc \$0,%rdx
+ mov $N[1],(%rsp) # tp[j-1]
+ mov %rdx,$N[0]
+ jmp .Linner4x
+.align 16
+.Linner4x:
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov ($np,$j,8),%rax
+ adc \$0,%rdx
+ add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov 8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-8(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov 8($np,$j,8),%rax
+ adc \$0,%rdx
+ add 8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 4($j),$j # j++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov -16($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-32(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+ cmp $num,$j
+ jl .Linner4x
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[0]
+ mov -16($np,$j,8),%rax
+ adc \$0,%rdx
+ add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j]
+ adc \$0,%rdx
+ mov %rdx,$A[1]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[0]
+ mov -8($ap,$j,8),%rax
+ adc \$0,%rdx
+ add $A[0],$N[0]
+ adc \$0,%rdx
+ mov $N[0],-24(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[1]
+
+ mulq $m0 # ap[j]*bp[i]
+ add %rax,$A[1]
+ mov -8($np,$j,8),%rax
+ adc \$0,%rdx
+ add -8(%rsp,$j,8),$A[1]
+ adc \$0,%rdx
+ lea 1($i),$i # i++
+ mov %rdx,$A[0]
+
+ mulq $m1 # np[j]*m1
+ add %rax,$N[1]
+ mov ($ap),%rax # ap[0]
+ adc \$0,%rdx
+ add $A[1],$N[1]
+ adc \$0,%rdx
+ mov $N[1],-16(%rsp,$j,8) # tp[j-1]
+ mov %rdx,$N[0]
+
+ xor $N[1],$N[1]
+ add $A[0],$N[0]
+ adc \$0,$N[1]
+ add (%rsp,$num,8),$N[0] # pull upmost overflow bit
+ adc \$0,$N[1]
+ mov $N[0],-8(%rsp,$j,8)
+ mov $N[1],(%rsp,$j,8) # store upmost overflow bit
+
+ cmp $num,$i
+ jl .Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+ mov 16(%rsp,$num,8),$rp # restore $rp
+ mov 0(%rsp),@ri[0] # tp[0]
+ pxor %xmm0,%xmm0
+ mov 8(%rsp),@ri[1] # tp[1]
+ shr \$2,$num # num/=4
+ lea (%rsp),$ap # borrow ap for tp
+ xor $i,$i # i=0 and clear CF!
+
+ sub 0($np),@ri[0]
+ mov 16($ap),@ri[2] # tp[2]
+ mov 24($ap),@ri[3] # tp[3]
+ sbb 8($np),@ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsub4x
+.align 16
+.Lsub4x:
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($np,$i,8),@ri[2]
+ mov 32($ap,$i,8),@ri[0] # tp[i+1]
+ mov 40($ap,$i,8),@ri[1]
+ sbb 24($np,$i,8),@ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($np,$i,8),@ri[0]
+ mov 48($ap,$i,8),@ri[2]
+ mov 56($ap,$i,8),@ri[3]
+ sbb 40($np,$i,8),@ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesnn't affect CF!
+ jnz .Lsub4x
+
+ mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($ap,$i,8),@ri[0] # load overflow bit
+ sbb 16($np,$i,8),@ri[2]
+ mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($np,$i,8),@ri[3]
+ mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0,@ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$ap
+ not @ri[0]
+ mov $rp,$np
+ and @ri[0],$np
+ lea -1($num),$j
+ or $np,$ap # ap=borrow?tp:rp
+
+ movdqu ($ap),%xmm1
+ movdqa %xmm0,(%rsp)
+ movdqu %xmm1,($rp)
+ jmp .Lcopy4x
+.align 16
+.Lcopy4x: # copy or in-place refresh
+ movdqu 16($ap,$i),%xmm2
+ movdqu 32($ap,$i),%xmm1
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+ movdqa %xmm0,32(%rsp,$i)
+ movdqu %xmm1,32($rp,$i)
+ lea 32($i),$i
dec $j
- jge .Lcopy
+ jnz .Lcopy4x
+ shl \$2,$num
+ movdqu 16($ap,$i),%xmm2
+ movdqa %xmm0,16(%rsp,$i)
+ movdqu %xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
mov 8(%rsp,$num,8),%rsi # restore %rsp
mov \$1,%rax
mov (%rsi),%r15
@@ -211,9 +681,823 @@ bn_mul_mont:
mov 32(%rsi),%rbp
mov 40(%rsi),%rbx
lea 48(%rsi),%rsp
-.Lepilogue:
+.Lmul4x_epilogue:
ret
-.size bn_mul_mont,.-bn_mul_mont
+.size bn_mul4x_mont,.-bn_mul4x_mont
+___
+}}}
+ {{{
+######################################################################
+# void bn_sqr4x_mont(
+my $rptr="%rdi"; # const BN_ULONG *rptr,
+my $aptr="%rsi"; # const BN_ULONG *aptr,
+my $bptr="%rdx"; # not used
+my $nptr="%rcx"; # const BN_ULONG *nptr,
+my $n0 ="%r8"; # const BN_ULONG *n0);
+my $num ="%r9"; # int num, has to be divisible by 4 and
+ # not less than 8
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___;
+.type bn_sqr4x_mont,\@function,6
+.align 16
+bn_sqr4x_mont:
+.Lsqr4x_enter:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+
+ shl \$3,${num}d # convert $num to bytes
+ xor %r10,%r10
+ mov %rsp,%r11 # put aside %rsp
+ sub $num,%r10 # -$num
+ mov ($n0),$n0 # *n0
+ lea -72(%rsp,%r10,2),%rsp # alloca(frame+2*$num)
+ and \$-1024,%rsp # minimize TLB usage
+ ##############################################################
+ # Stack layout
+ #
+ # +0 saved $num, used in reduction section
+ # +8 &t[2*$num], used in reduction section
+ # +32 saved $rptr
+ # +40 saved $nptr
+ # +48 saved *n0
+ # +56 saved %rsp
+ # +64 t[2*$num]
+ #
+ mov $rptr,32(%rsp) # save $rptr
+ mov $nptr,40(%rsp)
+ mov $n0, 48(%rsp)
+ mov %r11, 56(%rsp) # save original %rsp
+.Lsqr4x_body:
+ ##############################################################
+ # Squaring part:
+ #
+ # a) multiply-n-add everything but a[i]*a[i];
+ # b) shift result of a) by 1 to the left and accumulate
+ # a[i]*a[i] products;
+ #
+ lea 32(%r10),$i # $i=-($num-32)
+ lea ($aptr,$num),$aptr # end of a[] buffer, ($aptr,$i)=&ap[2]
+
+ mov $num,$j # $j=$num
+
+ # comments apply to $num==8 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mul $a0 # a[1]*a[0]
+ mov %rax,$A0[0] # a[1]*a[0]
+ mov $ai,%rax # a[2]
+ mov %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ mov %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ mov %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[3]
+ jmp .Lsqr4x_1st
+
+.align 16
+.Lsqr4x_1st:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[5]
+
+ mov 16($aptr,$j),$ai # a[6]
+ xor $A1[0],$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1] # a[5]*a[3]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[6]*a[2]
+ add %rax,$A0[1] # a[6]*a[2]+a[5]*a[3]+t[6]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],16($tptr,$j) # t[6]
+
+
+ mov 24($aptr,$j),$ai # a[7]
+ xor $A1[1],$A1[1]
+ mul $a1 # a[6]*a[5]
+ add %rax,$A1[0] # a[6]*a[5]+t[7]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 32($j),$j
+ adc \$0,$A0[1]
+ mul $a0 # a[7]*a[4]
+ add %rax,$A0[0] # a[7]*a[4]+a[6]*a[5]+t[6]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[7]
+
+ cmp \$0,$j
+ jne .Lsqr4x_1st
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[7]*a[5]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[8]
+ lea 16($i),$i
+ mov $A1[0],8($tptr) # t[9]
+ jmp .Lsqr4x_outer
+
+.align 16
+.Lsqr4x_outer: # comments apply to $num==6 case
+ mov -32($aptr,$i),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr,$i),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr,$i),$ai # a[2]
+ mov %rax,$a1
+
+ mov -24($tptr,$i),$A0[0] # t[1]
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr,$i) # t[1]
+
+ xor $A0[0],$A0[0]
+ add -16($tptr,$i),$A0[1] # a[2]*a[0]+t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr,$i) # t[2]
+
+ lea -16($i),$j # j=-16
+ xor $A1[0],$A1[0]
+
+
+ mov 8($aptr,$j),$ai # a[3]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],8($tptr,$j) # t[3]
+
+ lea 16($j),$j
+ jmp .Lsqr4x_inner
+
+.align 16
+.Lsqr4x_inner:
+ mov ($aptr,$j),$ai # a[4]
+ xor $A1[0],$A1[0]
+ add ($tptr,$j),$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1] # a[3]*a[1]+t[4]
+ mov $ai,%rax
+ adc %rdx,$A1[0]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1]
+ adc \$0,$A0[0]
+ mul $a0 # a[4]*a[0]
+ add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4]
+ mov $ai,%rax # a[3]
+ adc %rdx,$A0[0]
+ mov $A0[1],($tptr,$j) # t[4]
+
+ mov 8($aptr,$j),$ai # a[5]
+ xor $A1[1],$A1[1]
+ add 8($tptr,$j),$A1[0]
+ adc \$0,$A1[1]
+ mul $a1 # a[4]*a[3]
+ add %rax,$A1[0] # a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A1[1]
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ lea 16($j),$j # j++
+ adc \$0,$A0[1]
+ mul $a0 # a[5]*a[2]
+ add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr,$j) # t[5], "preloaded t[1]" below
+
+ cmp \$0,$j
+ jne .Lsqr4x_inner
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[5]*a[3]
+ add %rax,$A1[1]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[6], "preloaded t[2]" below
+ mov $A1[0],8($tptr) # t[7], "preloaded t[3]" below
+
+ add \$16,$i
+ jnz .Lsqr4x_outer
+
+ # comments apply to $num==4 case
+ mov -32($aptr),$a0 # a[0]
+ lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num]
+ mov -24($aptr),%rax # a[1]
+ lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"]
+ mov -16($aptr),$ai # a[2]
+ mov %rax,$a1
+
+ xor $A0[1],$A0[1]
+ mul $a0 # a[1]*a[0]
+ add %rax,$A0[0] # a[1]*a[0]+t[1], preloaded t[1]
+ mov $ai,%rax # a[2]
+ adc %rdx,$A0[1]
+ mov $A0[0],-24($tptr) # t[1]
+
+ xor $A0[0],$A0[0]
+ add $A1[1],$A0[1] # a[2]*a[0]+t[2], preloaded t[2]
+ adc \$0,$A0[0]
+ mul $a0 # a[2]*a[0]
+ add %rax,$A0[1]
+ mov $ai,%rax
+ adc %rdx,$A0[0]
+ mov $A0[1],-16($tptr) # t[2]
+
+ mov -8($aptr),$ai # a[3]
+ mul $a1 # a[2]*a[1]
+ add %rax,$A1[0] # a[2]*a[1]+t[3], preloaded t[3]
+ mov $ai,%rax
+ adc \$0,%rdx
+
+ xor $A0[1],$A0[1]
+ add $A1[0],$A0[0]
+ mov %rdx,$A1[1]
+ adc \$0,$A0[1]
+ mul $a0 # a[3]*a[0]
+ add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3]
+ mov $ai,%rax
+ adc %rdx,$A0[1]
+ mov $A0[0],-8($tptr) # t[3]
+
+ xor $A1[0],$A1[0]
+ add $A0[1],$A1[1]
+ adc \$0,$A1[0]
+ mul $a1 # a[3]*a[1]
+ add %rax,$A1[1]
+ mov -16($aptr),%rax # a[2]
+ adc %rdx,$A1[0]
+
+ mov $A1[1],($tptr) # t[4]
+ mov $A1[0],8($tptr) # t[5]
+
+ mul $ai # a[2]*a[3]
+___
+{
+my ($shift,$carry)=($a0,$a1);
+my @S=(@A1,$ai,$n0);
+$code.=<<___;
+ add \$16,$i
+ xor $shift,$shift
+ sub $num,$i # $i=16-$num
+ xor $carry,$carry
+
+ add $A1[0],%rax # t[5]
+ adc \$0,%rdx
+ mov %rax,8($tptr) # t[5]
+ mov %rdx,16($tptr) # t[6]
+ mov $carry,24($tptr) # t[7]
+
+ mov -16($aptr,$i),%rax # a[0]
+ lea 64(%rsp,$num,2),$tptr
+ xor $A0[0],$A0[0] # t[0]
+ mov -24($tptr,$i,2),$A0[1] # t[1]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+ lea 16($i),$i
+ mov $S[3],-40($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ jmp .Lsqr4x_shift_n_add
+
+.align 16
+.Lsqr4x_shift_n_add:
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],-24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 0($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],-16($tptr,$i,2)
+ adc %rdx,$S[3]
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ mov $S[3],-8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov 16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 24($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov 8($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[0],0($tptr,$i,2)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift
+ mov $S[1],8($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mov 32($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov 40($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[2]
+ mov 16($aptr,$i),%rax # a[i+1] # prefetch
+ mov $S[2],16($tptr,$i,2)
+ adc %rdx,$S[3]
+ mov $S[3],24($tptr,$i,2)
+ sbb $carry,$carry # mov cf,$carry
+ add \$32,$i
+ jnz .Lsqr4x_shift_n_add
+
+ lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[1] # | t[2*i]>>63
+ mov -16($tptr),$A0[0] # t[2*i+2] # prefetch
+ mov $A0[1],$shift # shift=t[2*i+1]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ mov -8($tptr),$A0[1] # t[2*i+2+1] # prefetch
+ adc %rax,$S[0]
+ mov -8($aptr),%rax # a[i+1] # prefetch
+ mov $S[0],-32($tptr)
+ adc %rdx,$S[1]
+
+ lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1|shift
+ mov $S[1],-24($tptr)
+ sbb $carry,$carry # mov cf,$carry
+ shr \$63,$A0[0]
+ lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 |
+ shr \$63,$A0[1]
+ or $A0[0],$S[3] # | t[2*i]>>63
+ mul %rax # a[i]*a[i]
+ neg $carry # mov $carry,cf
+ adc %rax,$S[2]
+ adc %rdx,$S[3]
+ mov $S[2],-16($tptr)
+ mov $S[3],-8($tptr)
+___
+}
+##############################################################
+# Montgomery reduction part, "word-by-word" algorithm.
+#
+{
+my ($topbit,$nptr)=("%rbp",$aptr);
+my ($m0,$m1)=($a0,$a1);
+my @Ni=("%rbx","%r9");
+$code.=<<___;
+ mov 40(%rsp),$nptr # restore $nptr
+ mov 48(%rsp),$n0 # restore *n0
+ xor $j,$j
+ mov $num,0(%rsp) # save $num
+ sub $num,$j # $j=-$num
+ mov 64(%rsp),$A0[0] # t[0] # modsched #
+ mov $n0,$m0 # # modsched #
+ lea 64(%rsp,$num,2),%rax # end of t[] buffer
+ lea 64(%rsp,$num),$tptr # end of t[] window
+ mov %rax,8(%rsp) # save end of t[] buffer
+ lea ($nptr,$num),$nptr # end of n[] buffer
+ xor $topbit,$topbit # $topbit=0
+
+ mov 0($nptr,$j),%rax # n[0] # modsched #
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ imulq $A0[0],$m0 # m0=t[0]*n0 # modsched #
+ mov %rax,$Ni[0] # # modsched #
+ jmp .Lsqr4x_mont_outer
+
+.align 16
+.Lsqr4x_mont_outer:
+ xor $A0[1],$A0[1]
+ mul $m0 # n[0]*m0
+ add %rax,$A0[0] # n[0]*m0+t[0]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+ mov $n0,$m1
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[1]*m0
+ add %rax,$A0[1] # n[1]*m0+t[1]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+ imulq $A0[1],$m1
+
+ mov 16($nptr,$j),$Ni[0] # n[2]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[0]*m1
+ add %rax,$A1[0] # n[0]*m1+"t[1]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[1]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[2]*m0
+ add %rax,$A0[0] # n[2]*m0+t[2]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[3]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[1]*m1
+ add %rax,$A1[1] # n[1]*m1+"t[2]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[2]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[3]*m0
+ add %rax,$A0[1] # n[3]*m0+t[3]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ jmp .Lsqr4x_mont_inner
+
+.align 16
+.Lsqr4x_mont_inner:
+ mov ($nptr,$j),$Ni[0] # n[4]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[2]*m1
+ add %rax,$A1[0] # n[2]*m1+"t[3]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr,$j) # "t[3]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[4]*m0
+ add %rax,$A0[0] # n[4]*m0+t[4]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 8($nptr,$j),$Ni[1] # n[5]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[3]*m1
+ add %rax,$A1[1] # n[3]*m1+"t[4]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr,$j) # "t[4]"
+
+ xor $A0[0],$A0[0]
+ add 8($tptr,$j),$A0[1]
+ adc \$0,$A0[0]
+ mul $m0 # n[5]*m0
+ add %rax,$A0[1] # n[5]*m0+t[5]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+
+
+ mov 16($nptr,$j),$Ni[0] # n[6]
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[4]*m1
+ add %rax,$A1[0] # n[4]*m1+"t[5]"
+ mov $Ni[0],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],8($tptr,$j) # "t[5]"
+
+ xor $A0[1],$A0[1]
+ add 16($tptr,$j),$A0[0]
+ adc \$0,$A0[1]
+ mul $m0 # n[6]*m0
+ add %rax,$A0[0] # n[6]*m0+t[6]
+ mov $Ni[1],%rax
+ adc %rdx,$A0[1]
+
+ mov 24($nptr,$j),$Ni[1] # n[7]
+ xor $A1[0],$A1[0]
+ add $A0[0],$A1[1]
+ adc \$0,$A1[0]
+ mul $m1 # n[5]*m1
+ add %rax,$A1[1] # n[5]*m1+"t[6]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[0]
+ mov $A1[1],16($tptr,$j) # "t[6]"
+
+ xor $A0[0],$A0[0]
+ add 24($tptr,$j),$A0[1]
+ lea 32($j),$j
+ adc \$0,$A0[0]
+ mul $m0 # n[7]*m0
+ add %rax,$A0[1] # n[7]*m0+t[7]
+ mov $Ni[0],%rax
+ adc %rdx,$A0[0]
+ cmp \$0,$j
+ jne .Lsqr4x_mont_inner
+
+ sub 0(%rsp),$j # $j=-$num # modsched #
+ mov $n0,$m0 # # modsched #
+
+ xor $A1[1],$A1[1]
+ add $A0[1],$A1[0]
+ adc \$0,$A1[1]
+ mul $m1 # n[6]*m1
+ add %rax,$A1[0] # n[6]*m1+"t[7]"
+ mov $Ni[1],%rax
+ adc %rdx,$A1[1]
+ mov $A1[0],-8($tptr) # "t[7]"
+
+ xor $A0[1],$A0[1]
+ add ($tptr),$A0[0] # +t[8]
+ adc \$0,$A0[1]
+ mov 0($nptr,$j),$Ni[0] # n[0] # modsched #
+ add $topbit,$A0[0]
+ adc \$0,$A0[1]
+
+ imulq 16($tptr,$j),$m0 # m0=t[0]*n0 # modsched #
+ xor $A1[0],$A1[0]
+ mov 8($nptr,$j),$Ni[1] # n[1] # modsched #
+ add $A0[0],$A1[1]
+ mov 16($tptr,$j),$A0[0] # t[0] # modsched #
+ adc \$0,$A1[0]
+ mul $m1 # n[7]*m1
+ add %rax,$A1[1] # n[7]*m1+"t[8]"
+ mov $Ni[0],%rax # # modsched #
+ adc %rdx,$A1[0]
+ mov $A1[1],($tptr) # "t[8]"
+
+ xor $topbit,$topbit
+ add 8($tptr),$A1[0] # +t[9]
+ adc $topbit,$topbit
+ add $A0[1],$A1[0]
+ lea 16($tptr),$tptr # "t[$num]>>128"
+ adc \$0,$topbit
+ mov $A1[0],-8($tptr) # "t[9]"
+ cmp 8(%rsp),$tptr # are we done?
+ jb .Lsqr4x_mont_outer
+
+ mov 0(%rsp),$num # restore $num
+ mov $topbit,($tptr) # save $topbit
+___
+}
+##############################################################
+# Post-condition, 4x unrolled copy from bn_mul_mont
+#
+{
+my ($tptr,$nptr)=("%rbx",$aptr);
+my @ri=("%rax","%rdx","%r10","%r11");
+$code.=<<___;
+ mov 64(%rsp,$num),@ri[0] # tp[0]
+ lea 64(%rsp,$num),$tptr # upper half of t[2*$num] holds result
+ mov 40(%rsp),$nptr # restore $nptr
+ shr \$5,$num # num/4
+ mov 8($tptr),@ri[1] # t[1]
+ xor $i,$i # i=0 and clear CF!
+
+ mov 32(%rsp),$rptr # restore $rptr
+ sub 0($nptr),@ri[0]
+ mov 16($tptr),@ri[2] # t[2]
+ mov 24($tptr),@ri[3] # t[3]
+ sbb 8($nptr),@ri[1]
+ lea -1($num),$j # j=num/4-1
+ jmp .Lsqr4x_sub
+.align 16
+.Lsqr4x_sub:
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 16($nptr,$i,8),@ri[2]
+ mov 32($tptr,$i,8),@ri[0] # tp[i+1]
+ mov 40($tptr,$i,8),@ri[1]
+ sbb 24($nptr,$i,8),@ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 32($nptr,$i,8),@ri[0]
+ mov 48($tptr,$i,8),@ri[2]
+ mov 56($tptr,$i,8),@ri[3]
+ sbb 40($nptr,$i,8),@ri[1]
+ lea 4($i),$i # i++
+ dec $j # doesn't affect CF!
+ jnz .Lsqr4x_sub
+
+ mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ mov 32($tptr,$i,8),@ri[0] # load overflow bit
+ sbb 16($nptr,$i,8),@ri[2]
+ mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ sbb 24($nptr,$i,8),@ri[3]
+ mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i]
+
+ sbb \$0,@ri[0] # handle upmost overflow bit
+ mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i]
+ xor $i,$i # i=0
+ and @ri[0],$tptr
+ not @ri[0]
+ mov $rptr,$nptr
+ and @ri[0],$nptr
+ lea -1($num),$j
+ or $nptr,$tptr # tp=borrow?tp:rp
+
+ pxor %xmm0,%xmm0
+ lea 64(%rsp,$num,8),$nptr
+ movdqu ($tptr),%xmm1
+ lea ($nptr,$num,8),$nptr
+ movdqa %xmm0,64(%rsp) # zap lower half of temporary vector
+ movdqa %xmm0,($nptr) # zap upper half of temporary vector
+ movdqu %xmm1,($rptr)
+ jmp .Lsqr4x_copy
+.align 16
+.Lsqr4x_copy: # copy or in-place refresh
+ movdqu 16($tptr,$i),%xmm2
+ movdqu 32($tptr,$i),%xmm1
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,96(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqa %xmm0,32($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+ movdqu %xmm1,32($rptr,$i)
+ lea 32($i),$i
+ dec $j
+ jnz .Lsqr4x_copy
+
+ movdqu 16($tptr,$i),%xmm2
+ movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector
+ movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector
+ movdqu %xmm2,16($rptr,$i)
+___
+}
+$code.=<<___;
+ mov 56(%rsp),%rsi # restore %rsp
+ mov \$1,%rax
+ mov 0(%rsi),%r15
+ mov 8(%rsi),%r14
+ mov 16(%rsi),%r13
+ mov 24(%rsi),%r12
+ mov 32(%rsi),%rbp
+ mov 40(%rsi),%rbx
+ lea 48(%rsi),%rsp
+.Lsqr4x_epilogue:
+ ret
+.size bn_sqr4x_mont,.-bn_sqr4x_mont
+___
+}}}
+$code.=<<___;
.asciz "Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 16
___
@@ -228,9 +1512,9 @@ $disp="%r9";
$code.=<<___;
.extern __imp_RtlVirtualUnwind
-.type se_handler,\@abi-omnipotent
+.type mul_handler,\@abi-omnipotent
.align 16
-se_handler:
+mul_handler:
push %rsi
push %rdi
push %rbx
@@ -245,15 +1529,20 @@ se_handler:
mov 120($context),%rax # pull context->Rax
mov 248($context),%rbx # pull context->Rip
- lea .Lprologue(%rip),%r10
- cmp %r10,%rbx # context->Rip<.Lprologue
- jb .Lin_prologue
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # end of prologue label
+ cmp %r10,%rbx # context->Rip<end of prologue label
+ jb .Lcommon_seh_tail
mov 152($context),%rax # pull context->Rsp
- lea .Lepilogue(%rip),%r10
- cmp %r10,%rbx # context->Rip>=.Lepilogue
- jae .Lin_prologue
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
mov 192($context),%r10 # pull $num
mov 8(%rax,%r10,8),%rax # pull saved stack pointer
@@ -272,7 +1561,53 @@ se_handler:
mov %r14,232($context) # restore context->R14
mov %r15,240($context) # restore context->R15
-.Lin_prologue:
+ jmp .Lcommon_seh_tail
+.size mul_handler,.-mul_handler
+
+.type sqr_handler,\@abi-omnipotent
+.align 16
+sqr_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ lea .Lsqr4x_body(%rip),%r10
+ cmp %r10,%rbx # context->Rip<.Lsqr_body
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ lea .Lsqr4x_epilogue(%rip),%r10
+ cmp %r10,%rbx # context->Rip>=.Lsqr_epilogue
+ jae .Lcommon_seh_tail
+
+ mov 56(%rax),%rax # pull saved stack pointer
+ lea 48(%rax),%rax
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov -32(%rax),%r13
+ mov -40(%rax),%r14
+ mov -48(%rax),%r15
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+ mov %r14,232($context) # restore context->R14
+ mov %r15,240($context) # restore context->R15
+
+.Lcommon_seh_tail:
mov 8(%rax),%rdi
mov 16(%rax),%rsi
mov %rax,152($context) # restore context->Rsp
@@ -310,7 +1645,7 @@ se_handler:
pop %rdi
pop %rsi
ret
-.size se_handler,.-se_handler
+.size sqr_handler,.-sqr_handler
.section .pdata
.align 4
@@ -318,11 +1653,27 @@ se_handler:
.rva .LSEH_end_bn_mul_mont
.rva .LSEH_info_bn_mul_mont
+ .rva .LSEH_begin_bn_mul4x_mont
+ .rva .LSEH_end_bn_mul4x_mont
+ .rva .LSEH_info_bn_mul4x_mont
+
+ .rva .LSEH_begin_bn_sqr4x_mont
+ .rva .LSEH_end_bn_sqr4x_mont
+ .rva .LSEH_info_bn_sqr4x_mont
+
.section .xdata
.align 8
.LSEH_info_bn_mul_mont:
.byte 9,0,0,0
- .rva se_handler
+ .rva mul_handler
+ .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
+.LSEH_info_bn_mul4x_mont:
+ .byte 9,0,0,0
+ .rva mul_handler
+ .rva .Lmul4x_body,.Lmul4x_epilogue # HandlerData[]
+.LSEH_info_bn_sqr4x_mont:
+ .byte 9,0,0,0
+ .rva sqr_handler
___
}
diff --git a/deps/openssl/openssl/crypto/bn/bn.h b/deps/openssl/openssl/crypto/bn/bn.h
index a0bc47837..f34248ec4 100644
--- a/deps/openssl/openssl/crypto/bn/bn.h
+++ b/deps/openssl/openssl/crypto/bn/bn.h
@@ -558,6 +558,17 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+ const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
+ const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+ BIGNUM *Xp1, BIGNUM *Xp2,
+ const BIGNUM *Xp,
+ const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+
BN_MONT_CTX *BN_MONT_CTX_new(void );
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
@@ -612,6 +623,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
BN_RECP_CTX *recp, BN_CTX *ctx);
+#ifndef OPENSSL_NO_EC2M
+
/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
*
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
@@ -663,6 +676,8 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+#endif
+
/* faster mod functions for the 'NIST primes'
* 0 <= a < p^2 */
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
diff --git a/deps/openssl/openssl/crypto/bn/bn_div.c b/deps/openssl/openssl/crypto/bn/bn_div.c
index 802a43d64..7b2403185 100644
--- a/deps/openssl/openssl/crypto/bn/bn_div.c
+++ b/deps/openssl/openssl/crypto/bn/bn_div.c
@@ -141,6 +141,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
*
* <appro@fy.chalmers.se>
*/
+#undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divl %4" \
@@ -155,6 +156,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
* Same story here, but it's 128-bit by 64-bit division. Wow!
* <appro@fy.chalmers.se>
*/
+# undef bn_div_words
# define bn_div_words(n0,n1,d0) \
({ asm volatile ( \
"divq %4" \
@@ -169,15 +171,13 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
#endif /* OPENSSL_NO_ASM */
-/* BN_div[_no_branch] computes dv := num / divisor, rounding towards
+/* BN_div computes dv := num / divisor, rounding towards
* zero, and sets up rm such that dv*divisor + rm = num holds.
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
* rm->neg == num->neg (unless the remainder is zero)
* If 'dv' or 'rm' is NULL, the respective value is not returned.
*/
-static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
- const BIGNUM *divisor, BN_CTX *ctx);
int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
BN_CTX *ctx)
{
@@ -186,6 +186,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
BN_ULONG *resp,*wnump;
BN_ULONG d0,d1;
int num_n,div_n;
+ int no_branch=0;
/* Invalid zero-padding would have particularly bad consequences
* in the case of 'num', so don't just rely on bn_check_top() for this one
@@ -200,7 +201,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
{
- return BN_div_no_branch(dv, rm, num, divisor, ctx);
+ no_branch=1;
}
bn_check_top(dv);
@@ -214,7 +215,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
return(0);
}
- if (BN_ucmp(num,divisor) < 0)
+ if (!no_branch && BN_ucmp(num,divisor) < 0)
{
if (rm != NULL)
{ if (BN_copy(rm,num) == NULL) return(0); }
@@ -239,242 +240,25 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
norm_shift+=BN_BITS2;
if (!(BN_lshift(snum,num,norm_shift))) goto err;
snum->neg=0;
- div_n=sdiv->top;
- num_n=snum->top;
- loop=num_n-div_n;
- /* Lets setup a 'window' into snum
- * This is the part that corresponds to the current
- * 'area' being divided */
- wnum.neg = 0;
- wnum.d = &(snum->d[loop]);
- wnum.top = div_n;
- /* only needed when BN_ucmp messes up the values between top and max */
- wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */
-
- /* Get the top 2 words of sdiv */
- /* div_n=sdiv->top; */
- d0=sdiv->d[div_n-1];
- d1=(div_n == 1)?0:sdiv->d[div_n-2];
-
- /* pointer to the 'top' of snum */
- wnump= &(snum->d[num_n-1]);
-
- /* Setup to 'res' */
- res->neg= (num->neg^divisor->neg);
- if (!bn_wexpand(res,(loop+1))) goto err;
- res->top=loop;
- resp= &(res->d[loop-1]);
-
- /* space for temp */
- if (!bn_wexpand(tmp,(div_n+1))) goto err;
- if (BN_ucmp(&wnum,sdiv) >= 0)
+ if (no_branch)
{
- /* If BN_DEBUG_RAND is defined BN_ucmp changes (via
- * bn_pollute) the const bignum arguments =>
- * clean the values between top and max again */
- bn_clear_top2max(&wnum);
- bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
- *resp=1;
- }
- else
- res->top--;
- /* if res->top == 0 then clear the neg value otherwise decrease
- * the resp pointer */
- if (res->top == 0)
- res->neg = 0;
- else
- resp--;
-
- for (i=0; i<loop-1; i++, wnump--, resp--)
- {
- BN_ULONG q,l0;
- /* the first part of the loop uses the top two words of
- * snum and sdiv to calculate a BN_ULONG q such that
- * | wnum - sdiv * q | < sdiv */
-#if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
- BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
- q=bn_div_3_words(wnump,d1,d0);
-#else
- BN_ULONG n0,n1,rem=0;
-
- n0=wnump[0];
- n1=wnump[-1];
- if (n0 == d0)
- q=BN_MASK2;
- else /* n0 < d0 */
- {
-#ifdef BN_LLONG
- BN_ULLONG t2;
-
-#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
- q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
-#else
- q=bn_div_words(n0,n1,d0);
-#ifdef BN_DEBUG_LEVITTE
- fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n",
- n0, n1, d0, q);
-#endif
-#endif
-
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
- /*
- * rem doesn't have to be BN_ULLONG. The least we
- * know it's less that d0, isn't it?
- */
- rem=(n1-q*d0)&BN_MASK2;
-#endif
- t2=(BN_ULLONG)d1*q;
-
- for (;;)
- {
- if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
- break;
- q--;
- rem += d0;
- if (rem < d0) break; /* don't let rem overflow */
- t2 -= d1;
- }
-#else /* !BN_LLONG */
- BN_ULONG t2l,t2h;
-
- q=bn_div_words(n0,n1,d0);
-#ifdef BN_DEBUG_LEVITTE
- fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n",
- n0, n1, d0, q);
-#endif
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
- rem=(n1-q*d0)&BN_MASK2;
-#endif
-
-#if defined(BN_UMULT_LOHI)
- BN_UMULT_LOHI(t2l,t2h,d1,q);
-#elif defined(BN_UMULT_HIGH)
- t2l = d1 * q;
- t2h = BN_UMULT_HIGH(d1,q);
-#else
+ /* Since we don't know whether snum is larger than sdiv,
+ * we pad snum with enough zeroes without changing its
+ * value.
+ */
+ if (snum->top <= sdiv->top+1)
{
- BN_ULONG ql, qh;
- t2l=LBITS(d1); t2h=HBITS(d1);
- ql =LBITS(q); qh =HBITS(q);
- mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+ if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err;
+ for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0;
+ snum->top = sdiv->top + 2;
}
-#endif
-
- for (;;)
- {
- if ((t2h < rem) ||
- ((t2h == rem) && (t2l <= wnump[-2])))
- break;
- q--;
- rem += d0;
- if (rem < d0) break; /* don't let rem overflow */
- if (t2l < d1) t2h--; t2l -= d1;
- }
-#endif /* !BN_LLONG */
- }
-#endif /* !BN_DIV3W */
-
- l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
- tmp->d[div_n]=l0;
- wnum.d--;
- /* ingore top values of the bignums just sub the two
- * BN_ULONG arrays with bn_sub_words */
- if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1))
+ else
{
- /* Note: As we have considered only the leading
- * two BN_ULONGs in the calculation of q, sdiv * q
- * might be greater than wnum (but then (q-1) * sdiv
- * is less or equal than wnum)
- */
- q--;
- if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
- /* we can't have an overflow here (assuming
- * that q != 0, but if q == 0 then tmp is
- * zero anyway) */
- (*wnump)++;
+ if (bn_wexpand(snum, snum->top + 1) == NULL) goto err;
+ snum->d[snum->top] = 0;
+ snum->top ++;
}
- /* store part of the result */
- *resp = q;
- }
- bn_correct_top(snum);
- if (rm != NULL)
- {
- /* Keep a copy of the neg flag in num because if rm==num
- * BN_rshift() will overwrite it.
- */
- int neg = num->neg;
- BN_rshift(rm,snum,norm_shift);
- if (!BN_is_zero(rm))
- rm->neg = neg;
- bn_check_top(rm);
- }
- BN_CTX_end(ctx);
- return(1);
-err:
- bn_check_top(rm);
- BN_CTX_end(ctx);
- return(0);
- }
-
-
-/* BN_div_no_branch is a special version of BN_div. It does not contain
- * branches that may leak sensitive information.
- */
-static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
- const BIGNUM *divisor, BN_CTX *ctx)
- {
- int norm_shift,i,loop;
- BIGNUM *tmp,wnum,*snum,*sdiv,*res;
- BN_ULONG *resp,*wnump;
- BN_ULONG d0,d1;
- int num_n,div_n;
-
- bn_check_top(dv);
- bn_check_top(rm);
- /* bn_check_top(num); */ /* 'num' has been checked in BN_div() */
- bn_check_top(divisor);
-
- if (BN_is_zero(divisor))
- {
- BNerr(BN_F_BN_DIV_NO_BRANCH,BN_R_DIV_BY_ZERO);
- return(0);
- }
-
- BN_CTX_start(ctx);
- tmp=BN_CTX_get(ctx);
- snum=BN_CTX_get(ctx);
- sdiv=BN_CTX_get(ctx);
- if (dv == NULL)
- res=BN_CTX_get(ctx);
- else res=dv;
- if (sdiv == NULL || res == NULL) goto err;
-
- /* First we normalise the numbers */
- norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
- if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
- sdiv->neg=0;
- norm_shift+=BN_BITS2;
- if (!(BN_lshift(snum,num,norm_shift))) goto err;
- snum->neg=0;
-
- /* Since we don't know whether snum is larger than sdiv,
- * we pad snum with enough zeroes without changing its
- * value.
- */
- if (snum->top <= sdiv->top+1)
- {
- if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err;
- for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0;
- snum->top = sdiv->top + 2;
- }
- else
- {
- if (bn_wexpand(snum, snum->top + 1) == NULL) goto err;
- snum->d[snum->top] = 0;
- snum->top ++;
}
div_n=sdiv->top;
@@ -500,12 +284,27 @@ static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
/* Setup to 'res' */
res->neg= (num->neg^divisor->neg);
if (!bn_wexpand(res,(loop+1))) goto err;
- res->top=loop-1;
+ res->top=loop-no_branch;
resp= &(res->d[loop-1]);
/* space for temp */
if (!bn_wexpand(tmp,(div_n+1))) goto err;
+ if (!no_branch)
+ {
+ if (BN_ucmp(&wnum,sdiv) >= 0)
+ {
+ /* If BN_DEBUG_RAND is defined BN_ucmp changes (via
+ * bn_pollute) the const bignum arguments =>
+ * clean the values between top and max again */
+ bn_clear_top2max(&wnum);
+ bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
+ *resp=1;
+ }
+ else
+ res->top--;
+ }
+
/* if res->top == 0 then clear the neg value otherwise decrease
* the resp pointer */
if (res->top == 0)
@@ -638,7 +437,7 @@ X) -> 0x%08X\n",
rm->neg = neg;
bn_check_top(rm);
}
- bn_correct_top(res);
+ if (no_branch) bn_correct_top(res);
BN_CTX_end(ctx);
return(1);
err:
@@ -646,5 +445,4 @@ err:
BN_CTX_end(ctx);
return(0);
}
-
#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn_exp.c b/deps/openssl/openssl/crypto/bn/bn_exp.c
index d9b6c737f..2abf6fd67 100644
--- a/deps/openssl/openssl/crypto/bn/bn_exp.c
+++ b/deps/openssl/openssl/crypto/bn/bn_exp.c
@@ -113,6 +113,18 @@
#include "cryptlib.h"
#include "bn_lcl.h"
+#include <stdlib.h>
+#ifdef _WIN32
+# include <malloc.h>
+# ifndef alloca
+# define alloca _alloca
+# endif
+#elif defined(__GNUC__)
+# ifndef alloca
+# define alloca(s) __builtin_alloca((s))
+# endif
+#endif
+
/* maximum precomputation table size for *variable* sliding windows */
#define TABLE_SIZE 32
@@ -522,23 +534,17 @@ err:
* as cache lines are concerned. The following functions are used to transfer a BIGNUM
* from/to that table. */
-static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
+static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top, unsigned char *buf, int idx, int width)
{
size_t i, j;
- if (bn_wexpand(b, top) == NULL)
- return 0;
- while (b->top < top)
- {
- b->d[b->top++] = 0;
- }
-
+ if (top > b->top)
+ top = b->top; /* this works because 'buf' is explicitly zeroed */
for (i = 0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
{
buf[j] = ((unsigned char*)b->d)[i];
}
- bn_correct_top(b);
return 1;
}
@@ -561,7 +567,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf
/* Given a pointer value, compute the next address that is a cache line multiple. */
#define MOD_EXP_CTIME_ALIGN(x_) \
- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
/* This variant of BN_mod_exp_mont() uses fixed windows and the special
* precomputation memory layout to limit data-dependency to a minimum
@@ -572,17 +578,15 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
{
- int i,bits,ret=0,idx,window,wvalue;
+ int i,bits,ret=0,window,wvalue;
int top;
- BIGNUM *r;
- const BIGNUM *aa;
BN_MONT_CTX *mont=NULL;
int numPowers;
unsigned char *powerbufFree=NULL;
int powerbufLen = 0;
unsigned char *powerbuf=NULL;
- BIGNUM *computeTemp=NULL, *am=NULL;
+ BIGNUM tmp, am;
bn_check_top(a);
bn_check_top(p);
@@ -602,10 +606,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
return ret;
}
- /* Initialize BIGNUM context and allocate intermediate result */
BN_CTX_start(ctx);
- r = BN_CTX_get(ctx);
- if (r == NULL) goto err;
/* Allocate a montgomery context if it was not supplied by the caller.
* If this is not done, things will break in the montgomery part.
@@ -620,40 +621,154 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
/* Get the window size to use with size of p. */
window = BN_window_bits_for_ctime_exponent_size(bits);
+#if defined(OPENSSL_BN_ASM_MONT5)
+ if (window==6 && bits<=1024) window=5; /* ~5% improvement of 2048-bit RSA sign */
+#endif
/* Allocate a buffer large enough to hold all of the pre-computed
- * powers of a.
+ * powers of am, am itself and tmp.
*/
numPowers = 1 << window;
- powerbufLen = sizeof(m->d[0])*top*numPowers;
+ powerbufLen = sizeof(m->d[0])*(top*numPowers +
+ ((2*top)>numPowers?(2*top):numPowers));
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree = alloca(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
+ else
+#endif
if ((powerbufFree=(unsigned char*)OPENSSL_malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
goto err;
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
memset(powerbuf, 0, powerbufLen);
- /* Initialize the intermediate result. Do this early to save double conversion,
- * once each for a^0 and intermediate result.
- */
- if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers)) goto err;
+#ifdef alloca
+ if (powerbufLen < 3072)
+ powerbufFree = NULL;
+#endif
- /* Initialize computeTemp as a^1 with montgomery precalcs */
- computeTemp = BN_CTX_get(ctx);
- am = BN_CTX_get(ctx);
- if (computeTemp==NULL || am==NULL) goto err;
+ /* lay down tmp and am right after powers table */
+ tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0])*top*numPowers);
+ am.d = tmp.d + top;
+ tmp.top = am.top = 0;
+ tmp.dmax = am.dmax = top;
+ tmp.neg = am.neg = 0;
+ tmp.flags = am.flags = BN_FLG_STATIC_DATA;
+
+ /* prepare a^0 in Montgomery domain */
+#if 1
+ if (!BN_to_montgomery(&tmp,BN_value_one(),mont,ctx)) goto err;
+#else
+ tmp.d[0] = (0-m->d[0])&BN_MASK2; /* 2^(top*BN_BITS2) - m */
+ for (i=1;i<top;i++)
+ tmp.d[i] = (~m->d[i])&BN_MASK2;
+ tmp.top = top;
+#endif
+ /* prepare a^1 in Montgomery domain */
if (a->neg || BN_ucmp(a,m) >= 0)
{
- if (!BN_mod(am,a,m,ctx))
- goto err;
- aa= am;
+ if (!BN_mod(&am,a,m,ctx)) goto err;
+ if (!BN_to_montgomery(&am,&am,mont,ctx)) goto err;
}
- else
- aa=a;
- if (!BN_to_montgomery(am,aa,mont,ctx)) goto err;
- if (!BN_copy(computeTemp, am)) goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers)) goto err;
+ else if (!BN_to_montgomery(&am,a,mont,ctx)) goto err;
+
+#if defined(OPENSSL_BN_ASM_MONT5)
+ /* This optimization uses ideas from http://eprint.iacr.org/2011/239,
+ * specifically optimization of cache-timing attack countermeasures
+ * and pre-computation optimization. */
+
+ /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
+ * 512-bit RSA is hardly relevant, we omit it to spare size... */
+ if (window==5)
+ {
+ void bn_mul_mont_gather5(BN_ULONG *rp,const BN_ULONG *ap,
+ const void *table,const BN_ULONG *np,
+ const BN_ULONG *n0,int num,int power);
+ void bn_scatter5(const BN_ULONG *inp,size_t num,
+ void *table,size_t power);
+ void bn_gather5(BN_ULONG *out,size_t num,
+ void *table,size_t power);
+
+ BN_ULONG *np=mont->N.d, *n0=mont->n0;
+
+ /* BN_to_montgomery can contaminate words above .top
+ * [in BN_DEBUG[_DEBUG] build]... */
+ for (i=am.top; i<top; i++) am.d[i]=0;
+ for (i=tmp.top; i<top; i++) tmp.d[i]=0;
+
+ bn_scatter5(tmp.d,top,powerbuf,0);
+ bn_scatter5(am.d,am.top,powerbuf,1);
+ bn_mul_mont(tmp.d,am.d,am.d,np,n0,top);
+ bn_scatter5(tmp.d,top,powerbuf,2);
+
+#if 0
+ for (i=3; i<32; i++)
+ {
+ /* Calculate a^i = a^(i-1) * a */
+ bn_mul_mont_gather5(tmp.d,am.d,powerbuf,np,n0,top,i-1);
+ bn_scatter5(tmp.d,top,powerbuf,i);
+ }
+#else
+ /* same as above, but uses squaring for 1/2 of operations */
+ for (i=4; i<32; i*=2)
+ {
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_scatter5(tmp.d,top,powerbuf,i);
+ }
+ for (i=3; i<8; i+=2)
+ {
+ int j;
+ bn_mul_mont_gather5(tmp.d,am.d,powerbuf,np,n0,top,i-1);
+ bn_scatter5(tmp.d,top,powerbuf,i);
+ for (j=2*i; j<32; j*=2)
+ {
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_scatter5(tmp.d,top,powerbuf,j);
+ }
+ }
+ for (; i<16; i+=2)
+ {
+ bn_mul_mont_gather5(tmp.d,am.d,powerbuf,np,n0,top,i-1);
+ bn_scatter5(tmp.d,top,powerbuf,i);
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_scatter5(tmp.d,top,powerbuf,2*i);
+ }
+ for (; i<32; i+=2)
+ {
+ bn_mul_mont_gather5(tmp.d,am.d,powerbuf,np,n0,top,i-1);
+ bn_scatter5(tmp.d,top,powerbuf,i);
+ }
+#endif
+ bits--;
+ for (wvalue=0, i=bits%5; i>=0; i--,bits--)
+ wvalue = (wvalue<<1)+BN_is_bit_set(p,bits);
+ bn_gather5(tmp.d,top,powerbuf,wvalue);
+
+ /* Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0)
+ {
+ for (wvalue=0, i=0; i<5; i++,bits--)
+ wvalue = (wvalue<<1)+BN_is_bit_set(p,bits);
+
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_mul_mont(tmp.d,tmp.d,tmp.d,np,n0,top);
+ bn_mul_mont_gather5(tmp.d,tmp.d,powerbuf,np,n0,top,wvalue);
+ }
+
+ tmp.top=top;
+ bn_correct_top(&tmp);
+ }
+ else
+#endif
+ {
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, numPowers)) goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, numPowers)) goto err;
/* If the window size is greater than 1, then calculate
* val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
@@ -662,62 +777,54 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
*/
if (window > 1)
{
- for (i=2; i<numPowers; i++)
+ if (!BN_mod_mul_montgomery(&tmp,&am,&am,mont,ctx)) goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2, numPowers)) goto err;
+ for (i=3; i<numPowers; i++)
{
/* Calculate a^i = a^(i-1) * a */
- if (!BN_mod_mul_montgomery(computeTemp,am,computeTemp,mont,ctx))
+ if (!BN_mod_mul_montgomery(&tmp,&am,&tmp,mont,ctx))
goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i, numPowers)) goto err;
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i, numPowers)) goto err;
}
}
- /* Adjust the number of bits up to a multiple of the window size.
- * If the exponent length is not a multiple of the window size, then
- * this pads the most significant bits with zeros to normalize the
- * scanning loop to there's no special cases.
- *
- * * NOTE: Making the window size a power of two less than the native
- * * word size ensures that the padded bits won't go past the last
- * * word in the internal BIGNUM structure. Going past the end will
- * * still produce the correct result, but causes a different branch
- * * to be taken in the BN_is_bit_set function.
- */
- bits = ((bits+window-1)/window)*window;
- idx=bits-1; /* The top bit of the window */
-
- /* Scan the exponent one window at a time starting from the most
- * significant bits.
- */
- while (idx >= 0)
+ bits--;
+ for (wvalue=0, i=bits%window; i>=0; i--,bits--)
+ wvalue = (wvalue<<1)+BN_is_bit_set(p,bits);
+ if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp,top,powerbuf,wvalue,numPowers)) goto err;
+
+ /* Scan the exponent one window at a time starting from the most
+ * significant bits.
+ */
+ while (bits >= 0)
{
wvalue=0; /* The 'value' of the window */
/* Scan the window, squaring the result as we go */
- for (i=0; i<window; i++,idx--)
+ for (i=0; i<window; i++,bits--)
{
- if (!BN_mod_mul_montgomery(r,r,r,mont,ctx)) goto err;
- wvalue = (wvalue<<1)+BN_is_bit_set(p,idx);
+ if (!BN_mod_mul_montgomery(&tmp,&tmp,&tmp,mont,ctx)) goto err;
+ wvalue = (wvalue<<1)+BN_is_bit_set(p,bits);
}
/* Fetch the appropriate pre-computed value from the pre-buf */
- if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(computeTemp, top, powerbuf, wvalue, numPowers)) goto err;
+ if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf, wvalue, numPowers)) goto err;
/* Multiply the result into the intermediate result */
- if (!BN_mod_mul_montgomery(r,r,computeTemp,mont,ctx)) goto err;
+ if (!BN_mod_mul_montgomery(&tmp,&tmp,&am,mont,ctx)) goto err;
}
+ }
/* Convert the final result from montgomery to standard format */
- if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
+ if (!BN_from_montgomery(rr,&tmp,mont,ctx)) goto err;
ret=1;
err:
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
if (powerbuf!=NULL)
{
OPENSSL_cleanse(powerbuf,powerbufLen);
- OPENSSL_free(powerbufFree);
+ if (powerbufFree) OPENSSL_free(powerbufFree);
}
- if (am!=NULL) BN_clear(am);
- if (computeTemp!=NULL) BN_clear(computeTemp);
BN_CTX_end(ctx);
return(ret);
}
@@ -988,4 +1095,3 @@ err:
bn_check_top(r);
return(ret);
}
-
diff --git a/deps/openssl/openssl/crypto/bn/bn_gcd.c b/deps/openssl/openssl/crypto/bn/bn_gcd.c
index 4a352119b..a808f5317 100644
--- a/deps/openssl/openssl/crypto/bn/bn_gcd.c
+++ b/deps/openssl/openssl/crypto/bn/bn_gcd.c
@@ -205,6 +205,7 @@ err:
/* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+
BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{
diff --git a/deps/openssl/openssl/crypto/bn/bn_gf2m.c b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
index 432a3aa33..8a4dc20ad 100644
--- a/deps/openssl/openssl/crypto/bn/bn_gf2m.c
+++ b/deps/openssl/openssl/crypto/bn/bn_gf2m.c
@@ -94,6 +94,8 @@
#include "cryptlib.h"
#include "bn_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
/* Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should fail. */
#define MAX_ITERATIONS 50
@@ -122,6 +124,7 @@ static const BN_ULONG SQR_tb[16] =
SQR_tb[(w) >> 4 & 0xF] << 8 | SQR_tb[(w) & 0xF]
#endif
+#if !defined(OPENSSL_BN_ASM_GF2m)
/* Product of two polynomials a, b each with degree < BN_BITS2 - 1,
* result is a polynomial r with degree < 2 * BN_BITS - 1
* The caller MUST ensure that the variables have the right amount
@@ -216,7 +219,9 @@ static void bn_GF2m_mul_2x2(BN_ULONG *r, const BN_ULONG a1, const BN_ULONG a0, c
r[2] ^= m1 ^ r[1] ^ r[3]; /* h0 ^= m1 ^ l1 ^ h1; */
r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
}
-
+#else
+void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1, BN_ULONG b0);
+#endif
/* Add polynomials a and b and store result in r; r could be a or b, a and b
* could be equal; r is the bitwise XOR of a and b.
@@ -360,21 +365,17 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
{
int ret = 0;
- const int max = BN_num_bits(p) + 1;
- int *arr=NULL;
+ int arr[6];
bn_check_top(a);
bn_check_top(p);
- if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
- ret = BN_GF2m_poly2arr(p, arr, max);
- if (!ret || ret > max)
+ ret = BN_GF2m_poly2arr(p, arr, sizeof(arr)/sizeof(arr[0]));
+ if (!ret || ret > (int)(sizeof(arr)/sizeof(arr[0])))
{
BNerr(BN_F_BN_GF2M_MOD,BN_R_INVALID_LENGTH);
- goto err;
+ return 0;
}
ret = BN_GF2m_mod_arr(r, a, arr);
bn_check_top(r);
-err:
- if (arr) OPENSSL_free(arr);
return ret;
}
@@ -521,7 +522,7 @@ err:
*/
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
- BIGNUM *b, *c, *u, *v, *tmp;
+ BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp;
int ret = 0;
bn_check_top(a);
@@ -529,18 +530,18 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
BN_CTX_start(ctx);
- b = BN_CTX_get(ctx);
- c = BN_CTX_get(ctx);
- u = BN_CTX_get(ctx);
- v = BN_CTX_get(ctx);
- if (v == NULL) goto err;
+ if ((b = BN_CTX_get(ctx))==NULL) goto err;
+ if ((c = BN_CTX_get(ctx))==NULL) goto err;
+ if ((u = BN_CTX_get(ctx))==NULL) goto err;
+ if ((v = BN_CTX_get(ctx))==NULL) goto err;
- if (!BN_one(b)) goto err;
if (!BN_GF2m_mod(u, a, p)) goto err;
- if (!BN_copy(v, p)) goto err;
-
if (BN_is_zero(u)) goto err;
+ if (!BN_copy(v, p)) goto err;
+#if 0
+ if (!BN_one(b)) goto err;
+
while (1)
{
while (!BN_is_odd(u))
@@ -565,13 +566,89 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (!BN_GF2m_add(u, u, v)) goto err;
if (!BN_GF2m_add(b, b, c)) goto err;
}
+#else
+ {
+ int i, ubits = BN_num_bits(u),
+ vbits = BN_num_bits(v), /* v is copy of p */
+ top = p->top;
+ BN_ULONG *udp,*bdp,*vdp,*cdp;
+
+ bn_wexpand(u,top); udp = u->d;
+ for (i=u->top;i<top;i++) udp[i] = 0;
+ u->top = top;
+ bn_wexpand(b,top); bdp = b->d;
+ bdp[0] = 1;
+ for (i=1;i<top;i++) bdp[i] = 0;
+ b->top = top;
+ bn_wexpand(c,top); cdp = c->d;
+ for (i=0;i<top;i++) cdp[i] = 0;
+ c->top = top;
+ vdp = v->d; /* It pays off to "cache" *->d pointers, because
+ * it allows optimizer to be more aggressive.
+ * But we don't have to "cache" p->d, because *p
+ * is declared 'const'... */
+ while (1)
+ {
+ while (ubits && !(udp[0]&1))
+ {
+ BN_ULONG u0,u1,b0,b1,mask;
+
+ u0 = udp[0];
+ b0 = bdp[0];
+ mask = (BN_ULONG)0-(b0&1);
+ b0 ^= p->d[0]&mask;
+ for (i=0;i<top-1;i++)
+ {
+ u1 = udp[i+1];
+ udp[i] = ((u0>>1)|(u1<<(BN_BITS2-1)))&BN_MASK2;
+ u0 = u1;
+ b1 = bdp[i+1]^(p->d[i+1]&mask);
+ bdp[i] = ((b0>>1)|(b1<<(BN_BITS2-1)))&BN_MASK2;
+ b0 = b1;
+ }
+ udp[i] = u0>>1;
+ bdp[i] = b0>>1;
+ ubits--;
+ }
+ if (ubits<=BN_BITS2 && udp[0]==1) break;
+
+ if (ubits<vbits)
+ {
+ i = ubits; ubits = vbits; vbits = i;
+ tmp = u; u = v; v = tmp;
+ tmp = b; b = c; c = tmp;
+ udp = vdp; vdp = v->d;
+ bdp = cdp; cdp = c->d;
+ }
+ for(i=0;i<top;i++)
+ {
+ udp[i] ^= vdp[i];
+ bdp[i] ^= cdp[i];
+ }
+ if (ubits==vbits)
+ {
+ BN_ULONG ul;
+ int utop = (ubits-1)/BN_BITS2;
+
+ while ((ul=udp[utop])==0 && utop) utop--;
+ ubits = utop*BN_BITS2 + BN_num_bits_word(ul);
+ }
+ }
+ bn_correct_top(b);
+ }
+#endif
if (!BN_copy(r, b)) goto err;
bn_check_top(r);
ret = 1;
err:
+#ifdef BN_DEBUG /* BN_CTX_end would complain about the expanded form */
+ bn_correct_top(c);
+ bn_correct_top(u);
+ bn_correct_top(v);
+#endif
BN_CTX_end(ctx);
return ret;
}
@@ -1033,3 +1110,4 @@ int BN_GF2m_arr2poly(const int p[], BIGNUM *a)
return 1;
}
+#endif
diff --git a/deps/openssl/openssl/crypto/bn/bn_lcl.h b/deps/openssl/openssl/crypto/bn/bn_lcl.h
index 8e5e98e3f..817c773b6 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lcl.h
+++ b/deps/openssl/openssl/crypto/bn/bn_lcl.h
@@ -238,7 +238,7 @@ extern "C" {
# if defined(__DECC)
# include <c_asm.h>
# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-# elif defined(__GNUC__)
+# elif defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \
asm ("umulh %1,%2,%0" \
@@ -247,7 +247,7 @@ extern "C" {
ret; })
# endif /* compiler */
# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-# if defined(__GNUC__)
+# if defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \
asm ("mulhdu %0,%1,%2" \
@@ -257,7 +257,7 @@ extern "C" {
# endif /* compiler */
# elif (defined(__x86_64) || defined(__x86_64__)) && \
(defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
-# if defined(__GNUC__)
+# if defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret,discard; \
asm ("mulq %3" \
@@ -280,6 +280,26 @@ extern "C" {
# define BN_UMULT_HIGH(a,b) __umulh((a),(b))
# define BN_UMULT_LOHI(low,high,a,b) ((low)=_umul128((a),(b),&(high)))
# endif
+# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
+# if defined(__GNUC__) && __GNUC__>=2
+# if __GNUC__>=4 && __GNUC_MINOR__>=4 /* "h" constraint is no more since 4.4 */
+# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
+# define BN_UMULT_LOHI(low,high,a,b) ({ \
+ __uint128_t ret=(__uint128_t)(a)*(b); \
+ (high)=ret>>64; (low)=ret; })
+# else
+# define BN_UMULT_HIGH(a,b) ({ \
+ register BN_ULONG ret; \
+ asm ("dmultu %1,%2" \
+ : "=h"(ret) \
+ : "r"(a), "r"(b) : "l"); \
+ ret; })
+# define BN_UMULT_LOHI(low,high,a,b)\
+ asm ("dmultu %2,%3" \
+ : "=l"(low),"=h"(high) \
+ : "r"(a), "r"(b));
+# endif
+# endif
# endif /* cpu */
#endif /* OPENSSL_NO_ASM */
@@ -459,6 +479,10 @@ extern "C" {
}
#endif /* !BN_LLONG */
+#if defined(OPENSSL_DOING_MAKEDEPEND) && defined(OPENSSL_FIPS)
+#undef bn_div_words
+#endif
+
void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
diff --git a/deps/openssl/openssl/crypto/bn/bn_lib.c b/deps/openssl/openssl/crypto/bn/bn_lib.c
index 5470fbe6e..7a5676de6 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lib.c
+++ b/deps/openssl/openssl/crypto/bn/bn_lib.c
@@ -139,25 +139,6 @@ const BIGNUM *BN_value_one(void)
return(&const_one);
}
-char *BN_options(void)
- {
- static int init=0;
- static char data[16];
-
- if (!init)
- {
- init++;
-#ifdef BN_LLONG
- BIO_snprintf(data,sizeof data,"bn(%d,%d)",
- (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
-#else
- BIO_snprintf(data,sizeof data,"bn(%d,%d)",
- (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
-#endif
- }
- return(data);
- }
-
int BN_num_bits_word(BN_ULONG l)
{
static const unsigned char bits[256]={
diff --git a/deps/openssl/openssl/crypto/bn/bn_mont.c b/deps/openssl/openssl/crypto/bn/bn_mont.c
index 1a866880f..427b5cf4d 100644
--- a/deps/openssl/openssl/crypto/bn/bn_mont.c
+++ b/deps/openssl/openssl/crypto/bn/bn_mont.c
@@ -177,31 +177,26 @@ err:
static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
{
BIGNUM *n;
- BN_ULONG *ap,*np,*rp,n0,v,*nrp;
- int al,nl,max,i,x,ri;
+ BN_ULONG *ap,*np,*rp,n0,v,carry;
+ int nl,max,i;
n= &(mont->N);
- /* mont->ri is the size of mont->N in bits (rounded up
- to the word size) */
- al=ri=mont->ri/BN_BITS2;
-
nl=n->top;
- if ((al == 0) || (nl == 0)) { ret->top=0; return(1); }
+ if (nl == 0) { ret->top=0; return(1); }
- max=(nl+al+1); /* allow for overflow (no?) XXX */
+ max=(2*nl); /* carry is stored separately */
if (bn_wexpand(r,max) == NULL) return(0);
r->neg^=n->neg;
np=n->d;
rp=r->d;
- nrp= &(r->d[nl]);
/* clear the top words of T */
#if 1
for (i=r->top; i<max; i++) /* memset? XXX */
- r->d[i]=0;
+ rp[i]=0;
#else
- memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
+ memset(&(rp[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
#endif
r->top=max;
@@ -210,7 +205,7 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
#ifdef BN_COUNT
fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl);
#endif
- for (i=0; i<nl; i++)
+ for (carry=0, i=0; i<nl; i++, rp++)
{
#ifdef __TANDEM
{
@@ -228,61 +223,33 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
#else
v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
#endif
- nrp++;
- rp++;
- if (((nrp[-1]+=v)&BN_MASK2) >= v)
- continue;
- else
- {
- if (((++nrp[0])&BN_MASK2) != 0) continue;
- if (((++nrp[1])&BN_MASK2) != 0) continue;
- for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ;
- }
- }
- bn_correct_top(r);
-
- /* mont->ri will be a multiple of the word size and below code
- * is kind of BN_rshift(ret,r,mont->ri) equivalent */
- if (r->top <= ri)
- {
- ret->top=0;
- return(1);
+ v = (v+carry+rp[nl])&BN_MASK2;
+ carry |= (v != rp[nl]);
+ carry &= (v <= rp[nl]);
+ rp[nl]=v;
}
- al=r->top-ri;
-#define BRANCH_FREE 1
-#if BRANCH_FREE
- if (bn_wexpand(ret,ri) == NULL) return(0);
- x=0-(((al-ri)>>(sizeof(al)*8-1))&1);
- ret->top=x=(ri&~x)|(al&x); /* min(ri,al) */
+ if (bn_wexpand(ret,nl) == NULL) return(0);
+ ret->top=nl;
ret->neg=r->neg;
rp=ret->d;
- ap=&(r->d[ri]);
+ ap=&(r->d[nl]);
+#define BRANCH_FREE 1
+#if BRANCH_FREE
{
- size_t m1,m2;
-
- v=bn_sub_words(rp,ap,np,ri);
- /* this ----------------^^ works even in al<ri case
- * thanks to zealous zeroing of top of the vector in the
- * beginning. */
+ BN_ULONG *nrp;
+ size_t m;
- /* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
- /* in other words if subtraction result is real, then
+ v=bn_sub_words(rp,ap,np,nl)-carry;
+ /* if subtraction result is real, then
* trick unconditional memcpy below to perform in-place
* "refresh" instead of actual copy. */
- m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1); /* al<ri */
- m2=0-(size_t)(((ri-al)>>(sizeof(al)*8-1))&1); /* al>ri */
- m1|=m2; /* (al!=ri) */
- m1|=(0-(size_t)v); /* (al!=ri || v) */
- m1&=~m2; /* (al!=ri || v) && !al>ri */
- nrp=(BN_ULONG *)(((PTR_SIZE_INT)rp&~m1)|((PTR_SIZE_INT)ap&m1));
- }
+ m=(0-(size_t)v);
+ nrp=(BN_ULONG *)(((PTR_SIZE_INT)rp&~m)|((PTR_SIZE_INT)ap&m));
- /* 'i<ri' is chosen to eliminate dependency on input data, even
- * though it results in redundant copy in al<ri case. */
- for (i=0,ri-=4; i<ri; i+=4)
+ for (i=0,nl-=4; i<nl; i+=4)
{
BN_ULONG t1,t2,t3,t4;
@@ -295,40 +262,15 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
rp[i+2]=t3;
rp[i+3]=t4;
}
- for (ri+=4; i<ri; i++)
+ for (nl+=4; i<nl; i++)
rp[i]=nrp[i], ap[i]=0;
- bn_correct_top(r);
- bn_correct_top(ret);
+ }
#else
- if (bn_wexpand(ret,al) == NULL) return(0);
- ret->top=al;
- ret->neg=r->neg;
-
- rp=ret->d;
- ap=&(r->d[ri]);
- al-=4;
- for (i=0; i<al; i+=4)
- {
- BN_ULONG t1,t2,t3,t4;
-
- t1=ap[i+0];
- t2=ap[i+1];
- t3=ap[i+2];
- t4=ap[i+3];
- rp[i+0]=t1;
- rp[i+1]=t2;
- rp[i+2]=t3;
- rp[i+3]=t4;
- }
- al+=4;
- for (; i<al; i++)
- rp[i]=ap[i];
-
- if (BN_ucmp(ret, &(mont->N)) >= 0)
- {
- if (!BN_usub(ret,ret,&(mont->N))) return(0);
- }
+ if (bn_sub_words (rp,ap,np,nl)-carry)
+ memcpy(rp,ap,nl*sizeof(BN_ULONG));
#endif
+ bn_correct_top(r);
+ bn_correct_top(ret);
bn_check_top(ret);
return(1);
diff --git a/deps/openssl/openssl/crypto/bn/bn_nist.c b/deps/openssl/openssl/crypto/bn/bn_nist.c
index c6de03269..43caee477 100644
--- a/deps/openssl/openssl/crypto/bn/bn_nist.c
+++ b/deps/openssl/openssl/crypto/bn/bn_nist.c
@@ -319,6 +319,13 @@ static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
:(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
#define bn_32_set_0(to, n) (((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
#define bn_cp_32(to,n,from,m) ((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
+# if defined(L_ENDIAN)
+# if defined(__arch64__)
+# define NIST_INT64 long
+# else
+# define NIST_INT64 long long
+# endif
+# endif
#else
#define bn_cp_64(to, n, from, m) \
{ \
@@ -330,13 +337,15 @@ static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
bn_32_set_0(to, (n)*2); \
bn_32_set_0(to, (n)*2+1); \
}
-#if BN_BITS2 == 32
#define bn_cp_32(to, n, from, m) (to)[n] = (m>=0)?((from)[m]):0;
#define bn_32_set_0(to, n) (to)[n] = (BN_ULONG)0;
-#endif
+# if defined(_WIN32) && !defined(__GNUC__)
+# define NIST_INT64 __int64
+# elif defined(BN_LLONG)
+# define NIST_INT64 long long
+# endif
#endif /* BN_BITS2 != 64 */
-
#define nist_set_192(to, from, a1, a2, a3) \
{ \
bn_cp_64(to, 0, from, (a3) - 3) \
@@ -350,9 +359,11 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
int top = a->top, i;
int carry;
register BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_192_TOP],
- buf[BN_NIST_192_TOP],
- c_d[BN_NIST_192_TOP],
+ union {
+ BN_ULONG bn[BN_NIST_192_TOP];
+ unsigned int ui[BN_NIST_192_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_192_TOP],
*res;
PTR_SIZE_INT mask;
static const BIGNUM _bignum_nist_p_192_sqr = {
@@ -385,15 +396,48 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP);
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP);
+
+#if defined(NIST_INT64)
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp=(unsigned int *)r_d;
+ const unsigned int *bp=(const unsigned int *)buf.ui;
+
+ acc = rp[0]; acc += bp[3*2-6];
+ acc += bp[5*2-6]; rp[0] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[1]; acc += bp[3*2-5];
+ acc += bp[5*2-5]; rp[1] = (unsigned int)acc; acc >>= 32;
- nist_set_192(t_d, buf, 0, 3, 3);
+ acc += rp[2]; acc += bp[3*2-6];
+ acc += bp[4*2-6];
+ acc += bp[5*2-6]; rp[2] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[3]; acc += bp[3*2-5];
+ acc += bp[4*2-5];
+ acc += bp[5*2-5]; rp[3] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[4]; acc += bp[4*2-6];
+ acc += bp[5*2-6]; rp[4] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[5]; acc += bp[4*2-5];
+ acc += bp[5*2-5]; rp[5] = (unsigned int)acc;
+
+ carry = (int)(acc>>32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_192_TOP];
+
+ nist_set_192(t_d, buf.bn, 0, 3, 3);
carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
- nist_set_192(t_d, buf, 4, 4, 0);
+ nist_set_192(t_d, buf.bn, 4, 4, 0);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
- nist_set_192(t_d, buf, 5, 5, 5)
+ nist_set_192(t_d, buf.bn, 5, 5, 5)
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-
+ }
+#endif
if (carry > 0)
carry = (int)bn_sub_words(r_d,r_d,_nist_p_192[carry-1],BN_NIST_192_TOP);
else
@@ -435,8 +479,7 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
int top = a->top, i;
int carry;
BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_224_TOP],
- buf[BN_NIST_224_TOP],
+ BN_ULONG buf[BN_NIST_224_TOP],
c_d[BN_NIST_224_TOP],
*res;
PTR_SIZE_INT mask;
@@ -474,14 +517,54 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
#if BN_BITS2==64
/* copy upper 256 bits of 448 bit number ... */
- nist_cp_bn_0(t_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
+ nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
/* ... and right shift by 32 to obtain upper 224 bits */
- nist_set_224(buf, t_d, 14, 13, 12, 11, 10, 9, 8);
+ nist_set_224(buf, c_d, 14, 13, 12, 11, 10, 9, 8);
/* truncate lower part to 224 bits too */
r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
#else
nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
#endif
+
+#if defined(NIST_INT64) && BN_BITS2!=64
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp=(unsigned int *)r_d;
+ const unsigned int *bp=(const unsigned int *)buf;
+
+ acc = rp[0]; acc -= bp[7-7];
+ acc -= bp[11-7]; rp[0] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[1]; acc -= bp[8-7];
+ acc -= bp[12-7]; rp[1] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[2]; acc -= bp[9-7];
+ acc -= bp[13-7]; rp[2] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[3]; acc += bp[7-7];
+ acc += bp[11-7];
+ acc -= bp[10-7]; rp[3] = (unsigned int)acc; acc>>= 32;
+
+ acc += rp[4]; acc += bp[8-7];
+ acc += bp[12-7];
+ acc -= bp[11-7]; rp[4] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[5]; acc += bp[9-7];
+ acc += bp[13-7];
+ acc -= bp[12-7]; rp[5] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[6]; acc += bp[10-7];
+ acc -= bp[13-7]; rp[6] = (unsigned int)acc;
+
+ carry = (int)(acc>>32);
+# if BN_BITS2==64
+ rp[7] = carry;
+# endif
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_224_TOP];
+
nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
@@ -494,6 +577,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
#if BN_BITS2==64
carry = (int)(r_d[BN_NIST_224_TOP-1]>>32);
#endif
+ }
+#endif
u.f = bn_sub_words;
if (carry > 0)
{
@@ -548,9 +633,11 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
int i, top = a->top;
int carry = 0;
register BN_ULONG *a_d = a->d, *r_d;
- BN_ULONG t_d[BN_NIST_256_TOP],
- buf[BN_NIST_256_TOP],
- c_d[BN_NIST_256_TOP],
+ union {
+ BN_ULONG bn[BN_NIST_256_TOP];
+ unsigned int ui[BN_NIST_256_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_256_TOP],
*res;
PTR_SIZE_INT mask;
union { bn_addsub_f f; PTR_SIZE_INT p; } u;
@@ -584,12 +671,87 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP, BN_NIST_256_TOP);
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP, BN_NIST_256_TOP);
+
+#if defined(NIST_INT64)
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp=(unsigned int *)r_d;
+ const unsigned int *bp=(const unsigned int *)buf.ui;
+
+ acc = rp[0]; acc += bp[8-8];
+ acc += bp[9-8];
+ acc -= bp[11-8];
+ acc -= bp[12-8];
+ acc -= bp[13-8];
+ acc -= bp[14-8]; rp[0] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[1]; acc += bp[9-8];
+ acc += bp[10-8];
+ acc -= bp[12-8];
+ acc -= bp[13-8];
+ acc -= bp[14-8];
+ acc -= bp[15-8]; rp[1] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[2]; acc += bp[10-8];
+ acc += bp[11-8];
+ acc -= bp[13-8];
+ acc -= bp[14-8];
+ acc -= bp[15-8]; rp[2] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[3]; acc += bp[11-8];
+ acc += bp[11-8];
+ acc += bp[12-8];
+ acc += bp[12-8];
+ acc += bp[13-8];
+ acc -= bp[15-8];
+ acc -= bp[8-8];
+ acc -= bp[9-8]; rp[3] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[4]; acc += bp[12-8];
+ acc += bp[12-8];
+ acc += bp[13-8];
+ acc += bp[13-8];
+ acc += bp[14-8];
+ acc -= bp[9-8];
+ acc -= bp[10-8]; rp[4] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[5]; acc += bp[13-8];
+ acc += bp[13-8];
+ acc += bp[14-8];
+ acc += bp[14-8];
+ acc += bp[15-8];
+ acc -= bp[10-8];
+ acc -= bp[11-8]; rp[5] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[6]; acc += bp[14-8];
+ acc += bp[14-8];
+ acc += bp[15-8];
+ acc += bp[15-8];
+ acc += bp[14-8];
+ acc += bp[13-8];
+ acc -= bp[8-8];
+ acc -= bp[9-8]; rp[6] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[7]; acc += bp[15-8];
+ acc += bp[15-8];
+ acc += bp[15-8];
+ acc += bp[8 -8];
+ acc -= bp[10-8];
+ acc -= bp[11-8];
+ acc -= bp[12-8];
+ acc -= bp[13-8]; rp[7] = (unsigned int)acc;
+
+ carry = (int)(acc>>32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_256_TOP];
/*S1*/
- nist_set_256(t_d, buf, 15, 14, 13, 12, 11, 0, 0, 0);
+ nist_set_256(t_d, buf.bn, 15, 14, 13, 12, 11, 0, 0, 0);
/*S2*/
- nist_set_256(c_d, buf, 0, 15, 14, 13, 12, 0, 0, 0);
+ nist_set_256(c_d, buf.bn, 0, 15, 14, 13, 12, 0, 0, 0);
carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
/* left shift */
{
@@ -607,24 +769,26 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
}
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*S3*/
- nist_set_256(t_d, buf, 15, 14, 0, 0, 0, 10, 9, 8);
+ nist_set_256(t_d, buf.bn, 15, 14, 0, 0, 0, 10, 9, 8);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*S4*/
- nist_set_256(t_d, buf, 8, 13, 15, 14, 13, 11, 10, 9);
+ nist_set_256(t_d, buf.bn, 8, 13, 15, 14, 13, 11, 10, 9);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*D1*/
- nist_set_256(t_d, buf, 10, 8, 0, 0, 0, 13, 12, 11);
+ nist_set_256(t_d, buf.bn, 10, 8, 0, 0, 0, 13, 12, 11);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*D2*/
- nist_set_256(t_d, buf, 11, 9, 0, 0, 15, 14, 13, 12);
+ nist_set_256(t_d, buf.bn, 11, 9, 0, 0, 15, 14, 13, 12);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*D3*/
- nist_set_256(t_d, buf, 12, 0, 10, 9, 8, 15, 14, 13);
+ nist_set_256(t_d, buf.bn, 12, 0, 10, 9, 8, 15, 14, 13);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
/*D4*/
- nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14);
+ nist_set_256(t_d, buf.bn, 13, 0, 11, 10, 9, 0, 15, 14);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+ }
+#endif
/* see BN_nist_mod_224 for explanation */
u.f = bn_sub_words;
if (carry > 0)
@@ -672,9 +836,11 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
int i, top = a->top;
int carry = 0;
register BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG t_d[BN_NIST_384_TOP],
- buf[BN_NIST_384_TOP],
- c_d[BN_NIST_384_TOP],
+ union {
+ BN_ULONG bn[BN_NIST_384_TOP];
+ unsigned int ui[BN_NIST_384_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_384_TOP],
*res;
PTR_SIZE_INT mask;
union { bn_addsub_f f; PTR_SIZE_INT p; } u;
@@ -709,10 +875,100 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
else
r_d = a_d;
- nist_cp_bn_0(buf, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP, BN_NIST_384_TOP);
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP, BN_NIST_384_TOP);
+
+#if defined(NIST_INT64)
+ {
+ NIST_INT64 acc; /* accumulator */
+ unsigned int *rp=(unsigned int *)r_d;
+ const unsigned int *bp=(const unsigned int *)buf.ui;
+
+ acc = rp[0]; acc += bp[12-12];
+ acc += bp[21-12];
+ acc += bp[20-12];
+ acc -= bp[23-12]; rp[0] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[1]; acc += bp[13-12];
+ acc += bp[22-12];
+ acc += bp[23-12];
+ acc -= bp[12-12];
+ acc -= bp[20-12]; rp[1] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[2]; acc += bp[14-12];
+ acc += bp[23-12];
+ acc -= bp[13-12];
+ acc -= bp[21-12]; rp[2] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[3]; acc += bp[15-12];
+ acc += bp[12-12];
+ acc += bp[20-12];
+ acc += bp[21-12];
+ acc -= bp[14-12];
+ acc -= bp[22-12];
+ acc -= bp[23-12]; rp[3] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[4]; acc += bp[21-12];
+ acc += bp[21-12];
+ acc += bp[16-12];
+ acc += bp[13-12];
+ acc += bp[12-12];
+ acc += bp[20-12];
+ acc += bp[22-12];
+ acc -= bp[15-12];
+ acc -= bp[23-12];
+ acc -= bp[23-12]; rp[4] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[5]; acc += bp[22-12];
+ acc += bp[22-12];
+ acc += bp[17-12];
+ acc += bp[14-12];
+ acc += bp[13-12];
+ acc += bp[21-12];
+ acc += bp[23-12];
+ acc -= bp[16-12]; rp[5] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[6]; acc += bp[23-12];
+ acc += bp[23-12];
+ acc += bp[18-12];
+ acc += bp[15-12];
+ acc += bp[14-12];
+ acc += bp[22-12];
+ acc -= bp[17-12]; rp[6] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[7]; acc += bp[19-12];
+ acc += bp[16-12];
+ acc += bp[15-12];
+ acc += bp[23-12];
+ acc -= bp[18-12]; rp[7] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[8]; acc += bp[20-12];
+ acc += bp[17-12];
+ acc += bp[16-12];
+ acc -= bp[19-12]; rp[8] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[9]; acc += bp[21-12];
+ acc += bp[18-12];
+ acc += bp[17-12];
+ acc -= bp[20-12]; rp[9] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[10]; acc += bp[22-12];
+ acc += bp[19-12];
+ acc += bp[18-12];
+ acc -= bp[21-12]; rp[10] = (unsigned int)acc; acc >>= 32;
+
+ acc += rp[11]; acc += bp[23-12];
+ acc += bp[20-12];
+ acc += bp[19-12];
+ acc -= bp[22-12]; rp[11] = (unsigned int)acc;
+
+ carry = (int)(acc>>32);
+ }
+#else
+ {
+ BN_ULONG t_d[BN_NIST_384_TOP];
/*S1*/
- nist_set_256(t_d, buf, 0, 0, 0, 0, 0, 23-4, 22-4, 21-4);
+ nist_set_256(t_d, buf.bn, 0, 0, 0, 0, 0, 23-4, 22-4, 21-4);
/* left shift */
{
register BN_ULONG *ap,t,c;
@@ -729,29 +985,31 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
carry = (int)bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2),
t_d, BN_NIST_256_TOP);
/*S2 */
- carry += (int)bn_add_words(r_d, r_d, buf, BN_NIST_384_TOP);
+ carry += (int)bn_add_words(r_d, r_d, buf.bn, BN_NIST_384_TOP);
/*S3*/
- nist_set_384(t_d,buf,20,19,18,17,16,15,14,13,12,23,22,21);
+ nist_set_384(t_d,buf.bn,20,19,18,17,16,15,14,13,12,23,22,21);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*S4*/
- nist_set_384(t_d,buf,19,18,17,16,15,14,13,12,20,0,23,0);
+ nist_set_384(t_d,buf.bn,19,18,17,16,15,14,13,12,20,0,23,0);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*S5*/
- nist_set_384(t_d, buf,0,0,0,0,23,22,21,20,0,0,0,0);
+ nist_set_384(t_d, buf.bn,0,0,0,0,23,22,21,20,0,0,0,0);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*S6*/
- nist_set_384(t_d,buf,0,0,0,0,0,0,23,22,21,0,0,20);
+ nist_set_384(t_d,buf.bn,0,0,0,0,0,0,23,22,21,0,0,20);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*D1*/
- nist_set_384(t_d,buf,22,21,20,19,18,17,16,15,14,13,12,23);
+ nist_set_384(t_d,buf.bn,22,21,20,19,18,17,16,15,14,13,12,23);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*D2*/
- nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,22,21,20,0);
+ nist_set_384(t_d,buf.bn,0,0,0,0,0,0,0,23,22,21,20,0);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
/*D3*/
- nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,23,0,0,0);
+ nist_set_384(t_d,buf.bn,0,0,0,0,0,0,0,23,23,0,0,0);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+ }
+#endif
/* see BN_nist_mod_224 for explanation */
u.f = bn_sub_words;
if (carry > 0)
diff --git a/deps/openssl/openssl/crypto/bn/bn_print.c b/deps/openssl/openssl/crypto/bn/bn_print.c
index bebb466d0..1743b6a7e 100644
--- a/deps/openssl/openssl/crypto/bn/bn_print.c
+++ b/deps/openssl/openssl/crypto/bn/bn_print.c
@@ -357,3 +357,22 @@ end:
return(ret);
}
#endif
+
+char *BN_options(void)
+ {
+ static int init=0;
+ static char data[16];
+
+ if (!init)
+ {
+ init++;
+#ifdef BN_LLONG
+ BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+ (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
+#else
+ BIO_snprintf(data,sizeof data,"bn(%d,%d)",
+ (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
+#endif
+ }
+ return(data);
+ }
diff --git a/deps/openssl/openssl/crypto/bn/bn_shift.c b/deps/openssl/openssl/crypto/bn/bn_shift.c
index c4d301afc..a6fca2c42 100644
--- a/deps/openssl/openssl/crypto/bn/bn_shift.c
+++ b/deps/openssl/openssl/crypto/bn/bn_shift.c
@@ -99,7 +99,7 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a)
int BN_rshift1(BIGNUM *r, const BIGNUM *a)
{
BN_ULONG *ap,*rp,t,c;
- int i;
+ int i,j;
bn_check_top(r);
bn_check_top(a);
@@ -109,22 +109,25 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a)
BN_zero(r);
return(1);
}
+ i = a->top;
+ ap= a->d;
+ j = i-(ap[i-1]==1);
if (a != r)
{
- if (bn_wexpand(r,a->top) == NULL) return(0);
- r->top=a->top;
+ if (bn_wexpand(r,j) == NULL) return(0);
r->neg=a->neg;
}
- ap=a->d;
rp=r->d;
- c=0;
- for (i=a->top-1; i>=0; i--)
+ t=ap[--i];
+ c=(t&1)?BN_TBIT:0;
+ if (t>>=1) rp[i]=t;
+ while (i>0)
{
- t=ap[i];
+ t=ap[--i];
rp[i]=((t>>1)&BN_MASK2)|c;
c=(t&1)?BN_TBIT:0;
}
- bn_correct_top(r);
+ r->top=j;
bn_check_top(r);
return(1);
}
@@ -182,10 +185,11 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
BN_zero(r);
return(1);
}
+ i = (BN_num_bits(a)-n+(BN_BITS2-1))/BN_BITS2;
if (r != a)
{
r->neg=a->neg;
- if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
+ if (bn_wexpand(r,i) == NULL) return(0);
}
else
{
@@ -196,7 +200,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
f= &(a->d[nw]);
t=r->d;
j=a->top-nw;
- r->top=j;
+ r->top=i;
if (rb == 0)
{
@@ -212,9 +216,8 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
l= *(f++);
*(t++) =(tmp|(l<<lb))&BN_MASK2;
}
- *(t++) =(l>>rb)&BN_MASK2;
+ if ((l = (l>>rb)&BN_MASK2)) *(t) = l;
}
- bn_correct_top(r);
bn_check_top(r);
return(1);
}
diff --git a/deps/openssl/openssl/crypto/bn/bn_word.c b/deps/openssl/openssl/crypto/bn/bn_word.c
index ee7b87c45..de83a15b9 100644
--- a/deps/openssl/openssl/crypto/bn/bn_word.c
+++ b/deps/openssl/openssl/crypto/bn/bn_word.c
@@ -144,26 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w)
a->neg=!(a->neg);
return(i);
}
- /* Only expand (and risk failing) if it's possibly necessary */
- if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) &&
- (bn_wexpand(a,a->top+1) == NULL))
- return(0);
- i=0;
- for (;;)
+ for (i=0;w!=0 && i<a->top;i++)
{
- if (i >= a->top)
- l=w;
- else
- l=(a->d[i]+w)&BN_MASK2;
- a->d[i]=l;
- if (w > l)
- w=1;
- else
- break;
- i++;
+ a->d[i] = l = (a->d[i]+w)&BN_MASK2;
+ w = (w>l)?1:0;
}
- if (i >= a->top)
+ if (w && i==a->top)
+ {
+ if (bn_wexpand(a,a->top+1) == NULL) return 0;
a->top++;
+ a->d[i]=w;
+ }
bn_check_top(a);
return(1);
}
diff --git a/deps/openssl/openssl/crypto/bn/bntest.c b/deps/openssl/openssl/crypto/bn/bntest.c
index 0cd99c5b4..06f5954ac 100644
--- a/deps/openssl/openssl/crypto/bn/bntest.c
+++ b/deps/openssl/openssl/crypto/bn/bntest.c
@@ -262,7 +262,7 @@ int main(int argc, char *argv[])
message(out,"BN_mod_sqrt");
if (!test_sqrt(out,ctx)) goto err;
(void)BIO_flush(out);
-
+#ifndef OPENSSL_NO_EC2M
message(out,"BN_GF2m_add");
if (!test_gf2m_add(out)) goto err;
(void)BIO_flush(out);
@@ -298,7 +298,7 @@ int main(int argc, char *argv[])
message(out,"BN_GF2m_mod_solve_quad");
if (!test_gf2m_mod_solve_quad(out,ctx)) goto err;
(void)BIO_flush(out);
-
+#endif
BN_CTX_free(ctx);
BIO_free(out);
@@ -1061,7 +1061,7 @@ int test_exp(BIO *bp, BN_CTX *ctx)
BN_free(one);
return(1);
}
-
+#ifndef OPENSSL_NO_EC2M
int test_gf2m_add(BIO *bp)
{
BIGNUM a,b,c;
@@ -1636,7 +1636,7 @@ int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx)
BN_free(e);
return ret;
}
-
+#endif
static int genprime_cb(int p, int n, BN_GENCB *arg)
{
char c='*';
diff --git a/deps/openssl/openssl/crypto/buffer/Makefile b/deps/openssl/openssl/crypto/buffer/Makefile
index 9f3a88d2d..2efba47f0 100644
--- a/deps/openssl/openssl/crypto/buffer/Makefile
+++ b/deps/openssl/openssl/crypto/buffer/Makefile
@@ -17,8 +17,8 @@ TEST=
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= buffer.c buf_err.c
-LIBOBJ= buffer.o buf_err.o
+LIBSRC= buffer.c buf_str.c buf_err.c
+LIBOBJ= buffer.o buf_str.o buf_err.o
SRC= $(LIBSRC)
@@ -81,6 +81,13 @@ buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
buf_err.o: buf_err.c
+buf_str.o: ../../e_os.h ../../include/openssl/bio.h
+buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c
buffer.o: ../../e_os.h ../../include/openssl/bio.h
buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
diff --git a/deps/openssl/openssl/crypto/buffer/buffer.c b/deps/openssl/openssl/crypto/buffer/buffer.c
index 40361f966..d7aa79ad7 100644
--- a/deps/openssl/openssl/crypto/buffer/buffer.c
+++ b/deps/openssl/openssl/crypto/buffer/buffer.c
@@ -179,64 +179,6 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
return(len);
}
-char *BUF_strdup(const char *str)
- {
- if (str == NULL) return(NULL);
- return BUF_strndup(str, strlen(str));
- }
-
-char *BUF_strndup(const char *str, size_t siz)
- {
- char *ret;
-
- if (str == NULL) return(NULL);
-
- ret=OPENSSL_malloc(siz+1);
- if (ret == NULL)
- {
- BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- BUF_strlcpy(ret,str,siz+1);
- return(ret);
- }
-
-void *BUF_memdup(const void *data, size_t siz)
- {
- void *ret;
-
- if (data == NULL) return(NULL);
-
- ret=OPENSSL_malloc(siz);
- if (ret == NULL)
- {
- BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- return memcpy(ret, data, siz);
- }
-
-size_t BUF_strlcpy(char *dst, const char *src, size_t size)
- {
- size_t l = 0;
- for(; size > 1 && *src; size--)
- {
- *dst++ = *src++;
- l++;
- }
- if (size)
- *dst = '\0';
- return l + strlen(src);
- }
-
-size_t BUF_strlcat(char *dst, const char *src, size_t size)
- {
- size_t l = 0;
- for(; size > 0 && *dst; size--, dst++)
- l++;
- return l + BUF_strlcpy(dst, src, size);
- }
-
void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
{
size_t i;
diff --git a/deps/openssl/openssl/crypto/camellia/Makefile b/deps/openssl/openssl/crypto/camellia/Makefile
index ff5fe4a01..6ce6fc99c 100644
--- a/deps/openssl/openssl/crypto/camellia/Makefile
+++ b/deps/openssl/openssl/crypto/camellia/Makefile
@@ -23,9 +23,9 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
- cmll_cfb.c cmll_ctr.c
+ cmll_cfb.c cmll_ctr.c cmll_utl.c
-LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o $(CMLL_ENC)
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_utl.o $(CMLL_ENC)
SRC= $(LIBSRC)
@@ -96,8 +96,15 @@ cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
cmll_ecb.o: ../../include/openssl/camellia.h
cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
-cmll_misc.o: ../../include/openssl/camellia.h
-cmll_misc.o: ../../include/openssl/opensslconf.h
-cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
+cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_misc.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_misc.c
cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
+cmll_utl.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_utl.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_utl.c
diff --git a/deps/openssl/openssl/crypto/camellia/asm/cmll-x86.pl b/deps/openssl/openssl/crypto/camellia/asm/cmll-x86.pl
index 027302ac8..c314d6231 100644
--- a/deps/openssl/openssl/crypto/camellia/asm/cmll-x86.pl
+++ b/deps/openssl/openssl/crypto/camellia/asm/cmll-x86.pl
@@ -723,11 +723,11 @@ my $bias=int(@T[0])?shift(@T):0;
&function_end("Camellia_Ekeygen");
if ($OPENSSL) {
-# int Camellia_set_key (
+# int private_Camellia_set_key (
# const unsigned char *userKey,
# int bits,
# CAMELLIA_KEY *key)
-&function_begin_B("Camellia_set_key");
+&function_begin_B("private_Camellia_set_key");
&push ("ebx");
&mov ("ecx",&wparam(0)); # pull arguments
&mov ("ebx",&wparam(1));
@@ -760,7 +760,7 @@ if ($OPENSSL) {
&set_label("done",4);
&pop ("ebx");
&ret ();
-&function_end_B("Camellia_set_key");
+&function_end_B("private_Camellia_set_key");
}
@SBOX=(
diff --git a/deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl b/deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl
index 76955e472..9f4b82fa4 100644
--- a/deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl
+++ b/deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl
@@ -40,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; }
sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
diff --git a/deps/openssl/openssl/crypto/camellia/camellia.h b/deps/openssl/openssl/crypto/camellia/camellia.h
index cf0457dd9..67911e0ad 100644
--- a/deps/openssl/openssl/crypto/camellia/camellia.h
+++ b/deps/openssl/openssl/crypto/camellia/camellia.h
@@ -88,6 +88,10 @@ struct camellia_key_st
};
typedef struct camellia_key_st CAMELLIA_KEY;
+#ifdef OPENSSL_FIPS
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+#endif
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
diff --git a/deps/openssl/openssl/crypto/camellia/cmll_locl.h b/deps/openssl/openssl/crypto/camellia/cmll_locl.h
index 4a4d880d1..246b6ce1d 100644
--- a/deps/openssl/openssl/crypto/camellia/cmll_locl.h
+++ b/deps/openssl/openssl/crypto/camellia/cmll_locl.h
@@ -71,7 +71,8 @@
typedef unsigned int u32;
typedef unsigned char u8;
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE keyTable);
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
+ KEY_TABLE_TYPE keyTable);
void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
@@ -80,4 +81,6 @@ void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
diff --git a/deps/openssl/openssl/crypto/camellia/cmll_misc.c b/deps/openssl/openssl/crypto/camellia/cmll_misc.c
index f44689124..f44d48564 100644
--- a/deps/openssl/openssl/crypto/camellia/cmll_misc.c
+++ b/deps/openssl/openssl/crypto/camellia/cmll_misc.c
@@ -50,12 +50,13 @@
*/
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/camellia.h>
#include "cmll_locl.h"
const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT;
-int Camellia_set_key(const unsigned char *userKey, const int bits,
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key)
{
if(!userKey || !key)
diff --git a/deps/openssl/openssl/crypto/cast/Makefile b/deps/openssl/openssl/crypto/cast/Makefile
index 0acc38f28..f3f485988 100644
--- a/deps/openssl/openssl/crypto/cast/Makefile
+++ b/deps/openssl/openssl/crypto/cast/Makefile
@@ -95,5 +95,8 @@ c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
c_ofb64.o: c_ofb64.c cast_lcl.h
c_skey.o: ../../e_os.h ../../include/openssl/cast.h
-c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/deps/openssl/openssl/crypto/cast/c_skey.c b/deps/openssl/openssl/crypto/cast/c_skey.c
index 76e40005c..cb6bf9fee 100644
--- a/deps/openssl/openssl/crypto/cast/c_skey.c
+++ b/deps/openssl/openssl/crypto/cast/c_skey.c
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/cast.h>
#include "cast_lcl.h"
#include "cast_s.h"
@@ -71,8 +72,14 @@
#define S5 CAST_S_table5
#define S6 CAST_S_table6
#define S7 CAST_S_table7
-
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(CAST);
+ private_CAST_set_key(key, len, data);
+ }
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#endif
{
CAST_LONG x[16];
CAST_LONG z[16];
diff --git a/deps/openssl/openssl/crypto/cast/cast.h b/deps/openssl/openssl/crypto/cast/cast.h
index 1a264f814..203922ea2 100644
--- a/deps/openssl/openssl/crypto/cast/cast.h
+++ b/deps/openssl/openssl/crypto/cast/cast.h
@@ -83,7 +83,9 @@ typedef struct cast_key_st
int short_key; /* Use reduced rounds for short key */
} CAST_KEY;
-
+#ifdef OPENSSL_FIPS
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+#endif
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
int enc);
diff --git a/deps/openssl/openssl/crypto/cms/Makefile b/deps/openssl/openssl/crypto/cms/Makefile
index 583704972..9820adb21 100644
--- a/deps/openssl/openssl/crypto/cms/Makefile
+++ b/deps/openssl/openssl/crypto/cms/Makefile
@@ -18,9 +18,11 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
- cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c
+ cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+ cms_pwri.c
LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
- cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o
+ cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+ cms_pwri.o
SRC= $(LIBSRC)
@@ -230,6 +232,24 @@ cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
cms_lib.o: cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_pwri.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_pwri.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_pwri.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_pwri.o: ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
diff --git a/deps/openssl/openssl/crypto/cms/cms.h b/deps/openssl/openssl/crypto/cms/cms.h
index 09c45d041..36994fa6a 100644
--- a/deps/openssl/openssl/crypto/cms/cms.h
+++ b/deps/openssl/openssl/crypto/cms/cms.h
@@ -111,6 +111,7 @@ DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
#define CMS_PARTIAL 0x4000
#define CMS_REUSE_DIGEST 0x8000
#define CMS_USE_KEYID 0x10000
+#define CMS_DEBUG_DECRYPT 0x20000
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
@@ -184,6 +185,8 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
unsigned char *key, size_t keylen,
unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen);
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
@@ -219,6 +222,16 @@ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
const unsigned char *id, size_t idlen);
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass,
+ ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid, int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph);
+
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
@@ -330,6 +343,7 @@ void ERR_load_CMS_strings(void);
#define CMS_F_CHECK_CONTENT 99
#define CMS_F_CMS_ADD0_CERT 164
#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
#define CMS_F_CMS_ADD1_SIGNER 102
@@ -344,6 +358,7 @@ void ERR_load_CMS_strings(void);
#define CMS_F_CMS_DATAINIT 111
#define CMS_F_CMS_DECRYPT 112
#define CMS_F_CMS_DECRYPT_SET1_KEY 113
+#define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
#define CMS_F_CMS_DECRYPT_SET1_PKEY 114
#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
@@ -378,7 +393,9 @@ void ERR_load_CMS_strings(void);
#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
#define CMS_F_CMS_SET_DETACHED 147
@@ -419,6 +436,7 @@ void ERR_load_CMS_strings(void);
#define CMS_R_ERROR_SETTING_KEY 115
#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
#define CMS_R_INVALID_KEY_LENGTH 118
#define CMS_R_MD_BIO_INIT_ERROR 119
#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
@@ -431,6 +449,7 @@ void ERR_load_CMS_strings(void);
#define CMS_R_NOT_ENCRYPTED_DATA 122
#define CMS_R_NOT_KEK 123
#define CMS_R_NOT_KEY_TRANSPORT 124
+#define CMS_R_NOT_PWRI 177
#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
#define CMS_R_NO_CIPHER 126
#define CMS_R_NO_CONTENT 127
@@ -443,6 +462,7 @@ void ERR_load_CMS_strings(void);
#define CMS_R_NO_MATCHING_RECIPIENT 132
#define CMS_R_NO_MATCHING_SIGNATURE 166
#define CMS_R_NO_MSGSIGDIGEST 167
+#define CMS_R_NO_PASSWORD 178
#define CMS_R_NO_PRIVATE_KEY 133
#define CMS_R_NO_PUBLIC_KEY 134
#define CMS_R_NO_RECEIPT_REQUEST 168
@@ -466,10 +486,12 @@ void ERR_load_CMS_strings(void);
#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
#define CMS_R_UNSUPPORTED_TYPE 156
#define CMS_R_UNWRAP_ERROR 157
+#define CMS_R_UNWRAP_FAILURE 180
#define CMS_R_VERIFICATION_FAILURE 158
#define CMS_R_WRAP_ERROR 159
diff --git a/deps/openssl/openssl/crypto/cms/cms_asn1.c b/deps/openssl/openssl/crypto/cms/cms_asn1.c
index fcba4dcbc..cfe67fb6c 100644
--- a/deps/openssl/openssl/crypto/cms/cms_asn1.c
+++ b/deps/openssl/openssl/crypto/cms/cms_asn1.c
@@ -237,6 +237,15 @@ static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
OPENSSL_free(kekri->key);
}
}
+ else if (ri->type == CMS_RECIPINFO_PASS)
+ {
+ CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
+ if (pwri->pass)
+ {
+ OPENSSL_cleanse(pwri->pass, pwri->passlen);
+ OPENSSL_free(pwri->pass);
+ }
+ }
}
return 1;
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_cd.c b/deps/openssl/openssl/crypto/cms/cms_cd.c
index a5fc2c4e2..202168810 100644
--- a/deps/openssl/openssl/crypto/cms/cms_cd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_cd.c
@@ -58,7 +58,9 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/bio.h>
+#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
+#endif
#include "cms_lcl.h"
DECLARE_ASN1_ITEM(CMS_CompressedData)
diff --git a/deps/openssl/openssl/crypto/cms/cms_enc.c b/deps/openssl/openssl/crypto/cms/cms_enc.c
index bab26235b..bebeaf29c 100644
--- a/deps/openssl/openssl/crypto/cms/cms_enc.c
+++ b/deps/openssl/openssl/crypto/cms/cms_enc.c
@@ -73,6 +73,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
const EVP_CIPHER *ciph;
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+ unsigned char *tkey = NULL;
+ size_t tkeylen = 0;
int ok = 0;
@@ -137,32 +139,57 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
}
-
-
- if (enc && !ec->key)
+ tkeylen = EVP_CIPHER_CTX_key_length(ctx);
+ /* Generate random session key */
+ if (!enc || !ec->key)
{
- /* Generate random key */
- if (!ec->keylen)
- ec->keylen = EVP_CIPHER_CTX_key_length(ctx);
- ec->key = OPENSSL_malloc(ec->keylen);
- if (!ec->key)
+ tkey = OPENSSL_malloc(tkeylen);
+ if (!tkey)
{
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_CIPHER_CTX_rand_key(ctx, ec->key) <= 0)
+ if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
goto err;
- keep_key = 1;
}
- else if (ec->keylen != (unsigned int)EVP_CIPHER_CTX_key_length(ctx))
+
+ if (!ec->key)
+ {
+ ec->key = tkey;
+ ec->keylen = tkeylen;
+ tkey = NULL;
+ if (enc)
+ keep_key = 1;
+ else
+ ERR_clear_error();
+
+ }
+
+ if (ec->keylen != tkeylen)
{
/* If necessary set key length */
if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
{
- CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
- CMS_R_INVALID_KEY_LENGTH);
- goto err;
+ /* Only reveal failure if debugging so we don't
+ * leak information which may be useful in MMA.
+ */
+ if (enc || ec->debug)
+ {
+ CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+ CMS_R_INVALID_KEY_LENGTH);
+ goto err;
+ }
+ else
+ {
+ /* Use random key */
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ ec->key = tkey;
+ ec->keylen = tkeylen;
+ tkey = NULL;
+ ERR_clear_error();
+ }
}
}
@@ -198,6 +225,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
OPENSSL_free(ec->key);
ec->key = NULL;
}
+ if (tkey)
+ {
+ OPENSSL_cleanse(tkey, tkeylen);
+ OPENSSL_free(tkey);
+ }
if (ok)
return b;
BIO_free(b);
diff --git a/deps/openssl/openssl/crypto/cms/cms_env.c b/deps/openssl/openssl/crypto/cms/cms_env.c
index b3237d4b9..be20b1c02 100644
--- a/deps/openssl/openssl/crypto/cms/cms_env.c
+++ b/deps/openssl/openssl/crypto/cms/cms_env.c
@@ -65,14 +65,13 @@
/* CMS EnvelopedData Utilities */
DECLARE_ASN1_ITEM(CMS_EnvelopedData)
-DECLARE_ASN1_ITEM(CMS_RecipientInfo)
DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
DECLARE_STACK_OF(CMS_RecipientInfo)
-static CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
{
if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped)
{
@@ -371,6 +370,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
unsigned char *ek = NULL;
size_t eklen;
int ret = 0;
+ CMS_EncryptedContentInfo *ec;
+ ec = cms->d.envelopedData->encryptedContentInfo;
if (ktri->pkey == NULL)
{
@@ -417,8 +418,14 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
ret = 1;
- cms->d.envelopedData->encryptedContentInfo->key = ek;
- cms->d.envelopedData->encryptedContentInfo->keylen = eklen;
+ if (ec->key)
+ {
+ OPENSSL_cleanse(ec->key, ec->keylen);
+ OPENSSL_free(ec->key);
+ }
+
+ ec->key = ek;
+ ec->keylen = eklen;
err:
if (pctx)
@@ -786,6 +793,9 @@ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
case CMS_RECIPINFO_KEK:
return cms_RecipientInfo_kekri_decrypt(cms, ri);
+ case CMS_RECIPINFO_PASS:
+ return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+
default:
CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
@@ -829,6 +839,10 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
r = cms_RecipientInfo_kekri_encrypt(cms, ri);
break;
+ case CMS_RECIPINFO_PASS:
+ r = cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+ break;
+
default:
CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
diff --git a/deps/openssl/openssl/crypto/cms/cms_err.c b/deps/openssl/openssl/crypto/cms/cms_err.c
index ff7b0309e..8330ead7e 100644
--- a/deps/openssl/openssl/crypto/cms/cms_err.c
+++ b/deps/openssl/openssl/crypto/cms/cms_err.c
@@ -1,6 +1,6 @@
/* crypto/cms/cms_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -73,6 +73,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
{ERR_FUNC(CMS_F_CHECK_CONTENT), "CHECK_CONTENT"},
{ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
+{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD), "CMS_add0_recipient_password"},
{ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
{ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
@@ -87,6 +88,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
{ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
{ERR_FUNC(CMS_F_CMS_DECRYPT), "CMS_decrypt"},
{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY), "CMS_decrypt_set1_key"},
+{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD), "CMS_decrypt_set1_password"},
{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY), "CMS_decrypt_set1_pkey"},
{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX), "cms_DigestAlgorithm_find_ctx"},
{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO), "cms_DigestAlgorithm_init_bio"},
@@ -105,7 +107,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
{ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES), "CMS_GET0_CERTIFICATE_CHOICES"},
{ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
{ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "CMS_GET0_ECONTENT_TYPE"},
-{ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "CMS_GET0_ENVELOPED"},
+{ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
{ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES), "CMS_GET0_REVOCATION_CHOICES"},
{ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "CMS_GET0_SIGNED"},
{ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1), "cms_msgSigDigest_add1"},
@@ -121,7 +123,9 @@ static ERR_STRING_DATA CMS_str_functs[]=
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT), "CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS), "CMS_RecipientInfo_ktri_get0_algs"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID), "CMS_RecipientInfo_ktri_get0_signer_id"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT), "cms_RecipientInfo_pwri_crypt"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY), "CMS_RecipientInfo_set0_key"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD), "CMS_RecipientInfo_set0_password"},
{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY), "CMS_RecipientInfo_set0_pkey"},
{ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
{ERR_FUNC(CMS_F_CMS_SET_DETACHED), "CMS_set_detached"},
@@ -165,6 +169,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
{ERR_REASON(CMS_R_ERROR_SETTING_KEY) ,"error setting key"},
{ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO),"error setting recipientinfo"},
{ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),"invalid encrypted key length"},
+{ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),"invalid key encryption parameter"},
{ERR_REASON(CMS_R_INVALID_KEY_LENGTH) ,"invalid key length"},
{ERR_REASON(CMS_R_MD_BIO_INIT_ERROR) ,"md bio init error"},
{ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),"messagedigest attribute wrong length"},
@@ -177,6 +182,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
{ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA) ,"not encrypted data"},
{ERR_REASON(CMS_R_NOT_KEK) ,"not kek"},
{ERR_REASON(CMS_R_NOT_KEY_TRANSPORT) ,"not key transport"},
+{ERR_REASON(CMS_R_NOT_PWRI) ,"not pwri"},
{ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"not supported for this key type"},
{ERR_REASON(CMS_R_NO_CIPHER) ,"no cipher"},
{ERR_REASON(CMS_R_NO_CONTENT) ,"no content"},
@@ -189,6 +195,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
{ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT) ,"no matching recipient"},
{ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE) ,"no matching signature"},
{ERR_REASON(CMS_R_NO_MSGSIGDIGEST) ,"no msgsigdigest"},
+{ERR_REASON(CMS_R_NO_PASSWORD) ,"no password"},
{ERR_REASON(CMS_R_NO_PRIVATE_KEY) ,"no private key"},
{ERR_REASON(CMS_R_NO_PUBLIC_KEY) ,"no public key"},
{ERR_REASON(CMS_R_NO_RECEIPT_REQUEST) ,"no receipt request"},
@@ -212,10 +219,12 @@ static ERR_STRING_DATA CMS_str_reasons[]=
{ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
{ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
{ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),"unsupported kek algorithm"},
+{ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),"unsupported key encryption algorithm"},
{ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),"unsupported recipient type"},
{ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE),"unsupported recpientinfo type"},
{ERR_REASON(CMS_R_UNSUPPORTED_TYPE) ,"unsupported type"},
{ERR_REASON(CMS_R_UNWRAP_ERROR) ,"unwrap error"},
+{ERR_REASON(CMS_R_UNWRAP_FAILURE) ,"unwrap failure"},
{ERR_REASON(CMS_R_VERIFICATION_FAILURE) ,"verification failure"},
{ERR_REASON(CMS_R_WRAP_ERROR) ,"wrap error"},
{0,NULL}
diff --git a/deps/openssl/openssl/crypto/cms/cms_lcl.h b/deps/openssl/openssl/crypto/cms/cms_lcl.h
index c8ecfa724..a9f973015 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lcl.h
+++ b/deps/openssl/openssl/crypto/cms/cms_lcl.h
@@ -175,6 +175,8 @@ struct CMS_EncryptedContentInfo_st
const EVP_CIPHER *cipher;
unsigned char *key;
size_t keylen;
+ /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
+ int debug;
};
struct CMS_RecipientInfo_st
@@ -273,6 +275,9 @@ struct CMS_PasswordRecipientInfo_st
X509_ALGOR *keyDerivationAlgorithm;
X509_ALGOR *keyEncryptionAlgorithm;
ASN1_OCTET_STRING *encryptedKey;
+ /* Extra info: password to use */
+ unsigned char *pass;
+ size_t passlen;
};
struct CMS_OtherRecipientInfo_st
@@ -411,6 +416,8 @@ DECLARE_ASN1_ITEM(CMS_SignerInfo)
DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
+DECLARE_ASN1_ITEM(CMS_RecipientInfo)
+DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
#define CMS_SIGNERINFO_ISSUER_SERIAL 0
@@ -454,6 +461,11 @@ int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+
+/* PWRI routines */
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ int en_de);
#ifdef __cplusplus
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_lib.c b/deps/openssl/openssl/crypto/cms/cms_lib.c
index d00fe0f87..b62d1bfac 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lib.c
+++ b/deps/openssl/openssl/crypto/cms/cms_lib.c
@@ -411,10 +411,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
* algorithm OID instead of digest.
*/
|| EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
- {
- EVP_MD_CTX_copy_ex(mctx, mtmp);
- return 1;
- }
+ return EVP_MD_CTX_copy_ex(mctx, mtmp);
chain = BIO_next(chain);
}
}
diff --git a/deps/openssl/openssl/crypto/cms/cms_sd.c b/deps/openssl/openssl/crypto/cms/cms_sd.c
index e3192b9c5..77fbd1359 100644
--- a/deps/openssl/openssl/crypto/cms/cms_sd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_sd.c
@@ -641,7 +641,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
- EVP_DigestFinal_ex(&mctx, md, &mdlen);
+ if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING,
md, mdlen))
diff --git a/deps/openssl/openssl/crypto/cms/cms_smime.c b/deps/openssl/openssl/crypto/cms/cms_smime.c
index 4a799eb89..8c56e3a85 100644
--- a/deps/openssl/openssl/crypto/cms/cms_smime.c
+++ b/deps/openssl/openssl/crypto/cms/cms_smime.c
@@ -611,7 +611,10 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
STACK_OF(CMS_RecipientInfo) *ris;
CMS_RecipientInfo *ri;
int i, r;
+ int debug = 0;
ris = CMS_get0_RecipientInfos(cms);
+ if (ris)
+ debug = cms->d.envelopedData->encryptedContentInfo->debug;
for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
{
ri = sk_CMS_RecipientInfo_value(ris, i);
@@ -625,17 +628,38 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
CMS_RecipientInfo_set0_pkey(ri, pk);
r = CMS_RecipientInfo_decrypt(cms, ri);
CMS_RecipientInfo_set0_pkey(ri, NULL);
- if (r > 0)
- return 1;
if (cert)
{
+ /* If not debugging clear any error and
+ * return success to avoid leaking of
+ * information useful to MMA
+ */
+ if (!debug)
+ {
+ ERR_clear_error();
+ return 1;
+ }
+ if (r > 0)
+ return 1;
CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
CMS_R_DECRYPT_ERROR);
return 0;
}
- ERR_clear_error();
+ /* If no cert and not debugging don't leave loop
+ * after first successful decrypt. Always attempt
+ * to decrypt all recipients to avoid leaking timing
+ * of a successful decrypt.
+ */
+ else if (r > 0 && debug)
+ return 1;
}
}
+ /* If no cert and not debugging always return success */
+ if (!cert && !debug)
+ {
+ ERR_clear_error();
+ return 1;
+ }
CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
return 0;
@@ -680,6 +704,30 @@ int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
return 0;
}
+
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen)
+ {
+ STACK_OF(CMS_RecipientInfo) *ris;
+ CMS_RecipientInfo *ri;
+ int i, r;
+ ris = CMS_get0_RecipientInfos(cms);
+ for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
+ {
+ ri = sk_CMS_RecipientInfo_value(ris, i);
+ if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
+ continue;
+ CMS_RecipientInfo_set0_password(ri, pass, passlen);
+ r = CMS_RecipientInfo_decrypt(cms, ri);
+ CMS_RecipientInfo_set0_password(ri, NULL, 0);
+ if (r > 0)
+ return 1;
+ }
+
+ CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
+ return 0;
+
+ }
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
BIO *dcont, BIO *out,
@@ -694,9 +742,14 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
}
if (!dcont && !check_content(cms))
return 0;
+ if (flags & CMS_DEBUG_DECRYPT)
+ cms->d.envelopedData->encryptedContentInfo->debug = 1;
+ else
+ cms->d.envelopedData->encryptedContentInfo->debug = 0;
+ if (!pk && !cert && !dcont && !out)
+ return 1;
if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
return 0;
-
cont = CMS_dataInit(cms, dcont);
if (!cont)
return 0;
diff --git a/deps/openssl/openssl/crypto/comp/c_rle.c b/deps/openssl/openssl/crypto/comp/c_rle.c
index 18bceae51..47dfb67fb 100644
--- a/deps/openssl/openssl/crypto/comp/c_rle.c
+++ b/deps/openssl/openssl/crypto/comp/c_rle.c
@@ -30,7 +30,7 @@ static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
{
/* int i; */
- if (olen < (ilen+1))
+ if (ilen == 0 || olen < (ilen-1))
{
/* ZZZZZZZZZZZZZZZZZZZZZZ */
return(-1);
@@ -46,7 +46,7 @@ static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
{
int i;
- if (ilen == 0 || olen < (ilen-1))
+ if (olen < (ilen-1))
{
/* ZZZZZZZZZZZZZZZZZZZZZZ */
return(-1);
diff --git a/deps/openssl/openssl/crypto/conf/conf_mall.c b/deps/openssl/openssl/crypto/conf/conf_mall.c
index c6f4cb2d5..213890e0c 100644
--- a/deps/openssl/openssl/crypto/conf/conf_mall.c
+++ b/deps/openssl/openssl/crypto/conf/conf_mall.c
@@ -76,5 +76,6 @@ void OPENSSL_load_builtin_modules(void)
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
+ EVP_add_alg_module();
}
diff --git a/deps/openssl/openssl/crypto/cpt_err.c b/deps/openssl/openssl/crypto/cpt_err.c
index 139b9284e..289005f66 100644
--- a/deps/openssl/openssl/crypto/cpt_err.c
+++ b/deps/openssl/openssl/crypto/cpt_err.c
@@ -1,6 +1,6 @@
/* crypto/cpt_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -76,6 +76,7 @@ static ERR_STRING_DATA CRYPTO_str_functs[]=
{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
+{ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
@@ -84,6 +85,7 @@ static ERR_STRING_DATA CRYPTO_str_functs[]=
static ERR_STRING_DATA CRYPTO_str_reasons[]=
{
+{ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),"no dynlock create callback"},
{0,NULL}
};
diff --git a/deps/openssl/openssl/crypto/cryptlib.c b/deps/openssl/openssl/crypto/cryptlib.c
index 24fe123e1..304c6b706 100644
--- a/deps/openssl/openssl/crypto/cryptlib.c
+++ b/deps/openssl/openssl/crypto/cryptlib.c
@@ -409,6 +409,10 @@ int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
const char *file,int line))
{
+ /* Calling this here ensures initialisation before any threads
+ * are started.
+ */
+ OPENSSL_init();
locking_callback=func;
}
@@ -500,7 +504,7 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
#else
/* For everything else, default to using the address of 'errno' */
- CRYPTO_THREADID_set_pointer(id, &errno);
+ CRYPTO_THREADID_set_pointer(id, (void*)&errno);
#endif
}
@@ -661,28 +665,53 @@ const char *CRYPTO_get_lock_name(int type)
defined(__INTEL__) || \
defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-unsigned long OPENSSL_ia32cap_P=0;
-unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; }
+unsigned int OPENSSL_ia32cap_P[2];
+unsigned long *OPENSSL_ia32cap_loc(void)
+{ if (sizeof(long)==4)
+ /*
+ * If 32-bit application pulls address of OPENSSL_ia32cap_P[0]
+ * clear second element to maintain the illusion that vector
+ * is 32-bit.
+ */
+ OPENSSL_ia32cap_P[1]=0;
+ return (unsigned long *)OPENSSL_ia32cap_P;
+}
#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
#define OPENSSL_CPUID_SETUP
+#if defined(_WIN32)
+typedef unsigned __int64 IA32CAP;
+#else
+typedef unsigned long long IA32CAP;
+#endif
void OPENSSL_cpuid_setup(void)
{ static int trigger=0;
- unsigned long OPENSSL_ia32_cpuid(void);
+ IA32CAP OPENSSL_ia32_cpuid(void);
+ IA32CAP vec;
char *env;
if (trigger) return;
trigger=1;
- if ((env=getenv("OPENSSL_ia32cap")))
- OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10);
+ if ((env=getenv("OPENSSL_ia32cap"))) {
+ int off = (env[0]=='~')?1:0;
+#if defined(_WIN32)
+ if (!sscanf(env+off,"%I64i",&vec)) vec = strtoul(env+off,NULL,0);
+#else
+ if (!sscanf(env+off,"%lli",(long long *)&vec)) vec = strtoul(env+off,NULL,0);
+#endif
+ if (off) vec = OPENSSL_ia32_cpuid()&~vec;
+ }
else
- OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10);
+ vec = OPENSSL_ia32_cpuid();
+
/*
* |(1<<10) sets a reserved bit to signal that variable
* was initialized already... This is to avoid interference
* with cpuid snippets in ELF .init segment.
*/
+ OPENSSL_ia32cap_P[0] = (unsigned int)vec|(1<<10);
+ OPENSSL_ia32cap_P[1] = (unsigned int)(vec>>32);
}
#endif
@@ -896,3 +925,16 @@ void OpenSSLDie(const char *file,int line,const char *assertion)
}
void *OPENSSL_stderr(void) { return stderr; }
+
+int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
+ {
+ size_t i;
+ const unsigned char *a = in_a;
+ const unsigned char *b = in_b;
+ unsigned char x = 0;
+
+ for (i = 0; i < len; i++)
+ x |= a[i] ^ b[i];
+
+ return x;
+ }
diff --git a/deps/openssl/openssl/crypto/cryptlib.h b/deps/openssl/openssl/crypto/cryptlib.h
index fc249c57f..d26f9630e 100644
--- a/deps/openssl/openssl/crypto/cryptlib.h
+++ b/deps/openssl/openssl/crypto/cryptlib.h
@@ -99,8 +99,8 @@ extern "C" {
#define HEX_SIZE(type) (sizeof(type)*2)
void OPENSSL_cpuid_setup(void);
-extern unsigned long OPENSSL_ia32cap_P;
-void OPENSSL_showfatal(const char *,...);
+extern unsigned int OPENSSL_ia32cap_P[];
+void OPENSSL_showfatal(const char *fmta,...);
void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated;
diff --git a/deps/openssl/openssl/crypto/crypto-lib.com b/deps/openssl/openssl/crypto/crypto-lib.com
index a29c0afd9..dc8a8c174 100644
--- a/deps/openssl/openssl/crypto/crypto-lib.com
+++ b/deps/openssl/openssl/crypto/crypto-lib.com
@@ -117,7 +117,7 @@ $ ENCRYPT_TYPES = "Basic,"+ -
"BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
"EVP,EVP_2,EVP_3,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
"CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
- "STORE,CMS,PQUEUE,TS,JPAKE"
+ "CMS,PQUEUE,TS,JPAKE,SRP,STORE,CMAC"
$!
$! Check To Make Sure We Have Valid Command Line Parameters.
$!
@@ -207,7 +207,8 @@ $!
$ APPS_DES = "DES/DES,CBC3_ENC"
$ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
$
-$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,cpt_err,ebcdic,uid,o_time,o_str,o_dir"
+$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,cpt_err,"+ -
+ "ebcdic,uid,o_time,o_str,o_dir,o_fips.c,o_init,fips_ers"
$ LIB_MD2 = "md2_dgst,md2_one"
$ LIB_MD4 = "md4_dgst,md4_one"
$ LIB_MD5 = "md5_dgst,md5_one"
@@ -224,15 +225,16 @@ $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
"fcrypt,xcbc_enc,rpc_enc,cbc_cksm,"+ -
"ede_cbcm_enc,des_old,des_old2,read2pwd"
$ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
-$ LIB_RC4 = "rc4_skey,rc4_enc"
+$ LIB_RC4 = "rc4_skey,rc4_enc,rc4_utl"
$ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
$ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
$ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
$ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ -
- "cmll_cfb,cmll_ctr"
+ "cmll_cfb,cmll_ctr,cmll_utl"
$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
-$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128"
+$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128,gcm128,"+ -
+ "ccm128,xts128"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
LIB_BN_ASM = "bn_asm"
@@ -240,14 +242,16 @@ $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
"bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ -
- "bn_depr,bn_const"
+ "bn_depr,bn_const,bn_x931p"
$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ -
"ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ -
- "ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn"
+ "ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn,"+ -
+ "ecp_nistp224,ecp_nistp256,ecp_nistp521,ecp_nistputil,"+ -
+ "ecp_oct,ec2_oct,ec_oct"
$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
"rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
"rsa_pss,rsa_x931,rsa_asn1,rsa_depr,rsa_ameth,rsa_prn,"+ -
- "rsa_pmeth"
+ "rsa_pmeth,rsa_crpt"
$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ -
"dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
@@ -260,10 +264,11 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
"eng_table,eng_pkey,eng_fat,eng_all,"+ -
"tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ -
"tb_cipher,tb_digest,tb_pkmeth,tb_asnmth,"+ -
- "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev"
+ "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,"+ -
+ "eng_rsax,eng_rdrand"
$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr,"+ -
"aes_ige,aes_wrap"
-$ LIB_BUFFER = "buffer,buf_err"
+$ LIB_BUFFER = "buffer,buf_str,buf_err"
$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
"bss_mem,bss_null,bss_fd,"+ -
"bss_file,bss_sock,bss_conn,"+ -
@@ -277,7 +282,7 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
"rand_vms"
$ LIB_ERR = "err,err_all,err_prn"
$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
-$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ -
+$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
"e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
"e_rc4,e_aes,names,e_seed,"+ -
"e_xcbc_d,e_rc2,e_cast,e_rc5"
@@ -287,7 +292,8 @@ $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1,m_wp," + -
"bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
"c_all,c_allc,c_alld,evp_lib,bio_ok,"+-
"evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
-$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver"
+$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver,evp_fips,"+ -
+ "e_aes_cbc_hmac_sha1,e_rc4_hmac_md5"
$ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
"a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ -
"a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ -
@@ -329,14 +335,17 @@ $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ -
$ LIB_UI_COMPAT = ",ui_compat"
$ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT
$ LIB_KRB5 = "krb5_asn"
-$ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
- "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess"
+ "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
+ "cms_pwri"
$ LIB_PQUEUE = "pqueue"
$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+ -
"ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
"ts_asn1"
$ LIB_JPAKE = "jpake,jpake_err"
+$ LIB_SRP = "srp_lib,srp_vfy"
+$ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
+$ LIB_CMAC = "cmac,cm_ameth.c,cm_pmeth"
$!
$! Setup exceptional compilations
$!
@@ -1021,7 +1030,7 @@ $!
$! Set basic C compiler /INCLUDE directories.
$!
$ CC_INCLUDES = "SYS$DISK:[.''ARCHD'],SYS$DISK:[],SYS$DISK:[-],"+ -
- "SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1]"
+ "SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.MODES],SYS$DISK:[.ASN1],SYS$DISK:[.EVP]"
$!
$! Check To See If P3 Is Blank.
$!
diff --git a/deps/openssl/openssl/crypto/crypto.h b/deps/openssl/openssl/crypto/crypto.h
index b0360cec5..f92fc5182 100644
--- a/deps/openssl/openssl/crypto/crypto.h
+++ b/deps/openssl/openssl/crypto/crypto.h
@@ -488,10 +488,10 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
long (**go)(void));
void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
+void CRYPTO_free_locked(void *ptr);
void *CRYPTO_malloc(int num, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *);
+void CRYPTO_free(void *ptr);
void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
int line);
@@ -547,6 +547,40 @@ unsigned long *OPENSSL_ia32cap_loc(void);
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
int OPENSSL_isservice(void);
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
+
+void OPENSSL_init(void);
+
+#define fips_md_init(alg) fips_md_init_ctx(alg, alg)
+
+#ifdef OPENSSL_FIPS
+#define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c) \
+ { \
+ if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+ "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
+ return private_##alg##_Init(c); \
+ } \
+ int private_##alg##_Init(cx##_CTX *c)
+
+#define fips_cipher_abort(alg) \
+ if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+ "Low level API call to cipher " #alg " forbidden in FIPS mode!")
+
+#else
+#define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c)
+#define fips_cipher_abort(alg) while(0)
+#endif
+
+/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
+ * takes an amount of time dependent on |len|, but independent of the contents
+ * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
+ * defined order as the return value when a != b is undefined, other than to be
+ * non-zero. */
+int CRYPTO_memcmp(const void *a, const void *b, size_t len);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -562,11 +596,13 @@ void ERR_load_CRYPTO_strings(void);
#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
#define CRYPTO_F_DEF_ADD_INDEX 104
#define CRYPTO_F_DEF_GET_CLASS 105
+#define CRYPTO_F_FIPS_MODE_SET 109
#define CRYPTO_F_INT_DUP_EX_DATA 106
#define CRYPTO_F_INT_FREE_EX_DATA 107
#define CRYPTO_F_INT_NEW_EX_DATA 108
/* Reason codes. */
+#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
#ifdef __cplusplus
diff --git a/deps/openssl/openssl/crypto/des/Makefile b/deps/openssl/openssl/crypto/des/Makefile
index ae982265f..a6e100132 100644
--- a/deps/openssl/openssl/crypto/des/Makefile
+++ b/deps/openssl/openssl/crypto/des/Makefile
@@ -257,8 +257,9 @@ rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
-set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
diff --git a/deps/openssl/openssl/crypto/des/des.h b/deps/openssl/openssl/crypto/des/des.h
index 92b666359..1eaedcbd2 100644
--- a/deps/openssl/openssl/crypto/des/des.h
+++ b/deps/openssl/openssl/crypto/des/des.h
@@ -224,6 +224,9 @@ int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
+#ifdef OPENSSL_FIPS
+void private_DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
+#endif
void DES_string_to_key(const char *str,DES_cblock *key);
void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
diff --git a/deps/openssl/openssl/crypto/des/set_key.c b/deps/openssl/openssl/crypto/des/set_key.c
index 3004cc3ab..da4d62e11 100644
--- a/deps/openssl/openssl/crypto/des/set_key.c
+++ b/deps/openssl/openssl/crypto/des/set_key.c
@@ -63,6 +63,7 @@
* 1.1 added norm_expand_bits
* 1.0 First working version
*/
+#include <openssl/crypto.h>
#include "des_locl.h"
OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0) /* defaults to false */
@@ -335,6 +336,13 @@ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
}
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(DES);
+ private_DES_set_key_unchecked(key, schedule);
+ }
+void private_DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+#endif
{
static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
register DES_LONG c,d,t,s,t2;
diff --git a/deps/openssl/openssl/crypto/des/str2key.c b/deps/openssl/openssl/crypto/des/str2key.c
index 9c2054bda..1077f99d1 100644
--- a/deps/openssl/openssl/crypto/des/str2key.c
+++ b/deps/openssl/openssl/crypto/des/str2key.c
@@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
#include <openssl/crypto.h>
+#include "des_locl.h"
void DES_string_to_key(const char *str, DES_cblock *key)
{
diff --git a/deps/openssl/openssl/crypto/dh/dh.h b/deps/openssl/openssl/crypto/dh/dh.h
index 849309a48..ea59e610e 100644
--- a/deps/openssl/openssl/crypto/dh/dh.h
+++ b/deps/openssl/openssl/crypto/dh/dh.h
@@ -86,6 +86,21 @@
* be used for all exponents.
*/
+/* If this flag is set the DH method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its reposibility
+ * to ensure the result is compliant.
+ */
+
+#define DH_FLAG_FIPS_METHOD 0x0400
+
+/* If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+#define DH_FLAG_NON_FIPS_ALLOW 0x0400
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -230,6 +245,9 @@ void ERR_load_DH_strings(void);
#define DH_F_COMPUTE_KEY 102
#define DH_F_DHPARAMS_PRINT_FP 101
#define DH_F_DH_BUILTIN_GENPARAMS 106
+#define DH_F_DH_COMPUTE_KEY 114
+#define DH_F_DH_GENERATE_KEY 115
+#define DH_F_DH_GENERATE_PARAMETERS_EX 116
#define DH_F_DH_NEW_METHOD 105
#define DH_F_DH_PARAM_DECODE 107
#define DH_F_DH_PRIV_DECODE 110
@@ -249,7 +267,9 @@ void ERR_load_DH_strings(void);
#define DH_R_DECODE_ERROR 104
#define DH_R_INVALID_PUBKEY 102
#define DH_R_KEYS_NOT_SET 108
+#define DH_R_KEY_SIZE_TOO_SMALL 110
#define DH_R_MODULUS_TOO_LARGE 103
+#define DH_R_NON_FIPS_METHOD 111
#define DH_R_NO_PARAMETERS_SET 107
#define DH_R_NO_PRIVATE_VALUE 100
#define DH_R_PARAMETER_ENCODING_ERROR 105
diff --git a/deps/openssl/openssl/crypto/dh/dh_ameth.c b/deps/openssl/openssl/crypto/dh/dh_ameth.c
index 377caf96c..02ec2d47b 100644
--- a/deps/openssl/openssl/crypto/dh/dh_ameth.c
+++ b/deps/openssl/openssl/crypto/dh/dh_ameth.c
@@ -493,6 +493,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
dh_copy_parameters,
dh_cmp_parameters,
dh_param_print,
+ 0,
int_dh_free,
0
diff --git a/deps/openssl/openssl/crypto/dh/dh_err.c b/deps/openssl/openssl/crypto/dh/dh_err.c
index d5cf0c22a..56d3df735 100644
--- a/deps/openssl/openssl/crypto/dh/dh_err.c
+++ b/deps/openssl/openssl/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
/* crypto/dh/dh_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -73,6 +73,9 @@ static ERR_STRING_DATA DH_str_functs[]=
{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
+{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
+{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
{ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
@@ -95,7 +98,9 @@ static ERR_STRING_DATA DH_str_reasons[]=
{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
{ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"},
+{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
+{ERR_REASON(DH_R_NON_FIPS_METHOD) ,"non fips method"},
{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
diff --git a/deps/openssl/openssl/crypto/dh/dh_gen.c b/deps/openssl/openssl/crypto/dh/dh_gen.c
index cfd5b1186..7b1fe9c9c 100644
--- a/deps/openssl/openssl/crypto/dh/dh_gen.c
+++ b/deps/openssl/openssl/crypto/dh/dh_gen.c
@@ -66,12 +66,29 @@
#include <openssl/bn.h>
#include <openssl/dh.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW))
+ {
+ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
if(ret->meth->generate_params)
return ret->meth->generate_params(ret, prime_len, generator, cb);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_generate_parameters_ex(ret, prime_len,
+ generator, cb);
+#endif
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
diff --git a/deps/openssl/openssl/crypto/dh/dh_key.c b/deps/openssl/openssl/crypto/dh/dh_key.c
index e7db44034..89a74db4e 100644
--- a/deps/openssl/openssl/crypto/dh/dh_key.c
+++ b/deps/openssl/openssl/crypto/dh/dh_key.c
@@ -73,11 +73,27 @@ static int dh_finish(DH *dh);
int DH_generate_key(DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
+ {
+ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->generate_key(dh);
}
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
+ {
+ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->compute_key(key, pub_key, dh);
}
@@ -138,8 +154,21 @@ static int generate_key(DH *dh)
if (generate_new_key)
{
- l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
- if (!BN_rand(priv_key, l, 0, 0)) goto err;
+ if (dh->q)
+ {
+ do
+ {
+ if (!BN_rand_range(priv_key, dh->q))
+ goto err;
+ }
+ while (BN_is_zero(priv_key) || BN_is_one(priv_key));
+ }
+ else
+ {
+ /* secret exponent length */
+ l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
+ if (!BN_rand(priv_key, l, 0, 0)) goto err;
+ }
}
{
diff --git a/deps/openssl/openssl/crypto/dh/dh_lib.c b/deps/openssl/openssl/crypto/dh/dh_lib.c
index 7aef080e7..00218f2b9 100644
--- a/deps/openssl/openssl/crypto/dh/dh_lib.c
+++ b/deps/openssl/openssl/crypto/dh/dh_lib.c
@@ -64,6 +64,10 @@
#include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
static const DH_METHOD *default_DH_method = NULL;
@@ -76,7 +80,16 @@ void DH_set_default_method(const DH_METHOD *meth)
const DH_METHOD *DH_get_default_method(void)
{
if(!default_DH_method)
+ {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_openssl();
+ else
+ return DH_OpenSSL();
+#else
default_DH_method = DH_OpenSSL();
+#endif
+ }
return default_DH_method;
}
@@ -156,7 +169,7 @@ DH *DH_new_method(ENGINE *engine)
ret->counter = NULL;
ret->method_mont_p=NULL;
ret->references = 1;
- ret->flags=ret->meth->flags;
+ ret->flags=ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
diff --git a/deps/openssl/openssl/crypto/dsa/Makefile b/deps/openssl/openssl/crypto/dsa/Makefile
index 8073c4ecf..5fef4ca5a 100644
--- a/deps/openssl/openssl/crypto/dsa/Makefile
+++ b/deps/openssl/openssl/crypto/dsa/Makefile
@@ -99,8 +99,9 @@ dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_asn1.o: ../../include/openssl/opensslconf.h
dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
+dsa_asn1.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_asn1.o: ../cryptlib.h dsa_asn1.c
dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -189,7 +190,7 @@ dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dsa_prn.o: ../cryptlib.h dsa_prn.c
-dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h
+dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
diff --git a/deps/openssl/openssl/crypto/dsa/dsa.h b/deps/openssl/openssl/crypto/dsa/dsa.h
index ac50a5c84..a6f6d0b0b 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa.h
+++ b/deps/openssl/openssl/crypto/dsa/dsa.h
@@ -97,6 +97,21 @@
* be used for all exponents.
*/
+/* If this flag is set the DSA method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its reposibility
+ * to ensure the result is compliant.
+ */
+
+#define DSA_FLAG_FIPS_METHOD 0x0400
+
+/* If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -272,6 +287,8 @@ void ERR_load_DSA_strings(void);
#define DSA_F_DSAPARAMS_PRINT_FP 101
#define DSA_F_DSA_DO_SIGN 112
#define DSA_F_DSA_DO_VERIFY 113
+#define DSA_F_DSA_GENERATE_KEY 124
+#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
#define DSA_F_DSA_NEW_METHOD 103
#define DSA_F_DSA_PARAM_DECODE 119
#define DSA_F_DSA_PRINT_FP 105
@@ -282,6 +299,7 @@ void ERR_load_DSA_strings(void);
#define DSA_F_DSA_SIGN 106
#define DSA_F_DSA_SIGN_SETUP 107
#define DSA_F_DSA_SIG_NEW 109
+#define DSA_F_DSA_SIG_PRINT 125
#define DSA_F_DSA_VERIFY 108
#define DSA_F_I2D_DSA_SIG 111
#define DSA_F_OLD_DSA_PRIV_DECODE 122
@@ -298,6 +316,8 @@ void ERR_load_DSA_strings(void);
#define DSA_R_INVALID_DIGEST_TYPE 106
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_MODULUS_TOO_LARGE 103
+#define DSA_R_NEED_NEW_SETUP_VALUES 110
+#define DSA_R_NON_FIPS_DSA_METHOD 111
#define DSA_R_NO_PARAMETERS_SET 107
#define DSA_R_PARAMETER_ENCODING_ERROR 105
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_ameth.c b/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
index 6413aae46..376156ec5 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
@@ -542,6 +542,52 @@ static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
}
+static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig,
+ int indent, ASN1_PCTX *pctx)
+ {
+ DSA_SIG *dsa_sig;
+ const unsigned char *p;
+ if (!sig)
+ {
+ if (BIO_puts(bp, "\n") <= 0)
+ return 0;
+ else
+ return 1;
+ }
+ p = sig->data;
+ dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
+ if (dsa_sig)
+ {
+ int rv = 0;
+ size_t buf_len = 0;
+ unsigned char *m=NULL;
+ update_buflen(dsa_sig->r, &buf_len);
+ update_buflen(dsa_sig->s, &buf_len);
+ m = OPENSSL_malloc(buf_len+10);
+ if (m == NULL)
+ {
+ DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (BIO_write(bp, "\n", 1) != 1)
+ goto err;
+
+ if (!ASN1_bn_print(bp,"r: ",dsa_sig->r,m,indent))
+ goto err;
+ if (!ASN1_bn_print(bp,"s: ",dsa_sig->s,m,indent))
+ goto err;
+ rv = 1;
+ err:
+ if (m)
+ OPENSSL_free(m);
+ DSA_SIG_free(dsa_sig);
+ return rv;
+ }
+ return X509_signature_dump(bp, sig, indent);
+ }
+
static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
switch (op)
@@ -647,6 +693,7 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] =
dsa_copy_parameters,
dsa_cmp_parameters,
dsa_param_print,
+ dsa_sig_print,
int_dsa_free,
dsa_pkey_ctrl,
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_asn1.c b/deps/openssl/openssl/crypto/dsa/dsa_asn1.c
index c37460b2d..605853437 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_asn1.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_asn1.c
@@ -61,6 +61,7 @@
#include <openssl/dsa.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
+#include <openssl/rand.h>
/* Override the default new methods */
static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -87,7 +88,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
-IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG)
/* Override the default free and new methods */
static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -148,3 +149,40 @@ DSA *DSAparams_dup(DSA *dsa)
{
return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
}
+
+int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
+ unsigned int *siglen, DSA *dsa)
+ {
+ DSA_SIG *s;
+ RAND_seed(dgst, dlen);
+ s=DSA_do_sign(dgst,dlen,dsa);
+ if (s == NULL)
+ {
+ *siglen=0;
+ return(0);
+ }
+ *siglen=i2d_DSA_SIG(s,&sig);
+ DSA_SIG_free(s);
+ return(1);
+ }
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* returns
+ * 1: correct signature
+ * 0: incorrect signature
+ * -1: error
+ */
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int siglen, DSA *dsa)
+ {
+ DSA_SIG *s;
+ int ret=-1;
+
+ s = DSA_SIG_new();
+ if (s == NULL) return(ret);
+ if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
+ ret=DSA_do_verify(dgst,dgst_len,s,dsa);
+err:
+ DSA_SIG_free(s);
+ return(ret);
+ }
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_err.c b/deps/openssl/openssl/crypto/dsa/dsa_err.c
index bba984e92..00545b7b9 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_err.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
/* crypto/dsa/dsa_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -76,6 +76,8 @@ static ERR_STRING_DATA DSA_str_functs[]=
{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
+{ERR_FUNC(DSA_F_DSA_GENERATE_KEY), "DSA_generate_key"},
+{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX), "DSA_generate_parameters_ex"},
{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
{ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"},
{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
@@ -86,6 +88,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
+{ERR_FUNC(DSA_F_DSA_SIG_PRINT), "DSA_SIG_PRINT"},
{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"},
@@ -105,6 +108,8 @@ static ERR_STRING_DATA DSA_str_reasons[]=
{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"},
{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
+{ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"},
+{ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD) ,"non fips dsa method"},
{ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"},
{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
{0,NULL}
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_gen.c b/deps/openssl/openssl/crypto/dsa/dsa_gen.c
index cb0b4538a..c398761d0 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_gen.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_gen.c
@@ -81,13 +81,33 @@
#include <openssl/sha.h>
#include "dsa_locl.h"
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
int DSA_generate_parameters_ex(DSA *ret, int bits,
const unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+#endif
if(ret->meth->dsa_paramgen)
return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
counter_ret, h_ret, cb);
+#ifdef OPENSSL_FIPS
+ else if (FIPS_mode())
+ {
+ return FIPS_dsa_generate_parameters_ex(ret, bits,
+ seed_in, seed_len,
+ counter_ret, h_ret, cb);
+ }
+#endif
else
{
const EVP_MD *evpmd;
@@ -105,12 +125,13 @@ int DSA_generate_parameters_ex(DSA *ret, int bits,
}
return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
- seed_in, seed_len, counter_ret, h_ret, cb);
+ seed_in, seed_len, NULL, counter_ret, h_ret, cb);
}
}
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+ unsigned char *seed_out,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{
int ok=0;
@@ -201,8 +222,10 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
}
/* step 2 */
- EVP_Digest(seed, qsize, md, NULL, evpmd, NULL);
- EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL);
+ if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
+ goto err;
+ if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
+ goto err;
for (i = 0; i < qsize; i++)
md[i]^=buf2[i];
@@ -251,7 +274,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
break;
}
- EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL);
+ if (!EVP_Digest(buf, qsize, md ,NULL, evpmd,
+ NULL))
+ goto err;
/* step 8 */
if (!BN_bin2bn(md, qsize, r0))
@@ -332,6 +357,8 @@ err:
}
if (counter_ret != NULL) *counter_ret=counter;
if (h_ret != NULL) *h_ret=h;
+ if (seed_out)
+ memcpy(seed_out, seed, qsize);
}
if(ctx)
{
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_key.c b/deps/openssl/openssl/crypto/dsa/dsa_key.c
index c4aa86bc6..9cf669b92 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_key.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_key.c
@@ -64,12 +64,28 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
static int dsa_builtin_keygen(DSA *dsa);
int DSA_generate_key(DSA *dsa)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
+ }
+#endif
if(dsa->meth->dsa_keygen)
return dsa->meth->dsa_keygen(dsa);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dsa_generate_key(dsa);
+#endif
return dsa_builtin_keygen(dsa);
}
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_lib.c b/deps/openssl/openssl/crypto/dsa/dsa_lib.c
index e9b75902d..96d8d0c4b 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_lib.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_lib.c
@@ -70,6 +70,10 @@
#include <openssl/dh.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
static const DSA_METHOD *default_DSA_method = NULL;
@@ -82,7 +86,16 @@ void DSA_set_default_method(const DSA_METHOD *meth)
const DSA_METHOD *DSA_get_default_method(void)
{
if(!default_DSA_method)
+ {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dsa_openssl();
+ else
+ return DSA_OpenSSL();
+#else
default_DSA_method = DSA_OpenSSL();
+#endif
+ }
return default_DSA_method;
}
@@ -163,7 +176,7 @@ DSA *DSA_new_method(ENGINE *engine)
ret->method_mont_p=NULL;
ret->references=1;
- ret->flags=ret->meth->flags;
+ ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
@@ -276,7 +289,8 @@ void *DSA_get_ex_data(DSA *d, int idx)
DH *DSA_dup_DH(const DSA *r)
{
/* DSA has p, q, g, optional pub_key, optional priv_key.
- * DH has p, optional length, g, optional pub_key, optional priv_key.
+ * DH has p, optional length, g, optional pub_key, optional priv_key,
+ * optional q.
*/
DH *ret = NULL;
@@ -290,7 +304,11 @@ DH *DSA_dup_DH(const DSA *r)
if ((ret->p = BN_dup(r->p)) == NULL)
goto err;
if (r->q != NULL)
+ {
ret->length = BN_num_bits(r->q);
+ if ((ret->q = BN_dup(r->q)) == NULL)
+ goto err;
+ }
if (r->g != NULL)
if ((ret->g = BN_dup(r->g)) == NULL)
goto err;
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_locl.h b/deps/openssl/openssl/crypto/dsa/dsa_locl.h
index 2b8cfee3d..21e2e4524 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_locl.h
+++ b/deps/openssl/openssl/crypto/dsa/dsa_locl.h
@@ -56,4 +56,5 @@
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+ unsigned char *seed_out,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_ossl.c b/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
index a3ddd7d28..b3d78e524 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
@@ -136,6 +136,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
BN_CTX *ctx=NULL;
int reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
+ int noredo = 0;
BN_init(&m);
BN_init(&xr);
@@ -150,7 +151,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
if (s == NULL) goto err;
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
-
+redo:
if ((dsa->kinv == NULL) || (dsa->r == NULL))
{
if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
@@ -161,6 +162,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
dsa->kinv=NULL;
r=dsa->r;
dsa->r=NULL;
+ noredo = 1;
}
@@ -181,6 +183,18 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
ret=DSA_SIG_new();
if (ret == NULL) goto err;
+ /* Redo if r or s is zero as required by FIPS 186-3: this is
+ * very unlikely.
+ */
+ if (BN_is_zero(r) || BN_is_zero(s))
+ {
+ if (noredo)
+ {
+ reason = DSA_R_NEED_NEW_SETUP_VALUES;
+ goto err;
+ }
+ goto redo;
+ }
ret->r = r;
ret->s = s;
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_pmeth.c b/deps/openssl/openssl/crypto/dsa/dsa_pmeth.c
index e2df54fec..715d8d675 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_pmeth.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_pmeth.c
@@ -189,7 +189,9 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
- EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
{
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
@@ -253,7 +255,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
if (!dsa)
return 0;
ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
- NULL, 0, NULL, NULL, pcb);
+ NULL, 0, NULL, NULL, NULL, pcb);
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
else
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_sign.c b/deps/openssl/openssl/crypto/dsa/dsa_sign.c
index 17555e589..c3cc3642c 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_sign.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_sign.c
@@ -61,30 +61,54 @@
#include "cryptlib.h"
#include <openssl/dsa.h>
#include <openssl/rand.h>
+#include <openssl/bn.h>
DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD);
+ return NULL;
+ }
+#endif
return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
}
-int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
- unsigned int *siglen, DSA *dsa)
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
- DSA_SIG *s;
- RAND_seed(dgst, dlen);
- s=DSA_do_sign(dgst,dlen,dsa);
- if (s == NULL)
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
{
- *siglen=0;
- return(0);
+ DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD);
+ return 0;
}
- *siglen=i2d_DSA_SIG(s,&sig);
- DSA_SIG_free(s);
- return(1);
+#endif
+ return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
}
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+DSA_SIG *DSA_SIG_new(void)
{
- return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
+ DSA_SIG *sig;
+ sig = OPENSSL_malloc(sizeof(DSA_SIG));
+ if (!sig)
+ return NULL;
+ sig->r = NULL;
+ sig->s = NULL;
+ return sig;
+ }
+
+void DSA_SIG_free(DSA_SIG *sig)
+ {
+ if (sig)
+ {
+ if (sig->r)
+ BN_free(sig->r);
+ if (sig->s)
+ BN_free(sig->s);
+ OPENSSL_free(sig);
+ }
}
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_vrf.c b/deps/openssl/openssl/crypto/dsa/dsa_vrf.c
index 226a75ff3..674cb5fa5 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_vrf.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_vrf.c
@@ -64,26 +64,13 @@
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+ && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
+ {
+ DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
+ return -1;
+ }
+#endif
return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
}
-
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- * 1: correct signature
- * 0: incorrect signature
- * -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
- const unsigned char *sigbuf, int siglen, DSA *dsa)
- {
- DSA_SIG *s;
- int ret=-1;
-
- s = DSA_SIG_new();
- if (s == NULL) return(ret);
- if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
- ret=DSA_do_verify(dgst,dgst_len,s,dsa);
-err:
- DSA_SIG_free(s);
- return(ret);
- }
diff --git a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
index c2bc61760..5f2254806 100644
--- a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
+++ b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
@@ -86,7 +86,8 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
# if defined(_AIX) || defined(__CYGWIN__) || \
defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
(defined(__osf__) && !defined(RTLD_NEXT)) || \
- (defined(__OpenBSD__) && !defined(RTLD_SELF))
+ (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
+ defined(__ANDROID__)
# undef HAVE_DLINFO
# endif
#endif
diff --git a/deps/openssl/openssl/crypto/ec/Makefile b/deps/openssl/openssl/crypto/ec/Makefile
index db380ed16..f85fc845c 100644
--- a/deps/openssl/openssl/crypto/ec/Makefile
+++ b/deps/openssl/openssl/crypto/ec/Makefile
@@ -19,11 +19,15 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\
ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
- ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c
+ ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c \
+ ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
+ ecp_oct.c ec2_oct.c ec_oct.c
LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\
ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
- ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o
+ ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o \
+ ecp_nistp224.o ecp_nistp256.o ecp_nistp521.o ecp_nistputil.o \
+ ecp_oct.o ec2_oct.o ec_oct.o
SRC= $(LIBSRC)
@@ -87,6 +91,14 @@ ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
+ec2_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_oct.o: ../../include/openssl/symhacks.h ec2_oct.c ec_lcl.h
ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -174,6 +186,14 @@ ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
+ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ec_oct.c
ec_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
ec_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
ec_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -221,6 +241,18 @@ ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
+ecp_nistp224.o: ../../include/openssl/opensslconf.h ecp_nistp224.c
+ecp_nistp256.o: ../../include/openssl/opensslconf.h ecp_nistp256.c
+ecp_nistp521.o: ../../include/openssl/opensslconf.h ecp_nistp521.c
+ecp_nistputil.o: ../../include/openssl/opensslconf.h ecp_nistputil.c
+ecp_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_oct.c
ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/deps/openssl/openssl/crypto/ec/ec.h b/deps/openssl/openssl/crypto/ec/ec.h
index ee7078130..dfe8710d3 100644
--- a/deps/openssl/openssl/crypto/ec/ec.h
+++ b/deps/openssl/openssl/crypto/ec/ec.h
@@ -151,7 +151,24 @@ const EC_METHOD *EC_GFp_mont_method(void);
*/
const EC_METHOD *EC_GFp_nist_method(void);
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/** Returns 64-bit optimized methods for nistp224
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp224_method(void);
+
+/** Returns 64-bit optimized methods for nistp256
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp256_method(void);
+
+/** Returns 64-bit optimized methods for nistp521
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp521_method(void);
+#endif
+#ifndef OPENSSL_NO_EC2M
/********************************************************************/
/* EC_METHOD for curves over GF(2^m) */
/********************************************************************/
@@ -161,6 +178,8 @@ const EC_METHOD *EC_GFp_nist_method(void);
*/
const EC_METHOD *EC_GF2m_simple_method(void);
+#endif
+
/********************************************************************/
/* EC_GROUP functions */
@@ -255,10 +274,10 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
-void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
@@ -282,6 +301,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co
*/
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+#ifndef OPENSSL_NO_EC2M
/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
* \param group EC_GROUP object
* \param p BIGNUM with the polynomial defining the underlying field
@@ -301,7 +321,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
+#endif
/** Returns the number of bits needed to represent a field element
* \param group EC_GROUP object
* \return number of bits needed to represent a field element
@@ -342,7 +362,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-
+#ifndef OPENSSL_NO_EC2M
/** Creates a new EC_GROUP object with the specified parameters defined
* over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
* \param p BIGNUM with the polynomial defining the underlying field
@@ -352,7 +372,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-
+#endif
/** Creates a EC_GROUP object with a curve specified by a NID
* \param nid NID of the OID of the curve name
* \return newly created EC_GROUP object with specified curve or NULL
@@ -481,7 +501,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
*/
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
-
+#ifndef OPENSSL_NO_EC2M
/** Sets the affine coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -514,7 +534,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
*/
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
-
+#endif
/** Encodes a EC_POINT object to a octet string
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -606,8 +626,8 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *c
*/
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
-int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
* \param group underlying EC_GROUP object
@@ -653,9 +673,11 @@ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
/* EC_GROUP_get_basis_type() returns the NID of the basis type
* used to represent the field elements */
int EC_GROUP_get_basis_type(const EC_GROUP *);
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
unsigned int *k2, unsigned int *k3);
+#endif
#define OPENSSL_EC_NAMED_CURVE 0x001
@@ -689,11 +711,21 @@ typedef struct ec_key_st EC_KEY;
#define EC_PKEY_NO_PARAMETERS 0x001
#define EC_PKEY_NO_PUBKEY 0x002
+/* some values for the flags field */
+#define EC_FLAG_NON_FIPS_ALLOW 0x1
+#define EC_FLAG_FIPS_CHECKED 0x2
+
/** Creates a new EC_KEY object.
* \return EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_new(void);
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
/** Creates a new EC_KEY object using a named curve as underlying
* EC_GROUP object.
* \param nid NID of the named curve.
@@ -768,16 +800,24 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
-void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */
-void *EC_KEY_get_key_method_data(EC_KEY *,
+void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_KEY_insert_key_method_data(EC_KEY *, void *data,
+/** Sets the key method data of an EC_KEY object, if none has yet been set.
+ * \param key EC_KEY object
+ * \param data opaque data to install.
+ * \param dup_func a function that duplicates |data|.
+ * \param free_func a function that frees |data|.
+ * \param clear_free_func a function that wipes and frees |data|.
+ * \return the previously set data pointer, or NULL if |data| was inserted.
+ */
+void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *, int);
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.
@@ -799,6 +839,15 @@ int EC_KEY_generate_key(EC_KEY *key);
*/
int EC_KEY_check_key(const EC_KEY *key);
+/** Sets a public key from affine coordindates performing
+ * neccessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+ * \param y public key y coordinate
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+
/********************************************************************/
/* de- and encoding functions for SEC1 ECPrivateKey */
@@ -926,6 +975,7 @@ void ERR_load_EC_strings(void);
/* Error codes for the EC functions. */
/* Function codes. */
+#define EC_F_BN_TO_FELEM 224
#define EC_F_COMPUTE_WNAF 143
#define EC_F_D2I_ECPARAMETERS 144
#define EC_F_D2I_ECPKPARAMETERS 145
@@ -968,6 +1018,15 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_GFP_MONT_FIELD_SQR 132
#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
+#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+#define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+#define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+#define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+#define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+#define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+#define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+#define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
#define EC_F_EC_GFP_NIST_FIELD_MUL 200
#define EC_F_EC_GFP_NIST_FIELD_SQR 201
#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
@@ -1010,6 +1069,7 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_KEY_NEW 182
#define EC_F_EC_KEY_PRINT 180
#define EC_F_EC_KEY_PRINT_FP 181
+#define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
#define EC_F_EC_POINTS_MAKE_AFFINE 136
#define EC_F_EC_POINT_ADD 112
#define EC_F_EC_POINT_CMP 113
@@ -1040,6 +1100,9 @@ void ERR_load_EC_strings(void);
#define EC_F_I2D_ECPKPARAMETERS 191
#define EC_F_I2D_ECPRIVATEKEY 192
#define EC_F_I2O_ECPUBLICKEY 151
+#define EC_F_NISTP224_PRE_COMP_NEW 227
+#define EC_F_NISTP256_PRE_COMP_NEW 236
+#define EC_F_NISTP521_PRE_COMP_NEW 237
#define EC_F_O2I_ECPUBLICKEY 152
#define EC_F_OLD_EC_PRIV_DECODE 222
#define EC_F_PKEY_EC_CTRL 197
@@ -1052,12 +1115,15 @@ void ERR_load_EC_strings(void);
/* Reason codes. */
#define EC_R_ASN1_ERROR 115
#define EC_R_ASN1_UNKNOWN_FIELD 116
+#define EC_R_BIGNUM_OUT_OF_RANGE 144
#define EC_R_BUFFER_TOO_SMALL 100
+#define EC_R_COORDINATES_OUT_OF_RANGE 146
#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
#define EC_R_DECODE_ERROR 142
#define EC_R_DISCRIMINANT_IS_ZERO 118
#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
#define EC_R_FIELD_TOO_LARGE 143
+#define EC_R_GF2M_NOT_SUPPORTED 147
#define EC_R_GROUP2PKPARAMETERS_FAILURE 120
#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
#define EC_R_INCOMPATIBLE_OBJECTS 101
@@ -1092,6 +1158,7 @@ void ERR_load_EC_strings(void);
#define EC_R_UNKNOWN_GROUP 129
#define EC_R_UNKNOWN_ORDER 114
#define EC_R_UNSUPPORTED_FIELD 131
+#define EC_R_WRONG_CURVE_PARAMETERS 145
#define EC_R_WRONG_ORDER 130
#ifdef __cplusplus
diff --git a/deps/openssl/openssl/crypto/ec/ec2_mult.c b/deps/openssl/openssl/crypto/ec/ec2_mult.c
index e12b9b284..26f4a783f 100644
--- a/deps/openssl/openssl/crypto/ec/ec2_mult.c
+++ b/deps/openssl/openssl/crypto/ec/ec2_mult.c
@@ -71,6 +71,8 @@
#include "ec_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
/* Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective
* coordinates.
@@ -384,3 +386,5 @@ int ec_GF2m_have_precompute_mult(const EC_GROUP *group)
{
return ec_wNAF_have_precompute_mult(group);
}
+
+#endif
diff --git a/deps/openssl/openssl/crypto/ec/ec2_smpl.c b/deps/openssl/openssl/crypto/ec/ec2_smpl.c
index 03deae667..e0e59c7d8 100644
--- a/deps/openssl/openssl/crypto/ec/ec2_smpl.c
+++ b/deps/openssl/openssl/crypto/ec/ec2_smpl.c
@@ -71,10 +71,20 @@
#include "ec_lcl.h"
+#ifndef OPENSSL_NO_EC2M
+
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
const EC_METHOD *EC_GF2m_simple_method(void)
{
+#ifdef OPENSSL_FIPS
+ return fips_ec_gf2m_simple_method();
+#else
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_characteristic_two_field,
ec_GF2m_simple_group_init,
ec_GF2m_simple_group_finish,
@@ -93,9 +103,7 @@ const EC_METHOD *EC_GF2m_simple_method(void)
0 /* get_Jprojective_coordinates_GFp */,
ec_GF2m_simple_point_set_affine_coordinates,
ec_GF2m_simple_point_get_affine_coordinates,
- ec_GF2m_simple_set_compressed_coordinates,
- ec_GF2m_simple_point2oct,
- ec_GF2m_simple_oct2point,
+ 0,0,0,
ec_GF2m_simple_add,
ec_GF2m_simple_dbl,
ec_GF2m_simple_invert,
@@ -118,6 +126,7 @@ const EC_METHOD *EC_GF2m_simple_method(void)
0 /* field_set_to_one */ };
return &ret;
+#endif
}
@@ -405,340 +414,6 @@ int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_
return ret;
}
-
-/* Calculates and sets the affine coordinates of an EC_POINT from the given
- * compressed coordinates. Uses algorithm 2.3.4 of SEC 1.
- * Note that the simple implementation only uses affine coordinates.
- *
- * The method is from the following publication:
- *
- * Harper, Menezes, Vanstone:
- * "Public-Key Cryptosystems with Very Small Key Lengths",
- * EUROCRYPT '92, Springer-Verlag LNCS 658,
- * published February 1993
- *
- * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
- * the same method, but claim no priority date earlier than July 29, 1994
- * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
- */
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x_, int y_bit, BN_CTX *ctx)
- {
- BN_CTX *new_ctx = NULL;
- BIGNUM *tmp, *x, *y, *z;
- int ret = 0, z0;
-
- /* clear error queue */
- ERR_clear_error();
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- y_bit = (y_bit != 0) ? 1 : 0;
-
- BN_CTX_start(ctx);
- tmp = BN_CTX_get(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- z = BN_CTX_get(ctx);
- if (z == NULL) goto err;
-
- if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err;
- if (BN_is_zero(x))
- {
- if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err;
- }
- else
- {
- if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err;
- if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err;
- if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err;
- if (!BN_GF2m_add(tmp, x, tmp)) goto err;
- if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx))
- {
- unsigned long err = ERR_peek_last_error();
-
- if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION)
- {
- ERR_clear_error();
- ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
- }
- else
- ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
- goto err;
- }
- z0 = (BN_is_odd(z)) ? 1 : 0;
- if (!group->meth->field_mul(group, y, x, z, ctx)) goto err;
- if (z0 != y_bit)
- {
- if (!BN_GF2m_add(y, y, x)) goto err;
- }
- }
-
- if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
- }
-
-
-/* Converts an EC_POINT to an octet string.
- * If buf is NULL, the encoded length will be returned.
- * If the length len of buf is smaller than required an error will be returned.
- */
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- size_t ret;
- BN_CTX *new_ctx = NULL;
- int used_ctx = 0;
- BIGNUM *x, *y, *yxi;
- size_t field_len, i, skip;
-
- if ((form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID))
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
- goto err;
- }
-
- if (EC_POINT_is_at_infinity(group, point))
- {
- /* encodes to a single 0 octet */
- if (buf != NULL)
- {
- if (len < 1)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- buf[0] = 0;
- }
- return 1;
- }
-
-
- /* ret := required output buffer length */
- field_len = (EC_GROUP_get_degree(group) + 7) / 8;
- ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
- /* if 'buf' is NULL, just return required length */
- if (buf != NULL)
- {
- if (len < ret)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- goto err;
- }
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- used_ctx = 1;
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- yxi = BN_CTX_get(ctx);
- if (yxi == NULL) goto err;
-
- if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
-
- buf[0] = form;
- if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x))
- {
- if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err;
- if (BN_is_odd(yxi)) buf[0]++;
- }
-
- i = 1;
-
- skip = field_len - BN_num_bytes(x);
- if (skip > field_len)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0)
- {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(x, buf + i);
- i += skip;
- if (i != 1 + field_len)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID)
- {
- skip = field_len - BN_num_bytes(y);
- if (skip > field_len)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0)
- {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(y, buf + i);
- i += skip;
- }
-
- if (i != ret)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-
- err:
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return 0;
- }
-
-
-/* Converts an octet string representation to an EC_POINT.
- * Note that the simple implementation only uses affine coordinates.
- */
-int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- point_conversion_form_t form;
- int y_bit;
- BN_CTX *new_ctx = NULL;
- BIGNUM *x, *y, *yxi;
- size_t field_len, enc_len;
- int ret = 0;
-
- if (len == 0)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- form = buf[0];
- y_bit = form & 1;
- form = form & ~1U;
- if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID))
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
- if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (form == 0)
- {
- if (len != 1)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- return EC_POINT_set_to_infinity(group, point);
- }
-
- field_len = (EC_GROUP_get_degree(group) + 7) / 8;
- enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
- if (len != enc_len)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- yxi = BN_CTX_get(ctx);
- if (yxi == NULL) goto err;
-
- if (!BN_bin2bn(buf + 1, field_len, x)) goto err;
- if (BN_ucmp(x, &group->field) >= 0)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
-
- if (form == POINT_CONVERSION_COMPRESSED)
- {
- if (!EC_POINT_set_compressed_coordinates_GF2m(group, point, x, y_bit, ctx)) goto err;
- }
- else
- {
- if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err;
- if (BN_ucmp(y, &group->field) >= 0)
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- if (form == POINT_CONVERSION_HYBRID)
- {
- if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err;
- if (y_bit != BN_is_odd(yxi))
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- }
-
- if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
- }
-
- if (!EC_POINT_is_on_curve(group, point, ctx)) /* test required by X9.62 */
- {
- ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
- }
-
-
/* Computes a + b and stores the result in r. r could be a or b, a could be b.
* Uses algorithm A.10.2 of IEEE P1363.
*/
@@ -1040,3 +715,5 @@ int ec_GF2m_simple_field_div(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
{
return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
}
+
+#endif
diff --git a/deps/openssl/openssl/crypto/ec/ec_ameth.c b/deps/openssl/openssl/crypto/ec/ec_ameth.c
index c00f7d746..83909c185 100644
--- a/deps/openssl/openssl/crypto/ec/ec_ameth.c
+++ b/deps/openssl/openssl/crypto/ec/ec_ameth.c
@@ -651,6 +651,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth =
ec_copy_parameters,
ec_cmp_parameters,
eckey_param_print,
+ 0,
int_ec_free,
ec_pkey_ctrl,
diff --git a/deps/openssl/openssl/crypto/ec/ec_asn1.c b/deps/openssl/openssl/crypto/ec/ec_asn1.c
index ae5553985..175eec534 100644
--- a/deps/openssl/openssl/crypto/ec/ec_asn1.c
+++ b/deps/openssl/openssl/crypto/ec/ec_asn1.c
@@ -83,7 +83,7 @@ int EC_GROUP_get_basis_type(const EC_GROUP *group)
/* everything else is currently not supported */
return 0;
}
-
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
{
if (group == NULL)
@@ -101,7 +101,6 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
return 1;
}
-
int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
unsigned int *k2, unsigned int *k3)
{
@@ -124,7 +123,7 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
return 1;
}
-
+#endif
/* some structures needed for the asn1 encoding */
@@ -340,6 +339,12 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
}
}
else /* nid == NID_X9_62_characteristic_two_field */
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
{
int field_type;
X9_62_CHARACTERISTIC_TWO *char_two;
@@ -419,6 +424,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
}
}
}
+#endif
ok = 1;
@@ -456,6 +462,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* nid == NID_X9_62_characteristic_two_field */
{
if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL))
@@ -464,7 +471,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
goto err;
}
}
-
+#endif
len_1 = (size_t)BN_num_bytes(tmp_1);
len_2 = (size_t)BN_num_bytes(tmp_2);
@@ -775,8 +782,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
/* get the field parameters */
tmp = OBJ_obj2nid(params->fieldID->fieldType);
-
if (tmp == NID_X9_62_characteristic_two_field)
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
{
X9_62_CHARACTERISTIC_TWO *char_two;
@@ -862,6 +874,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
/* create the EC_GROUP structure */
ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
}
+#endif
else if (tmp == NID_X9_62_prime_field)
{
/* we have a curve over a prime field */
@@ -1065,6 +1078,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
if ((group = ec_asn1_pkparameters2group(params)) == NULL)
{
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
+ ECPKPARAMETERS_free(params);
return NULL;
}
diff --git a/deps/openssl/openssl/crypto/ec/ec_curve.c b/deps/openssl/openssl/crypto/ec/ec_curve.c
index 23274e403..c72fb2697 100644
--- a/deps/openssl/openssl/crypto/ec/ec_curve.c
+++ b/deps/openssl/openssl/crypto/ec/ec_curve.c
@@ -3,7 +3,7 @@
* Written by Nils Larsch for the OpenSSL project.
*/
/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -72,6 +72,7 @@
#include "ec_lcl.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
+#include <openssl/opensslconf.h>
typedef struct {
int field_type, /* either NID_X9_62_prime_field or
@@ -703,6 +704,8 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+28*6]; }
0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D }
};
+#ifndef OPENSSL_NO_EC2M
+
/* characteristic two curves */
static const struct { EC_CURVE_DATA h; unsigned char data[20+15*6]; }
_EC_SECG_CHAR2_113R1 = {
@@ -1300,7 +1303,7 @@ static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
{ 0x53,0x81,0x4C,0x05,0x0D,0x44,0xD6,0x96,0xE6,0x76, /* seed */
0x87,0x56,0x15,0x17,0x58,0x0C,0xA4,0xE2,0x9F,0xFD,
- 0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p */
+ 0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p */
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
0x07,
0x01,0x08,0xB3,0x9E,0x77,0xC4,0xB1,0x08,0xBE,0xD9, /* a */
@@ -1817,103 +1820,128 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; }
0xBA,0xFC,0xA7,0x5E }
};
+#endif
+
typedef struct _ec_list_element_st {
int nid;
const EC_CURVE_DATA *data;
+ const EC_METHOD *(*meth)(void);
const char *comment;
} ec_list_element;
static const ec_list_element curve_list[] = {
- /* prime field curves */
+ /* prime field curves */
/* secg curves */
- { NID_secp112r1, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"},
- { NID_secp112r2, &_EC_SECG_PRIME_112R2.h, "SECG curve over a 112 bit prime field"},
- { NID_secp128r1, &_EC_SECG_PRIME_128R1.h, "SECG curve over a 128 bit prime field"},
- { NID_secp128r2, &_EC_SECG_PRIME_128R2.h, "SECG curve over a 128 bit prime field"},
- { NID_secp160k1, &_EC_SECG_PRIME_160K1.h, "SECG curve over a 160 bit prime field"},
- { NID_secp160r1, &_EC_SECG_PRIME_160R1.h, "SECG curve over a 160 bit prime field"},
- { NID_secp160r2, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"},
+ { NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" },
+ { NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, "SECG curve over a 112 bit prime field" },
+ { NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, "SECG curve over a 128 bit prime field" },
+ { NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, "SECG curve over a 128 bit prime field" },
+ { NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, "SECG curve over a 160 bit prime field" },
+ { NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, "SECG curve over a 160 bit prime field" },
+ { NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" },
/* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
- { NID_secp192k1, &_EC_SECG_PRIME_192K1.h, "SECG curve over a 192 bit prime field"},
- { NID_secp224k1, &_EC_SECG_PRIME_224K1.h, "SECG curve over a 224 bit prime field"},
- { NID_secp224r1, &_EC_NIST_PRIME_224.h, "NIST/SECG curve over a 224 bit prime field"},
- { NID_secp256k1, &_EC_SECG_PRIME_256K1.h, "SECG curve over a 256 bit prime field"},
+ { NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, "SECG curve over a 192 bit prime field" },
+ { NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, "SECG curve over a 224 bit prime field" },
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ { NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, "NIST/SECG curve over a 224 bit prime field" },
+#else
+ { NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field" },
+#endif
+ { NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field" },
/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
- { NID_secp384r1, &_EC_NIST_PRIME_384.h, "NIST/SECG curve over a 384 bit prime field"},
- { NID_secp521r1, &_EC_NIST_PRIME_521.h, "NIST/SECG curve over a 521 bit prime field"},
+ { NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" },
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ { NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, "NIST/SECG curve over a 521 bit prime field" },
+#else
+ { NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, "NIST/SECG curve over a 521 bit prime field" },
+#endif
/* X9.62 curves */
- { NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, "NIST/X9.62/SECG curve over a 192 bit prime field"},
- { NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, "X9.62 curve over a 192 bit prime field"},
- { NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, "X9.62 curve over a 192 bit prime field"},
- { NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, "X9.62 curve over a 239 bit prime field"},
- { NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, "X9.62 curve over a 239 bit prime field"},
- { NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, "X9.62 curve over a 239 bit prime field"},
- { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, "X9.62/SECG curve over a 256 bit prime field"},
+ { NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field" },
+ { NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, "X9.62 curve over a 192 bit prime field" },
+ { NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, "X9.62 curve over a 192 bit prime field" },
+ { NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, "X9.62 curve over a 239 bit prime field" },
+ { NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, "X9.62 curve over a 239 bit prime field" },
+ { NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, "X9.62 curve over a 239 bit prime field" },
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field" },
+#else
+ { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" },
+#endif
+#ifndef OPENSSL_NO_EC2M
/* characteristic two field curves */
/* NIST/SECG curves */
- { NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"},
- { NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, "SECG curve over a 113 bit binary field"},
- { NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, "SECG/WTLS curve over a 131 bit binary field"},
- { NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, "SECG curve over a 131 bit binary field"},
- { NID_sect163k1, &_EC_NIST_CHAR2_163K.h, "NIST/SECG/WTLS curve over a 163 bit binary field" },
- { NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, "SECG curve over a 163 bit binary field"},
- { NID_sect163r2, &_EC_NIST_CHAR2_163B.h, "NIST/SECG curve over a 163 bit binary field" },
- { NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, "SECG curve over a 193 bit binary field"},
- { NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, "SECG curve over a 193 bit binary field"},
- { NID_sect233k1, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field" },
- { NID_sect233r1, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field" },
- { NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, "SECG curve over a 239 bit binary field"},
- { NID_sect283k1, &_EC_NIST_CHAR2_283K.h, "NIST/SECG curve over a 283 bit binary field" },
- { NID_sect283r1, &_EC_NIST_CHAR2_283B.h, "NIST/SECG curve over a 283 bit binary field" },
- { NID_sect409k1, &_EC_NIST_CHAR2_409K.h, "NIST/SECG curve over a 409 bit binary field" },
- { NID_sect409r1, &_EC_NIST_CHAR2_409B.h, "NIST/SECG curve over a 409 bit binary field" },
- { NID_sect571k1, &_EC_NIST_CHAR2_571K.h, "NIST/SECG curve over a 571 bit binary field" },
- { NID_sect571r1, &_EC_NIST_CHAR2_571B.h, "NIST/SECG curve over a 571 bit binary field" },
+ { NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" },
+ { NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, "SECG curve over a 113 bit binary field" },
+ { NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, "SECG/WTLS curve over a 131 bit binary field" },
+ { NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, "SECG curve over a 131 bit binary field" },
+ { NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" },
+ { NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, "SECG curve over a 163 bit binary field" },
+ { NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field" },
+ { NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, "SECG curve over a 193 bit binary field" },
+ { NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, "SECG curve over a 193 bit binary field" },
+ { NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },
+ { NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },
+ { NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, "SECG curve over a 239 bit binary field" },
+ { NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field" },
+ { NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field" },
+ { NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field" },
+ { NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field" },
+ { NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field" },
+ { NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field" },
/* X9.62 curves */
- { NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},
- { NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, "X9.62 curve over a 163 bit binary field"},
- { NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, "X9.62 curve over a 163 bit binary field"},
- { NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, "X9.62 curve over a 176 bit binary field"},
- { NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, "X9.62 curve over a 191 bit binary field"},
- { NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, "X9.62 curve over a 191 bit binary field"},
- { NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, "X9.62 curve over a 191 bit binary field"},
- { NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, "X9.62 curve over a 208 bit binary field"},
- { NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, "X9.62 curve over a 239 bit binary field"},
- { NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, "X9.62 curve over a 239 bit binary field"},
- { NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, "X9.62 curve over a 239 bit binary field"},
- { NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, "X9.62 curve over a 272 bit binary field"},
- { NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, "X9.62 curve over a 304 bit binary field"},
- { NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, "X9.62 curve over a 359 bit binary field"},
- { NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, "X9.62 curve over a 368 bit binary field"},
- { NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, "X9.62 curve over a 431 bit binary field"},
+ { NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" },
+ { NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, "X9.62 curve over a 163 bit binary field" },
+ { NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, "X9.62 curve over a 163 bit binary field" },
+ { NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, "X9.62 curve over a 176 bit binary field" },
+ { NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, "X9.62 curve over a 191 bit binary field" },
+ { NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, "X9.62 curve over a 191 bit binary field" },
+ { NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, "X9.62 curve over a 191 bit binary field" },
+ { NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, "X9.62 curve over a 208 bit binary field" },
+ { NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, "X9.62 curve over a 239 bit binary field" },
+ { NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, "X9.62 curve over a 239 bit binary field" },
+ { NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, "X9.62 curve over a 239 bit binary field" },
+ { NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, "X9.62 curve over a 272 bit binary field" },
+ { NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, "X9.62 curve over a 304 bit binary field" },
+ { NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, "X9.62 curve over a 359 bit binary field" },
+ { NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, "X9.62 curve over a 368 bit binary field" },
+ { NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, "X9.62 curve over a 431 bit binary field" },
/* the WAP/WTLS curves
* [unlike SECG, spec has its own OIDs for curves from X9.62] */
- { NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, "WTLS curve over a 113 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, "NIST/SECG/WTLS curve over a 163 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"},
- { NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"},
- { NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, "WTLS curve over a 112 bit prime field"},
- { NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, "WTLS curve over a 160 bit prime field" },
- { NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},
- { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, "WTLS curvs over a 224 bit prime field"},
+ { NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, "WTLS curve over a 113 bit binary field" },
+ { NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" },
+ { NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" },
+ { NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" },
+#endif
+ { NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" },
+ { NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" },
+ { NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, "WTLS curve over a 112 bit prime field" },
+ { NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, "WTLS curve over a 160 bit prime field" },
+#ifndef OPENSSL_NO_EC2M
+ { NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },
+ { NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },
+#endif
+ { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, "WTLS curvs over a 224 bit prime field" },
+#ifndef OPENSSL_NO_EC2M
/* IPSec curves */
- { NID_ipsec3, &_EC_IPSEC_155_ID3.h, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
- { NID_ipsec4, &_EC_IPSEC_185_ID4.h, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+ { NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
+ "\tNot suitable for ECDSA.\n\tQuestionable extension field!" },
+ { NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
+ "\tNot suitable for ECDSA.\n\tQuestionable extension field!" },
+#endif
};
#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
-static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
+static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
{
EC_GROUP *group=NULL;
EC_POINT *P=NULL;
BN_CTX *ctx=NULL;
- BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;
+ BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;
int ok=0;
int seed_len,param_len;
+ const EC_METHOD *meth;
+ const EC_CURVE_DATA *data;
const unsigned char *params;
if ((ctx = BN_CTX_new()) == NULL)
@@ -1922,10 +1950,11 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
goto err;
}
+ data = curve.data;
seed_len = data->seed_len;
param_len = data->param_len;
- params = (const unsigned char *)(data+1); /* skip header */
- params += seed_len; /* skip seed */
+ params = (const unsigned char *)(data+1); /* skip header */
+ params += seed_len; /* skip seed */
if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL))
|| !(a = BN_bin2bn(params+1*param_len, param_len, NULL))
@@ -1935,7 +1964,17 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
goto err;
}
- if (data->field_type == NID_X9_62_prime_field)
+ if (curve.meth != 0)
+ {
+ meth = curve.meth();
+ if (((group = EC_GROUP_new(meth)) == NULL) ||
+ (!(group->meth->group_set_curve(group, p, a, b, ctx))))
+ {
+ ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+ else if (data->field_type == NID_X9_62_prime_field)
{
if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL)
{
@@ -1943,6 +1982,7 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* field_type == NID_X9_62_characteristic_two_field */
{
if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL)
@@ -1951,20 +1991,21 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
goto err;
}
}
+#endif
if ((P = EC_POINT_new(group)) == NULL)
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
}
-
+
if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL))
|| !(y = BN_bin2bn(params+4*param_len, param_len, NULL)))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
goto err;
}
- if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx))
+ if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
{
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
@@ -2025,7 +2066,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
for (i=0; i<curve_list_length; i++)
if (curve_list[i].nid == nid)
{
- ret = ec_group_new_from_data(curve_list[i].data);
+ ret = ec_group_new_from_data(curve_list[i]);
break;
}
diff --git a/deps/openssl/openssl/crypto/ec/ec_cvt.c b/deps/openssl/openssl/crypto/ec/ec_cvt.c
index d45640bab..bfcbab35f 100644
--- a/deps/openssl/openssl/crypto/ec/ec_cvt.c
+++ b/deps/openssl/openssl/crypto/ec/ec_cvt.c
@@ -78,7 +78,32 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
const EC_METHOD *meth;
EC_GROUP *ret;
+#if defined(OPENSSL_BN_ASM_MONT)
+ /*
+ * This might appear controversial, but the fact is that generic
+ * prime method was observed to deliver better performance even
+ * for NIST primes on a range of platforms, e.g.: 60%-15%
+ * improvement on IA-64, ~25% on ARM, 30%-90% on P4, 20%-25%
+ * in 32-bit build and 35%--12% in 64-bit build on Core2...
+ * Coefficients are relative to optimized bn_nist.c for most
+ * intensive ECDSA verify and ECDH operations for 192- and 521-
+ * bit keys respectively. Choice of these boundary values is
+ * arguable, because the dependency of improvement coefficient
+ * from key length is not a "monotone" curve. For example while
+ * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
+ * generally faster, sometimes "respectfully" faster, sometimes
+ * "tolerably" slower... What effectively happens is that loop
+ * with bn_mul_add_words is put against bn_mul_mont, and the
+ * latter "wins" on short vectors. Correct solution should be
+ * implementing dedicated NxN multiplication subroutines for
+ * small N. But till it materializes, let's stick to generic
+ * prime method...
+ * <appro>
+ */
+ meth = EC_GFp_mont_method();
+#else
meth = EC_GFp_nist_method();
+#endif
ret = EC_GROUP_new(meth);
if (ret == NULL)
@@ -122,7 +147,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
return ret;
}
-
+#ifndef OPENSSL_NO_EC2M
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
const EC_METHOD *meth;
@@ -142,3 +167,4 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM
return ret;
}
+#endif
diff --git a/deps/openssl/openssl/crypto/ec/ec_err.c b/deps/openssl/openssl/crypto/ec/ec_err.c
index 84b483337..0d1939873 100644
--- a/deps/openssl/openssl/crypto/ec/ec_err.c
+++ b/deps/openssl/openssl/crypto/ec/ec_err.c
@@ -1,6 +1,6 @@
/* crypto/ec/ec_err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
static ERR_STRING_DATA EC_str_functs[]=
{
+{ERR_FUNC(EC_F_BN_TO_FELEM), "BN_TO_FELEM"},
{ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
{ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
@@ -112,6 +113,15 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE), "ec_GFp_mont_group_set_curve"},
{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP), "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE), "ec_GFp_nistp224_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp224_point_get_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE), "ec_GFp_nistp256_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp256_point_get_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE), "ec_GFp_nistp521_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
+{ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp521_point_get_affine_coordinates"},
{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE), "ec_GFp_nist_group_set_curve"},
@@ -154,6 +164,7 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
{ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
{ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
+{ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES), "EC_KEY_set_public_key_affine_coordinates"},
{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
{ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
{ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
@@ -184,6 +195,9 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
{ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
+{ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "NISTP224_PRE_COMP_NEW"},
+{ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "NISTP256_PRE_COMP_NEW"},
+{ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "NISTP521_PRE_COMP_NEW"},
{ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
{ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"},
{ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"},
@@ -199,12 +213,15 @@ static ERR_STRING_DATA EC_str_reasons[]=
{
{ERR_REASON(EC_R_ASN1_ERROR) ,"asn1 error"},
{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD) ,"asn1 unknown field"},
+{ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE) ,"bignum out of range"},
{ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"},
+{ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE),"coordinates out of range"},
{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"},
{ERR_REASON(EC_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"},
{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"},
{ERR_REASON(EC_R_FIELD_TOO_LARGE) ,"field too large"},
+{ERR_REASON(EC_R_GF2M_NOT_SUPPORTED) ,"gf2m not supported"},
{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"},
{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),"i2d ecpkparameters failure"},
{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS) ,"incompatible objects"},
@@ -239,6 +256,7 @@ static ERR_STRING_DATA EC_str_reasons[]=
{ERR_REASON(EC_R_UNKNOWN_GROUP) ,"unknown group"},
{ERR_REASON(EC_R_UNKNOWN_ORDER) ,"unknown order"},
{ERR_REASON(EC_R_UNSUPPORTED_FIELD) ,"unsupported field"},
+{ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS) ,"wrong curve parameters"},
{ERR_REASON(EC_R_WRONG_ORDER) ,"wrong order"},
{0,NULL}
};
diff --git a/deps/openssl/openssl/crypto/ec/ec_key.c b/deps/openssl/openssl/crypto/ec/ec_key.c
index 522802c07..7fa247593 100644
--- a/deps/openssl/openssl/crypto/ec/ec_key.c
+++ b/deps/openssl/openssl/crypto/ec/ec_key.c
@@ -64,7 +64,9 @@
#include <string.h>
#include "ec_lcl.h"
#include <openssl/err.h>
-#include <string.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
EC_KEY *EC_KEY_new(void)
{
@@ -78,6 +80,7 @@ EC_KEY *EC_KEY_new(void)
}
ret->version = 1;
+ ret->flags = 0;
ret->group = NULL;
ret->pub_key = NULL;
ret->priv_key= NULL;
@@ -197,6 +200,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
dest->enc_flag = src->enc_flag;
dest->conv_form = src->conv_form;
dest->version = src->version;
+ dest->flags = src->flags;
return dest;
}
@@ -237,6 +241,11 @@ int EC_KEY_generate_key(EC_KEY *eckey)
BIGNUM *priv_key = NULL, *order = NULL;
EC_POINT *pub_key = NULL;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ec_key_generate_key(eckey);
+#endif
+
if (!eckey || !eckey->group)
{
ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
@@ -371,6 +380,82 @@ err:
return(ok);
}
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y)
+ {
+ BN_CTX *ctx = NULL;
+ BIGNUM *tx, *ty;
+ EC_POINT *point = NULL;
+ int ok = 0, tmp_nid, is_char_two = 0;
+
+ if (!key || !key->group || !x || !y)
+ {
+ ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ ctx = BN_CTX_new();
+ if (!ctx)
+ goto err;
+
+ point = EC_POINT_new(key->group);
+
+ if (!point)
+ goto err;
+
+ tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
+
+ if (tmp_nid == NID_X9_62_characteristic_two_field)
+ is_char_two = 1;
+
+ tx = BN_CTX_get(ctx);
+ ty = BN_CTX_get(ctx);
+#ifndef OPENSSL_NO_EC2M
+ if (is_char_two)
+ {
+ if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
+ x, y, ctx))
+ goto err;
+ if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
+ tx, ty, ctx))
+ goto err;
+ }
+ else
+#endif
+ {
+ if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
+ x, y, ctx))
+ goto err;
+ if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
+ tx, ty, ctx))
+ goto err;
+ }
+ /* Check if retrieved coordinates match originals: if not values
+ * are out of range.
+ */
+ if (BN_cmp(x, tx) || BN_cmp(y, ty))
+ {
+ ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+ EC_R_COORDINATES_OUT_OF_RANGE);
+ goto err;
+ }
+
+ if (!EC_KEY_set_public_key(key, point))
+ goto err;
+
+ if (EC_KEY_check_key(key) == 0)
+ goto err;
+
+ ok = 1;
+
+ err:
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (point)
+ EC_POINT_free(point);
+ return ok;
+
+ }
+
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
{
return key->group;
@@ -435,18 +520,27 @@ void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{
- return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
+ void *ret;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_EC);
+ ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
+ CRYPTO_r_unlock(CRYPTO_LOCK_EC);
+
+ return ret;
}
-void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{
EC_EXTRA_DATA *ex_data;
+
CRYPTO_w_lock(CRYPTO_LOCK_EC);
ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
if (ex_data == NULL)
EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
CRYPTO_w_unlock(CRYPTO_LOCK_EC);
+
+ return ex_data;
}
void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
@@ -461,3 +555,18 @@ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx)
return 0;
return EC_GROUP_precompute_mult(key->group, ctx);
}
+
+int EC_KEY_get_flags(const EC_KEY *key)
+ {
+ return key->flags;
+ }
+
+void EC_KEY_set_flags(EC_KEY *key, int flags)
+ {
+ key->flags |= flags;
+ }
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags)
+ {
+ key->flags &= ~flags;
+ }
diff --git a/deps/openssl/openssl/crypto/ec/ec_lcl.h b/deps/openssl/openssl/crypto/ec/ec_lcl.h
index 3e2c34b0b..da7967df3 100644
--- a/deps/openssl/openssl/crypto/ec/ec_lcl.h
+++ b/deps/openssl/openssl/crypto/ec/ec_lcl.h
@@ -3,7 +3,7 @@
* Originally written by Bodo Moeller for the OpenSSL project.
*/
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -82,10 +82,15 @@
# endif
#endif
+/* Use default functions for poin2oct, oct2point and compressed coordinates */
+#define EC_FLAGS_DEFAULT_OCT 0x1
+
/* Structure details are not part of the exported interface,
* so all this may change in future versions. */
struct ec_method_st {
+ /* Various method flags */
+ int flags;
/* used by EC_METHOD_get_field_type: */
int field_type; /* a NID */
@@ -244,6 +249,7 @@ struct ec_key_st {
point_conversion_form_t conv_form;
int references;
+ int flags;
EC_EXTRA_DATA *method_data;
} /* EC_KEY */;
@@ -391,3 +397,50 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ec2_mult.c */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+ size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+#ifndef OPENSSL_EC_NISTP_64_GCC_128
+/* method functions in ecp_nistp224.c */
+int ec_GFp_nistp224_group_init(EC_GROUP *group);
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp256.c */
+int ec_GFp_nistp256_group_init(EC_GROUP *group);
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp521.c */
+int ec_GFp_nistp521_group_init(EC_GROUP *group);
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
+
+/* utility functions in ecp_nistputil.c */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+ size_t felem_size, void *tmp_felems,
+ void (*felem_one)(void *out),
+ int (*felem_is_zero)(const void *in),
+ void (*felem_assign)(void *out, const void *in),
+ void (*felem_square)(void *out, const void *in),
+ void (*felem_mul)(void *out, const void *in1, const void *in2),
+ void (*felem_inv)(void *out, const void *in),
+ void (*felem_contract)(void *out, const void *in));
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in);
+#endif
diff --git a/deps/openssl/openssl/crypto/ec/ec_lib.c b/deps/openssl/openssl/crypto/ec/ec_lib.c
index dd7da0fcf..25247b580 100644
--- a/deps/openssl/openssl/crypto/ec/ec_lib.c
+++ b/deps/openssl/openssl/crypto/ec/ec_lib.c
@@ -425,7 +425,7 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
return group->meth->group_get_curve(group, p, a, b, ctx);
}
-
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
if (group->meth->group_set_curve == 0)
@@ -446,7 +446,7 @@ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM
}
return group->meth->group_get_curve(group, p, a, b, ctx);
}
-
+#endif
int EC_GROUP_get_degree(const EC_GROUP *group)
{
@@ -856,7 +856,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
}
-
+#ifndef OPENSSL_NO_EC2M
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
{
@@ -872,7 +872,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point,
}
return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
}
-
+#endif
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
@@ -890,7 +890,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p
return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
}
-
+#ifndef OPENSSL_NO_EC2M
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *point,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
{
@@ -906,75 +906,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *
}
return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
}
-
-
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, int y_bit, BN_CTX *ctx)
- {
- if (group->meth->point_set_compressed_coordinates == 0)
- {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth)
- {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx);
- }
-
-
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, int y_bit, BN_CTX *ctx)
- {
- if (group->meth->point_set_compressed_coordinates == 0)
- {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth)
- {
- ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx);
- }
-
-
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- if (group->meth->point2oct == 0)
- {
- ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth)
- {
- ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->point2oct(group, point, form, buf, len, ctx);
- }
-
-
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- if (group->meth->oct2point == 0)
- {
- ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (group->meth != point->meth)
- {
- ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
- }
- return group->meth->oct2point(group, point, buf, len, ctx);
- }
-
+#endif
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
{
diff --git a/deps/openssl/openssl/crypto/ec/ec_pmeth.c b/deps/openssl/openssl/crypto/ec/ec_pmeth.c
index f433076ca..66ee397d8 100644
--- a/deps/openssl/openssl/crypto/ec/ec_pmeth.c
+++ b/deps/openssl/openssl/crypto/ec/ec_pmeth.c
@@ -188,7 +188,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
- /* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is
+ /* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
* not an error, the result is truncated.
*/
@@ -221,6 +221,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_MD:
if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
diff --git a/deps/openssl/openssl/crypto/ec/eck_prn.c b/deps/openssl/openssl/crypto/ec/eck_prn.c
index 7d3e175ae..06de8f395 100644
--- a/deps/openssl/openssl/crypto/ec/eck_prn.c
+++ b/deps/openssl/openssl/crypto/ec/eck_prn.c
@@ -207,7 +207,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
reason = ERR_R_MALLOC_FAILURE;
goto err;
}
-
+#ifndef OPENSSL_NO_EC2M
if (is_char_two)
{
if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
@@ -217,6 +217,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
}
}
else /* prime field */
+#endif
{
if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
{
diff --git a/deps/openssl/openssl/crypto/ec/ecp_mont.c b/deps/openssl/openssl/crypto/ec/ecp_mont.c
index 9fc4a466a..f04f132c7 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_mont.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_mont.c
@@ -63,12 +63,20 @@
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
#include "ec_lcl.h"
const EC_METHOD *EC_GFp_mont_method(void)
{
+#ifdef OPENSSL_FIPS
+ return fips_ec_gfp_mont_method();
+#else
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_mont_group_init,
ec_GFp_mont_group_finish,
@@ -87,9 +95,7 @@ const EC_METHOD *EC_GFp_mont_method(void)
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0,0,0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -109,6 +115,7 @@ const EC_METHOD *EC_GFp_mont_method(void)
ec_GFp_mont_field_set_to_one };
return &ret;
+#endif
}
diff --git a/deps/openssl/openssl/crypto/ec/ecp_nist.c b/deps/openssl/openssl/crypto/ec/ecp_nist.c
index 2a5682ea4..aad2d5f44 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_nist.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_nist.c
@@ -67,9 +67,17 @@
#include <openssl/obj_mac.h>
#include "ec_lcl.h"
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
const EC_METHOD *EC_GFp_nist_method(void)
{
+#ifdef OPENSSL_FIPS
+ return fips_ec_gfp_nist_method();
+#else
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_simple_group_init,
ec_GFp_simple_group_finish,
@@ -88,9 +96,7 @@ const EC_METHOD *EC_GFp_nist_method(void)
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0,0,0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -110,6 +116,7 @@ const EC_METHOD *EC_GFp_nist_method(void)
0 /* field_set_to_one */ };
return &ret;
+#endif
}
int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
diff --git a/deps/openssl/openssl/crypto/ec/ecp_smpl.c b/deps/openssl/openssl/crypto/ec/ecp_smpl.c
index 66a92e2a9..7cbb321f9 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_smpl.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_smpl.c
@@ -65,11 +65,19 @@
#include <openssl/err.h>
#include <openssl/symhacks.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
#include "ec_lcl.h"
const EC_METHOD *EC_GFp_simple_method(void)
{
+#ifdef OPENSSL_FIPS
+ return fips_ec_gfp_simple_method();
+#else
static const EC_METHOD ret = {
+ EC_FLAGS_DEFAULT_OCT,
NID_X9_62_prime_field,
ec_GFp_simple_group_init,
ec_GFp_simple_group_finish,
@@ -88,9 +96,7 @@ const EC_METHOD *EC_GFp_simple_method(void)
ec_GFp_simple_get_Jprojective_coordinates_GFp,
ec_GFp_simple_point_set_affine_coordinates,
ec_GFp_simple_point_get_affine_coordinates,
- ec_GFp_simple_set_compressed_coordinates,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
+ 0,0,0,
ec_GFp_simple_add,
ec_GFp_simple_dbl,
ec_GFp_simple_invert,
@@ -110,6 +116,7 @@ const EC_METHOD *EC_GFp_simple_method(void)
0 /* field_set_to_one */ };
return &ret;
+#endif
}
@@ -633,372 +640,6 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_P
return ret;
}
-
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x_, int y_bit, BN_CTX *ctx)
- {
- BN_CTX *new_ctx = NULL;
- BIGNUM *tmp1, *tmp2, *x, *y;
- int ret = 0;
-
- /* clear error queue*/
- ERR_clear_error();
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- y_bit = (y_bit != 0);
-
- BN_CTX_start(ctx);
- tmp1 = BN_CTX_get(ctx);
- tmp2 = BN_CTX_get(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL) goto err;
-
- /* Recover y. We have a Weierstrass equation
- * y^2 = x^3 + a*x + b,
- * so y is one of the square roots of x^3 + a*x + b.
- */
-
- /* tmp1 := x^3 */
- if (!BN_nnmod(x, x_, &group->field,ctx)) goto err;
- if (group->meth->field_decode == 0)
- {
- /* field_{sqr,mul} work on standard representation */
- if (!group->meth->field_sqr(group, tmp2, x_, ctx)) goto err;
- if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx)) goto err;
- }
- else
- {
- if (!BN_mod_sqr(tmp2, x_, &group->field, ctx)) goto err;
- if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) goto err;
- }
-
- /* tmp1 := tmp1 + a*x */
- if (group->a_is_minus3)
- {
- if (!BN_mod_lshift1_quick(tmp2, x, &group->field)) goto err;
- if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field)) goto err;
- if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
- }
- else
- {
- if (group->meth->field_decode)
- {
- if (!group->meth->field_decode(group, tmp2, &group->a, ctx)) goto err;
- if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) goto err;
- }
- else
- {
- /* field_mul works on standard representation */
- if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) goto err;
- }
-
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
- }
-
- /* tmp1 := tmp1 + b */
- if (group->meth->field_decode)
- {
- if (!group->meth->field_decode(group, tmp2, &group->b, ctx)) goto err;
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
- }
- else
- {
- if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) goto err;
- }
-
- if (!BN_mod_sqrt(y, tmp1, &group->field, ctx))
- {
- unsigned long err = ERR_peek_last_error();
-
- if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE)
- {
- ERR_clear_error();
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
- }
- else
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
- goto err;
- }
-
- if (y_bit != BN_is_odd(y))
- {
- if (BN_is_zero(y))
- {
- int kron;
-
- kron = BN_kronecker(x, &group->field, ctx);
- if (kron == -2) goto err;
-
- if (kron == 1)
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSION_BIT);
- else
- /* BN_mod_sqrt() should have cought this error (not a square) */
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
- goto err;
- }
- if (!BN_usub(y, &group->field, y)) goto err;
- }
- if (y_bit != BN_is_odd(y))
- {
- ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
- }
-
-
-size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- size_t ret;
- BN_CTX *new_ctx = NULL;
- int used_ctx = 0;
- BIGNUM *x, *y;
- size_t field_len, i, skip;
-
- if ((form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID))
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
- goto err;
- }
-
- if (EC_POINT_is_at_infinity(group, point))
- {
- /* encodes to a single 0 octet */
- if (buf != NULL)
- {
- if (len < 1)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- buf[0] = 0;
- }
- return 1;
- }
-
-
- /* ret := required output buffer length */
- field_len = BN_num_bytes(&group->field);
- ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
- /* if 'buf' is NULL, just return required length */
- if (buf != NULL)
- {
- if (len < ret)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
- goto err;
- }
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- used_ctx = 1;
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL) goto err;
-
- if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
-
- if ((form == POINT_CONVERSION_COMPRESSED || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
- buf[0] = form + 1;
- else
- buf[0] = form;
-
- i = 1;
-
- skip = field_len - BN_num_bytes(x);
- if (skip > field_len)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0)
- {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(x, buf + i);
- i += skip;
- if (i != 1 + field_len)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID)
- {
- skip = field_len - BN_num_bytes(y);
- if (skip > field_len)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- while (skip > 0)
- {
- buf[i++] = 0;
- skip--;
- }
- skip = BN_bn2bin(y, buf + i);
- i += skip;
- }
-
- if (i != ret)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
-
- err:
- if (used_ctx)
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return 0;
- }
-
-
-int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
- const unsigned char *buf, size_t len, BN_CTX *ctx)
- {
- point_conversion_form_t form;
- int y_bit;
- BN_CTX *new_ctx = NULL;
- BIGNUM *x, *y;
- size_t field_len, enc_len;
- int ret = 0;
-
- if (len == 0)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
- return 0;
- }
- form = buf[0];
- y_bit = form & 1;
- form = form & ~1U;
- if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
- && (form != POINT_CONVERSION_UNCOMPRESSED)
- && (form != POINT_CONVERSION_HYBRID))
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
- if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (form == 0)
- {
- if (len != 1)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- return EC_POINT_set_to_infinity(group, point);
- }
-
- field_len = BN_num_bytes(&group->field);
- enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
-
- if (len != enc_len)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- return 0;
- }
-
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- return 0;
- }
-
- BN_CTX_start(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- if (y == NULL) goto err;
-
- if (!BN_bin2bn(buf + 1, field_len, x)) goto err;
- if (BN_ucmp(x, &group->field) >= 0)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
-
- if (form == POINT_CONVERSION_COMPRESSED)
- {
- if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx)) goto err;
- }
- else
- {
- if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err;
- if (BN_ucmp(y, &group->field) >= 0)
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- if (form == POINT_CONVERSION_HYBRID)
- {
- if (y_bit != BN_is_odd(y))
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
- goto err;
- }
- }
-
- if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err;
- }
-
- if (!EC_POINT_is_on_curve(group, point, ctx)) /* test required by X9.62 */
- {
- ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
-
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- return ret;
- }
-
-
int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
{
int (*field_mul)(const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
diff --git a/deps/openssl/openssl/crypto/ec/ectest.c b/deps/openssl/openssl/crypto/ec/ectest.c
index 7509cb9c7..102eaa9b2 100644
--- a/deps/openssl/openssl/crypto/ec/ectest.c
+++ b/deps/openssl/openssl/crypto/ec/ectest.c
@@ -94,6 +94,7 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
#include <openssl/objects.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
+#include <openssl/opensslconf.h>
#if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
/* suppress "too big too optimize" warning */
@@ -107,10 +108,6 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
EXIT(1); \
} while (0)
-void prime_field_tests(void);
-void char2_field_tests(void);
-void internal_curve_test(void);
-
#define TIMING_BASE_PT 0
#define TIMING_RAND_PT 1
#define TIMING_SIMUL 2
@@ -195,8 +192,51 @@ static void timings(EC_GROUP *group, int type, BN_CTX *ctx)
}
#endif
-void prime_field_tests()
- {
+/* test multiplication with group order, long and negative scalars */
+static void group_order_tests(EC_GROUP *group)
+ {
+ BIGNUM *n1, *n2, *order;
+ EC_POINT *P = EC_POINT_new(group);
+ EC_POINT *Q = EC_POINT_new(group);
+ BN_CTX *ctx = BN_CTX_new();
+
+ n1 = BN_new(); n2 = BN_new(); order = BN_new();
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
+ if (!EC_GROUP_get_order(group, order, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, " ok\n");
+ fprintf(stdout, "long/negative scalar tests ... ");
+ if (!BN_one(n1)) ABORT;
+ /* n1 = 1 - order */
+ if (!BN_sub(n1, n1, order)) ABORT;
+ if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+ /* n2 = 1 + order */
+ if (!BN_add(n2, order, BN_value_one())) ABORT;
+ if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+ /* n2 = (1 - order) * (1 + order) */
+ if (!BN_mul(n2, n1, n2, ctx)) ABORT;
+ if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
+ if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+ fprintf(stdout, "ok\n");
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ BN_free(n1);
+ BN_free(n2);
+ BN_free(order);
+ BN_CTX_free(ctx);
+ }
+
+static void prime_field_tests(void)
+ {
BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b;
EC_GROUP *group;
@@ -321,21 +361,21 @@ void prime_field_tests()
if (len == 0) ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
- fprintf(stdout, "Generator as octect string, compressed form:\n ");
+ fprintf(stdout, "Generator as octet string, compressed form:\n ");
for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx);
if (len == 0) ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
- fprintf(stdout, "\nGenerator as octect string, uncompressed form:\n ");
+ fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n ");
for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx);
if (len == 0) ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
- fprintf(stdout, "\nGenerator as octect string, hybrid form:\n ");
+ fprintf(stdout, "\nGenerator as octet string, hybrid form:\n ");
for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx)) ABORT;
@@ -381,17 +421,7 @@ void prime_field_tests()
if (EC_GROUP_get_degree(group) != 160) ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_160, group)) ABORT;
@@ -425,17 +455,7 @@ void prime_field_tests()
if (EC_GROUP_get_degree(group) != 192) ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_192, group)) ABORT;
@@ -469,17 +489,7 @@ void prime_field_tests()
if (EC_GROUP_get_degree(group) != 224) ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_224, group)) ABORT;
@@ -514,17 +524,7 @@ void prime_field_tests()
if (EC_GROUP_get_degree(group) != 256) ABORT;
fprintf(stdout, " ok\n");
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+ group_order_tests(group);
if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_256, group)) ABORT;
@@ -563,18 +563,8 @@ void prime_field_tests()
fprintf(stdout, "verify degree ...");
if (EC_GROUP_get_degree(group) != 384) ABORT;
fprintf(stdout, " ok\n");
-
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_384, group)) ABORT;
@@ -619,18 +609,8 @@ void prime_field_tests()
fprintf(stdout, "verify degree ...");
if (EC_GROUP_get_degree(group) != 521) ABORT;
fprintf(stdout, " ok\n");
-
- fprintf(stdout, "verify group order ...");
- fflush(stdout);
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, ".");
- fflush(stdout);
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, " ok\n");
+
+ group_order_tests(group);
if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_521, group)) ABORT;
@@ -659,6 +639,7 @@ void prime_field_tests()
points[2] = Q;
points[3] = Q;
+ if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
if (!BN_add(y, z, BN_value_one())) ABORT;
if (BN_is_odd(y)) ABORT;
if (!BN_rshift1(y, y)) ABORT;
@@ -792,22 +773,14 @@ void prime_field_tests()
fprintf(stdout, "verify degree ..."); \
if (EC_GROUP_get_degree(group) != _degree) ABORT; \
fprintf(stdout, " ok\n"); \
- fprintf(stdout, "verify group order ..."); \
- fflush(stdout); \
- if (!EC_GROUP_get_order(group, z, ctx)) ABORT; \
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \
- fprintf(stdout, "."); \
- fflush(stdout); \
- if (!EC_GROUP_precompute_mult(group, ctx)) ABORT; \
- if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT; \
- if (!EC_POINT_is_at_infinity(group, Q)) ABORT; \
- fprintf(stdout, " ok\n"); \
+ group_order_tests(group); \
if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
- if (!EC_GROUP_copy(_variable, group)) ABORT;
+ if (!EC_GROUP_copy(_variable, group)) ABORT; \
-void char2_field_tests()
- {
+#ifndef OPENSSL_NO_EC2M
+
+static void char2_field_tests(void)
+ {
BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b;
EC_GROUP *group;
@@ -1239,8 +1212,9 @@ void char2_field_tests()
if (C2_B571) EC_GROUP_free(C2_B571);
}
+#endif
-void internal_curve_test(void)
+static void internal_curve_test(void)
{
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
@@ -1287,13 +1261,189 @@ void internal_curve_test(void)
EC_GROUP_free(group);
}
if (ok)
- fprintf(stdout, " ok\n");
+ fprintf(stdout, " ok\n\n");
else
- fprintf(stdout, " failed\n");
+ {
+ fprintf(stdout, " failed\n\n");
+ ABORT;
+ }
OPENSSL_free(curves);
return;
}
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/* nistp_test_params contains magic numbers for testing our optimized
+ * implementations of several NIST curves with characteristic > 3. */
+struct nistp_test_params
+ {
+ const EC_METHOD* (*meth) ();
+ int degree;
+ /* Qx, Qy and D are taken from
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
+ * Otherwise, values are standard curve parameters from FIPS 180-3 */
+ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
+ };
+
+static const struct nistp_test_params nistp_tests_params[] =
+ {
+ {
+ /* P-224 */
+ EC_GFp_nistp224_method,
+ 224,
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* p */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", /* a */
+ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", /* b */
+ "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", /* Qx */
+ "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", /* Qy */
+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gx */
+ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* Gy */
+ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", /* order */
+ "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", /* d */
+ },
+ {
+ /* P-256 */
+ EC_GFp_nistp256_method,
+ 256,
+ "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", /* p */
+ "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", /* a */
+ "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */
+ "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */
+ "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */
+ "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */
+ "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */
+ "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */
+ "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */
+ },
+ {
+ /* P-521 */
+ EC_GFp_nistp521_method,
+ 521,
+ "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", /* p */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", /* a */
+ "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", /* b */
+ "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", /* Qx */
+ "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", /* Qy */
+ "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", /* Gx */
+ "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", /* Gy */
+ "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", /* order */
+ "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", /* d */
+ },
+ };
+
+void nistp_single_test(const struct nistp_test_params *test)
+ {
+ BN_CTX *ctx;
+ BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+ EC_GROUP *NISTP;
+ EC_POINT *G, *P, *Q, *Q_CHECK;
+
+ fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
+ ctx = BN_CTX_new();
+ p = BN_new();
+ a = BN_new();
+ b = BN_new();
+ x = BN_new(); y = BN_new();
+ m = BN_new(); n = BN_new(); order = BN_new();
+
+ NISTP = EC_GROUP_new(test->meth());
+ if(!NISTP) ABORT;
+ if (!BN_hex2bn(&p, test->p)) ABORT;
+ if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT;
+ if (!BN_hex2bn(&a, test->a)) ABORT;
+ if (!BN_hex2bn(&b, test->b)) ABORT;
+ if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx)) ABORT;
+ G = EC_POINT_new(NISTP);
+ P = EC_POINT_new(NISTP);
+ Q = EC_POINT_new(NISTP);
+ Q_CHECK = EC_POINT_new(NISTP);
+ if(!BN_hex2bn(&x, test->Qx)) ABORT;
+ if(!BN_hex2bn(&y, test->Qy)) ABORT;
+ if(!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT;
+ if (!BN_hex2bn(&x, test->Gx)) ABORT;
+ if (!BN_hex2bn(&y, test->Gy)) ABORT;
+ if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx)) ABORT;
+ if (!BN_hex2bn(&order, test->order)) ABORT;
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT;
+
+ fprintf(stdout, "verify degree ... ");
+ if (EC_GROUP_get_degree(NISTP) != test->degree) ABORT;
+ fprintf(stdout, "ok\n");
+
+ fprintf(stdout, "NIST test vectors ... ");
+ if (!BN_hex2bn(&n, test->d)) ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+
+ /* set generator to P = 2*G, where G is the standard generator */
+ if (!EC_POINT_dbl(NISTP, P, G, ctx)) ABORT;
+ if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) ABORT;
+ /* set the scalar to m=n/2, where n is the NIST test scalar */
+ if (!BN_rshift(m, n, 1)) ABORT;
+
+ /* test the non-standard generator */
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+
+ /* now repeat all tests with precomputation */
+ if (!EC_GROUP_precompute_mult(NISTP, ctx)) ABORT;
+
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+
+ /* reset generator */
+ if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT;
+ /* fixed point multiplication */
+ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+ /* random point multiplication */
+ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+ if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT;
+
+ fprintf(stdout, "ok\n");
+ group_order_tests(NISTP);
+#if 0
+ timings(NISTP, TIMING_BASE_PT, ctx);
+ timings(NISTP, TIMING_RAND_PT, ctx);
+#endif
+ EC_GROUP_free(NISTP);
+ EC_POINT_free(G);
+ EC_POINT_free(P);
+ EC_POINT_free(Q);
+ EC_POINT_free(Q_CHECK);
+ BN_free(n);
+ BN_free(m);
+ BN_free(p);
+ BN_free(a);
+ BN_free(b);
+ BN_free(x);
+ BN_free(y);
+ BN_free(order);
+ BN_CTX_free(ctx);
+ }
+
+void nistp_tests()
+ {
+ unsigned i;
+
+ for (i = 0; i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); i++)
+ {
+ nistp_single_test(&nistp_tests_params[i]);
+ }
+ }
+#endif
+
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
int main(int argc, char *argv[])
@@ -1317,7 +1467,12 @@ int main(int argc, char *argv[])
prime_field_tests();
puts("");
+#ifndef OPENSSL_NO_EC2M
char2_field_tests();
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ nistp_tests();
+#endif
/* test the internal curves */
internal_curve_test();
diff --git a/deps/openssl/openssl/crypto/ecdh/Makefile b/deps/openssl/openssl/crypto/ecdh/Makefile
index 65d8904ee..ba05fea05 100644
--- a/deps/openssl/openssl/crypto/ecdh/Makefile
+++ b/deps/openssl/openssl/crypto/ecdh/Makefile
@@ -84,17 +84,12 @@ ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_err.o: ech_err.c
ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ech_key.o: ../../include/openssl/x509_vfy.h ech_key.c ech_locl.h
+ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_key.o: ech_key.c ech_locl.h
ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/deps/openssl/openssl/crypto/ecdh/ecdh.h b/deps/openssl/openssl/crypto/ecdh/ecdh.h
index b4b58ee65..8887102c0 100644
--- a/deps/openssl/openssl/crypto/ecdh/ecdh.h
+++ b/deps/openssl/openssl/crypto/ecdh/ecdh.h
@@ -109,11 +109,13 @@ void ERR_load_ECDH_strings(void);
/* Error codes for the ECDH functions. */
/* Function codes. */
+#define ECDH_F_ECDH_CHECK 102
#define ECDH_F_ECDH_COMPUTE_KEY 100
#define ECDH_F_ECDH_DATA_NEW_METHOD 101
/* Reason codes. */
#define ECDH_R_KDF_FAILED 102
+#define ECDH_R_NON_FIPS_METHOD 103
#define ECDH_R_NO_PRIVATE_VALUE 100
#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
diff --git a/deps/openssl/openssl/crypto/ecdh/ecdhtest.c b/deps/openssl/openssl/crypto/ecdh/ecdhtest.c
index 212a87efa..823d7baa6 100644
--- a/deps/openssl/openssl/crypto/ecdh/ecdhtest.c
+++ b/deps/openssl/openssl/crypto/ecdh/ecdhtest.c
@@ -158,11 +158,13 @@ static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
if (!EC_POINT_get_affine_coordinates_GFp(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
}
+#ifndef OPENSSL_NO_EC2M
else
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
}
+#endif
#ifdef NOISY
BIO_puts(out," pri 1=");
BN_print(out,a->priv_key);
@@ -183,11 +185,13 @@ static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
if (!EC_POINT_get_affine_coordinates_GFp(group,
EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
}
+#ifndef OPENSSL_NO_EC2M
else
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
}
+#endif
#ifdef NOISY
BIO_puts(out," pri 2=");
@@ -324,6 +328,7 @@ int main(int argc, char *argv[])
if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
+#ifndef OPENSSL_NO_EC2M
/* NIST BINARY CURVES TESTS */
if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err;
@@ -335,6 +340,7 @@ int main(int argc, char *argv[])
if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err;
if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err;
+#endif
ret = 0;
diff --git a/deps/openssl/openssl/crypto/ecdh/ech_err.c b/deps/openssl/openssl/crypto/ecdh/ech_err.c
index 6f4b0c995..3bd247398 100644
--- a/deps/openssl/openssl/crypto/ecdh/ech_err.c
+++ b/deps/openssl/openssl/crypto/ecdh/ech_err.c
@@ -1,6 +1,6 @@
/* crypto/ecdh/ech_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
static ERR_STRING_DATA ECDH_str_functs[]=
{
+{ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"},
{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
{0,NULL}
@@ -78,6 +79,7 @@ static ERR_STRING_DATA ECDH_str_functs[]=
static ERR_STRING_DATA ECDH_str_reasons[]=
{
{ERR_REASON(ECDH_R_KDF_FAILED) ,"KDF failed"},
+{ERR_REASON(ECDH_R_NON_FIPS_METHOD) ,"non fips method"},
{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) ,"no private value"},
{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE),"point arithmetic failure"},
{0,NULL}
diff --git a/deps/openssl/openssl/crypto/ecdh/ech_key.c b/deps/openssl/openssl/crypto/ecdh/ech_key.c
index f44da9298..2988899ea 100644
--- a/deps/openssl/openssl/crypto/ecdh/ech_key.c
+++ b/deps/openssl/openssl/crypto/ecdh/ech_key.c
@@ -68,9 +68,6 @@
*/
#include "ech_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey,
diff --git a/deps/openssl/openssl/crypto/ecdh/ech_lib.c b/deps/openssl/openssl/crypto/ecdh/ech_lib.c
index 4d8ea03d3..0644431b7 100644
--- a/deps/openssl/openssl/crypto/ecdh/ech_lib.c
+++ b/deps/openssl/openssl/crypto/ecdh/ech_lib.c
@@ -73,6 +73,9 @@
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT;
@@ -90,7 +93,16 @@ void ECDH_set_default_method(const ECDH_METHOD *meth)
const ECDH_METHOD *ECDH_get_default_method(void)
{
if(!default_ECDH_method)
+ {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ecdh_openssl();
+ else
+ return ECDH_OpenSSL();
+#else
default_ECDH_method = ECDH_OpenSSL();
+#endif
+ }
return default_ECDH_method;
}
@@ -210,11 +222,26 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
ecdh_data = (ECDH_DATA *)ecdh_data_new();
if (ecdh_data == NULL)
return NULL;
- EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
- ecdh_data_dup, ecdh_data_free, ecdh_data_free);
+ data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
+ ecdh_data_dup, ecdh_data_free, ecdh_data_free);
+ if (data != NULL)
+ {
+ /* Another thread raced us to install the key_method
+ * data and won. */
+ ecdh_data_free(ecdh_data);
+ ecdh_data = (ECDH_DATA *)data;
+ }
}
else
ecdh_data = (ECDH_DATA *)data;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
+ && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW))
+ {
+ ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
+ return NULL;
+ }
+#endif
return ecdh_data;
diff --git a/deps/openssl/openssl/crypto/ecdh/ech_locl.h b/deps/openssl/openssl/crypto/ecdh/ech_locl.h
index f658526a7..f6cad6a89 100644
--- a/deps/openssl/openssl/crypto/ecdh/ech_locl.h
+++ b/deps/openssl/openssl/crypto/ecdh/ech_locl.h
@@ -75,6 +75,14 @@ struct ecdh_method
char *app_data;
};
+/* If this flag is set the ECDH method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its responsibility
+ * to ensure the result is compliant.
+ */
+
+#define ECDH_FLAG_FIPS_METHOD 0x1
+
typedef struct ecdh_data_st {
/* EC_KEY_METH_DATA part */
int (*init)(EC_KEY *);
diff --git a/deps/openssl/openssl/crypto/ecdh/ech_ossl.c b/deps/openssl/openssl/crypto/ecdh/ech_ossl.c
index 2a40ff12d..4a30628fb 100644
--- a/deps/openssl/openssl/crypto/ecdh/ech_ossl.c
+++ b/deps/openssl/openssl/crypto/ecdh/ech_ossl.c
@@ -157,6 +157,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else
{
if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx))
@@ -165,6 +166,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
goto err;
}
}
+#endif
buflen = (EC_GROUP_get_degree(group) + 7)/8;
len = BN_num_bytes(x);
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
index e61c53981..7fb5254b6 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
+++ b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h
@@ -238,6 +238,7 @@ void ERR_load_ECDSA_strings(void);
/* Error codes for the ECDSA functions. */
/* Function codes. */
+#define ECDSA_F_ECDSA_CHECK 104
#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
#define ECDSA_F_ECDSA_DO_SIGN 101
#define ECDSA_F_ECDSA_DO_VERIFY 102
@@ -249,6 +250,7 @@ void ERR_load_ECDSA_strings(void);
#define ECDSA_R_ERR_EC_LIB 102
#define ECDSA_R_MISSING_PARAMETERS 103
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
+#define ECDSA_R_NON_FIPS_METHOD 107
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
index 54cfb8c75..537bb3036 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c
@@ -262,6 +262,7 @@ int x9_62_tests(BIO *out)
"3238135532097973577080787768312505059318910517550078427819"
"78505179448783"))
goto x962_err;
+#ifndef OPENSSL_NO_EC2M
if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
"87194383164871543355722284926904419997237591535066528048",
"308992691965804947361541664549085895292153777025772063598"))
@@ -272,7 +273,7 @@ int x9_62_tests(BIO *out)
"1970303740007316867383349976549972270528498040721988191026"
"49413465737174"))
goto x962_err;
-
+#endif
ret = 1;
x962_err:
if (!restore_rand())
@@ -289,7 +290,8 @@ int test_builtin(BIO *out)
ECDSA_SIG *ecdsa_sig = NULL;
unsigned char digest[20], wrong_digest[20];
unsigned char *signature = NULL;
- unsigned char *sig_ptr;
+ const unsigned char *sig_ptr;
+ unsigned char *sig_ptr2;
unsigned char *raw_buf = NULL;
unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
int nid, ret = 0;
@@ -464,8 +466,8 @@ int test_builtin(BIO *out)
(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
goto builtin_err;
- sig_ptr = signature;
- sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
+ sig_ptr2 = signature;
+ sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
{
BIO_printf(out, " failed\n");
@@ -477,8 +479,8 @@ int test_builtin(BIO *out)
(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
goto builtin_err;
- sig_ptr = signature;
- sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
+ sig_ptr2 = signature;
+ sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
{
BIO_printf(out, " failed\n");
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
index 98e38d537..81542e6d1 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c
@@ -1,6 +1,6 @@
/* crypto/ecdsa/ecs_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
static ERR_STRING_DATA ECDSA_str_functs[]=
{
+{ERR_FUNC(ECDSA_F_ECDSA_CHECK), "ECDSA_CHECK"},
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
@@ -84,6 +85,7 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
{ERR_REASON(ECDSA_R_ERR_EC_LIB) ,"err ec lib"},
{ERR_REASON(ECDSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
+{ERR_REASON(ECDSA_R_NON_FIPS_METHOD) ,"non fips method"},
{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
{0,NULL}
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
index 2ebae3aa2..814a6bf40 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
@@ -60,6 +60,9 @@
#endif
#include <openssl/err.h>
#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
@@ -77,7 +80,16 @@ void ECDSA_set_default_method(const ECDSA_METHOD *meth)
const ECDSA_METHOD *ECDSA_get_default_method(void)
{
if(!default_ECDSA_method)
+ {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_ecdsa_openssl();
+ else
+ return ECDSA_OpenSSL();
+#else
default_ECDSA_method = ECDSA_OpenSSL();
+#endif
+ }
return default_ECDSA_method;
}
@@ -188,12 +200,26 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
if (ecdsa_data == NULL)
return NULL;
- EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
- ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
+ data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
+ ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
+ if (data != NULL)
+ {
+ /* Another thread raced us to install the key_method
+ * data and won. */
+ ecdsa_data_free(ecdsa_data);
+ ecdsa_data = (ECDSA_DATA *)data;
+ }
}
else
ecdsa_data = (ECDSA_DATA *)data;
-
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
+ && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
+ return NULL;
+ }
+#endif
return ecdsa_data;
}
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
index 3a69a840e..cb3be13cf 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h
@@ -82,6 +82,14 @@ struct ecdsa_method
char *app_data;
};
+/* If this flag is set the ECDSA method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its responsibility
+ * to ensure the result is compliant.
+ */
+
+#define ECDSA_FLAG_FIPS_METHOD 0x1
+
typedef struct ecdsa_data_st {
/* EC_KEY_METH_DATA part */
int (*init)(EC_KEY *);
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
index 1bbf328de..772593561 100644
--- a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
+++ b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c
@@ -167,6 +167,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -176,6 +177,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
goto err;
}
}
+#endif
if (!BN_nnmod(r, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
@@ -454,6 +456,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -463,7 +466,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
goto err;
}
}
-
+#endif
if (!BN_nnmod(u1, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
diff --git a/deps/openssl/openssl/crypto/engine/Makefile b/deps/openssl/openssl/crypto/engine/Makefile
index 9c214824e..d29bdd09a 100644
--- a/deps/openssl/openssl/crypto/engine/Makefile
+++ b/deps/openssl/openssl/crypto/engine/Makefile
@@ -21,12 +21,14 @@ LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
eng_table.c eng_pkey.c eng_fat.c eng_all.c \
tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
- eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c
+ eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+ eng_rsax.c eng_rdrand.c
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
eng_table.o eng_pkey.o eng_fat.o eng_all.o \
tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
- eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o
+ eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+ eng_rsax.o eng_rdrand.o
SRC= $(LIBSRC)
@@ -249,6 +251,34 @@ eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
+eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_rdrand.o: ../../include/openssl/opensslconf.h
+eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rdrand.o: eng_rdrand.c
+eng_rsax.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rsax.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_rsax.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_rsax.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_rsax.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_rsax.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_rsax.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_rsax.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_rsax.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rsax.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+eng_rsax.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rsax.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rsax.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rsax.o: eng_rsax.c
eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/deps/openssl/openssl/crypto/engine/eng_all.c b/deps/openssl/openssl/crypto/engine/eng_all.c
index 22c120454..6093376df 100644
--- a/deps/openssl/openssl/crypto/engine/eng_all.c
+++ b/deps/openssl/openssl/crypto/engine/eng_all.c
@@ -61,6 +61,8 @@
void ENGINE_load_builtin_engines(void)
{
+ /* Some ENGINEs need this */
+ OPENSSL_cpuid_setup();
#if 0
/* There's no longer any need for an "openssl" ENGINE unless, one day,
* it is the *only* way for standard builtin implementations to be be
@@ -71,6 +73,12 @@ void ENGINE_load_builtin_engines(void)
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
ENGINE_load_cryptodev();
#endif
+#ifndef OPENSSL_NO_RSAX
+ ENGINE_load_rsax();
+#endif
+#ifndef OPENSSL_NO_RDRAND
+ ENGINE_load_rdrand();
+#endif
ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
@@ -112,6 +120,7 @@ void ENGINE_load_builtin_engines(void)
ENGINE_load_capi();
#endif
#endif
+ ENGINE_register_all_complete();
}
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
diff --git a/deps/openssl/openssl/crypto/engine/eng_cryptodev.c b/deps/openssl/openssl/crypto/engine/eng_cryptodev.c
index 52f4ca390..5a715aca4 100644
--- a/deps/openssl/openssl/crypto/engine/eng_cryptodev.c
+++ b/deps/openssl/openssl/crypto/engine/eng_cryptodev.c
@@ -79,8 +79,6 @@ struct dev_crypto_state {
unsigned char digest_res[HASH_MAX_LEN];
char *mac_data;
int mac_len;
-
- int copy;
#endif
};
@@ -200,6 +198,7 @@ get_dev_crypto(void)
if ((fd = open_dev_crypto()) == -1)
return (-1);
+#ifndef CRIOGET_NOT_NEEDED
if (ioctl(fd, CRIOGET, &retfd) == -1)
return (-1);
@@ -208,9 +207,19 @@ get_dev_crypto(void)
close(retfd);
return (-1);
}
+#else
+ retfd = fd;
+#endif
return (retfd);
}
+static void put_dev_crypto(int fd)
+{
+#ifndef CRIOGET_NOT_NEEDED
+ close(fd);
+#endif
+}
+
/* Caching version for asym operations */
static int
get_asym_dev_crypto(void)
@@ -252,7 +261,7 @@ get_cryptodev_ciphers(const int **cnids)
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = ciphers[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -291,7 +300,7 @@ get_cryptodev_digests(const int **cnids)
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = digests[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -436,7 +445,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
sess->cipher = cipher;
if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (0);
}
@@ -473,7 +482,7 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
} else {
ret = 1;
}
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (ret);
@@ -686,7 +695,7 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
sess->mac = digest;
if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
printf("cryptodev_digest_init: Open session failed\n");
return (0);
@@ -758,14 +767,12 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
/* if application doesn't support one buffer */
memset(&cryp, 0, sizeof(cryp));
-
cryp.ses = sess->ses;
cryp.flags = 0;
cryp.len = state->mac_len;
cryp.src = state->mac_data;
cryp.dst = NULL;
cryp.mac = (caddr_t)md;
-
if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
printf("cryptodev_digest_final: digest failed\n");
return (0);
@@ -786,6 +793,9 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
struct dev_crypto_state *state = ctx->md_data;
struct session_op *sess = &state->d_sess;
+ if (state == NULL)
+ return 0;
+
if (state->d_fd < 0) {
printf("cryptodev_digest_cleanup: illegal input\n");
return (0);
@@ -797,16 +807,13 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
state->mac_len = 0;
}
- if (state->copy)
- return 1;
-
if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
printf("cryptodev_digest_cleanup: failed to close session\n");
ret = 0;
} else {
ret = 1;
}
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (ret);
@@ -816,15 +823,39 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
{
struct dev_crypto_state *fstate = from->md_data;
struct dev_crypto_state *dstate = to->md_data;
+ struct session_op *sess;
+ int digest;
- memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+ if (dstate == NULL || fstate == NULL)
+ return 1;
- if (fstate->mac_len != 0) {
- dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
- memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+ memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+
+ sess = &dstate->d_sess;
+
+ digest = digest_nid_to_cryptodev(to->digest->type);
+
+ sess->mackey = dstate->dummy_mac_key;
+ sess->mackeylen = digest_key_length(to->digest->type);
+ sess->mac = digest;
+
+ dstate->d_fd = get_dev_crypto();
+
+ if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
+ put_dev_crypto(dstate->d_fd);
+ dstate->d_fd = -1;
+ printf("cryptodev_digest_init: Open session failed\n");
+ return (0);
}
- dstate->copy = 1;
+ if (fstate->mac_len != 0) {
+ if (fstate->mac_data != NULL)
+ {
+ dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+ memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+ dstate->mac_len = fstate->mac_len;
+ }
+ }
return 1;
}
@@ -1347,11 +1378,11 @@ ENGINE_load_cryptodev(void)
* find out what asymmetric crypto algorithms we support
*/
if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
- close(fd);
+ put_dev_crypto(fd);
ENGINE_free(engine);
return;
}
- close(fd);
+ put_dev_crypto(fd);
if (!ENGINE_set_id(engine, "cryptodev") ||
!ENGINE_set_name(engine, "BSD cryptodev engine") ||
diff --git a/deps/openssl/openssl/crypto/engine/eng_fat.c b/deps/openssl/openssl/crypto/engine/eng_fat.c
index db66e6235..789b8d57e 100644
--- a/deps/openssl/openssl/crypto/engine/eng_fat.c
+++ b/deps/openssl/openssl/crypto/engine/eng_fat.c
@@ -176,6 +176,7 @@ int ENGINE_register_all_complete(void)
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
- ENGINE_register_complete(e);
+ if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
+ ENGINE_register_complete(e);
return 1;
}
diff --git a/deps/openssl/openssl/crypto/engine/engine.h b/deps/openssl/openssl/crypto/engine/engine.h
index 943aeae21..f8be49772 100644
--- a/deps/openssl/openssl/crypto/engine/engine.h
+++ b/deps/openssl/openssl/crypto/engine/engine.h
@@ -141,6 +141,13 @@ extern "C" {
* the existing ENGINE's structural reference count. */
#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
+/* This flag if for an ENGINE that does not want its methods registered as
+ * part of ENGINE_register_all_complete() for example if the methods are
+ * not usable as default methods.
+ */
+
+#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
+
/* ENGINEs can support their own command types, and these flags are used in
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
* command expects. Currently only numeric and string input is supported. If a
@@ -344,6 +351,8 @@ void ENGINE_load_gost(void);
#endif
#endif
void ENGINE_load_cryptodev(void);
+void ENGINE_load_rsax(void);
+void ENGINE_load_rdrand(void);
void ENGINE_load_builtin_engines(void);
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
diff --git a/deps/openssl/openssl/crypto/err/err.c b/deps/openssl/openssl/crypto/err/err.c
index 69713a6e2..fcdb24400 100644
--- a/deps/openssl/openssl/crypto/err/err.c
+++ b/deps/openssl/openssl/crypto/err/err.c
@@ -1066,6 +1066,13 @@ void ERR_set_error_data(char *data, int flags)
void ERR_add_error_data(int num, ...)
{
va_list args;
+ va_start(args, num);
+ ERR_add_error_vdata(num, args);
+ va_end(args);
+ }
+
+void ERR_add_error_vdata(int num, va_list args)
+ {
int i,n,s;
char *str,*p,*a;
@@ -1074,7 +1081,6 @@ void ERR_add_error_data(int num, ...)
if (str == NULL) return;
str[0]='\0';
- va_start(args, num);
n=0;
for (i=0; i<num; i++)
{
@@ -1090,7 +1096,7 @@ void ERR_add_error_data(int num, ...)
if (p == NULL)
{
OPENSSL_free(str);
- goto err;
+ return;
}
else
str=p;
@@ -1099,9 +1105,6 @@ void ERR_add_error_data(int num, ...)
}
}
ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
-
-err:
- va_end(args);
}
int ERR_set_mark(void)
diff --git a/deps/openssl/openssl/crypto/err/err.h b/deps/openssl/openssl/crypto/err/err.h
index b9f8c16d4..974cc9cc6 100644
--- a/deps/openssl/openssl/crypto/err/err.h
+++ b/deps/openssl/openssl/crypto/err/err.h
@@ -344,8 +344,9 @@ void ERR_print_errors_fp(FILE *fp);
#endif
#ifndef OPENSSL_NO_BIO
void ERR_print_errors(BIO *bp);
-void ERR_add_error_data(int num, ...);
#endif
+void ERR_add_error_data(int num, ...);
+void ERR_add_error_vdata(int num, va_list args);
void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
void ERR_load_ERR_strings(void);
diff --git a/deps/openssl/openssl/crypto/err/err_all.c b/deps/openssl/openssl/crypto/err/err_all.c
index fc049e8e8..8eb547d98 100644
--- a/deps/openssl/openssl/crypto/err/err_all.c
+++ b/deps/openssl/openssl/crypto/err/err_all.c
@@ -64,7 +64,9 @@
#endif
#include <openssl/buffer.h>
#include <openssl/bio.h>
+#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h>
+#endif
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
@@ -95,6 +97,9 @@
#include <openssl/ui.h>
#include <openssl/ocsp.h>
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
#include <openssl/ts.h>
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
@@ -102,7 +107,6 @@
#ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h>
#endif
-#include <openssl/comp.h>
void ERR_load_crypto_strings(void)
{
@@ -126,7 +130,9 @@ void ERR_load_crypto_strings(void)
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
+#ifndef OPENSSL_NO_COMP
ERR_load_COMP_strings();
+#endif
#ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
#endif
@@ -149,12 +155,14 @@ void ERR_load_crypto_strings(void)
#endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
+#ifdef OPENSSL_FIPS
+ ERR_load_FIPS_strings();
+#endif
#ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
#endif
#ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
#endif
- ERR_load_COMP_strings();
#endif
}
diff --git a/deps/openssl/openssl/crypto/evp/Makefile b/deps/openssl/openssl/crypto/evp/Makefile
index 82825e529..1e46cebf5 100644
--- a/deps/openssl/openssl/crypto/evp/Makefile
+++ b/deps/openssl/openssl/crypto/evp/Makefile
@@ -18,7 +18,7 @@ TESTDATA=evptests.txt
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
@@ -28,9 +28,10 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
- e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c
+ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
+ e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
-LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
@@ -40,7 +41,8 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
- e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o
+ e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o evp_fips.o \
+ e_aes_cbc_hmac_sha1.o e_rc4_hmac_md5.o
SRC= $(LIBSRC)
@@ -65,7 +67,7 @@ files:
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- cp $(TESTDATA) ../../test
+ [ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@@ -189,11 +191,27 @@ e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c
-e_aes.o: evp_locl.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha1.o: evp_locl.h
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -279,7 +297,18 @@ e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -327,6 +356,20 @@ evp_acnf.o: ../../include/openssl/opensslconf.h
evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
+evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -349,6 +392,13 @@ evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_fips.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_fips.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_fips.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
+evp_fips.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_fips.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_fips.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_fips.o: ../../include/openssl/symhacks.h evp_fips.c
evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -383,7 +433,7 @@ evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
+evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h evp_pbe.c
evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -401,28 +451,22 @@ evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss.o: ../cryptlib.h m_dss.c
m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss1.o: ../cryptlib.h m_dss1.c
m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@@ -456,7 +500,7 @@ m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c
+m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md4.c
m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -469,7 +513,7 @@ m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c
+m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_md5.c
m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
@@ -484,7 +528,7 @@ m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c
+m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_mdc2.c
m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -510,7 +554,8 @@ m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -523,19 +568,16 @@ m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h m_sha.c
+m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_sha1.o: ../cryptlib.h m_sha1.c
m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@@ -563,7 +605,7 @@ m_wp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
m_wp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_wp.o: ../../include/openssl/symhacks.h ../../include/openssl/whrlpool.h
m_wp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_wp.o: ../cryptlib.h m_wp.c
+m_wp.o: ../cryptlib.h evp_locl.h m_wp.c
names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -601,7 +643,8 @@ p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/deps/openssl/openssl/crypto/evp/bio_md.c b/deps/openssl/openssl/crypto/evp/bio_md.c
index 9841e32e1..144fdfd56 100644
--- a/deps/openssl/openssl/crypto/evp/bio_md.c
+++ b/deps/openssl/openssl/crypto/evp/bio_md.c
@@ -153,8 +153,12 @@ static int md_write(BIO *b, const char *in, int inl)
{
if (ret > 0)
{
- EVP_DigestUpdate(ctx,(const unsigned char *)in,
- (unsigned int)ret);
+ if (!EVP_DigestUpdate(ctx,(const unsigned char *)in,
+ (unsigned int)ret))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
}
if(b->next_bio != NULL)
@@ -220,7 +224,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_DUP:
dbio=ptr;
dctx=dbio->ptr;
- EVP_MD_CTX_copy_ex(dctx,ctx);
+ if (!EVP_MD_CTX_copy_ex(dctx,ctx))
+ return 0;
b->init=1;
break;
default:
diff --git a/deps/openssl/openssl/crypto/evp/bio_ok.c b/deps/openssl/openssl/crypto/evp/bio_ok.c
index 98bc1ab40..e64335353 100644
--- a/deps/openssl/openssl/crypto/evp/bio_ok.c
+++ b/deps/openssl/openssl/crypto/evp/bio_ok.c
@@ -133,10 +133,10 @@ static int ok_new(BIO *h);
static int ok_free(BIO *data);
static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static void sig_out(BIO* b);
-static void sig_in(BIO* b);
-static void block_out(BIO* b);
-static void block_in(BIO* b);
+static int sig_out(BIO* b);
+static int sig_in(BIO* b);
+static int block_out(BIO* b);
+static int block_in(BIO* b);
#define OK_BLOCK_SIZE (1024*4)
#define OK_BLOCK_BLOCK 4
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
@@ -266,10 +266,24 @@ static int ok_read(BIO *b, char *out, int outl)
ctx->buf_len+= i;
/* no signature yet -- check if we got one */
- if (ctx->sigio == 1) sig_in(b);
+ if (ctx->sigio == 1)
+ {
+ if (!sig_in(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* signature ok -- check if we got block */
- if (ctx->sigio == 0) block_in(b);
+ if (ctx->sigio == 0)
+ {
+ if (!block_in(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* invalid block -- cancel */
if (ctx->cont <= 0) break;
@@ -293,7 +307,8 @@ static int ok_write(BIO *b, const char *in, int inl)
if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
- if(ctx->sigio) sig_out(b);
+ if(ctx->sigio && !sig_out(b))
+ return 0;
do{
BIO_clear_retry_flags(b);
@@ -332,7 +347,11 @@ static int ok_write(BIO *b, const char *in, int inl)
if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
{
- block_out(b);
+ if (!block_out(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
}while(inl > 0);
@@ -379,7 +398,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_FLUSH:
/* do a final write */
if(ctx->blockout == 0)
- block_out(b);
+ if (!block_out(b))
+ return 0;
while (ctx->blockout)
{
@@ -408,7 +428,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
case BIO_C_SET_MD:
md=ptr;
- EVP_DigestInit_ex(&ctx->md, md, NULL);
+ if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+ return 0;
b->init=1;
break;
case BIO_C_GET_MD:
@@ -455,7 +476,7 @@ static void longswap(void *_ptr, size_t len)
}
}
-static void sig_out(BIO* b)
+static int sig_out(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -463,9 +484,10 @@ static void sig_out(BIO* b)
ctx=b->ptr;
md=&ctx->md;
- if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
+ if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
/* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
@@ -474,14 +496,20 @@ static void sig_out(BIO* b)
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len+= md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
ctx->sigio= 0;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void sig_in(BIO* b)
+static int sig_in(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -491,15 +519,18 @@ static void sig_in(BIO* b)
ctx=b->ptr;
md=&ctx->md;
- if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return;
+ if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
longswap(md->md_data, md->digest->md_size);
ctx->buf_off+= md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
ctx->buf_off+= md->digest->md_size;
if(ret == 1)
@@ -516,9 +547,13 @@ static void sig_in(BIO* b)
{
ctx->cont= 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_out(BIO* b)
+static int block_out(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -532,13 +567,20 @@ static void block_out(BIO* b)
ctx->buf[1]=(unsigned char)(tl>>16);
ctx->buf[2]=(unsigned char)(tl>>8);
ctx->buf[3]=(unsigned char)(tl);
- EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_in(BIO* b)
+static int block_in(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -554,10 +596,13 @@ static void block_in(BIO* b)
tl|=ctx->buf[2]; tl<<=8;
tl|=ctx->buf[3];
- if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
+ if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return 1;
- EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
{
/* there might be parts from next block lurking around ! */
@@ -571,5 +616,9 @@ static void block_in(BIO* b)
{
ctx->cont= 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
diff --git a/deps/openssl/openssl/crypto/evp/c_allc.c b/deps/openssl/openssl/crypto/evp/c_allc.c
index c5f926837..2a45d435e 100644
--- a/deps/openssl/openssl/crypto/evp/c_allc.c
+++ b/deps/openssl/openssl/crypto/evp/c_allc.c
@@ -98,6 +98,9 @@ void OpenSSL_add_all_ciphers(void)
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
EVP_add_cipher(EVP_rc4_40());
+#ifndef OPENSSL_NO_MD5
+ EVP_add_cipher(EVP_rc4_hmac_md5());
+#endif
#endif
#ifndef OPENSSL_NO_IDEA
@@ -166,9 +169,9 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher(EVP_aes_128_cfb1());
EVP_add_cipher(EVP_aes_128_cfb8());
EVP_add_cipher(EVP_aes_128_ofb());
-#if 0
EVP_add_cipher(EVP_aes_128_ctr());
-#endif
+ EVP_add_cipher(EVP_aes_128_gcm());
+ EVP_add_cipher(EVP_aes_128_xts());
EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
EVP_add_cipher(EVP_aes_192_ecb());
@@ -177,9 +180,8 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher(EVP_aes_192_cfb1());
EVP_add_cipher(EVP_aes_192_cfb8());
EVP_add_cipher(EVP_aes_192_ofb());
-#if 0
EVP_add_cipher(EVP_aes_192_ctr());
-#endif
+ EVP_add_cipher(EVP_aes_192_gcm());
EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
EVP_add_cipher(EVP_aes_256_ecb());
@@ -188,11 +190,15 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher(EVP_aes_256_cfb1());
EVP_add_cipher(EVP_aes_256_cfb8());
EVP_add_cipher(EVP_aes_256_ofb());
-#if 0
EVP_add_cipher(EVP_aes_256_ctr());
-#endif
+ EVP_add_cipher(EVP_aes_256_gcm());
+ EVP_add_cipher(EVP_aes_256_xts());
EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+ EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+ EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
diff --git a/deps/openssl/openssl/crypto/evp/digest.c b/deps/openssl/openssl/crypto/evp/digest.c
index 982ba2b13..6fc469f9c 100644
--- a/deps/openssl/openssl/crypto/evp/digest.c
+++ b/deps/openssl/openssl/crypto/evp/digest.c
@@ -117,6 +117,10 @@
#include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
memset(ctx,'\0',sizeof *ctx);
@@ -225,12 +229,26 @@ skip_to_init:
}
if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
return 1;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ {
+ if (FIPS_digestinit(ctx, type))
+ return 1;
+ OPENSSL_free(ctx->md_data);
+ ctx->md_data = NULL;
+ return 0;
+ }
+#endif
return ctx->digest->init(ctx);
}
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{
+#ifdef OPENSSL_FIPS
+ return FIPS_digestupdate(ctx, data, count);
+#else
return ctx->update(ctx,data,count);
+#endif
}
/* The caller can assume that this removes any secret data from the context */
@@ -245,6 +263,9 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
/* The caller can assume that this removes any secret data from the context */
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
{
+#ifdef OPENSSL_FIPS
+ return FIPS_digestfinal(ctx, md, size);
+#else
int ret;
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
@@ -258,6 +279,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
}
memset(ctx->md_data,0,ctx->digest->ctx_size);
return ret;
+#endif
}
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
@@ -351,6 +373,7 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
/* This call frees resources associated with the context */
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
{
+#ifndef OPENSSL_FIPS
/* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
* because sometimes only copies of the context are ever finalised.
*/
@@ -363,6 +386,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);
}
+#endif
if (ctx->pctx)
EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
@@ -371,6 +395,9 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
* functional reference we held for this reason. */
ENGINE_finish(ctx->engine);
#endif
+#ifdef OPENSSL_FIPS
+ FIPS_md_ctx_cleanup(ctx);
+#endif
memset(ctx,'\0',sizeof *ctx);
return 1;
diff --git a/deps/openssl/openssl/crypto/evp/e_aes.c b/deps/openssl/openssl/crypto/evp/e_aes.c
index bd6c0a3a6..1bfb5d92b 100644
--- a/deps/openssl/openssl/crypto/evp/e_aes.c
+++ b/deps/openssl/openssl/crypto/evp/e_aes.c
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -56,57 +56,511 @@
#include <assert.h>
#include <openssl/aes.h>
#include "evp_locl.h"
-
-static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
+#ifndef OPENSSL_FIPS
+#include "modes_lcl.h"
+#include <openssl/rand.h>
typedef struct
{
AES_KEY ks;
+ block128_f block;
+ union {
+ cbc128_f cbc;
+ ctr128_f ctr;
+ } stream;
} EVP_AES_KEY;
-#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
- NID_aes_128, 16, 16, 16, 128,
- 0, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
- NID_aes_192, 16, 24, 16, 128,
- 0, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
- NID_aes_256, 16, 32, 16, 128,
- 0, aes_init_key, NULL,
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL)
-
-#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16)
-
-IMPLEMENT_AES_CFBR(128,1)
-IMPLEMENT_AES_CFBR(192,1)
-IMPLEMENT_AES_CFBR(256,1)
-
-IMPLEMENT_AES_CFBR(128,8)
-IMPLEMENT_AES_CFBR(192,8)
-IMPLEMENT_AES_CFBR(256,8)
+typedef struct
+ {
+ AES_KEY ks; /* AES key schedule to use */
+ int key_set; /* Set if key initialised */
+ int iv_set; /* Set if an iv is set */
+ GCM128_CONTEXT gcm;
+ unsigned char *iv; /* Temporary IV store */
+ int ivlen; /* IV length */
+ int taglen;
+ int iv_gen; /* It is OK to generate IVs */
+ int tls_aad_len; /* TLS AAD length */
+ ctr128_f ctr;
+ } EVP_AES_GCM_CTX;
+
+typedef struct
+ {
+ AES_KEY ks1, ks2; /* AES key schedules to use */
+ XTS128_CONTEXT xts;
+ void (*stream)(const unsigned char *in,
+ unsigned char *out, size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+ } EVP_AES_XTS_CTX;
+
+typedef struct
+ {
+ AES_KEY ks; /* AES key schedule to use */
+ int key_set; /* Set if key initialised */
+ int iv_set; /* Set if an iv is set */
+ int tag_set; /* Set if tag is valid */
+ int len_set; /* Set if message length set */
+ int L, M; /* L and M parameters from RFC3610 */
+ CCM128_CONTEXT ccm;
+ ccm128_f str;
+ } EVP_AES_CCM_CTX;
+
+#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
+
+#ifdef VPAES_ASM
+int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void vpaes_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void vpaes_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void vpaes_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key,
+ unsigned char *ivec, int enc);
+#endif
+#ifdef BSAES_ASM
+void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char ivec[16], int enc);
+void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+ size_t len, const AES_KEY *key,
+ const unsigned char ivec[16]);
+void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
+void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
+#endif
+#ifdef AES_CTR_ASM
+void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+ size_t blocks, const AES_KEY *key,
+ const unsigned char ivec[AES_BLOCK_SIZE]);
+#endif
+#ifdef AES_XTS_ASM
+void AES_xts_encrypt(const char *inp,char *out,size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+void AES_xts_decrypt(const char *inp,char *out,size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+#endif
+
+#if defined(AES_ASM) && !defined(I386_ONLY) && ( \
+ ((defined(__i386) || defined(__i386__) || \
+ defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
+ defined(__x86_64) || defined(__x86_64__) || \
+ defined(_M_AMD64) || defined(_M_X64) || \
+ defined(__INTEL__) )
+
+extern unsigned int OPENSSL_ia32cap_P[2];
+
+#ifdef VPAES_ASM
+#define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
+#endif
+#ifdef BSAES_ASM
+#define BSAES_CAPABLE VPAES_CAPABLE
+#endif
+/*
+ * AES-NI section
+ */
+#define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+ AES_KEY *key);
+
+void aesni_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+void aesni_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+
+void aesni_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key,
+ int enc);
+void aesni_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key,
+ unsigned char *ivec, int enc);
+
+void aesni_ctr32_encrypt_blocks(const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key,
+ const unsigned char *ivec);
+
+void aesni_xts_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+
+void aesni_xts_decrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+
+void aesni_ccm64_encrypt_blocks (const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+void aesni_ccm64_decrypt_blocks (const unsigned char *in,
+ unsigned char *out,
+ size_t blocks,
+ const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ int ret, mode;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ mode = ctx->cipher->flags & EVP_CIPH_MODE;
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+ && !enc)
+ {
+ ret = aesni_set_decrypt_key(key, ctx->key_len*8, ctx->cipher_data);
+ dat->block = (block128_f)aesni_decrypt;
+ dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
+ (cbc128_f)aesni_cbc_encrypt :
+ NULL;
+ }
+ else {
+ ret = aesni_set_encrypt_key(key, ctx->key_len*8, ctx->cipher_data);
+ dat->block = (block128_f)aesni_encrypt;
+ if (mode==EVP_CIPH_CBC_MODE)
+ dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
+ else if (mode==EVP_CIPH_CTR_MODE)
+ dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
+ else
+ dat->stream.cbc = NULL;
+ }
+
+ if(ret < 0)
+ {
+ EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
+ return 0;
+ }
+
+ return 1;
+ }
+
+static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ aesni_cbc_encrypt(in,out,len,ctx->cipher_data,ctx->iv,ctx->encrypt);
+
+ return 1;
+}
+
+static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t bl = ctx->cipher->block_size;
+
+ if (len<bl) return 1;
+
+ aesni_ecb_encrypt(in,out,len,ctx->cipher_data,ctx->encrypt);
+
+ return 1;
+}
+
+#define aesni_ofb_cipher aes_ofb_cipher
+static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len);
+
+#define aesni_cfb_cipher aes_cfb_cipher
+static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len);
+
+#define aesni_cfb8_cipher aes_cfb8_cipher
+static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len);
+
+#define aesni_cfb1_cipher aes_cfb1_cipher
+static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len);
+
+#define aesni_ctr_cipher aes_ctr_cipher
+static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key)
+ {
+ aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+ (block128_f)aesni_encrypt);
+ gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
+ /* If we have an iv can set it directly, otherwise use
+ * saved IV.
+ */
+ if (iv == NULL && gctx->iv_set)
+ iv = gctx->iv;
+ if (iv)
+ {
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ }
+ gctx->key_set = 1;
+ }
+ else
+ {
+ /* If key set use IV, otherwise copy */
+ if (gctx->key_set)
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ else
+ memcpy(gctx->iv, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ gctx->iv_gen = 0;
+ }
+ return 1;
+ }
+
+#define aesni_gcm_cipher aes_gcm_cipher
+static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+
+ if (key)
+ {
+ /* key_len is two AES keys */
+ if (enc)
+ {
+ aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)aesni_encrypt;
+ xctx->stream = aesni_xts_encrypt;
+ }
+ else
+ {
+ aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)aesni_decrypt;
+ xctx->stream = aesni_xts_decrypt;
+ }
+
+ aesni_set_encrypt_key(key + ctx->key_len/2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f)aesni_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ }
+
+ if (iv)
+ {
+ xctx->xts.key2 = &xctx->ks2;
+ memcpy(ctx->iv, iv, 16);
+ }
+
+ return 1;
+ }
+
+#define aesni_xts_cipher aes_xts_cipher
+static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key)
+ {
+ aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f)aesni_encrypt);
+ cctx->str = enc?(ccm128_f)aesni_ccm64_encrypt_blocks :
+ (ccm128_f)aesni_ccm64_decrypt_blocks;
+ cctx->key_set = 1;
+ }
+ if (iv)
+ {
+ memcpy(ctx->iv, iv, 15 - cctx->L);
+ cctx->iv_set = 1;
+ }
+ return 1;
+ }
+
+#define aesni_ccm_cipher aes_ccm_cipher
+static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len);
+
+#define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aesni_init_key, \
+ aesni_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize, \
+ keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_init_key, \
+ aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+#define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aesni_##mode##_init_key, \
+ aesni_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_##mode##_init_key, \
+ aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+#else
+
+#define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_init_key, \
+ aes_##mode##_cipher, \
+ NULL, \
+ sizeof(EVP_AES_KEY), \
+ NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+
+#define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+ nid##_##keylen##_##mode,blocksize, \
+ (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+ flags|EVP_CIPH_##MODE##_MODE, \
+ aes_##mode##_init_key, \
+ aes_##mode##_cipher, \
+ aes_##mode##_cleanup, \
+ sizeof(EVP_AES_##MODE##_CTX), \
+ NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+#endif
+
+#define BLOCK_CIPHER_generic_pack(nid,keylen,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
+ BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
- int ret;
+ int ret, mode;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
- if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
- || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
- || enc)
- ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+ mode = ctx->cipher->flags & EVP_CIPH_MODE;
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+ && !enc)
+#ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE && mode==EVP_CIPH_CBC_MODE)
+ {
+ ret = AES_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)AES_decrypt;
+ dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
+ }
+ else
+#endif
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE)
+ {
+ ret = vpaes_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)vpaes_decrypt;
+ dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
+ (cbc128_f)vpaes_cbc_encrypt :
+ NULL;
+ }
+ else
+#endif
+ {
+ ret = AES_set_decrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)AES_decrypt;
+ dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
+ (cbc128_f)AES_cbc_encrypt :
+ NULL;
+ }
else
- ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+#ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE && mode==EVP_CIPH_CTR_MODE)
+ {
+ ret = AES_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)AES_encrypt;
+ dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
+ }
+ else
+#endif
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE)
+ {
+ ret = vpaes_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)vpaes_encrypt;
+ dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
+ (cbc128_f)vpaes_cbc_encrypt :
+ NULL;
+ }
+ else
+#endif
+ {
+ ret = AES_set_encrypt_key(key,ctx->key_len*8,&dat->ks);
+ dat->block = (block128_f)AES_encrypt;
+ dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
+ (cbc128_f)AES_cbc_encrypt :
+ NULL;
+#ifdef AES_CTR_ASM
+ if (mode==EVP_CIPH_CTR_MODE)
+ dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
+#endif
+ }
if(ret < 0)
{
@@ -117,4 +571,744 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
return 1;
}
+static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ if (dat->stream.cbc)
+ (*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
+ else if (ctx->encrypt)
+ CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
+ else
+ CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
+
+ return 1;
+}
+
+static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t bl = ctx->cipher->block_size;
+ size_t i;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ if (len<bl) return 1;
+
+ for (i=0,len-=bl;i<=len;i+=bl)
+ (*dat->block)(in+i,out+i,&dat->ks);
+
+ return 1;
+}
+
+static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ CRYPTO_ofb128_encrypt(in,out,len,&dat->ks,
+ ctx->iv,&ctx->num,dat->block);
+ return 1;
+}
+
+static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ CRYPTO_cfb128_encrypt(in,out,len,&dat->ks,
+ ctx->iv,&ctx->num,ctx->encrypt,dat->block);
+ return 1;
+}
+
+static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ CRYPTO_cfb128_8_encrypt(in,out,len,&dat->ks,
+ ctx->iv,&ctx->num,ctx->encrypt,dat->block);
+ return 1;
+}
+
+static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+ const unsigned char *in,size_t len)
+{
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ if (ctx->flags&EVP_CIPH_FLAG_LENGTH_BITS) {
+ CRYPTO_cfb128_1_encrypt(in,out,len,&dat->ks,
+ ctx->iv,&ctx->num,ctx->encrypt,dat->block);
+ return 1;
+ }
+
+ while (len>=MAXBITCHUNK) {
+ CRYPTO_cfb128_1_encrypt(in,out,MAXBITCHUNK*8,&dat->ks,
+ ctx->iv,&ctx->num,ctx->encrypt,dat->block);
+ len-=MAXBITCHUNK;
+ }
+ if (len)
+ CRYPTO_cfb128_1_encrypt(in,out,len*8,&dat->ks,
+ ctx->iv,&ctx->num,ctx->encrypt,dat->block);
+
+ return 1;
+}
+
+static int aes_ctr_cipher (EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ unsigned int num = ctx->num;
+ EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+
+ if (dat->stream.ctr)
+ CRYPTO_ctr128_encrypt_ctr32(in,out,len,&dat->ks,
+ ctx->iv,ctx->buf,&num,dat->stream.ctr);
+ else
+ CRYPTO_ctr128_encrypt(in,out,len,&dat->ks,
+ ctx->iv,ctx->buf,&num,dat->block);
+ ctx->num = (size_t)num;
+ return 1;
+}
+
+BLOCK_CIPHER_generic_pack(NID_aes,128,EVP_CIPH_FLAG_FIPS)
+BLOCK_CIPHER_generic_pack(NID_aes,192,EVP_CIPH_FLAG_FIPS)
+BLOCK_CIPHER_generic_pack(NID_aes,256,EVP_CIPH_FLAG_FIPS)
+
+static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
+ {
+ EVP_AES_GCM_CTX *gctx = c->cipher_data;
+ OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
+ if (gctx->iv != c->iv)
+ OPENSSL_free(gctx->iv);
+ return 1;
+ }
+
+/* increment counter (64-bit int) by 1 */
+static void ctr64_inc(unsigned char *counter) {
+ int n=8;
+ unsigned char c;
+
+ do {
+ --n;
+ c = counter[n];
+ ++c;
+ counter[n] = c;
+ if (c) return;
+ } while (n);
+}
+
+static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+ {
+ EVP_AES_GCM_CTX *gctx = c->cipher_data;
+ switch (type)
+ {
+ case EVP_CTRL_INIT:
+ gctx->key_set = 0;
+ gctx->iv_set = 0;
+ gctx->ivlen = c->cipher->iv_len;
+ gctx->iv = c->iv;
+ gctx->taglen = -1;
+ gctx->iv_gen = 0;
+ gctx->tls_aad_len = -1;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IVLEN:
+ if (arg <= 0)
+ return 0;
+#ifdef OPENSSL_FIPS
+ if (FIPS_module_mode() && !(c->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)
+ && arg < 12)
+ return 0;
+#endif
+ /* Allocate memory for IV if needed */
+ if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen))
+ {
+ if (gctx->iv != c->iv)
+ OPENSSL_free(gctx->iv);
+ gctx->iv = OPENSSL_malloc(arg);
+ if (!gctx->iv)
+ return 0;
+ }
+ gctx->ivlen = arg;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_TAG:
+ if (arg <= 0 || arg > 16 || c->encrypt)
+ return 0;
+ memcpy(c->buf, ptr, arg);
+ gctx->taglen = arg;
+ return 1;
+
+ case EVP_CTRL_GCM_GET_TAG:
+ if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
+ return 0;
+ memcpy(ptr, c->buf, arg);
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IV_FIXED:
+ /* Special case: -1 length restores whole IV */
+ if (arg == -1)
+ {
+ memcpy(gctx->iv, ptr, gctx->ivlen);
+ gctx->iv_gen = 1;
+ return 1;
+ }
+ /* Fixed field must be at least 4 bytes and invocation field
+ * at least 8.
+ */
+ if ((arg < 4) || (gctx->ivlen - arg) < 8)
+ return 0;
+ if (arg)
+ memcpy(gctx->iv, ptr, arg);
+ if (c->encrypt &&
+ RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+ return 0;
+ gctx->iv_gen = 1;
+ return 1;
+
+ case EVP_CTRL_GCM_IV_GEN:
+ if (gctx->iv_gen == 0 || gctx->key_set == 0)
+ return 0;
+ CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+ if (arg <= 0 || arg > gctx->ivlen)
+ arg = gctx->ivlen;
+ memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+ /* Invocation field will be at least 8 bytes in size and
+ * so no need to check wrap around or increment more than
+ * last 8 bytes.
+ */
+ ctr64_inc(gctx->iv + gctx->ivlen - 8);
+ gctx->iv_set = 1;
+ return 1;
+
+ case EVP_CTRL_GCM_SET_IV_INV:
+ if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
+ return 0;
+ memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+ CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ return 1;
+
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ /* Save the AAD for later use */
+ if (arg != 13)
+ return 0;
+ memcpy(c->buf, ptr, arg);
+ gctx->tls_aad_len = arg;
+ {
+ unsigned int len=c->buf[arg-2]<<8|c->buf[arg-1];
+ /* Correct length for explicit IV */
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ /* If decrypting correct for tag too */
+ if (!c->encrypt)
+ len -= EVP_GCM_TLS_TAG_LEN;
+ c->buf[arg-2] = len>>8;
+ c->buf[arg-1] = len & 0xff;
+ }
+ /* Extra padding: tag appended to record */
+ return EVP_GCM_TLS_TAG_LEN;
+
+ default:
+ return -1;
+
+ }
+ }
+
+static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key)
+ { do {
+#ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE)
+ {
+ AES_set_encrypt_key(key,ctx->key_len*8,&gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm,&gctx->ks,
+ (block128_f)AES_encrypt);
+ gctx->ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
+ break;
+ }
+ else
+#endif
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE)
+ {
+ vpaes_set_encrypt_key(key,ctx->key_len*8,&gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm,&gctx->ks,
+ (block128_f)vpaes_encrypt);
+ gctx->ctr = NULL;
+ break;
+ }
+#endif
+ AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
+ CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
+#ifdef AES_CTR_ASM
+ gctx->ctr = (ctr128_f)AES_ctr32_encrypt;
+#else
+ gctx->ctr = NULL;
+#endif
+ } while (0);
+
+ /* If we have an iv can set it directly, otherwise use
+ * saved IV.
+ */
+ if (iv == NULL && gctx->iv_set)
+ iv = gctx->iv;
+ if (iv)
+ {
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ }
+ gctx->key_set = 1;
+ }
+ else
+ {
+ /* If key set use IV, otherwise copy */
+ if (gctx->key_set)
+ CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+ else
+ memcpy(gctx->iv, iv, gctx->ivlen);
+ gctx->iv_set = 1;
+ gctx->iv_gen = 0;
+ }
+ return 1;
+ }
+
+/* Handle TLS GCM packet format. This consists of the last portion of the IV
+ * followed by the payload and finally the tag. On encrypt generate IV,
+ * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
+ * and verify tag.
+ */
+
+static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+ {
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ int rv = -1;
+ /* Encrypt/decrypt must be performed in place */
+ if (out != in || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN+EVP_GCM_TLS_TAG_LEN))
+ return -1;
+ /* Set IV from start of buffer or generate IV and write to start
+ * of buffer.
+ */
+ if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
+ EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
+ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
+ goto err;
+ /* Use saved AAD */
+ if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
+ goto err;
+ /* Fix buffer and length to point to payload */
+ in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+ if (ctx->encrypt)
+ {
+ /* Encrypt payload */
+ if (gctx->ctr)
+ {
+ if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+ in, out, len,
+ gctx->ctr))
+ goto err;
+ }
+ else {
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
+ goto err;
+ }
+ out += len;
+ /* Finally write tag */
+ CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
+ rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+ }
+ else
+ {
+ /* Decrypt */
+ if (gctx->ctr)
+ {
+ if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+ in, out, len,
+ gctx->ctr))
+ goto err;
+ }
+ else {
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
+ goto err;
+ }
+ /* Retrieve tag */
+ CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf,
+ EVP_GCM_TLS_TAG_LEN);
+ /* If tag mismatch wipe buffer */
+ if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN))
+ {
+ OPENSSL_cleanse(out, len);
+ goto err;
+ }
+ rv = len;
+ }
+
+ err:
+ gctx->iv_set = 0;
+ gctx->tls_aad_len = -1;
+ return rv;
+ }
+
+static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+ {
+ EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+ /* If not set up, return error */
+ if (!gctx->key_set)
+ return -1;
+
+ if (gctx->tls_aad_len >= 0)
+ return aes_gcm_tls_cipher(ctx, out, in, len);
+
+ if (!gctx->iv_set)
+ return -1;
+ if (in)
+ {
+ if (out == NULL)
+ {
+ if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
+ return -1;
+ }
+ else if (ctx->encrypt)
+ {
+ if (gctx->ctr)
+ {
+ if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+ in, out, len,
+ gctx->ctr))
+ return -1;
+ }
+ else {
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
+ return -1;
+ }
+ }
+ else
+ {
+ if (gctx->ctr)
+ {
+ if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+ in, out, len,
+ gctx->ctr))
+ return -1;
+ }
+ else {
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
+ return -1;
+ }
+ }
+ return len;
+ }
+ else
+ {
+ if (!ctx->encrypt)
+ {
+ if (gctx->taglen < 0)
+ return -1;
+ if (CRYPTO_gcm128_finish(&gctx->gcm,
+ ctx->buf, gctx->taglen) != 0)
+ return -1;
+ gctx->iv_set = 0;
+ return 0;
+ }
+ CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
+ gctx->taglen = 16;
+ /* Don't reuse the IV */
+ gctx->iv_set = 0;
+ return 0;
+ }
+
+ }
+
+#define CUSTOM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \
+ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT)
+
+BLOCK_CIPHER_custom(NID_aes,128,1,12,gcm,GCM,
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,192,1,12,gcm,GCM,
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM,
+ EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
+
+static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+ {
+ EVP_AES_XTS_CTX *xctx = c->cipher_data;
+ if (type != EVP_CTRL_INIT)
+ return -1;
+ /* key1 and key2 are used as an indicator both key and IV are set */
+ xctx->xts.key1 = NULL;
+ xctx->xts.key2 = NULL;
+ return 1;
+ }
+
+static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+
+ if (key) do
+ {
+#ifdef AES_XTS_ASM
+ xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
+#else
+ xctx->stream = NULL;
+#endif
+ /* key_len is two AES keys */
+#ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE)
+ xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
+ else
+#endif
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE)
+ {
+ if (enc)
+ {
+ vpaes_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)vpaes_encrypt;
+ }
+ else
+ {
+ vpaes_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)vpaes_decrypt;
+ }
+
+ vpaes_set_encrypt_key(key + ctx->key_len/2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f)vpaes_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ break;
+ }
+#endif
+ if (enc)
+ {
+ AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)AES_encrypt;
+ }
+ else
+ {
+ AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
+ xctx->xts.block1 = (block128_f)AES_decrypt;
+ }
+
+ AES_set_encrypt_key(key + ctx->key_len/2,
+ ctx->key_len * 4, &xctx->ks2);
+ xctx->xts.block2 = (block128_f)AES_encrypt;
+
+ xctx->xts.key1 = &xctx->ks1;
+ } while (0);
+
+ if (iv)
+ {
+ xctx->xts.key2 = &xctx->ks2;
+ memcpy(ctx->iv, iv, 16);
+ }
+
+ return 1;
+ }
+
+static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+ {
+ EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+ if (!xctx->xts.key1 || !xctx->xts.key2)
+ return 0;
+ if (!out || !in || len<AES_BLOCK_SIZE)
+ return 0;
+#ifdef OPENSSL_FIPS
+ /* Requirement of SP800-38E */
+ if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
+ (len > (1UL<<20)*16))
+ {
+ EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
+ return 0;
+ }
+#endif
+ if (xctx->stream)
+ (*xctx->stream)(in, out, len,
+ xctx->xts.key1, xctx->xts.key2, ctx->iv);
+ else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+ ctx->encrypt))
+ return 0;
+ return 1;
+ }
+
+#define aes_xts_cleanup NULL
+
+#define XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT)
+
+BLOCK_CIPHER_custom(NID_aes,128,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,256,1,16,xts,XTS,EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
+
+static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+ {
+ EVP_AES_CCM_CTX *cctx = c->cipher_data;
+ switch (type)
+ {
+ case EVP_CTRL_INIT:
+ cctx->key_set = 0;
+ cctx->iv_set = 0;
+ cctx->L = 8;
+ cctx->M = 12;
+ cctx->tag_set = 0;
+ cctx->len_set = 0;
+ return 1;
+
+ case EVP_CTRL_CCM_SET_IVLEN:
+ arg = 15 - arg;
+ case EVP_CTRL_CCM_SET_L:
+ if (arg < 2 || arg > 8)
+ return 0;
+ cctx->L = arg;
+ return 1;
+
+ case EVP_CTRL_CCM_SET_TAG:
+ if ((arg & 1) || arg < 4 || arg > 16)
+ return 0;
+ if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
+ return 0;
+ if (ptr)
+ {
+ cctx->tag_set = 1;
+ memcpy(c->buf, ptr, arg);
+ }
+ cctx->M = arg;
+ return 1;
+
+ case EVP_CTRL_CCM_GET_TAG:
+ if (!c->encrypt || !cctx->tag_set)
+ return 0;
+ if(!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
+ return 0;
+ cctx->tag_set = 0;
+ cctx->iv_set = 0;
+ cctx->len_set = 0;
+ return 1;
+
+ default:
+ return -1;
+
+ }
+ }
+
+static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ if (!iv && !key)
+ return 1;
+ if (key) do
+ {
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE)
+ {
+ vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f)vpaes_encrypt);
+ cctx->str = NULL;
+ cctx->key_set = 1;
+ break;
+ }
+#endif
+ AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
+ CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+ &cctx->ks, (block128_f)AES_encrypt);
+ cctx->str = NULL;
+ cctx->key_set = 1;
+ } while (0);
+ if (iv)
+ {
+ memcpy(ctx->iv, iv, 15 - cctx->L);
+ cctx->iv_set = 1;
+ }
+ return 1;
+ }
+
+static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+ {
+ EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+ CCM128_CONTEXT *ccm = &cctx->ccm;
+ /* If not set up, return error */
+ if (!cctx->iv_set && !cctx->key_set)
+ return -1;
+ if (!ctx->encrypt && !cctx->tag_set)
+ return -1;
+ if (!out)
+ {
+ if (!in)
+ {
+ if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,len))
+ return -1;
+ cctx->len_set = 1;
+ return len;
+ }
+ /* If have AAD need message length */
+ if (!cctx->len_set && len)
+ return -1;
+ CRYPTO_ccm128_aad(ccm, in, len);
+ return len;
+ }
+ /* EVP_*Final() doesn't return any data */
+ if (!in)
+ return 0;
+ /* If not set length yet do it */
+ if (!cctx->len_set)
+ {
+ if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
+ return -1;
+ cctx->len_set = 1;
+ }
+ if (ctx->encrypt)
+ {
+ if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
+ cctx->str) :
+ CRYPTO_ccm128_encrypt(ccm, in, out, len))
+ return -1;
+ cctx->tag_set = 1;
+ return len;
+ }
+ else
+ {
+ int rv = -1;
+ if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
+ cctx->str) :
+ !CRYPTO_ccm128_decrypt(ccm, in, out, len))
+ {
+ unsigned char tag[16];
+ if (CRYPTO_ccm128_tag(ccm, tag, cctx->M))
+ {
+ if (!memcmp(tag, ctx->buf, cctx->M))
+ rv = len;
+ }
+ }
+ if (rv == -1)
+ OPENSSL_cleanse(out, len);
+ cctx->iv_set = 0;
+ cctx->tag_set = 0;
+ cctx->len_set = 0;
+ return rv;
+ }
+
+ }
+
+#define aes_ccm_cleanup NULL
+
+BLOCK_CIPHER_custom(NID_aes,128,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,192,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
+BLOCK_CIPHER_custom(NID_aes,256,1,12,ccm,CCM,EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
+
+#endif
#endif
diff --git a/deps/openssl/openssl/crypto/evp/e_des3.c b/deps/openssl/openssl/crypto/evp/e_des3.c
index 3232cfe02..1e6997266 100644
--- a/deps/openssl/openssl/crypto/evp/e_des3.c
+++ b/deps/openssl/openssl/crypto/evp/e_des3.c
@@ -65,6 +65,8 @@
#include <openssl/des.h>
#include <openssl/rand.h>
+#ifndef OPENSSL_FIPS
+
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv,int enc);
@@ -311,3 +313,4 @@ const EVP_CIPHER *EVP_des_ede3(void)
return &des_ede3_ecb;
}
#endif
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/e_null.c b/deps/openssl/openssl/crypto/evp/e_null.c
index 7cf50e141..f0c1f78b5 100644
--- a/deps/openssl/openssl/crypto/evp/e_null.c
+++ b/deps/openssl/openssl/crypto/evp/e_null.c
@@ -61,6 +61,8 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
+#ifndef OPENSSL_FIPS
+
static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv,int enc);
static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -99,4 +101,4 @@ static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
memcpy((char *)out,(const char *)in,inl);
return 1;
}
-
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/e_rc2.c b/deps/openssl/openssl/crypto/evp/e_rc2.c
index f78d78112..d4c33b58d 100644
--- a/deps/openssl/openssl/crypto/evp/e_rc2.c
+++ b/deps/openssl/openssl/crypto/evp/e_rc2.c
@@ -183,7 +183,8 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
key_bits =rc2_magic_to_meth((int)num);
if (!key_bits)
return(-1);
- if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
+ if(i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
+ return -1;
EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
}
diff --git a/deps/openssl/openssl/crypto/evp/e_rc4.c b/deps/openssl/openssl/crypto/evp/e_rc4.c
index 8b5175e0f..b4f6bda82 100644
--- a/deps/openssl/openssl/crypto/evp/e_rc4.c
+++ b/deps/openssl/openssl/crypto/evp/e_rc4.c
@@ -62,6 +62,7 @@
#ifndef OPENSSL_NO_RC4
#include <openssl/evp.h>
+#include "evp_locl.h"
#include <openssl/objects.h>
#include <openssl/rc4.h>
diff --git a/deps/openssl/openssl/crypto/evp/evp.h b/deps/openssl/openssl/crypto/evp/evp.h
index 9f9795e2d..faeb3c24e 100644
--- a/deps/openssl/openssl/crypto/evp/evp.h
+++ b/deps/openssl/openssl/crypto/evp/evp.h
@@ -83,7 +83,7 @@
#define EVP_RC5_32_12_16_KEY_SIZE 16
*/
#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
-#define EVP_MAX_KEY_LENGTH 32
+#define EVP_MAX_KEY_LENGTH 64
#define EVP_MAX_IV_LENGTH 16
#define EVP_MAX_BLOCK_LENGTH 32
@@ -116,6 +116,7 @@
#define EVP_PKEY_DH NID_dhKeyAgreement
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
#define EVP_PKEY_HMAC NID_hmac
+#define EVP_PKEY_CMAC NID_cmac
#ifdef __cplusplus
extern "C" {
@@ -216,6 +217,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
+#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
+
/* Digest ctrls */
#define EVP_MD_CTRL_DIGALGID 0x1
@@ -325,6 +328,10 @@ struct evp_cipher_st
#define EVP_CIPH_CBC_MODE 0x2
#define EVP_CIPH_CFB_MODE 0x3
#define EVP_CIPH_OFB_MODE 0x4
+#define EVP_CIPH_CTR_MODE 0x5
+#define EVP_CIPH_GCM_MODE 0x6
+#define EVP_CIPH_CCM_MODE 0x7
+#define EVP_CIPH_XTS_MODE 0x10001
#define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
#define EVP_CIPH_VARIABLE_LENGTH 0x8
@@ -346,6 +353,15 @@ struct evp_cipher_st
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
/* Buffer length in bits not bytes: CFB1 mode only */
#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
+/* Note if suitable for use in FIPS mode */
+#define EVP_CIPH_FLAG_FIPS 0x4000
+/* Allow non FIPS cipher in FIPS mode */
+#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
+/* Cipher handles any and all padding logic as well
+ * as finalisation.
+ */
+#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
+#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
/* ctrl() values */
@@ -358,6 +374,33 @@ struct evp_cipher_st
#define EVP_CTRL_RAND_KEY 0x6
#define EVP_CTRL_PBE_PRF_NID 0x7
#define EVP_CTRL_COPY 0x8
+#define EVP_CTRL_GCM_SET_IVLEN 0x9
+#define EVP_CTRL_GCM_GET_TAG 0x10
+#define EVP_CTRL_GCM_SET_TAG 0x11
+#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
+#define EVP_CTRL_GCM_IV_GEN 0x13
+#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
+#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
+#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
+#define EVP_CTRL_CCM_SET_L 0x14
+#define EVP_CTRL_CCM_SET_MSGLEN 0x15
+/* AEAD cipher deduces payload length and returns number of bytes
+ * required to store MAC and eventual padding. Subsequent call to
+ * EVP_Cipher even appends/verifies MAC.
+ */
+#define EVP_CTRL_AEAD_TLS1_AAD 0x16
+/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
+#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+/* Set the GCM invocation field, decrypt only */
+#define EVP_CTRL_GCM_SET_IV_INV 0x18
+
+/* GCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+#define EVP_GCM_TLS_FIXED_IV_LEN 4
+/* Length of explicit part of IV part of TLS records */
+#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
+/* Length of tag for TLS */
+#define EVP_GCM_TLS_TAG_LEN 16
typedef struct evp_cipher_info_st
{
@@ -375,7 +418,7 @@ struct evp_cipher_ctx_st
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
- int num; /* used by cfb/ofb mode */
+ int num; /* used by cfb/ofb/ctr mode */
void *app_data; /* application stuff */
int key_len; /* May change for variable length cipher */
@@ -695,6 +738,9 @@ const EVP_MD *EVP_dev_crypto_md5(void);
#ifndef OPENSSL_NO_RC4
const EVP_CIPHER *EVP_rc4(void);
const EVP_CIPHER *EVP_rc4_40(void);
+#ifndef OPENSSL_NO_MD5
+const EVP_CIPHER *EVP_rc4_hmac_md5(void);
+#endif
#endif
#ifndef OPENSSL_NO_IDEA
const EVP_CIPHER *EVP_idea_ecb(void);
@@ -741,9 +787,10 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
const EVP_CIPHER *EVP_aes_128_cfb128(void);
# define EVP_aes_128_cfb EVP_aes_128_cfb128
const EVP_CIPHER *EVP_aes_128_ofb(void);
-#if 0
const EVP_CIPHER *EVP_aes_128_ctr(void);
-#endif
+const EVP_CIPHER *EVP_aes_128_ccm(void);
+const EVP_CIPHER *EVP_aes_128_gcm(void);
+const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -751,9 +798,9 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
const EVP_CIPHER *EVP_aes_192_cfb128(void);
# define EVP_aes_192_cfb EVP_aes_192_cfb128
const EVP_CIPHER *EVP_aes_192_ofb(void);
-#if 0
const EVP_CIPHER *EVP_aes_192_ctr(void);
-#endif
+const EVP_CIPHER *EVP_aes_192_ccm(void);
+const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -761,8 +808,13 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
const EVP_CIPHER *EVP_aes_256_cfb128(void);
# define EVP_aes_256_cfb EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void);
-#if 0
const EVP_CIPHER *EVP_aes_256_ctr(void);
+const EVP_CIPHER *EVP_aes_256_ccm(void);
+const EVP_CIPHER *EVP_aes_256_gcm(void);
+const EVP_CIPHER *EVP_aes_256_xts(void);
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
#endif
#endif
#ifndef OPENSSL_NO_CAMELLIA
@@ -1047,13 +1099,22 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
#define EVP_PKEY_CTRL_CMS_DECRYPT 10
#define EVP_PKEY_CTRL_CMS_SIGN 11
+#define EVP_PKEY_CTRL_CIPHER 12
+
#define EVP_PKEY_ALG_CTRL 0x1000
#define EVP_PKEY_FLAG_AUTOARGLEN 2
+/* Method handles all operations: don't assume any digest related
+ * defaults.
+ */
+#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth);
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
@@ -1071,7 +1132,7 @@ int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
- unsigned char *key, int keylen);
+ const unsigned char *key, int keylen);
void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
@@ -1181,6 +1242,8 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl_str)(EVP_PKEY_CTX *ctx,
const char *type, const char *value));
+void EVP_add_alg_module(void);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -1190,8 +1253,14 @@ void ERR_load_EVP_strings(void);
/* Error codes for the EVP functions. */
/* Function codes. */
+#define EVP_F_AESNI_INIT_KEY 165
+#define EVP_F_AESNI_XTS_CIPHER 176
#define EVP_F_AES_INIT_KEY 133
+#define EVP_F_AES_XTS 172
+#define EVP_F_AES_XTS_CIPHER 175
+#define EVP_F_ALG_MODULE_INIT 177
#define EVP_F_CAMELLIA_INIT_KEY 159
+#define EVP_F_CMAC_INIT 173
#define EVP_F_D2I_PKEY 100
#define EVP_F_DO_SIGVER_INIT 161
#define EVP_F_DSAPKEY2PKCS8 134
@@ -1246,15 +1315,24 @@ void ERR_load_EVP_strings(void);
#define EVP_F_EVP_RIJNDAEL 126
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
+#define EVP_F_FIPS_CIPHERINIT 166
+#define EVP_F_FIPS_CIPHER_CTX_COPY 170
+#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
+#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
+#define EVP_F_FIPS_DIGESTINIT 168
+#define EVP_F_FIPS_MD_CTX_COPY 169
+#define EVP_F_HMAC_INIT_EX 174
#define EVP_F_INT_CTX_NEW 157
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
#define EVP_F_PKCS8_SET_BROKEN 112
#define EVP_F_PKEY_SET_TYPE 158
#define EVP_F_RC2_MAGIC_TO_METH 109
#define EVP_F_RC5_CTRL 125
/* Reason codes. */
+#define EVP_R_AES_IV_SETUP_FAILED 162
#define EVP_R_AES_KEY_SETUP_FAILED 143
#define EVP_R_ASN1_LIB 140
#define EVP_R_BAD_BLOCK_LENGTH 136
@@ -1272,16 +1350,21 @@ void ERR_load_EVP_strings(void);
#define EVP_R_DECODE_ERROR 114
#define EVP_R_DIFFERENT_KEY_TYPES 101
#define EVP_R_DIFFERENT_PARAMETERS 153
+#define EVP_R_DISABLED_FOR_FIPS 163
#define EVP_R_ENCODE_ERROR 115
+#define EVP_R_ERROR_LOADING_SECTION 165
+#define EVP_R_ERROR_SETTING_FIPS_MODE 166
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
#define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
#define EVP_R_EXPECTING_A_EC_KEY 142
+#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_INVALID_DIGEST 152
+#define EVP_R_INVALID_FIPS_MODE 168
#define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_INVALID_OPERATION 148
#define EVP_R_IV_TOO_LARGE 102
@@ -1303,8 +1386,10 @@ void ERR_load_EVP_strings(void);
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
+#define EVP_R_TOO_LARGE 164
#define EVP_R_UNKNOWN_CIPHER 160
#define EVP_R_UNKNOWN_DIGEST 161
+#define EVP_R_UNKNOWN_OPTION 169
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
#define EVP_R_UNSUPPORTED_ALGORITHM 156
diff --git a/deps/openssl/openssl/crypto/evp/evp_enc.c b/deps/openssl/openssl/crypto/evp/evp_enc.c
index c268d25cb..0c54f05e6 100644
--- a/deps/openssl/openssl/crypto/evp/evp_enc.c
+++ b/deps/openssl/openssl/crypto/evp/evp_enc.c
@@ -64,8 +64,18 @@
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
#include "evp_locl.h"
+#ifdef OPENSSL_FIPS
+#define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
+#else
+#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
+#endif
+
+
const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
@@ -115,10 +125,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
/* Ensure a context left lying around from last time is cleared
* (the previous check attempted to avoid this if the same
* ENGINE and EVP_CIPHER could be used). */
- EVP_CIPHER_CTX_cleanup(ctx);
-
- /* Restore encrypt field: it is zeroed by cleanup */
- ctx->encrypt = enc;
+ if (ctx->cipher)
+ {
+ unsigned long flags = ctx->flags;
+ EVP_CIPHER_CTX_cleanup(ctx);
+ /* Restore encrypt and flags */
+ ctx->encrypt = enc;
+ ctx->flags = flags;
+ }
#ifndef OPENSSL_NO_ENGINE
if(impl)
{
@@ -155,6 +169,10 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
ctx->engine = NULL;
#endif
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
ctx->cipher=cipher;
if (ctx->cipher->ctx_size)
{
@@ -188,6 +206,10 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
/* we assume block size is a power of 2 in *cryptUpdate */
OPENSSL_assert(ctx->cipher->block_size == 1
|| ctx->cipher->block_size == 8
@@ -214,6 +236,13 @@ skip_to_init:
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
+ case EVP_CIPH_CTR_MODE:
+ ctx->num = 0;
+ /* Don't reuse IV for CTR mode */
+ if(iv)
+ memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ break;
+
default:
return 0;
break;
@@ -280,6 +309,16 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
{
int i,j,bl;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ {
+ i = M_do_cipher(ctx, out, in, inl);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
if (inl <= 0)
{
*outl = 0;
@@ -288,7 +327,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
{
- if(ctx->cipher->do_cipher(ctx,out,in,inl))
+ if(M_do_cipher(ctx,out,in,inl))
{
*outl=inl;
return 1;
@@ -315,7 +354,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
{
j=bl-i;
memcpy(&(ctx->buf[i]),in,j);
- if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
+ if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0;
inl-=j;
in+=j;
out+=bl;
@@ -328,7 +367,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
inl-=i;
if (inl > 0)
{
- if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0;
+ if(!M_do_cipher(ctx,out,in,inl)) return 0;
*outl+=inl;
}
@@ -350,6 +389,16 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int n,ret;
unsigned int i, b, bl;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ {
+ ret = M_do_cipher(ctx, out, NULL, 0);
+ if (ret < 0)
+ return 0;
+ else
+ *outl = ret;
+ return 1;
+ }
+
b=ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->buf);
if (b == 1)
@@ -372,7 +421,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
n=b-bl;
for (i=bl; i<b; i++)
ctx->buf[i]=n;
- ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
+ ret=M_do_cipher(ctx,out,ctx->buf,b);
if(ret)
@@ -387,6 +436,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
int fix_len;
unsigned int b;
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ {
+ fix_len = M_do_cipher(ctx, out, in, inl);
+ if (fix_len < 0)
+ {
+ *outl = 0;
+ return 0;
+ }
+ else
+ *outl = fix_len;
+ return 1;
+ }
+
if (inl <= 0)
{
*outl = 0;
@@ -440,8 +502,18 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int i,n;
unsigned int b;
-
*outl=0;
+
+ if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ {
+ i = M_do_cipher(ctx, out, NULL, 0);
+ if (i < 0)
+ return 0;
+ else
+ *outl = i;
+ return 1;
+ }
+
b=ctx->cipher->block_size;
if (ctx->flags & EVP_CIPH_NO_PADDING)
{
@@ -496,6 +568,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
{
+#ifndef OPENSSL_FIPS
if (c->cipher != NULL)
{
if(c->cipher->cleanup && !c->cipher->cleanup(c))
@@ -506,12 +579,16 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
}
if (c->cipher_data)
OPENSSL_free(c->cipher_data);
+#endif
#ifndef OPENSSL_NO_ENGINE
if (c->engine)
/* The EVP_CIPHER we used belongs to an ENGINE, release the
* functional reference we held for this reason. */
ENGINE_finish(c->engine);
#endif
+#ifdef OPENSSL_FIPS
+ FIPS_cipher_ctx_cleanup(c);
+#endif
memset(c,0,sizeof(EVP_CIPHER_CTX));
return 1;
}
diff --git a/deps/openssl/openssl/crypto/evp/evp_err.c b/deps/openssl/openssl/crypto/evp/evp_err.c
index d8bfec095..08eab9882 100644
--- a/deps/openssl/openssl/crypto/evp/evp_err.c
+++ b/deps/openssl/openssl/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/* crypto/evp/evp_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -70,8 +70,14 @@
static ERR_STRING_DATA EVP_str_functs[]=
{
+{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
+{ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
+{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
+{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
+{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
+{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
@@ -86,7 +92,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
-{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_SIZE"},
+{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
@@ -126,9 +132,17 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
+{ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
+{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
+{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
+{ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
+{ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
+{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
+{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
@@ -138,6 +152,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
static ERR_STRING_DATA EVP_str_reasons[]=
{
+{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) ,"aes iv setup failed"},
{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"},
{ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"},
{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"},
@@ -155,16 +170,21 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"},
{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
+{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
+{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"},
+{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"},
{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
+{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
+{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
@@ -186,8 +206,10 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
+{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"},
{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
+{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"},
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
diff --git a/deps/openssl/openssl/crypto/evp/evp_key.c b/deps/openssl/openssl/crypto/evp/evp_key.c
index 839d6a3a1..7961fbebf 100644
--- a/deps/openssl/openssl/crypto/evp/evp_key.c
+++ b/deps/openssl/openssl/crypto/evp/evp_key.c
@@ -120,7 +120,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv,nkey,addmd=0;
unsigned int mds=0,i;
-
+ int rv = 0;
nkey=type->key_len;
niv=type->iv_len;
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
@@ -134,17 +134,24 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
if (!EVP_DigestInit_ex(&c,md, NULL))
return 0;
if (addmd++)
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestUpdate(&c,data,datal);
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestUpdate(&c,data,datal))
+ goto err;
if (salt != NULL)
- EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
- EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
for (i=1; i<(unsigned int)count; i++)
{
- EVP_DigestInit_ex(&c,md, NULL);
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestInit_ex(&c,md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
}
i=0;
if (nkey)
@@ -173,8 +180,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
}
if ((nkey == 0) && (niv == 0)) break;
}
+ rv = type->key_len;
+ err:
EVP_MD_CTX_cleanup(&c);
OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
- return(type->key_len);
+ return rv;
}
diff --git a/deps/openssl/openssl/crypto/evp/evp_lib.c b/deps/openssl/openssl/crypto/evp/evp_lib.c
index 40951a04f..b180e4828 100644
--- a/deps/openssl/openssl/crypto/evp/evp_lib.c
+++ b/deps/openssl/openssl/crypto/evp/evp_lib.c
@@ -67,6 +67,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
if (c->cipher->set_asn1_parameters != NULL)
ret=c->cipher->set_asn1_parameters(c,type);
+ else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
+ ret=EVP_CIPHER_set_asn1_iv(c, type);
else
ret=-1;
return(ret);
@@ -78,6 +80,8 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
if (c->cipher->get_asn1_parameters != NULL)
ret=c->cipher->get_asn1_parameters(c,type);
+ else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
+ ret=EVP_CIPHER_get_asn1_iv(c, type);
else
ret=-1;
return(ret);
diff --git a/deps/openssl/openssl/crypto/evp/evp_locl.h b/deps/openssl/openssl/crypto/evp/evp_locl.h
index 292d74c18..08c0a66d3 100644
--- a/deps/openssl/openssl/crypto/evp/evp_locl.h
+++ b/deps/openssl/openssl/crypto/evp/evp_locl.h
@@ -343,3 +343,43 @@ struct evp_pkey_method_st
} /* EVP_PKEY_METHOD */;
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+
+#ifdef OPENSSL_FIPS
+
+#ifdef OPENSSL_DOING_MAKEDEPEND
+#undef SHA1_Init
+#undef SHA1_Update
+#undef SHA224_Init
+#undef SHA256_Init
+#undef SHA384_Init
+#undef SHA512_Init
+#undef DES_set_key_unchecked
+#endif
+
+#define RIPEMD160_Init private_RIPEMD160_Init
+#define WHIRLPOOL_Init private_WHIRLPOOL_Init
+#define MD5_Init private_MD5_Init
+#define MD4_Init private_MD4_Init
+#define MD2_Init private_MD2_Init
+#define MDC2_Init private_MDC2_Init
+#define SHA_Init private_SHA_Init
+#define SHA1_Init private_SHA1_Init
+#define SHA224_Init private_SHA224_Init
+#define SHA256_Init private_SHA256_Init
+#define SHA384_Init private_SHA384_Init
+#define SHA512_Init private_SHA512_Init
+
+#define BF_set_key private_BF_set_key
+#define CAST_set_key private_CAST_set_key
+#define idea_set_encrypt_key private_idea_set_encrypt_key
+#define SEED_set_key private_SEED_set_key
+#define RC2_set_key private_RC2_set_key
+#define RC4_set_key private_RC4_set_key
+#define DES_set_key_unchecked private_DES_set_key_unchecked
+#define Camellia_set_key private_Camellia_set_key
+
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/evp_pbe.c b/deps/openssl/openssl/crypto/evp/evp_pbe.c
index c9d932d20..f8c32d825 100644
--- a/deps/openssl/openssl/crypto/evp/evp_pbe.c
+++ b/deps/openssl/openssl/crypto/evp/evp_pbe.c
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/pkcs12.h>
#include <openssl/x509.h>
+#include "evp_locl.h"
/* Password based encryption (PBE) functions */
@@ -87,6 +88,10 @@ static const EVP_PBE_CTL builtin_pbe[] =
{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+#ifndef OPENSSL_NO_HMAC
+ {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
+#endif
+
{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
diff --git a/deps/openssl/openssl/crypto/evp/evptests.txt b/deps/openssl/openssl/crypto/evp/evptests.txt
index beb12144b..c273707c1 100644
--- a/deps/openssl/openssl/crypto/evp/evptests.txt
+++ b/deps/openssl/openssl/crypto/evp/evptests.txt
@@ -158,6 +158,19 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
# DES ECB tests (from destest)
DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
diff --git a/deps/openssl/openssl/crypto/evp/m_dss.c b/deps/openssl/openssl/crypto/evp/m_dss.c
index 48c268950..6fb7e9a86 100644
--- a/deps/openssl/openssl/crypto/evp/m_dss.c
+++ b/deps/openssl/openssl/crypto/evp/m_dss.c
@@ -60,12 +60,13 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
+#include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_SHA
+#ifndef OPENSSL_FIPS
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
@@ -97,3 +98,4 @@ const EVP_MD *EVP_dss(void)
return(&dsa_md);
}
#endif
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/m_dss1.c b/deps/openssl/openssl/crypto/evp/m_dss1.c
index 4f03fb70e..2df362a67 100644
--- a/deps/openssl/openssl/crypto/evp/m_dss1.c
+++ b/deps/openssl/openssl/crypto/evp/m_dss1.c
@@ -63,11 +63,13 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
+#include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
+#ifndef OPENSSL_FIPS
+
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
@@ -98,3 +100,4 @@ const EVP_MD *EVP_dss1(void)
return(&dss1_md);
}
#endif
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/m_ecdsa.c b/deps/openssl/openssl/crypto/evp/m_ecdsa.c
index 8d87a49eb..4b15fb0f6 100644
--- a/deps/openssl/openssl/crypto/evp/m_ecdsa.c
+++ b/deps/openssl/openssl/crypto/evp/m_ecdsa.c
@@ -116,6 +116,8 @@
#include <openssl/x509.h>
#ifndef OPENSSL_NO_SHA
+#ifndef OPENSSL_FIPS
+
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
@@ -146,3 +148,4 @@ const EVP_MD *EVP_ecdsa(void)
return(&ecdsa_md);
}
#endif
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/m_md4.c b/deps/openssl/openssl/crypto/evp/m_md4.c
index 1e0b7c5b4..6d47f61b2 100644
--- a/deps/openssl/openssl/crypto/evp/m_md4.c
+++ b/deps/openssl/openssl/crypto/evp/m_md4.c
@@ -69,6 +69,8 @@
#include <openssl/rsa.h>
#endif
+#include "evp_locl.h"
+
static int init(EVP_MD_CTX *ctx)
{ return MD4_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/m_md5.c b/deps/openssl/openssl/crypto/evp/m_md5.c
index 63c142119..9a8bae025 100644
--- a/deps/openssl/openssl/crypto/evp/m_md5.c
+++ b/deps/openssl/openssl/crypto/evp/m_md5.c
@@ -68,6 +68,7 @@
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
+#include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{ return MD5_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/m_mdc2.c b/deps/openssl/openssl/crypto/evp/m_mdc2.c
index b08d55980..3602bed31 100644
--- a/deps/openssl/openssl/crypto/evp/m_mdc2.c
+++ b/deps/openssl/openssl/crypto/evp/m_mdc2.c
@@ -69,6 +69,8 @@
#include <openssl/rsa.h>
#endif
+#include "evp_locl.h"
+
static int init(EVP_MD_CTX *ctx)
{ return MDC2_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/m_ripemd.c b/deps/openssl/openssl/crypto/evp/m_ripemd.c
index a1d60ee78..7bf4804cf 100644
--- a/deps/openssl/openssl/crypto/evp/m_ripemd.c
+++ b/deps/openssl/openssl/crypto/evp/m_ripemd.c
@@ -68,6 +68,7 @@
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
+#include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{ return RIPEMD160_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/m_sha.c b/deps/openssl/openssl/crypto/evp/m_sha.c
index acccc8f92..8769cdd42 100644
--- a/deps/openssl/openssl/crypto/evp/m_sha.c
+++ b/deps/openssl/openssl/crypto/evp/m_sha.c
@@ -67,6 +67,7 @@
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
+#include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{ return SHA_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/m_sha1.c b/deps/openssl/openssl/crypto/evp/m_sha1.c
index 9a2790fde..bd0c01ad3 100644
--- a/deps/openssl/openssl/crypto/evp/m_sha1.c
+++ b/deps/openssl/openssl/crypto/evp/m_sha1.c
@@ -59,15 +59,18 @@
#include <stdio.h>
#include "cryptlib.h"
+#ifndef OPENSSL_FIPS
+
#ifndef OPENSSL_NO_SHA
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
+#include <openssl/sha.h>
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
+
static int init(EVP_MD_CTX *ctx)
{ return SHA1_Init(ctx->md_data); }
@@ -202,3 +205,5 @@ static const EVP_MD sha512_md=
const EVP_MD *EVP_sha512(void)
{ return(&sha512_md); }
#endif /* ifndef OPENSSL_NO_SHA512 */
+
+#endif
diff --git a/deps/openssl/openssl/crypto/evp/m_wp.c b/deps/openssl/openssl/crypto/evp/m_wp.c
index 1ce47c040..c51bc2d5d 100644
--- a/deps/openssl/openssl/crypto/evp/m_wp.c
+++ b/deps/openssl/openssl/crypto/evp/m_wp.c
@@ -9,6 +9,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/whrlpool.h>
+#include "evp_locl.h"
static int init(EVP_MD_CTX *ctx)
{ return WHIRLPOOL_Init(ctx->md_data); }
diff --git a/deps/openssl/openssl/crypto/evp/names.c b/deps/openssl/openssl/crypto/evp/names.c
index f2869f5c7..6311ad7cf 100644
--- a/deps/openssl/openssl/crypto/evp/names.c
+++ b/deps/openssl/openssl/crypto/evp/names.c
@@ -66,6 +66,10 @@ int EVP_add_cipher(const EVP_CIPHER *c)
{
int r;
+ if (c == NULL) return 0;
+
+ OPENSSL_init();
+
r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
if (r == 0) return(0);
check_defer(c->nid);
@@ -78,6 +82,7 @@ int EVP_add_digest(const EVP_MD *md)
{
int r;
const char *name;
+ OPENSSL_init();
name=OBJ_nid2sn(md->type);
r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md);
diff --git a/deps/openssl/openssl/crypto/evp/p5_crpt.c b/deps/openssl/openssl/crypto/evp/p5_crpt.c
index 7ecfa8dad..294cc90d8 100644
--- a/deps/openssl/openssl/crypto/evp/p5_crpt.c
+++ b/deps/openssl/openssl/crypto/evp/p5_crpt.c
@@ -82,6 +82,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
unsigned char *salt;
const unsigned char *pbuf;
int mdsize;
+ int rv = 0;
+ EVP_MD_CTX_init(&ctx);
/* Extract useful info from parameter */
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
@@ -104,29 +106,38 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if(!pass) passlen = 0;
else if(passlen == -1) passlen = strlen(pass);
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, pass, passlen);
- EVP_DigestUpdate(&ctx, salt, saltlen);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, pass, passlen))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+ goto err;
PBEPARAM_free(pbe);
- EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
+ if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+ goto err;
mdsize = EVP_MD_size(md);
if (mdsize < 0)
return 0;
for (i = 1; i < iter; i++) {
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, md_tmp, mdsize);
- EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+ goto err;
+ if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
+ goto err;
}
- EVP_MD_CTX_cleanup(&ctx);
OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
- EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
+ if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
+ goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
- return 1;
+ rv = 1;
+ err:
+ EVP_MD_CTX_cleanup(&ctx);
+ return rv;
}
diff --git a/deps/openssl/openssl/crypto/evp/p5_crpt2.c b/deps/openssl/openssl/crypto/evp/p5_crpt2.c
index 334379f31..975d004df 100644
--- a/deps/openssl/openssl/crypto/evp/p5_crpt2.c
+++ b/deps/openssl/openssl/crypto/evp/p5_crpt2.c
@@ -62,6 +62,7 @@
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include "evp_locl.h"
/* set this to print out info about the keygen algorithm */
/* #define DEBUG_PKCS5V2 */
@@ -110,10 +111,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
- HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
- HMAC_Update(&hctx, salt, saltlen);
- HMAC_Update(&hctx, itmp, 4);
- HMAC_Final(&hctx, digtmp, NULL);
+ if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
+ || !HMAC_Update(&hctx, salt, saltlen)
+ || !HMAC_Update(&hctx, itmp, 4)
+ || !HMAC_Final(&hctx, digtmp, NULL))
+ {
+ HMAC_CTX_cleanup(&hctx);
+ return 0;
+ }
memcpy(p, digtmp, cplen);
for(j = 1; j < iter; j++)
{
@@ -168,27 +173,24 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
int en_de)
{
- unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
const unsigned char *pbuf;
- int saltlen, iter, plen;
- unsigned int keylen;
+ int plen;
PBE2PARAM *pbe2 = NULL;
const EVP_CIPHER *cipher;
- PBKDF2PARAM *kdf = NULL;
- const EVP_MD *prfmd;
- int prf_nid, hmac_md_nid;
+
+ int rv = 0;
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
param->value.sequence == NULL) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- return 0;
+ goto err;
}
pbuf = param->value.sequence->data;
plen = param->value.sequence->length;
if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
- return 0;
+ goto err;
}
/* See if we recognise the key derivation function */
@@ -211,38 +213,63 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
}
/* Fixup cipher based on AlgorithmIdentifier */
- EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
+ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+ goto err;
if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_CIPHER_PARAMETER_ERROR);
goto err;
}
+ rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
+ pbe2->keyfunc->parameter, c, md, en_de);
+ err:
+ PBE2PARAM_free(pbe2);
+ return rv;
+}
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md, int en_de)
+{
+ unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+ const unsigned char *pbuf;
+ int saltlen, iter, plen;
+ int rv = 0;
+ unsigned int keylen = 0;
+ int prf_nid, hmac_md_nid;
+ PBKDF2PARAM *kdf = NULL;
+ const EVP_MD *prfmd;
+
+ if (EVP_CIPHER_CTX_cipher(ctx) == NULL)
+ {
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
+ goto err;
+ }
keylen = EVP_CIPHER_CTX_key_length(ctx);
OPENSSL_assert(keylen <= sizeof key);
- /* Now decode key derivation function */
+ /* Decode parameter */
- if(!pbe2->keyfunc->parameter ||
- (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE))
+ if(!param || (param->type != V_ASN1_SEQUENCE))
{
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
goto err;
}
- pbuf = pbe2->keyfunc->parameter->value.sequence->data;
- plen = pbe2->keyfunc->parameter->value.sequence->length;
+ pbuf = param->value.sequence->data;
+ plen = param->value.sequence->length;
+
if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
goto err;
}
- PBE2PARAM_free(pbe2);
- pbe2 = NULL;
+ keylen = EVP_CIPHER_CTX_key_length(ctx);
/* Now check the parameters of the kdf */
if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
EVP_R_UNSUPPORTED_KEYLENGTH);
goto err;
}
@@ -254,19 +281,19 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
{
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
goto err;
}
prfmd = EVP_get_digestbynid(hmac_md_nid);
if (prfmd == NULL)
{
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
goto err;
}
if(kdf->salt->type != V_ASN1_OCTET_STRING) {
- EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+ EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
EVP_R_UNSUPPORTED_SALT_TYPE);
goto err;
}
@@ -278,15 +305,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
keylen, key))
goto err;
- EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
- OPENSSL_cleanse(key, keylen);
- PBKDF2PARAM_free(kdf);
- return 1;
-
+ rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
err:
- PBE2PARAM_free(pbe2);
+ OPENSSL_cleanse(key, keylen);
PBKDF2PARAM_free(kdf);
- return 0;
+ return rv;
}
#ifdef DEBUG_PKCS5V2
diff --git a/deps/openssl/openssl/crypto/evp/p_open.c b/deps/openssl/openssl/crypto/evp/p_open.c
index 53a59a295..c748fbea8 100644
--- a/deps/openssl/openssl/crypto/evp/p_open.c
+++ b/deps/openssl/openssl/crypto/evp/p_open.c
@@ -115,7 +115,8 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int i;
i=EVP_DecryptFinal_ex(ctx,out,outl);
- EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+ if (i)
+ i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
return(i);
}
#else /* !OPENSSL_NO_RSA */
diff --git a/deps/openssl/openssl/crypto/evp/p_seal.c b/deps/openssl/openssl/crypto/evp/p_seal.c
index d8324526e..e5919b0fb 100644
--- a/deps/openssl/openssl/crypto/evp/p_seal.c
+++ b/deps/openssl/openssl/crypto/evp/p_seal.c
@@ -110,6 +110,7 @@ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int i;
i = EVP_EncryptFinal_ex(ctx,out,outl);
- EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+ if (i)
+ i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
return i;
}
diff --git a/deps/openssl/openssl/crypto/evp/p_sign.c b/deps/openssl/openssl/crypto/evp/p_sign.c
index bb893f5bd..8afb66430 100644
--- a/deps/openssl/openssl/crypto/evp/p_sign.c
+++ b/deps/openssl/openssl/crypto/evp/p_sign.c
@@ -80,18 +80,20 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i,ok=0,v;
+ int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx;
+ EVP_PKEY_CTX *pkctx = NULL;
*siglen=0;
EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
- EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+ goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
{
- EVP_PKEY_CTX *pkctx = NULL;
size_t sltmp = (size_t)EVP_PKEY_size(pkey);
i = 0;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
diff --git a/deps/openssl/openssl/crypto/evp/p_verify.c b/deps/openssl/openssl/crypto/evp/p_verify.c
index 41d4b6713..c66d63ccf 100644
--- a/deps/openssl/openssl/crypto/evp/p_verify.c
+++ b/deps/openssl/openssl/crypto/evp/p_verify.c
@@ -67,17 +67,19 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
- int i,ok=0,v;
+ int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx;
+ EVP_PKEY_CTX *pkctx = NULL;
EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
- EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+ goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
{
- EVP_PKEY_CTX *pkctx = NULL;
i = -1;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pkctx)
diff --git a/deps/openssl/openssl/crypto/evp/pmeth_gn.c b/deps/openssl/openssl/crypto/evp/pmeth_gn.c
index 5d74161a0..4651c8137 100644
--- a/deps/openssl/openssl/crypto/evp/pmeth_gn.c
+++ b/deps/openssl/openssl/crypto/evp/pmeth_gn.c
@@ -199,7 +199,7 @@ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
}
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
- unsigned char *key, int keylen)
+ const unsigned char *key, int keylen)
{
EVP_PKEY_CTX *mac_ctx = NULL;
EVP_PKEY *mac_key = NULL;
@@ -209,7 +209,8 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
goto merr;
if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
- EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key) <= 0)
+ EVP_PKEY_CTRL_SET_MAC_KEY,
+ keylen, (void *)key) <= 0)
goto merr;
if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
goto merr;
diff --git a/deps/openssl/openssl/crypto/evp/pmeth_lib.c b/deps/openssl/openssl/crypto/evp/pmeth_lib.c
index 5481d4b8a..acfa7b6f8 100644
--- a/deps/openssl/openssl/crypto/evp/pmeth_lib.c
+++ b/deps/openssl/openssl/crypto/evp/pmeth_lib.c
@@ -73,7 +73,7 @@ DECLARE_STACK_OF(EVP_PKEY_METHOD)
STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
-extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth;
+extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
static const EVP_PKEY_METHOD *standard_methods[] =
{
@@ -90,6 +90,7 @@ static const EVP_PKEY_METHOD *standard_methods[] =
&ec_pkey_meth,
#endif
&hmac_pkey_meth,
+ &cmac_pkey_meth
};
DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
@@ -203,6 +204,8 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
if (!pmeth)
return NULL;
+ memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
+
pmeth->pkey_id = id;
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
@@ -235,6 +238,56 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
return pmeth;
}
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth)
+ {
+ if (ppkey_id)
+ *ppkey_id = meth->pkey_id;
+ if (pflags)
+ *pflags = meth->flags;
+ }
+
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
+ {
+
+ dst->init = src->init;
+ dst->copy = src->copy;
+ dst->cleanup = src->cleanup;
+
+ dst->paramgen_init = src->paramgen_init;
+ dst->paramgen = src->paramgen;
+
+ dst->keygen_init = src->keygen_init;
+ dst->keygen = src->keygen;
+
+ dst->sign_init = src->sign_init;
+ dst->sign = src->sign;
+
+ dst->verify_init = src->verify_init;
+ dst->verify = src->verify;
+
+ dst->verify_recover_init = src->verify_recover_init;
+ dst->verify_recover = src->verify_recover;
+
+ dst->signctx_init = src->signctx_init;
+ dst->signctx = src->signctx;
+
+ dst->verifyctx_init = src->verifyctx_init;
+ dst->verifyctx = src->verifyctx;
+
+ dst->encrypt_init = src->encrypt_init;
+ dst->encrypt = src->encrypt;
+
+ dst->decrypt_init = src->decrypt_init;
+ dst->decrypt = src->decrypt;
+
+ dst->derive_init = src->derive_init;
+ dst->derive = src->derive;
+
+ dst->ctrl = src->ctrl;
+ dst->ctrl_str = src->ctrl_str;
+ }
+
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
diff --git a/deps/openssl/openssl/crypto/hmac/hm_ameth.c b/deps/openssl/openssl/crypto/hmac/hm_ameth.c
index 6d8a89149..e03f24aed 100644
--- a/deps/openssl/openssl/crypto/hmac/hm_ameth.c
+++ b/deps/openssl/openssl/crypto/hmac/hm_ameth.c
@@ -153,7 +153,7 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth =
hmac_size,
0,
- 0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,
hmac_key_free,
hmac_pkey_ctrl,
diff --git a/deps/openssl/openssl/crypto/hmac/hm_pmeth.c b/deps/openssl/openssl/crypto/hmac/hm_pmeth.c
index 71e8567a1..0daa44511 100644
--- a/deps/openssl/openssl/crypto/hmac/hm_pmeth.c
+++ b/deps/openssl/openssl/crypto/hmac/hm_pmeth.c
@@ -100,7 +100,8 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
dctx = dst->data;
dctx->md = sctx->md;
HMAC_CTX_init(&dctx->ctx);
- HMAC_CTX_copy(&dctx->ctx, &sctx->ctx);
+ if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+ return 0;
if (sctx->ktmp.data)
{
if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
@@ -141,7 +142,8 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
{
HMAC_PKEY_CTX *hctx = ctx->pctx->data;
- HMAC_Update(&hctx->ctx, data, count);
+ if (!HMAC_Update(&hctx->ctx, data, count))
+ return 0;
return 1;
}
@@ -167,7 +169,8 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
if (!sig)
return 1;
- HMAC_Final(&hctx->ctx, sig, &hlen);
+ if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+ return 0;
*siglen = (size_t)hlen;
return 1;
}
@@ -192,8 +195,9 @@ static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_DIGESTINIT:
key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
- HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
- ctx->engine);
+ if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+ ctx->engine))
+ return 0;
break;
default:
diff --git a/deps/openssl/openssl/crypto/hmac/hmac.c b/deps/openssl/openssl/crypto/hmac/hmac.c
index 6c98fc43a..ba27cbf56 100644
--- a/deps/openssl/openssl/crypto/hmac/hmac.c
+++ b/deps/openssl/openssl/crypto/hmac/hmac.c
@@ -61,12 +61,34 @@
#include "cryptlib.h"
#include <openssl/hmac.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl)
{
int i,j,reset=0;
unsigned char pad[HMAC_MAX_MD_CBLOCK];
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ {
+ /* If we have an ENGINE need to allow non FIPS */
+ if ((impl || ctx->i_ctx.engine)
+ && !(ctx->i_ctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
+ {
+ EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
+ return 0;
+ }
+ /* Other algorithm blocking will be done in FIPS_cmac_init,
+ * via FIPS_hmac_init_ex().
+ */
+ if (!impl && !ctx->i_ctx.engine)
+ return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
+ }
+#endif
+
if (md != NULL)
{
reset=1;
@@ -133,6 +155,10 @@ int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine)
+ return FIPS_hmac_update(ctx, data, len);
+#endif
return EVP_DigestUpdate(&ctx->md_ctx,data,len);
}
@@ -140,6 +166,10 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
{
unsigned int i;
unsigned char buf[EVP_MAX_MD_SIZE];
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine)
+ return FIPS_hmac_final(ctx, md, len);
+#endif
if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
goto err;
@@ -179,6 +209,13 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
void HMAC_CTX_cleanup(HMAC_CTX *ctx)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !ctx->i_ctx.engine)
+ {
+ FIPS_hmac_ctx_cleanup(ctx);
+ return;
+ }
+#endif
EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx);
diff --git a/deps/openssl/openssl/crypto/ia64cpuid.S b/deps/openssl/openssl/crypto/ia64cpuid.S
index d705fff7e..7832b9b64 100644
--- a/deps/openssl/openssl/crypto/ia64cpuid.S
+++ b/deps/openssl/openssl/crypto/ia64cpuid.S
@@ -26,7 +26,7 @@ OPENSSL_atomic_add:
{ .mii; mov ar.ccv=r2
add r8=r2,r33
mov r3=r2 };;
-{ .mmi; mf
+{ .mmi; mf;;
cmpxchg4.acq r2=[r32],r8,ar.ccv
nop.i 0 };;
{ .mib; cmp.ne p6,p0=r2,r3
diff --git a/deps/openssl/openssl/crypto/idea/Makefile b/deps/openssl/openssl/crypto/idea/Makefile
index b2e7add66..8af0acdad 100644
--- a/deps/openssl/openssl/crypto/idea/Makefile
+++ b/deps/openssl/openssl/crypto/idea/Makefile
@@ -82,5 +82,8 @@ i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
i_ofb64.o: i_ofb64.c idea_lcl.h
+i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_skey.o: i_skey.c idea_lcl.h
+i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
diff --git a/deps/openssl/openssl/crypto/idea/i_skey.c b/deps/openssl/openssl/crypto/idea/i_skey.c
index 1c95bc9c7..afb830964 100644
--- a/deps/openssl/openssl/crypto/idea/i_skey.c
+++ b/deps/openssl/openssl/crypto/idea/i_skey.c
@@ -56,11 +56,19 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/idea.h>
#include "idea_lcl.h"
static IDEA_INT inverse(unsigned int xin);
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(IDEA);
+ private_idea_set_encrypt_key(key, ks);
+ }
+void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+#endif
{
int i;
register IDEA_INT *kt,*kf,r0,r1,r2;
diff --git a/deps/openssl/openssl/crypto/idea/idea.h b/deps/openssl/openssl/crypto/idea/idea.h
index 5782e54b0..e9a1e7f1a 100644
--- a/deps/openssl/openssl/crypto/idea/idea.h
+++ b/deps/openssl/openssl/crypto/idea/idea.h
@@ -83,6 +83,9 @@ typedef struct idea_key_st
const char *idea_options(void);
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks);
+#ifdef OPENSSL_FIPS
+void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+#endif
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
diff --git a/deps/openssl/openssl/crypto/install-crypto.com b/deps/openssl/openssl/crypto/install-crypto.com
index 85b3d583c..85b3d583c 100644..100755
--- a/deps/openssl/openssl/crypto/install-crypto.com
+++ b/deps/openssl/openssl/crypto/install-crypto.com
diff --git a/deps/openssl/openssl/crypto/md2/md2.h b/deps/openssl/openssl/crypto/md2/md2.h
index a46120e7d..d59c9f259 100644
--- a/deps/openssl/openssl/crypto/md2/md2.h
+++ b/deps/openssl/openssl/crypto/md2/md2.h
@@ -81,6 +81,9 @@ typedef struct MD2state_st
} MD2_CTX;
const char *MD2_options(void);
+#ifdef OPENSSL_FIPS
+int private_MD2_Init(MD2_CTX *c);
+#endif
int MD2_Init(MD2_CTX *c);
int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
int MD2_Final(unsigned char *md, MD2_CTX *c);
diff --git a/deps/openssl/openssl/crypto/md2/md2_dgst.c b/deps/openssl/openssl/crypto/md2/md2_dgst.c
index c57b3da28..bf89def73 100644
--- a/deps/openssl/openssl/crypto/md2/md2_dgst.c
+++ b/deps/openssl/openssl/crypto/md2/md2_dgst.c
@@ -116,7 +116,7 @@ const char *MD2_options(void)
return("md2(int)");
}
-int MD2_Init(MD2_CTX *c)
+fips_md_init(MD2)
{
c->num=0;
memset(c->state,0,sizeof c->state);
diff --git a/deps/openssl/openssl/crypto/md4/Makefile b/deps/openssl/openssl/crypto/md4/Makefile
index c94a1398e..e6f1e4478 100644
--- a/deps/openssl/openssl/crypto/md4/Makefile
+++ b/deps/openssl/openssl/crypto/md4/Makefile
@@ -76,9 +76,11 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
-md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
-md4_dgst.o: ../../include/openssl/opensslconf.h
-md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c
+md4_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md4_dgst.c
md4_dgst.o: md4_locl.h
md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
diff --git a/deps/openssl/openssl/crypto/md4/md4.h b/deps/openssl/openssl/crypto/md4/md4.h
index c3ed9b3f7..a55368a79 100644
--- a/deps/openssl/openssl/crypto/md4/md4.h
+++ b/deps/openssl/openssl/crypto/md4/md4.h
@@ -105,6 +105,9 @@ typedef struct MD4state_st
unsigned int num;
} MD4_CTX;
+#ifdef OPENSSL_FIPS
+int private_MD4_Init(MD4_CTX *c);
+#endif
int MD4_Init(MD4_CTX *c);
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
int MD4_Final(unsigned char *md, MD4_CTX *c);
diff --git a/deps/openssl/openssl/crypto/md4/md4_dgst.c b/deps/openssl/openssl/crypto/md4/md4_dgst.c
index e0c42e859..b5b165b05 100644
--- a/deps/openssl/openssl/crypto/md4/md4_dgst.c
+++ b/deps/openssl/openssl/crypto/md4/md4_dgst.c
@@ -57,8 +57,9 @@
*/
#include <stdio.h>
-#include "md4_locl.h"
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include "md4_locl.h"
const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT;
@@ -70,7 +71,7 @@ const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT;
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
-int MD4_Init(MD4_CTX *c)
+fips_md_init(MD4)
{
memset (c,0,sizeof(*c));
c->A=INIT_DATA_A;
@@ -105,22 +106,23 @@ void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num)
for (;num--;)
{
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
+ (void)HOST_c2l(data,l); X( 0)=l;
+ (void)HOST_c2l(data,l); X( 1)=l;
/* Round 0 */
- R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l;
- R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l;
- R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l;
- R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l;
- R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l;
- R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l;
- R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l;
- R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l;
- R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l;
- R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l;
- R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l;
- R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l;
- R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l;
- R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l;
+ R0(A,B,C,D,X( 0), 3,0); (void)HOST_c2l(data,l); X( 2)=l;
+ R0(D,A,B,C,X( 1), 7,0); (void)HOST_c2l(data,l); X( 3)=l;
+ R0(C,D,A,B,X( 2),11,0); (void)HOST_c2l(data,l); X( 4)=l;
+ R0(B,C,D,A,X( 3),19,0); (void)HOST_c2l(data,l); X( 5)=l;
+ R0(A,B,C,D,X( 4), 3,0); (void)HOST_c2l(data,l); X( 6)=l;
+ R0(D,A,B,C,X( 5), 7,0); (void)HOST_c2l(data,l); X( 7)=l;
+ R0(C,D,A,B,X( 6),11,0); (void)HOST_c2l(data,l); X( 8)=l;
+ R0(B,C,D,A,X( 7),19,0); (void)HOST_c2l(data,l); X( 9)=l;
+ R0(A,B,C,D,X( 8), 3,0); (void)HOST_c2l(data,l); X(10)=l;
+ R0(D,A,B,C,X( 9), 7,0); (void)HOST_c2l(data,l); X(11)=l;
+ R0(C,D,A,B,X(10),11,0); (void)HOST_c2l(data,l); X(12)=l;
+ R0(B,C,D,A,X(11),19,0); (void)HOST_c2l(data,l); X(13)=l;
+ R0(A,B,C,D,X(12), 3,0); (void)HOST_c2l(data,l); X(14)=l;
+ R0(D,A,B,C,X(13), 7,0); (void)HOST_c2l(data,l); X(15)=l;
R0(C,D,A,B,X(14),11,0);
R0(B,C,D,A,X(15),19,0);
/* Round 1 */
diff --git a/deps/openssl/openssl/crypto/md4/md4_locl.h b/deps/openssl/openssl/crypto/md4/md4_locl.h
index c8085b0ea..99c3e5004 100644
--- a/deps/openssl/openssl/crypto/md4/md4_locl.h
+++ b/deps/openssl/openssl/crypto/md4/md4_locl.h
@@ -77,10 +77,10 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
#define HASH_FINAL MD4_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md4_block_data_order
diff --git a/deps/openssl/openssl/crypto/md5/Makefile b/deps/openssl/openssl/crypto/md5/Makefile
index 9858d53d3..b9e2ce9a3 100644
--- a/deps/openssl/openssl/crypto/md5/Makefile
+++ b/deps/openssl/openssl/crypto/md5/Makefile
@@ -89,9 +89,11 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
-md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h
-md5_dgst.o: ../../include/openssl/opensslconf.h
-md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
+md5_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md5_dgst.c
md5_dgst.o: md5_locl.h
md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
diff --git a/deps/openssl/openssl/crypto/md5/asm/md5-x86_64.pl b/deps/openssl/openssl/crypto/md5/asm/md5-x86_64.pl
index 867885435..f11224d17 100755
--- a/deps/openssl/openssl/crypto/md5/asm/md5-x86_64.pl
+++ b/deps/openssl/openssl/crypto/md5/asm/md5-x86_64.pl
@@ -120,7 +120,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
die "can't locate x86_64-xlate.pl";
no warnings qw(uninitialized);
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
$code .= <<EOF;
.text
diff --git a/deps/openssl/openssl/crypto/md5/md5.h b/deps/openssl/openssl/crypto/md5/md5.h
index 4cbf84386..541cc925f 100644
--- a/deps/openssl/openssl/crypto/md5/md5.h
+++ b/deps/openssl/openssl/crypto/md5/md5.h
@@ -105,6 +105,9 @@ typedef struct MD5state_st
unsigned int num;
} MD5_CTX;
+#ifdef OPENSSL_FIPS
+int private_MD5_Init(MD5_CTX *c);
+#endif
int MD5_Init(MD5_CTX *c);
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
int MD5_Final(unsigned char *md, MD5_CTX *c);
diff --git a/deps/openssl/openssl/crypto/md5/md5_dgst.c b/deps/openssl/openssl/crypto/md5/md5_dgst.c
index beace632e..265890de5 100644
--- a/deps/openssl/openssl/crypto/md5/md5_dgst.c
+++ b/deps/openssl/openssl/crypto/md5/md5_dgst.c
@@ -59,6 +59,7 @@
#include <stdio.h>
#include "md5_locl.h"
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT;
@@ -70,7 +71,7 @@ const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT;
#define INIT_DATA_C (unsigned long)0x98badcfeL
#define INIT_DATA_D (unsigned long)0x10325476L
-int MD5_Init(MD5_CTX *c)
+fips_md_init(MD5)
{
memset (c,0,sizeof(*c));
c->A=INIT_DATA_A;
diff --git a/deps/openssl/openssl/crypto/md5/md5_locl.h b/deps/openssl/openssl/crypto/md5/md5_locl.h
index 968d57799..74d63d1f9 100644
--- a/deps/openssl/openssl/crypto/md5/md5_locl.h
+++ b/deps/openssl/openssl/crypto/md5/md5_locl.h
@@ -86,10 +86,10 @@ void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
#define HASH_FINAL MD5_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER md5_block_data_order
diff --git a/deps/openssl/openssl/crypto/mdc2/Makefile b/deps/openssl/openssl/crypto/mdc2/Makefile
index 1d064f17a..141553149 100644
--- a/deps/openssl/openssl/crypto/mdc2/Makefile
+++ b/deps/openssl/openssl/crypto/mdc2/Makefile
@@ -84,10 +84,10 @@ mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
-mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h
-mdc2dgst.o: ../../include/openssl/opensslconf.h
-mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-mdc2dgst.o: mdc2dgst.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2dgst.o: ../../include/openssl/ui_compat.h mdc2dgst.c
diff --git a/deps/openssl/openssl/crypto/mdc2/mdc2.h b/deps/openssl/openssl/crypto/mdc2/mdc2.h
index 72778a521..f3e8e579d 100644
--- a/deps/openssl/openssl/crypto/mdc2/mdc2.h
+++ b/deps/openssl/openssl/crypto/mdc2/mdc2.h
@@ -81,6 +81,9 @@ typedef struct mdc2_ctx_st
} MDC2_CTX;
+#ifdef OPENSSL_FIPS
+int private_MDC2_Init(MDC2_CTX *c);
+#endif
int MDC2_Init(MDC2_CTX *c);
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
diff --git a/deps/openssl/openssl/crypto/mdc2/mdc2dgst.c b/deps/openssl/openssl/crypto/mdc2/mdc2dgst.c
index 4aa406edc..d66ed6a1c 100644
--- a/deps/openssl/openssl/crypto/mdc2/mdc2dgst.c
+++ b/deps/openssl/openssl/crypto/mdc2/mdc2dgst.c
@@ -59,6 +59,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <openssl/crypto.h>
#include <openssl/des.h>
#include <openssl/mdc2.h>
@@ -75,7 +76,7 @@
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-int MDC2_Init(MDC2_CTX *c)
+fips_md_init(MDC2)
{
c->num=0;
c->pad_type=1;
diff --git a/deps/openssl/openssl/crypto/mem.c b/deps/openssl/openssl/crypto/mem.c
index ae40de37f..1cc62eafd 100644
--- a/deps/openssl/openssl/crypto/mem.c
+++ b/deps/openssl/openssl/crypto/mem.c
@@ -121,10 +121,11 @@ static void (*set_debug_options_func)(long) = NULL;
static long (*get_debug_options_func)(void) = NULL;
#endif
-
int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t),
void (*f)(void *))
{
+ /* Dummy call just to ensure OPENSSL_init() gets linked in */
+ OPENSSL_init();
if (!allow_customize)
return 0;
if ((m == 0) || (r == 0) || (f == 0))
@@ -186,6 +187,7 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
{
if (!allow_customize_debug)
return 0;
+ OPENSSL_init();
malloc_debug_func=m;
realloc_debug_func=r;
free_debug_func=f;
diff --git a/deps/openssl/openssl/crypto/modes/Makefile b/deps/openssl/openssl/crypto/modes/Makefile
index 6c85861b6..c825b12f2 100644
--- a/deps/openssl/openssl/crypto/modes/Makefile
+++ b/deps/openssl/openssl/crypto/modes/Makefile
@@ -10,21 +10,27 @@ CFLAG=-g
MAKEFILE= Makefile
AR= ar r
+MODES_ASM_OBJ=
+
CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
GENERAL=Makefile
TEST=
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c
-LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o
+LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c \
+ ccm128.c xts128.c
+LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o gcm128.o \
+ ccm128.o xts128.o $(MODES_ASM_OBJ)
SRC= $(LIBSRC)
#EXHEADER= store.h str_compat.h
EXHEADER= modes.h
-HEADER= $(EXHEADER)
+HEADER= modes_lcl.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -38,6 +44,24 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
+ghash-ia64.s: asm/ghash-ia64.pl
+ $(PERL) asm/ghash-ia64.pl $@ $(CFLAGS)
+ghash-x86.s: asm/ghash-x86.pl
+ $(PERL) asm/ghash-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+ghash-x86_64.s: asm/ghash-x86_64.pl
+ $(PERL) asm/ghash-x86_64.pl $(PERLASM_SCHEME) > $@
+ghash-sparcv9.s: asm/ghash-sparcv9.pl
+ $(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
+ghash-alpha.s: asm/ghash-alpha.pl
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ghash-parisc.s: asm/ghash-parisc.pl
+ $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+ghash-%.S: asm/ghash-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+ghash-armv4.o: ghash-armv4.S
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -71,12 +95,47 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
-cbc128.o: cbc128.c modes.h
-cfb128.o: cfb128.c modes.h
-ctr128.o: ctr128.c modes.h
-cts128.o: cts128.c modes.h
-ofb128.o: modes.h ofb128.c
+cbc128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cbc128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cbc128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cbc128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc128.o: ../../include/openssl/symhacks.h cbc128.c modes_lcl.h
+ccm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ccm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ccm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ccm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ccm128.o: ../../include/openssl/symhacks.h ccm128.c modes_lcl.h
+cfb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cfb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cfb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cfb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb128.o: ../../include/openssl/symhacks.h cfb128.c modes_lcl.h
+ctr128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ctr128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ctr128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ctr128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ctr128.o: ../../include/openssl/symhacks.h ctr128.c modes_lcl.h
+cts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cts128.o: ../../include/openssl/symhacks.h cts128.c modes_lcl.h
+gcm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gcm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+gcm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gcm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gcm128.o: ../../include/openssl/symhacks.h gcm128.c modes_lcl.h
+ofb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ofb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ofb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ofb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb128.o: ../../include/openssl/symhacks.h modes_lcl.h ofb128.c
+xts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+xts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+xts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+xts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+xts128.o: ../../include/openssl/symhacks.h modes_lcl.h xts128.c
diff --git a/deps/openssl/openssl/crypto/modes/cbc128.c b/deps/openssl/openssl/crypto/modes/cbc128.c
index 8f8bd563b..3d3782cbe 100644
--- a/deps/openssl/openssl/crypto/modes/cbc128.c
+++ b/deps/openssl/openssl/crypto/modes/cbc128.c
@@ -48,7 +48,8 @@
*
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -58,12 +59,7 @@
#endif
#include <assert.h>
-#define STRICT_ALIGNMENT 1
-#if defined(__i386) || defined(__i386__) || \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__)
-# undef STRICT_ALIGNMENT
+#ifndef STRICT_ALIGNMENT
# define STRICT_ALIGNMENT 0
#endif
diff --git a/deps/openssl/openssl/crypto/modes/cfb128.c b/deps/openssl/openssl/crypto/modes/cfb128.c
index e5938c613..4e6f5d35e 100644
--- a/deps/openssl/openssl/crypto/modes/cfb128.c
+++ b/deps/openssl/openssl/crypto/modes/cfb128.c
@@ -48,7 +48,8 @@
*
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -58,14 +59,6 @@
#endif
#include <assert.h>
-#define STRICT_ALIGNMENT
-#if defined(__i386) || defined(__i386__) || \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__)
-# undef STRICT_ALIGNMENT
-#endif
-
/* The input and output encrypted as though 128bit cfb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
diff --git a/deps/openssl/openssl/crypto/modes/ctr128.c b/deps/openssl/openssl/crypto/modes/ctr128.c
index 932037f55..ee642c586 100644
--- a/deps/openssl/openssl/crypto/modes/ctr128.c
+++ b/deps/openssl/openssl/crypto/modes/ctr128.c
@@ -48,7 +48,8 @@
*
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -58,17 +59,6 @@
#endif
#include <assert.h>
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-#define STRICT_ALIGNMENT
-#if defined(__i386) || defined(__i386__) || \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__)
-# undef STRICT_ALIGNMENT
-#endif
-
/* NOTE: the IV/counter CTR mode is big-endian. The code itself
* is endian-neutral. */
@@ -182,3 +172,81 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
*num=n;
}
+
+/* increment upper 96 bits of 128-bit counter by 1 */
+static void ctr96_inc(unsigned char *counter) {
+ u32 n=12;
+ u8 c;
+
+ do {
+ --n;
+ c = counter[n];
+ ++c;
+ counter[n] = c;
+ if (c) return;
+ } while (n);
+}
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], unsigned char ecount_buf[16],
+ unsigned int *num, ctr128_f func)
+{
+ unsigned int n,ctr32;
+
+ assert(in && out && key && ecount_buf && num);
+ assert(*num < 16);
+
+ n = *num;
+
+ while (n && len) {
+ *(out++) = *(in++) ^ ecount_buf[n];
+ --len;
+ n = (n+1) % 16;
+ }
+
+ ctr32 = GETU32(ivec+12);
+ while (len>=16) {
+ size_t blocks = len/16;
+ /*
+ * 1<<28 is just a not-so-small yet not-so-large number...
+ * Below condition is practically never met, but it has to
+ * be checked for code correctness.
+ */
+ if (sizeof(size_t)>sizeof(unsigned int) && blocks>(1U<<28))
+ blocks = (1U<<28);
+ /*
+ * As (*func) operates on 32-bit counter, caller
+ * has to handle overflow. 'if' below detects the
+ * overflow, which is then handled by limiting the
+ * amount of blocks to the exact overflow point...
+ */
+ ctr32 += (u32)blocks;
+ if (ctr32 < blocks) {
+ blocks -= ctr32;
+ ctr32 = 0;
+ }
+ (*func)(in,out,blocks,key,ivec);
+ /* (*ctr) does not update ivec, caller does: */
+ PUTU32(ivec+12,ctr32);
+ /* ... overflow was detected, propogate carry. */
+ if (ctr32 == 0) ctr96_inc(ivec);
+ blocks *= 16;
+ len -= blocks;
+ out += blocks;
+ in += blocks;
+ }
+ if (len) {
+ memset(ecount_buf,0,16);
+ (*func)(ecount_buf,ecount_buf,1,key,ivec);
+ ++ctr32;
+ PUTU32(ivec+12,ctr32);
+ if (ctr32 == 0) ctr96_inc(ivec);
+ while (len--) {
+ out[n] = in[n] ^ ecount_buf[n];
+ ++n;
+ }
+ }
+
+ *num=n;
+}
diff --git a/deps/openssl/openssl/crypto/modes/cts128.c b/deps/openssl/openssl/crypto/modes/cts128.c
index e0430f9fd..c0e1f3696 100644
--- a/deps/openssl/openssl/crypto/modes/cts128.c
+++ b/deps/openssl/openssl/crypto/modes/cts128.c
@@ -5,7 +5,8 @@
* forms are granted according to the OpenSSL license.
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -23,8 +24,9 @@
* deviates from mentioned RFCs. Most notably it allows input to be
* of block length and it doesn't flip the order of the last two
* blocks. CTS is being discussed even in ECB context, but it's not
- * adopted for any known application. This implementation complies
- * with mentioned RFCs and [as such] extends CBC mode.
+ * adopted for any known application. This implementation provides
+ * two interfaces: one compliant with above mentioned RFCs and one
+ * compliant with the NIST proposal, both extending CBC mode.
*/
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
@@ -54,6 +56,34 @@ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
return len+residue;
}
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block)
+{ size_t residue, n;
+
+ assert (in && out && key && ivec);
+
+ if (len < 16) return 0;
+
+ residue=len%16;
+
+ len -= residue;
+
+ CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
+
+ if (residue==0) return len;
+
+ in += len;
+ out += len;
+
+ for (n=0; n<residue; ++n)
+ ivec[n] ^= in[n];
+ (*block)(ivec,ivec,key);
+ memcpy(out-16+residue,ivec,16);
+
+ return len+residue;
+}
+
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc)
@@ -90,6 +120,41 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
return len+residue;
}
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc)
+{ size_t residue;
+ union { size_t align; unsigned char c[16]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len < 16) return 0;
+
+ residue=len%16;
+
+ len -= residue;
+
+ (*cbc)(in,out,len,key,ivec,1);
+
+ if (residue==0) return len;
+
+ in += len;
+ out += len;
+
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+ (*cbc)(in,out-16+residue,residue,key,ivec,1);
+#else
+ {
+ size_t n;
+ for (n=0; n<16; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = 0;
+ memcpy(tmp.c,in,residue);
+ }
+ (*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
+#endif
+ return len+residue;
+}
+
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block)
@@ -125,7 +190,51 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
for(residue+=16; n<residue; ++n)
out[n] = tmp.c[n] ^ in[n];
- return len+residue-16;
+ return 16+len+residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block)
+{ size_t residue, n;
+ union { size_t align; unsigned char c[32]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len<16) return 0;
+
+ residue=len%16;
+
+ if (residue==0) {
+ CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
+ return len;
+ }
+
+ len -= 16+residue;
+
+ if (len) {
+ CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
+ in += len;
+ out += len;
+ }
+
+ (*block)(in+residue,tmp.c+16,key);
+
+ for (n=0; n<16; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
+ memcpy(tmp.c,in,residue);
+ (*block)(tmp.c,tmp.c,key);
+
+ for(n=0; n<16; ++n) {
+ unsigned char c = in[n];
+ out[n] = tmp.c[n] ^ ivec[n];
+ ivec[n] = in[n+residue];
+ tmp.c[n] = c;
+ }
+ for(residue+=16; n<residue; ++n)
+ out[n] = tmp.c[n] ^ tmp.c[n-16];
+
+ return 16+len+residue;
}
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
@@ -160,7 +269,47 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
(*cbc)(tmp.c,tmp.c,32,key,ivec,0);
memcpy(out,tmp.c,16+residue);
#endif
- return len+residue;
+ return 16+len+residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc)
+{ size_t residue, n;
+ union { size_t align; unsigned char c[32]; } tmp;
+
+ assert (in && out && key && ivec);
+
+ if (len<16) return 0;
+
+ residue=len%16;
+
+ if (residue==0) {
+ (*cbc)(in,out,len,key,ivec,0);
+ return len;
+ }
+
+ len -= 16+residue;
+
+ if (len) {
+ (*cbc)(in,out,len,key,ivec,0);
+ in += len;
+ out += len;
+ }
+
+ for (n=16; n<32; n+=sizeof(size_t))
+ *(size_t *)(tmp.c+n) = 0;
+ /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
+ (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
+
+ memcpy(tmp.c,in,residue);
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+ (*cbc)(tmp.c,out,16+residue,key,ivec,0);
+#else
+ (*cbc)(tmp.c,tmp.c,32,key,ivec,0);
+ memcpy(out,tmp.c,16+residue);
+#endif
+ return 16+len+residue;
}
#if defined(SELFTEST)
@@ -200,9 +349,8 @@ static const unsigned char vector_64[64] =
static AES_KEY encks, decks;
void test_vector(const unsigned char *vector,size_t len)
-{ unsigned char cleartext[64];
- unsigned char iv[sizeof(test_iv)];
- unsigned char ciphertext[64];
+{ unsigned char iv[sizeof(test_iv)];
+ unsigned char cleartext[64],ciphertext[64];
size_t tail;
printf("vector_%d\n",len); fflush(stdout);
@@ -243,7 +391,57 @@ void test_vector(const unsigned char *vector,size_t len)
fprintf(stderr,"iv_%d mismatch\n",len), exit(4);
}
-main()
+void test_nistvector(const unsigned char *vector,size_t len)
+{ unsigned char iv[sizeof(test_iv)];
+ unsigned char cleartext[64],ciphertext[64],nistvector[64];
+ size_t tail;
+
+ printf("nistvector_%d\n",len); fflush(stdout);
+
+ if ((tail=len%16) == 0) tail = 16;
+
+ len -= 16 + tail;
+ memcpy(nistvector,vector,len);
+ /* flip two last blocks */
+ memcpy(nistvector+len,vector+len+16,tail);
+ memcpy(nistvector+len+tail,vector+len,16);
+ len += 16 + tail;
+ tail = 16;
+
+ /* test block-based encryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_encrypt_block(test_input,ciphertext,len,&encks,iv,(block128_f)AES_encrypt);
+ if (memcmp(ciphertext,nistvector,len))
+ fprintf(stderr,"output_%d mismatch\n",len), exit(1);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(1);
+
+ /* test block-based decryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_decrypt_block(ciphertext,cleartext,len,&decks,iv,(block128_f)AES_decrypt);
+ if (memcmp(cleartext,test_input,len))
+ fprintf(stderr,"input_%d mismatch\n",len), exit(2);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(2);
+
+ /* test streamed encryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_encrypt(test_input,ciphertext,len,&encks,iv,(cbc128_f)AES_cbc_encrypt);
+ if (memcmp(ciphertext,nistvector,len))
+ fprintf(stderr,"output_%d mismatch\n",len), exit(3);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(3);
+
+ /* test streamed decryption */
+ memcpy(iv,test_iv,sizeof(test_iv));
+ CRYPTO_nistcts128_decrypt(ciphertext,cleartext,len,&decks,iv,(cbc128_f)AES_cbc_encrypt);
+ if (memcmp(cleartext,test_input,len))
+ fprintf(stderr,"input_%d mismatch\n",len), exit(4);
+ if (memcmp(iv,nistvector+len-tail,sizeof(iv)))
+ fprintf(stderr,"iv_%d mismatch\n",len), exit(4);
+}
+
+int main()
{
AES_set_encrypt_key(test_key,128,&encks);
AES_set_decrypt_key(test_key,128,&decks);
@@ -254,6 +452,14 @@ main()
test_vector(vector_47,sizeof(vector_47));
test_vector(vector_48,sizeof(vector_48));
test_vector(vector_64,sizeof(vector_64));
- exit(0);
+
+ test_nistvector(vector_17,sizeof(vector_17));
+ test_nistvector(vector_31,sizeof(vector_31));
+ test_nistvector(vector_32,sizeof(vector_32));
+ test_nistvector(vector_47,sizeof(vector_47));
+ test_nistvector(vector_48,sizeof(vector_48));
+ test_nistvector(vector_64,sizeof(vector_64));
+
+ return 0;
}
#endif
diff --git a/deps/openssl/openssl/crypto/modes/modes.h b/deps/openssl/openssl/crypto/modes/modes.h
index af8d97d79..f18215bb2 100644
--- a/deps/openssl/openssl/crypto/modes/modes.h
+++ b/deps/openssl/openssl/crypto/modes/modes.h
@@ -15,6 +15,14 @@ typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], int enc);
+typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16]);
+
+typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16],unsigned char cmac[16]);
+
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
@@ -27,6 +35,11 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
unsigned char ivec[16], unsigned char ecount_buf[16],
unsigned int *num, block128_f block);
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], unsigned char ecount_buf[16],
+ unsigned int *num, ctr128_f ctr);
+
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], int *num,
@@ -57,3 +70,66 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
+
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+
+typedef struct gcm128_context GCM128_CONTEXT;
+
+GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
+void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block);
+void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
+ size_t len);
+int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
+ size_t len);
+int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
+ size_t len);
+void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
+
+typedef struct ccm128_context CCM128_CONTEXT;
+
+void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
+ unsigned int M, unsigned int L, void *key,block128_f block);
+int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
+ const unsigned char *nonce, size_t nlen, size_t mlen);
+void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
+ const unsigned char *aad, size_t alen);
+int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
+ const unsigned char *inp, unsigned char *out, size_t len);
+int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
+ const unsigned char *inp, unsigned char *out, size_t len);
+int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
+ const unsigned char *inp, unsigned char *out, size_t len,
+ ccm128_f stream);
+int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
+ const unsigned char *inp, unsigned char *out, size_t len,
+ ccm128_f stream);
+size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+
+typedef struct xts128_context XTS128_CONTEXT;
+
+int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
+ const unsigned char *inp, unsigned char *out, size_t len, int enc);
diff --git a/deps/openssl/openssl/crypto/modes/ofb128.c b/deps/openssl/openssl/crypto/modes/ofb128.c
index c732e2ec5..01c01702c 100644
--- a/deps/openssl/openssl/crypto/modes/ofb128.c
+++ b/deps/openssl/openssl/crypto/modes/ofb128.c
@@ -48,7 +48,8 @@
*
*/
-#include "modes.h"
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
#include <string.h>
#ifndef MODES_DEBUG
@@ -58,14 +59,6 @@
#endif
#include <assert.h>
-#define STRICT_ALIGNMENT
-#if defined(__i386) || defined(__i386__) || \
- defined(__x86_64) || defined(__x86_64__) || \
- defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__)
-# undef STRICT_ALIGNMENT
-#endif
-
/* The input and output encrypted as though 128bit ofb mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num;
diff --git a/deps/openssl/openssl/crypto/objects/o_names.c b/deps/openssl/openssl/crypto/objects/o_names.c
index 84380a96a..4a548c2ed 100644
--- a/deps/openssl/openssl/crypto/objects/o_names.c
+++ b/deps/openssl/openssl/crypto/objects/o_names.c
@@ -73,7 +73,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
name_funcs_stack=sk_NAME_FUNCS_new_null();
MemCheck_on();
}
- if ((name_funcs_stack == NULL))
+ if (name_funcs_stack == NULL)
{
/* ERROR */
return(0);
diff --git a/deps/openssl/openssl/crypto/objects/obj_dat.h b/deps/openssl/openssl/crypto/objects/obj_dat.h
index 6449be607..d404ad07c 100644
--- a/deps/openssl/openssl/crypto/objects/obj_dat.h
+++ b/deps/openssl/openssl/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
-#define NUM_NID 893
-#define NUM_SN 886
-#define NUM_LN 886
-#define NUM_OBJ 840
+#define NUM_NID 920
+#define NUM_SN 913
+#define NUM_LN 913
+#define NUM_OBJ 857
-static const unsigned char lvalues[5824]={
+static const unsigned char lvalues[5980]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -908,6 +908,23 @@ static const unsigned char lvalues[5824]={
0x55,0x04,0x34, /* [5814] OBJ_supportedAlgorithms */
0x55,0x04,0x35, /* [5817] OBJ_deltaRevocationList */
0x55,0x04,0x36, /* [5820] OBJ_dmdName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5823] OBJ_id_alg_PWRI_KEK */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5834] OBJ_aes_128_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5843] OBJ_aes_128_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5852] OBJ_id_aes128_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5861] OBJ_aes_192_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5870] OBJ_aes_192_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5879] OBJ_id_aes192_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5888] OBJ_aes_256_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5897] OBJ_aes_256_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5906] OBJ_id_aes256_wrap_pad */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5915] OBJ_id_camellia128_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */
+0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5970] OBJ_rsaesOaep */
};
static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2351,28 +2368,74 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
3,&(lvalues[5817]),0},
{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5820]),0},
+{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
+ &(lvalues[5823]),0},
+{"CMAC","cmac",NID_cmac,0,NULL,0},
+{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5834]),0},
+{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5843]),0},
+{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
+ &(lvalues[5852]),0},
+{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5861]),0},
+{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5870]),0},
+{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
+ &(lvalues[5879]),0},
+{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5888]),0},
+{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5897]),0},
+{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
+ &(lvalues[5906]),0},
+{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
+{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
+{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
+{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
+ 11,&(lvalues[5915]),0},
+{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
+ 11,&(lvalues[5926]),0},
+{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
+ 11,&(lvalues[5937]),0},
+{"anyExtendedKeyUsage","Any Extended Key Usage",
+ NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0},
+{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5952]),0},
+{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5961]),0},
+{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
+{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
+{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
+{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
+ NID_aes_128_cbc_hmac_sha1,0,NULL,0},
+{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
+ NID_aes_192_cbc_hmac_sha1,0,NULL,0},
+{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
+ NID_aes_256_cbc_hmac_sha1,0,NULL,0},
+{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5970]),0},
};
static const unsigned int sn_objs[NUM_SN]={
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
+916, /* "AES-128-CBC-HMAC-SHA1" */
421, /* "AES-128-CFB" */
650, /* "AES-128-CFB1" */
653, /* "AES-128-CFB8" */
+904, /* "AES-128-CTR" */
418, /* "AES-128-ECB" */
420, /* "AES-128-OFB" */
+913, /* "AES-128-XTS" */
423, /* "AES-192-CBC" */
+917, /* "AES-192-CBC-HMAC-SHA1" */
425, /* "AES-192-CFB" */
651, /* "AES-192-CFB1" */
654, /* "AES-192-CFB8" */
+905, /* "AES-192-CTR" */
422, /* "AES-192-ECB" */
424, /* "AES-192-OFB" */
427, /* "AES-256-CBC" */
+918, /* "AES-256-CBC-HMAC-SHA1" */
429, /* "AES-256-CFB" */
652, /* "AES-256-CFB1" */
655, /* "AES-256-CFB8" */
+906, /* "AES-256-CTR" */
426, /* "AES-256-ECB" */
428, /* "AES-256-OFB" */
+914, /* "AES-256-XTS" */
91, /* "BF-CBC" */
93, /* "BF-CFB" */
92, /* "BF-ECB" */
@@ -2400,6 +2463,7 @@ static const unsigned int sn_objs[NUM_SN]={
110, /* "CAST5-CFB" */
109, /* "CAST5-ECB" */
111, /* "CAST5-OFB" */
+894, /* "CMAC" */
13, /* "CN" */
141, /* "CRLReason" */
417, /* "CSPName" */
@@ -2451,6 +2515,7 @@ static const unsigned int sn_objs[NUM_SN]={
4, /* "MD5" */
114, /* "MD5-SHA1" */
95, /* "MDC2" */
+911, /* "MGF1" */
388, /* "Mail" */
393, /* "NULL" */
404, /* "NULL" */
@@ -2487,6 +2552,7 @@ static const unsigned int sn_objs[NUM_SN]={
40, /* "RC2-OFB" */
5, /* "RC4" */
97, /* "RC4-40" */
+915, /* "RC4-HMAC-MD5" */
120, /* "RC5-CBC" */
122, /* "RC5-CFB" */
121, /* "RC5-ECB" */
@@ -2507,6 +2573,8 @@ static const unsigned int sn_objs[NUM_SN]={
668, /* "RSA-SHA256" */
669, /* "RSA-SHA384" */
670, /* "RSA-SHA512" */
+919, /* "RSAES-OAEP" */
+912, /* "RSASSA-PSS" */
777, /* "SEED-CBC" */
779, /* "SEED-CFB" */
776, /* "SEED-ECB" */
@@ -2540,6 +2608,7 @@ static const unsigned int sn_objs[NUM_SN]={
363, /* "ad_timestamping" */
376, /* "algorithm" */
405, /* "ansi-X9-62" */
+910, /* "anyExtendedKeyUsage" */
746, /* "anyPolicy" */
370, /* "archiveCutoff" */
484, /* "associatedDomain" */
@@ -2716,14 +2785,27 @@ static const unsigned int sn_objs[NUM_SN]={
357, /* "id-aca-group" */
358, /* "id-aca-role" */
176, /* "id-ad" */
+896, /* "id-aes128-CCM" */
+895, /* "id-aes128-GCM" */
788, /* "id-aes128-wrap" */
+897, /* "id-aes128-wrap-pad" */
+899, /* "id-aes192-CCM" */
+898, /* "id-aes192-GCM" */
789, /* "id-aes192-wrap" */
+900, /* "id-aes192-wrap-pad" */
+902, /* "id-aes256-CCM" */
+901, /* "id-aes256-GCM" */
790, /* "id-aes256-wrap" */
+903, /* "id-aes256-wrap-pad" */
262, /* "id-alg" */
+893, /* "id-alg-PWRI-KEK" */
323, /* "id-alg-des40" */
326, /* "id-alg-dh-pop" */
325, /* "id-alg-dh-sig-hmac-sha1" */
324, /* "id-alg-noSignature" */
+907, /* "id-camellia128-wrap" */
+908, /* "id-camellia192-wrap" */
+909, /* "id-camellia256-wrap" */
268, /* "id-cct" */
361, /* "id-cct-PKIData" */
362, /* "id-cct-PKIResponse" */
@@ -3246,6 +3328,7 @@ static const unsigned int ln_objs[NUM_LN]={
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
368, /* "Acceptable OCSP Responses" */
+910, /* "Any Extended Key Usage" */
664, /* "Any language" */
177, /* "Authority Information Access" */
365, /* "Basic OCSP Response" */
@@ -3386,23 +3469,37 @@ static const unsigned int ln_objs[NUM_LN]={
364, /* "ad dvcs" */
606, /* "additional verification" */
419, /* "aes-128-cbc" */
+916, /* "aes-128-cbc-hmac-sha1" */
+896, /* "aes-128-ccm" */
421, /* "aes-128-cfb" */
650, /* "aes-128-cfb1" */
653, /* "aes-128-cfb8" */
+904, /* "aes-128-ctr" */
418, /* "aes-128-ecb" */
+895, /* "aes-128-gcm" */
420, /* "aes-128-ofb" */
+913, /* "aes-128-xts" */
423, /* "aes-192-cbc" */
+917, /* "aes-192-cbc-hmac-sha1" */
+899, /* "aes-192-ccm" */
425, /* "aes-192-cfb" */
651, /* "aes-192-cfb1" */
654, /* "aes-192-cfb8" */
+905, /* "aes-192-ctr" */
422, /* "aes-192-ecb" */
+898, /* "aes-192-gcm" */
424, /* "aes-192-ofb" */
427, /* "aes-256-cbc" */
+918, /* "aes-256-cbc-hmac-sha1" */
+902, /* "aes-256-ccm" */
429, /* "aes-256-cfb" */
652, /* "aes-256-cfb1" */
655, /* "aes-256-cfb8" */
+906, /* "aes-256-ctr" */
426, /* "aes-256-ecb" */
+901, /* "aes-256-gcm" */
428, /* "aes-256-ofb" */
+914, /* "aes-256-xts" */
376, /* "algorithm" */
484, /* "associatedDomain" */
485, /* "associatedName" */
@@ -3467,6 +3564,7 @@ static const unsigned int ln_objs[NUM_LN]={
407, /* "characteristic-two-field" */
395, /* "clearance" */
633, /* "cleartext track 2" */
+894, /* "cmac" */
13, /* "commonName" */
513, /* "content types" */
50, /* "contentType" */
@@ -3602,13 +3700,20 @@ static const unsigned int ln_objs[NUM_LN]={
358, /* "id-aca-role" */
176, /* "id-ad" */
788, /* "id-aes128-wrap" */
+897, /* "id-aes128-wrap-pad" */
789, /* "id-aes192-wrap" */
+900, /* "id-aes192-wrap-pad" */
790, /* "id-aes256-wrap" */
+903, /* "id-aes256-wrap-pad" */
262, /* "id-alg" */
+893, /* "id-alg-PWRI-KEK" */
323, /* "id-alg-des40" */
326, /* "id-alg-dh-pop" */
325, /* "id-alg-dh-sig-hmac-sha1" */
324, /* "id-alg-noSignature" */
+907, /* "id-camellia128-wrap" */
+908, /* "id-camellia192-wrap" */
+909, /* "id-camellia256-wrap" */
268, /* "id-cct" */
361, /* "id-cct-PKIData" */
362, /* "id-cct-PKIResponse" */
@@ -3806,6 +3911,7 @@ static const unsigned int ln_objs[NUM_LN]={
602, /* "merchant initiated auth" */
514, /* "message extensions" */
51, /* "messageDigest" */
+911, /* "mgf1" */
506, /* "mime-mhs-bodies" */
505, /* "mime-mhs-headings" */
488, /* "mobileTelephoneNumber" */
@@ -3889,6 +3995,7 @@ static const unsigned int ln_objs[NUM_LN]={
40, /* "rc2-ofb" */
5, /* "rc4" */
97, /* "rc4-40" */
+915, /* "rc4-hmac-md5" */
120, /* "rc5-cbc" */
122, /* "rc5-cfb" */
121, /* "rc5-ecb" */
@@ -3905,6 +4012,8 @@ static const unsigned int ln_objs[NUM_LN]={
6, /* "rsaEncryption" */
644, /* "rsaOAEPEncryptionSET" */
377, /* "rsaSignature" */
+919, /* "rsaesOaep" */
+912, /* "rsassaPss" */
124, /* "run length compression" */
482, /* "sOARecord" */
155, /* "safeContentsBag" */
@@ -4254,6 +4363,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
96, /* OBJ_mdc2WithRSA 2 5 8 3 100 */
95, /* OBJ_mdc2 2 5 8 3 101 */
746, /* OBJ_any_policy 2 5 29 32 0 */
+910, /* OBJ_anyExtendedKeyUsage 2 5 29 37 0 */
519, /* OBJ_setct_PANData 2 23 42 0 0 */
520, /* OBJ_setct_PANToken 2 23 42 0 1 */
521, /* OBJ_setct_PANOnly 2 23 42 0 2 */
@@ -4720,6 +4830,9 @@ static const unsigned int obj_objs[NUM_OBJ]={
8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
+919, /* OBJ_rsaesOaep 1 2 840 113549 1 1 7 */
+911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */
+912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */
668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
@@ -4785,16 +4898,25 @@ static const unsigned int obj_objs[NUM_OBJ]={
420, /* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
421, /* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
788, /* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */
+895, /* OBJ_aes_128_gcm 2 16 840 1 101 3 4 1 6 */
+896, /* OBJ_aes_128_ccm 2 16 840 1 101 3 4 1 7 */
+897, /* OBJ_id_aes128_wrap_pad 2 16 840 1 101 3 4 1 8 */
422, /* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
423, /* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
424, /* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
425, /* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
789, /* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */
+898, /* OBJ_aes_192_gcm 2 16 840 1 101 3 4 1 26 */
+899, /* OBJ_aes_192_ccm 2 16 840 1 101 3 4 1 27 */
+900, /* OBJ_id_aes192_wrap_pad 2 16 840 1 101 3 4 1 28 */
426, /* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
427, /* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
428, /* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
429, /* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
790, /* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */
+901, /* OBJ_aes_256_gcm 2 16 840 1 101 3 4 1 46 */
+902, /* OBJ_aes_256_ccm 2 16 840 1 101 3 4 1 47 */
+903, /* OBJ_id_aes256_wrap_pad 2 16 840 1 101 3 4 1 48 */
672, /* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
673, /* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
674, /* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
@@ -4901,6 +5023,9 @@ static const unsigned int obj_objs[NUM_OBJ]={
751, /* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
752, /* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
753, /* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
+907, /* OBJ_id_camellia128_wrap 1 2 392 200011 61 1 1 3 2 */
+908, /* OBJ_id_camellia192_wrap 1 2 392 200011 61 1 1 3 3 */
+909, /* OBJ_id_camellia256_wrap 1 2 392 200011 61 1 1 3 4 */
196, /* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
197, /* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
198, /* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
@@ -4956,6 +5081,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
246, /* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
247, /* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
125, /* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */
+893, /* OBJ_id_alg_PWRI_KEK 1 2 840 113549 1 9 16 3 9 */
248, /* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
249, /* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
250, /* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
diff --git a/deps/openssl/openssl/crypto/objects/obj_mac.h b/deps/openssl/openssl/crypto/objects/obj_mac.h
index 282f11a8a..b5ea7cdab 100644
--- a/deps/openssl/openssl/crypto/objects/obj_mac.h
+++ b/deps/openssl/openssl/crypto/objects/obj_mac.h
@@ -580,6 +580,21 @@
#define NID_sha1WithRSAEncryption 65
#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
+#define SN_rsaesOaep "RSAES-OAEP"
+#define LN_rsaesOaep "rsaesOaep"
+#define NID_rsaesOaep 919
+#define OBJ_rsaesOaep OBJ_pkcs1,7L
+
+#define SN_mgf1 "MGF1"
+#define LN_mgf1 "mgf1"
+#define NID_mgf1 911
+#define OBJ_mgf1 OBJ_pkcs1,8L
+
+#define SN_rsassaPss "RSASSA-PSS"
+#define LN_rsassaPss "rsassaPss"
+#define NID_rsassaPss 912
+#define OBJ_rsassaPss OBJ_pkcs1,10L
+
#define SN_sha256WithRSAEncryption "RSA-SHA256"
#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
#define NID_sha256WithRSAEncryption 668
@@ -981,6 +996,10 @@
#define NID_id_smime_alg_CMSRC2wrap 247
#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
+#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK 893
+#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
+
#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
#define NID_id_smime_cd_ldap 248
#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
@@ -2399,6 +2418,11 @@
#define NID_no_rev_avail 403
#define OBJ_no_rev_avail OBJ_id_ce,56L
+#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage 910
+#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
+
#define SN_netscape "Netscape"
#define LN_netscape "Netscape Communications Corp."
#define NID_netscape 57
@@ -2586,6 +2610,24 @@
#define NID_aes_128_cfb128 421
#define OBJ_aes_128_cfb128 OBJ_aes,4L
+#define SN_id_aes128_wrap "id-aes128-wrap"
+#define NID_id_aes128_wrap 788
+#define OBJ_id_aes128_wrap OBJ_aes,5L
+
+#define SN_aes_128_gcm "id-aes128-GCM"
+#define LN_aes_128_gcm "aes-128-gcm"
+#define NID_aes_128_gcm 895
+#define OBJ_aes_128_gcm OBJ_aes,6L
+
+#define SN_aes_128_ccm "id-aes128-CCM"
+#define LN_aes_128_ccm "aes-128-ccm"
+#define NID_aes_128_ccm 896
+#define OBJ_aes_128_ccm OBJ_aes,7L
+
+#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad 897
+#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
+
#define SN_aes_192_ecb "AES-192-ECB"
#define LN_aes_192_ecb "aes-192-ecb"
#define NID_aes_192_ecb 422
@@ -2606,6 +2648,24 @@
#define NID_aes_192_cfb128 425
#define OBJ_aes_192_cfb128 OBJ_aes,24L
+#define SN_id_aes192_wrap "id-aes192-wrap"
+#define NID_id_aes192_wrap 789
+#define OBJ_id_aes192_wrap OBJ_aes,25L
+
+#define SN_aes_192_gcm "id-aes192-GCM"
+#define LN_aes_192_gcm "aes-192-gcm"
+#define NID_aes_192_gcm 898
+#define OBJ_aes_192_gcm OBJ_aes,26L
+
+#define SN_aes_192_ccm "id-aes192-CCM"
+#define LN_aes_192_ccm "aes-192-ccm"
+#define NID_aes_192_ccm 899
+#define OBJ_aes_192_ccm OBJ_aes,27L
+
+#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad 900
+#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
+
#define SN_aes_256_ecb "AES-256-ECB"
#define LN_aes_256_ecb "aes-256-ecb"
#define NID_aes_256_ecb 426
@@ -2626,6 +2686,24 @@
#define NID_aes_256_cfb128 429
#define OBJ_aes_256_cfb128 OBJ_aes,44L
+#define SN_id_aes256_wrap "id-aes256-wrap"
+#define NID_id_aes256_wrap 790
+#define OBJ_id_aes256_wrap OBJ_aes,45L
+
+#define SN_aes_256_gcm "id-aes256-GCM"
+#define LN_aes_256_gcm "aes-256-gcm"
+#define NID_aes_256_gcm 901
+#define OBJ_aes_256_gcm OBJ_aes,46L
+
+#define SN_aes_256_ccm "id-aes256-CCM"
+#define LN_aes_256_ccm "aes-256-ccm"
+#define NID_aes_256_ccm 902
+#define OBJ_aes_256_ccm OBJ_aes,47L
+
+#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad 903
+#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
+
#define SN_aes_128_cfb1 "AES-128-CFB1"
#define LN_aes_128_cfb1 "aes-128-cfb1"
#define NID_aes_128_cfb1 650
@@ -2650,6 +2728,26 @@
#define LN_aes_256_cfb8 "aes-256-cfb8"
#define NID_aes_256_cfb8 655
+#define SN_aes_128_ctr "AES-128-CTR"
+#define LN_aes_128_ctr "aes-128-ctr"
+#define NID_aes_128_ctr 904
+
+#define SN_aes_192_ctr "AES-192-CTR"
+#define LN_aes_192_ctr "aes-192-ctr"
+#define NID_aes_192_ctr 905
+
+#define SN_aes_256_ctr "AES-256-CTR"
+#define LN_aes_256_ctr "aes-256-ctr"
+#define NID_aes_256_ctr 906
+
+#define SN_aes_128_xts "AES-128-XTS"
+#define LN_aes_128_xts "aes-128-xts"
+#define NID_aes_128_xts 913
+
+#define SN_aes_256_xts "AES-256-XTS"
+#define LN_aes_256_xts "aes-256-xts"
+#define NID_aes_256_xts 914
+
#define SN_des_cfb1 "DES-CFB1"
#define LN_des_cfb1 "des-cfb1"
#define NID_des_cfb1 656
@@ -2666,18 +2764,6 @@
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
#define NID_des_ede3_cfb8 659
-#define SN_id_aes128_wrap "id-aes128-wrap"
-#define NID_id_aes128_wrap 788
-#define OBJ_id_aes128_wrap OBJ_aes,5L
-
-#define SN_id_aes192_wrap "id-aes192-wrap"
-#define NID_id_aes192_wrap 789
-#define OBJ_id_aes192_wrap OBJ_aes,25L
-
-#define SN_id_aes256_wrap "id-aes256-wrap"
-#define NID_id_aes256_wrap 790
-#define OBJ_id_aes256_wrap OBJ_aes,45L
-
#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
#define SN_sha256 "SHA256"
@@ -3810,6 +3896,18 @@
#define NID_camellia_256_cbc 753
#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
+#define SN_id_camellia128_wrap "id-camellia128-wrap"
+#define NID_id_camellia128_wrap 907
+#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
+
+#define SN_id_camellia192_wrap "id-camellia192-wrap"
+#define NID_id_camellia192_wrap 908
+#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
+
+#define SN_id_camellia256_wrap "id-camellia256-wrap"
+#define NID_id_camellia256_wrap 909
+#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
+
#define OBJ_ntt_ds 0L,3L,4401L,5L
#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
@@ -3912,3 +4010,23 @@
#define LN_hmac "hmac"
#define NID_hmac 855
+#define SN_cmac "CMAC"
+#define LN_cmac "cmac"
+#define NID_cmac 894
+
+#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
+#define LN_rc4_hmac_md5 "rc4-hmac-md5"
+#define NID_rc4_hmac_md5 915
+
+#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
+#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
+#define NID_aes_128_cbc_hmac_sha1 916
+
+#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
+#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
+#define NID_aes_192_cbc_hmac_sha1 917
+
+#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
+#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
+#define NID_aes_256_cbc_hmac_sha1 918
+
diff --git a/deps/openssl/openssl/crypto/objects/obj_mac.num b/deps/openssl/openssl/crypto/objects/obj_mac.num
index 8c50aac27..1d0a7c802 100644
--- a/deps/openssl/openssl/crypto/objects/obj_mac.num
+++ b/deps/openssl/openssl/crypto/objects/obj_mac.num
@@ -890,3 +890,30 @@ houseIdentifier 889
supportedAlgorithms 890
deltaRevocationList 891
dmdName 892
+id_alg_PWRI_KEK 893
+cmac 894
+aes_128_gcm 895
+aes_128_ccm 896
+id_aes128_wrap_pad 897
+aes_192_gcm 898
+aes_192_ccm 899
+id_aes192_wrap_pad 900
+aes_256_gcm 901
+aes_256_ccm 902
+id_aes256_wrap_pad 903
+aes_128_ctr 904
+aes_192_ctr 905
+aes_256_ctr 906
+id_camellia128_wrap 907
+id_camellia192_wrap 908
+id_camellia256_wrap 909
+anyExtendedKeyUsage 910
+mgf1 911
+rsassaPss 912
+aes_128_xts 913
+aes_256_xts 914
+rc4_hmac_md5 915
+aes_128_cbc_hmac_sha1 916
+aes_192_cbc_hmac_sha1 917
+aes_256_cbc_hmac_sha1 918
+rsaesOaep 919
diff --git a/deps/openssl/openssl/crypto/objects/obj_xref.c b/deps/openssl/openssl/crypto/objects/obj_xref.c
index 152eca5c6..9f744bced 100644
--- a/deps/openssl/openssl/crypto/objects/obj_xref.c
+++ b/deps/openssl/openssl/crypto/objects/obj_xref.c
@@ -110,8 +110,10 @@ int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
#endif
if (rv == NULL)
return 0;
- *pdig_nid = rv->hash_id;
- *ppkey_nid = rv->pkey_id;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
return 1;
}
@@ -144,7 +146,8 @@ int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
#endif
if (rv == NULL)
return 0;
- *psignid = (*rv)->sign_id;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
return 1;
}
diff --git a/deps/openssl/openssl/crypto/objects/obj_xref.h b/deps/openssl/openssl/crypto/objects/obj_xref.h
index d5b9b8e19..e23938c29 100644
--- a/deps/openssl/openssl/crypto/objects/obj_xref.h
+++ b/deps/openssl/openssl/crypto/objects/obj_xref.h
@@ -38,10 +38,12 @@ static const nid_triple sigoid_srt[] =
{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
+ {NID_rsassaPss, NID_undef, NID_rsaEncryption},
};
static const nid_triple * const sigoid_srt_xref[] =
{
+ &sigoid_srt[29],
&sigoid_srt[17],
&sigoid_srt[18],
&sigoid_srt[0],
diff --git a/deps/openssl/openssl/crypto/objects/obj_xref.txt b/deps/openssl/openssl/crypto/objects/obj_xref.txt
index e45b3d34b..cb917182e 100644
--- a/deps/openssl/openssl/crypto/objects/obj_xref.txt
+++ b/deps/openssl/openssl/crypto/objects/obj_xref.txt
@@ -13,6 +13,10 @@ sha512WithRSAEncryption sha512 rsaEncryption
sha224WithRSAEncryption sha224 rsaEncryption
mdc2WithRSA mdc2 rsaEncryption
ripemd160WithRSA ripemd160 rsaEncryption
+# For PSS the digest algorithm can vary and depends on the included
+# AlgorithmIdentifier. The digest "undef" indicates the public key
+# method should handle this explicitly.
+rsassaPss undef rsaEncryption
# Alternative deprecated OIDs. By using the older "rsa" OID this
# type will be recognized by not normally used.
diff --git a/deps/openssl/openssl/crypto/objects/objects.txt b/deps/openssl/openssl/crypto/objects/objects.txt
index e61fe60cb..d3bfad72a 100644
--- a/deps/openssl/openssl/crypto/objects/objects.txt
+++ b/deps/openssl/openssl/crypto/objects/objects.txt
@@ -166,6 +166,10 @@ pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
# According to PKCS #1 version 2.1
+pkcs1 7 : RSAES-OAEP : rsaesOaep
+pkcs1 8 : MGF1 : mgf1
+pkcs1 10 : RSASSA-PSS : rsassaPss
+
pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
@@ -299,6 +303,7 @@ id-smime-alg 4 : id-smime-alg-RC2wrap
id-smime-alg 5 : id-smime-alg-ESDH
id-smime-alg 6 : id-smime-alg-CMS3DESwrap
id-smime-alg 7 : id-smime-alg-CMSRC2wrap
+id-smime-alg 9 : id-alg-PWRI-KEK
# S/MIME Certificate Distribution
id-smime-cd 1 : id-smime-cd-ldap
@@ -770,6 +775,10 @@ id-ce 55 : targetInformation : X509v3 AC Targeting
!Cname no-rev-avail
id-ce 56 : noRevAvail : X509v3 No Revocation Available
+# From RFC5280
+ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage
+
+
!Cname netscape
2 16 840 1 113730 : Netscape : Netscape Communications Corp.
!Cname netscape-cert-extension
@@ -846,6 +855,10 @@ aes 2 : AES-128-CBC : aes-128-cbc
aes 3 : AES-128-OFB : aes-128-ofb
!Cname aes-128-cfb128
aes 4 : AES-128-CFB : aes-128-cfb
+aes 5 : id-aes128-wrap
+aes 6 : id-aes128-GCM : aes-128-gcm
+aes 7 : id-aes128-CCM : aes-128-ccm
+aes 8 : id-aes128-wrap-pad
aes 21 : AES-192-ECB : aes-192-ecb
aes 22 : AES-192-CBC : aes-192-cbc
@@ -853,6 +866,10 @@ aes 22 : AES-192-CBC : aes-192-cbc
aes 23 : AES-192-OFB : aes-192-ofb
!Cname aes-192-cfb128
aes 24 : AES-192-CFB : aes-192-cfb
+aes 25 : id-aes192-wrap
+aes 26 : id-aes192-GCM : aes-192-gcm
+aes 27 : id-aes192-CCM : aes-192-ccm
+aes 28 : id-aes192-wrap-pad
aes 41 : AES-256-ECB : aes-256-ecb
aes 42 : AES-256-CBC : aes-256-cbc
@@ -860,6 +877,10 @@ aes 42 : AES-256-CBC : aes-256-cbc
aes 43 : AES-256-OFB : aes-256-ofb
!Cname aes-256-cfb128
aes 44 : AES-256-CFB : aes-256-cfb
+aes 45 : id-aes256-wrap
+aes 46 : id-aes256-GCM : aes-256-gcm
+aes 47 : id-aes256-CCM : aes-256-ccm
+aes 48 : id-aes256-wrap-pad
# There are no OIDs for these modes...
@@ -869,15 +890,16 @@ aes 44 : AES-256-CFB : aes-256-cfb
: AES-128-CFB8 : aes-128-cfb8
: AES-192-CFB8 : aes-192-cfb8
: AES-256-CFB8 : aes-256-cfb8
+ : AES-128-CTR : aes-128-ctr
+ : AES-192-CTR : aes-192-ctr
+ : AES-256-CTR : aes-256-ctr
+ : AES-128-XTS : aes-128-xts
+ : AES-256-XTS : aes-256-xts
: DES-CFB1 : des-cfb1
: DES-CFB8 : des-cfb8
: DES-EDE3-CFB1 : des-ede3-cfb1
: DES-EDE3-CFB8 : des-ede3-cfb8
-aes 5 : id-aes128-wrap
-aes 25 : id-aes192-wrap
-aes 45 : id-aes256-wrap
-
# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
!Alias nist_hashalgs nistAlgorithms 2
nist_hashalgs 1 : SHA256 : sha256
@@ -1211,6 +1233,9 @@ cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Se
1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
+1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
+1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
+1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
# Definitions for Camellia cipher - ECB, CFB, OFB MODE
@@ -1257,3 +1282,11 @@ kisa 1 6 : SEED-OFB : seed-ofb
# There is no OID that just denotes "HMAC" oddly enough...
: HMAC : hmac
+# Nor CMAC either
+ : CMAC : cmac
+
+# Synthetic composite ciphersuites
+ : RC4-HMAC-MD5 : rc4-hmac-md5
+ : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
+ : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
+ : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
diff --git a/deps/openssl/openssl/crypto/ocsp/ocsp_lib.c b/deps/openssl/openssl/crypto/ocsp/ocsp_lib.c
index e92b86c06..a94dc838e 100644
--- a/deps/openssl/openssl/crypto/ocsp/ocsp_lib.c
+++ b/deps/openssl/openssl/crypto/ocsp/ocsp_lib.c
@@ -124,7 +124,8 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err;
/* Calculate the issuerKey hash, excluding tag and length */
- EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL);
+ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
+ goto err;
if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
diff --git a/deps/openssl/openssl/crypto/ocsp/ocsp_vfy.c b/deps/openssl/openssl/crypto/ocsp/ocsp_vfy.c
index 415d67e61..276718304 100644
--- a/deps/openssl/openssl/crypto/ocsp/ocsp_vfy.c
+++ b/deps/openssl/openssl/crypto/ocsp/ocsp_vfy.c
@@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
{
EVP_PKEY *skey;
skey = X509_get_pubkey(signer);
- ret = OCSP_BASICRESP_verify(bs, skey, 0);
- EVP_PKEY_free(skey);
- if(ret <= 0)
+ if (skey)
+ {
+ ret = OCSP_BASICRESP_verify(bs, skey, 0);
+ EVP_PKEY_free(skey);
+ }
+ if(!skey || ret <= 0)
{
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
goto end;
@@ -108,6 +111,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
if(!init_res)
{
+ ret = -1;
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,ERR_R_X509_LIB);
goto end;
}
diff --git a/deps/openssl/openssl/crypto/opensslv.h b/deps/openssl/openssl/crypto/opensslv.h
index d6d61a0c7..5bc8e53e6 100644
--- a/deps/openssl/openssl/crypto/opensslv.h
+++ b/deps/openssl/openssl/crypto/opensslv.h
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000006fL
+#define OPENSSL_VERSION_NUMBER 0x1000105fL
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0f-fips 4 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0f 4 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e 11 Feb 2013"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/deps/openssl/openssl/crypto/ossl_typ.h b/deps/openssl/openssl/crypto/ossl_typ.h
index 12bd7014d..ea9227f6f 100644
--- a/deps/openssl/openssl/crypto/ossl_typ.h
+++ b/deps/openssl/openssl/crypto/ossl_typ.h
@@ -91,10 +91,12 @@ typedef struct asn1_string_st ASN1_TIME;
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
typedef struct asn1_string_st ASN1_VISIBLESTRING;
typedef struct asn1_string_st ASN1_UTF8STRING;
+typedef struct asn1_string_st ASN1_STRING;
typedef int ASN1_BOOLEAN;
typedef int ASN1_NULL;
#endif
+typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct asn1_pctx_st ASN1_PCTX;
#ifdef OPENSSL_SYS_WIN32
diff --git a/deps/openssl/openssl/crypto/pem/pem_all.c b/deps/openssl/openssl/crypto/pem/pem_all.c
index 3e7a6093a..eac0460e3 100644
--- a/deps/openssl/openssl/crypto/pem/pem_all.c
+++ b/deps/openssl/openssl/crypto/pem/pem_all.c
@@ -193,7 +193,61 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
#endif
+#ifdef OPENSSL_FIPS
+
+int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_RSA(k, x);
+
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
+ PEM_STRING_RSA,bp,x,enc,kstr,klen,cb,u);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+
+ EVP_PKEY_set1_RSA(k, x);
+
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
+ PEM_STRING_RSA,fp,x,enc,kstr,klen,cb,u);
+}
+#endif
+
+#else
+
IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
+
+#endif
+
IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
@@ -223,7 +277,59 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
}
+#ifdef OPENSSL_FIPS
+
+int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_DSA(k, x);
+
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
+ PEM_STRING_DSA,bp,x,enc,kstr,klen,cb,u);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_DSA(k, x);
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
+ PEM_STRING_DSA,fp,x,enc,kstr,klen,cb,u);
+}
+#endif
+
+#else
+
IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
+
+#endif
+
IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
#ifndef OPENSSL_NO_FP_API
@@ -269,8 +375,63 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
+
+
+#ifdef OPENSSL_FIPS
+
+int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_EC_KEY(k, x);
+
+ ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
+ PEM_STRING_ECPRIVATEKEY,
+ bp,x,enc,kstr,klen,cb,u);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
+ unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u)
+{
+ if (FIPS_mode())
+ {
+ EVP_PKEY *k;
+ int ret;
+ k = EVP_PKEY_new();
+ if (!k)
+ return 0;
+ EVP_PKEY_set1_EC_KEY(k, x);
+ ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+ EVP_PKEY_free(k);
+ return ret;
+ }
+ else
+ return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
+ PEM_STRING_ECPRIVATEKEY,
+ fp,x,enc,kstr,klen,cb,u);
+}
+#endif
+
+#else
+
IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
+#endif
+
IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
#ifndef OPENSSL_NO_FP_API
diff --git a/deps/openssl/openssl/crypto/pem/pem_lib.c b/deps/openssl/openssl/crypto/pem/pem_lib.c
index cfc89a992..5a421fc4b 100644
--- a/deps/openssl/openssl/crypto/pem/pem_lib.c
+++ b/deps/openssl/openssl/crypto/pem/pem_lib.c
@@ -394,7 +394,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
- EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+ if (!EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL))
+ goto err;
if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
@@ -406,12 +407,15 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
/* k=strlen(buf); */
EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
- EVP_EncryptUpdate(&ctx,data,&j,data,i);
- EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
+ ret = 1;
+ if (!EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv)
+ || !EVP_EncryptUpdate(&ctx,data,&j,data,i)
+ || !EVP_EncryptFinal_ex(&ctx,&(data[j]),&i))
+ ret = 0;
EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ret == 0)
+ goto err;
i+=j;
- ret=1;
}
else
{
@@ -459,14 +463,17 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
ebcdic2ascii(buf, buf, klen);
#endif
- EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
- (unsigned char *)buf,klen,1,key,NULL);
+ if (!EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+ (unsigned char *)buf,klen,1,key,NULL))
+ return 0;
j=(int)len;
EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
- EVP_DecryptUpdate(&ctx,data,&i,data,j);
- o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
+ o = EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
+ if (o)
+ o = EVP_DecryptUpdate(&ctx,data,&i,data,j);
+ if (o)
+ o = EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_cleanse((char *)buf,sizeof(buf));
OPENSSL_cleanse((char *)key,sizeof(key));
diff --git a/deps/openssl/openssl/crypto/pem/pem_seal.c b/deps/openssl/openssl/crypto/pem/pem_seal.c
index 59690b56a..b6b4e1349 100644
--- a/deps/openssl/openssl/crypto/pem/pem_seal.c
+++ b/deps/openssl/openssl/crypto/pem/pem_seal.c
@@ -96,7 +96,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
EVP_EncodeInit(&ctx->encode);
EVP_MD_CTX_init(&ctx->md);
- EVP_SignInit(&ctx->md,md_type);
+ if (!EVP_SignInit(&ctx->md,md_type))
+ goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
@@ -163,7 +164,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
goto err;
}
- EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
+ if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
+ goto err;
EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
*outl=j;
out+=j;
diff --git a/deps/openssl/openssl/crypto/pem/pvkfmt.c b/deps/openssl/openssl/crypto/pem/pvkfmt.c
index 5f130c452..b1bf71a5d 100644
--- a/deps/openssl/openssl/crypto/pem/pvkfmt.c
+++ b/deps/openssl/openssl/crypto/pem/pvkfmt.c
@@ -709,13 +709,16 @@ static int derive_pvk_key(unsigned char *key,
const unsigned char *pass, int passlen)
{
EVP_MD_CTX mctx;
+ int rv = 1;
EVP_MD_CTX_init(&mctx);
- EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL);
- EVP_DigestUpdate(&mctx, salt, saltlen);
- EVP_DigestUpdate(&mctx, pass, passlen);
- EVP_DigestFinal_ex(&mctx, key, NULL);
+ if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(&mctx, salt, saltlen)
+ || !EVP_DigestUpdate(&mctx, pass, passlen)
+ || !EVP_DigestFinal_ex(&mctx, key, NULL))
+ rv = 0;
+
EVP_MD_CTX_cleanup(&mctx);
- return 1;
+ return rv;
}
@@ -727,11 +730,12 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
const unsigned char *p = *in;
unsigned int magic;
unsigned char *enctmp = NULL, *q;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
if (saltlen)
{
char psbuf[PEM_BUFSIZE];
unsigned char keybuf[20];
- EVP_CIPHER_CTX cctx;
int enctmplen, inlen;
if (cb)
inlen=cb(psbuf,PEM_BUFSIZE,0,u);
@@ -757,37 +761,41 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
p += 8;
inlen = keylen - 8;
q = enctmp + 8;
- EVP_CIPHER_CTX_init(&cctx);
- EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL);
- EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);
- EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
magic = read_ledword((const unsigned char **)&q);
if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
{
q = enctmp + 8;
memset(keybuf + 5, 0, 11);
- EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
- NULL);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
+ NULL))
+ goto err;
OPENSSL_cleanse(keybuf, 20);
- EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);
- EVP_DecryptFinal_ex(&cctx, q + enctmplen,
- &enctmplen);
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,
+ &enctmplen))
+ goto err;
magic = read_ledword((const unsigned char **)&q);
if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
{
- EVP_CIPHER_CTX_cleanup(&cctx);
PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
goto err;
}
}
else
OPENSSL_cleanse(keybuf, 20);
- EVP_CIPHER_CTX_cleanup(&cctx);
p = enctmp;
}
ret = b2i_PrivateKey(&p, keylen);
err:
+ EVP_CIPHER_CTX_cleanup(&cctx);
if (enctmp && saltlen)
OPENSSL_free(enctmp);
return ret;
@@ -841,6 +849,8 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
int outlen = 24, pklen;
unsigned char *p, *salt = NULL;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
if (enclevel)
outlen += PVK_SALTLEN;
pklen = do_i2b(NULL, pk, 0);
@@ -885,7 +895,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
char psbuf[PEM_BUFSIZE];
unsigned char keybuf[20];
- EVP_CIPHER_CTX cctx;
int enctmplen, inlen;
if (cb)
inlen=cb(psbuf,PEM_BUFSIZE,1,u);
@@ -902,16 +911,19 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
if (enclevel == 1)
memset(keybuf + 5, 0, 11);
p = salt + PVK_SALTLEN + 8;
- EVP_CIPHER_CTX_init(&cctx);
- EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL);
+ if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto error;
OPENSSL_cleanse(keybuf, 20);
- EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8);
- EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen);
- EVP_CIPHER_CTX_cleanup(&cctx);
+ if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+ goto error;
+ if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+ goto error;
}
+ EVP_CIPHER_CTX_cleanup(&cctx);
return outlen;
error:
+ EVP_CIPHER_CTX_cleanup(&cctx);
return -1;
}
diff --git a/deps/openssl/openssl/crypto/perlasm/cbc.pl b/deps/openssl/openssl/crypto/perlasm/cbc.pl
index 6fc251090..24561e759 100644
--- a/deps/openssl/openssl/crypto/perlasm/cbc.pl
+++ b/deps/openssl/openssl/crypto/perlasm/cbc.pl
@@ -150,7 +150,7 @@ sub cbc
&set_label("PIC_point");
&blindpop("edx");
&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
- &mov($count,&DWP(0,"ecx",$count,4))
+ &mov($count,&DWP(0,"ecx",$count,4));
&add($count,"edx");
&xor("ecx","ecx");
&xor("edx","edx");
diff --git a/deps/openssl/openssl/crypto/perlasm/ppc-xlate.pl b/deps/openssl/openssl/crypto/perlasm/ppc-xlate.pl
index 4579671c9..a3edd982b 100644..100755
--- a/deps/openssl/openssl/crypto/perlasm/ppc-xlate.pl
+++ b/deps/openssl/openssl/crypto/perlasm/ppc-xlate.pl
@@ -31,10 +31,9 @@ my $globl = sub {
$ret .= ".type $name,\@function";
last;
};
- /linux.*64/ && do { $ret .= ".globl .$name\n";
- $ret .= ".type .$name,\@function\n";
+ /linux.*64/ && do { $ret .= ".globl $name\n";
+ $ret .= ".type $name,\@function\n";
$ret .= ".section \".opd\",\"aw\"\n";
- $ret .= ".globl $name\n";
$ret .= ".align 3\n";
$ret .= "$name:\n";
$ret .= ".quad .$name,.TOC.\@tocbase,0\n";
@@ -62,6 +61,14 @@ my $machine = sub {
}
".machine $arch";
};
+my $size = sub {
+ if ($flavour =~ /linux.*32/)
+ { shift;
+ ".size " . join(",",@_);
+ }
+ else
+ { ""; }
+};
my $asciz = sub {
shift;
my $line = join(",",@_);
diff --git a/deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl b/deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl
index 674da3b7e..56d9b64b6 100755
--- a/deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl
@@ -62,12 +62,8 @@ my $flavour = shift;
my $output = shift;
if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-{ my ($stddev,$stdino,@junk)=stat(STDOUT);
- my ($outdev,$outino,@junk)=stat($output);
-
- open STDOUT,">$output" || die "can't open $output: $!"
- if ($stddev!=$outdev || $stdino!=$outino);
-}
+open STDOUT,">$output" || die "can't open $output: $!"
+ if (defined($output));
my $gas=1; $gas=0 if ($output =~ /\.asm$/);
my $elf=1; $elf=0 if (!$gas);
@@ -116,12 +112,16 @@ my %globals;
$line = substr($line,@+[0]); $line =~ s/^\s+//;
undef $self->{sz};
- if ($self->{op} =~ /^(movz)b.*/) { # movz is pain...
+ if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain...
$self->{op} = $1;
- $self->{sz} = "b";
+ $self->{sz} = $2;
} elsif ($self->{op} =~ /call|jmp/) {
$self->{sz} = "";
- } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op)/) { # SSEn
+ } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /^v/) { # VEX
+ $self->{sz} = "";
+ } elsif ($self->{op} =~ /movq/ && $line =~ /%xmm/) {
$self->{sz} = "";
} elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
$self->{op} = $1;
@@ -246,35 +246,39 @@ my %globals;
$self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
$self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+ # Solaris /usr/ccs/bin/as can't handle multiplications
+ # in $self->{label}, new gas requires sign extension...
+ use integer;
+ $self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+ $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+ $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
+
if ($gas) {
- # Solaris /usr/ccs/bin/as can't handle multiplications
- # in $self->{label}, new gas requires sign extension...
- use integer;
- $self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
- $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
- $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
$self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64");
if (defined($self->{index})) {
- sprintf "%s%s(%%%s,%%%s,%d)",$self->{asterisk},
- $self->{label},$self->{base},
+ sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
+ $self->{label},
+ $self->{base}?"%$self->{base}":"",
$self->{index},$self->{scale};
} else {
sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base};
}
} else {
- %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR", q=>"QWORD$PTR" );
+ %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR",
+ q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" );
$self->{label} =~ s/\./\$/g;
$self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
$self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
- $sz="q" if ($self->{asterisk});
+ $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq");
+ $sz="l" if (opcode->mnemonic() eq "movd");
if (defined($self->{index})) {
- sprintf "%s[%s%s*%d+%s]",$szmap{$sz},
+ sprintf "%s[%s%s*%d%s]",$szmap{$sz},
$self->{label}?"$self->{label}+":"",
$self->{index},$self->{scale},
- $self->{base};
+ $self->{base}?"+$self->{base}":"";
} elsif ($self->{base} eq "rip") {
sprintf "%s[%s]",$szmap{$sz},$self->{label};
} else {
@@ -506,6 +510,12 @@ my %globals;
}
} elsif ($dir =~ /\.(text|data)/) {
$current_segment=".$1";
+ } elsif ($dir =~ /\.hidden/) {
+ if ($flavour eq "macosx") { $self->{value} = ".private_extern\t$prefix$line"; }
+ elsif ($flavour eq "mingw64") { $self->{value} = ""; }
+ } elsif ($dir =~ /\.comm/) {
+ $self->{value} = "$dir\t$prefix$line";
+ $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
}
$line = "";
return $self;
@@ -578,7 +588,7 @@ my %globals;
$self->{value}="${decor}SEH_end_$current_function->{name}:";
$self->{value}.=":\n" if($masm);
}
- $self->{value}.="$current_function->{name}\tENDP" if($masm);
+ $self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
undef $current_function;
}
last;
@@ -614,6 +624,19 @@ my %globals;
.join(",",@str) if (@str);
last;
};
+ /\.comm/ && do { my @str=split(/,\s*/,$line);
+ my $v=undef;
+ if ($nasm) {
+ $v.="common $prefix@str[0] @str[1]";
+ } else {
+ $v="$current_segment\tENDS\n" if ($current_segment);
+ $current_segment = "_DATA";
+ $v.="$current_segment\tSEGMENT\n";
+ $v.="COMM @str[0]:DWORD:".@str[1]/4;
+ }
+ $self->{value} = $v;
+ last;
+ };
}
$line = "";
}
@@ -626,9 +649,133 @@ my %globals;
}
}
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src,$rex)=@_;
+
+ $rex|=0x04 if($dst>=8);
+ $rex|=0x01 if($src>=8);
+ push @opcode,($rex|0x40) if ($rex);
+}
+
+# older gas and ml64 don't handle SSE>2 instructions
+my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
+ "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 );
+
+my $movq = sub { # elderly gas can't handle inter-register movq
+ my $arg = shift;
+ my @opcode=(0x66);
+ if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
+ my ($src,$dst)=($1,$2);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x7e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
+ my ($src,$dst)=($2,$1);
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,$src,$dst,0x8);
+ push @opcode,0x0f,0x6e;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pextrd = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($dst =~ /%r([0-9]+)d/) { $dst = $1; }
+ elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; }
+ rex(\@opcode,$src,$dst);
+ push @opcode,0x0f,0x3a,0x16;
+ push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pinsrd = sub {
+ if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ $imm=$1;
+ $src=$2;
+ $dst=$3;
+ if ($src =~ /%r([0-9]+)/) { $src = $1; }
+ elsif ($src =~ /%e/) { $src = $regrm{$src}; }
+ rex(\@opcode,$dst,$src);
+ push @opcode,0x0f,0x3a,0x22;
+ push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M
+ push @opcode,$imm;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pshufb = sub {
+ if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$2,$1);
+ push @opcode,0x0f,0x38,0x00;
+ push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $palignr = sub {
+ if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x0f;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ push @opcode,$1;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $pclmulqdq = sub {
+ if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+ my @opcode=(0x66);
+ rex(\@opcode,$3,$2);
+ push @opcode,0x0f,0x3a,0x44;
+ push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M
+ my $c=$1;
+ push @opcode,$c=~/^0/?oct($c):$c;
+ @opcode;
+ } else {
+ ();
+ }
+};
+
+my $rdrand = sub {
+ if (shift =~ /%[er](\w+)/) {
+ my @opcode=();
+ my $dst=$1;
+ if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+ rex(\@opcode,0,$1,8);
+ push @opcode,0x0f,0xc7,0xf0|($dst&7);
+ @opcode;
+ } else {
+ ();
+ }
+};
+
if ($nasm) {
print <<___;
default rel
+%define XMMWORD
___
} elsif ($masm) {
print <<___;
@@ -645,14 +792,22 @@ while($line=<>) {
undef $label;
undef $opcode;
- undef $sz;
undef @args;
if ($label=label->re(\$line)) { print $label->out(); }
if (directive->re(\$line)) {
printf "%s",directive->out();
- } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: while (1) {
+ } elsif ($opcode=opcode->re(\$line)) {
+ my $asm = eval("\$".$opcode->mnemonic());
+ undef @bytes;
+
+ if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
+ print $gas?".byte\t":"DB\t",join(',',@bytes),"\n";
+ next;
+ }
+
+ ARGUMENT: while (1) {
my $arg;
if ($arg=register->re(\$line)) { opcode->size($arg->size()); }
@@ -668,19 +823,26 @@ while($line=<>) {
$line =~ s/^,\s*//;
} # ARGUMENT:
- $sz=opcode->size();
-
if ($#args>=0) {
my $insn;
+ my $sz=opcode->size();
+
if ($gas) {
$insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
+ @args = map($_->out($sz),@args);
+ printf "\t%s\t%s",$insn,join(",",@args);
} else {
$insn = $opcode->out();
- $insn .= $sz if (map($_->out() =~ /x?mm/,@args));
+ foreach (@args) {
+ my $arg = $_->out();
+ # $insn.=$sz compensates for movq, pinsrw, ...
+ if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
+ if ($arg =~ /^mm[0-9]+$/) { $insn.=$sz; $sz="q" if(!$sz); last; }
+ }
@args = reverse(@args);
undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
+ printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args));
}
- printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args));
} else {
printf "\t%s",$opcode->out();
}
diff --git a/deps/openssl/openssl/crypto/perlasm/x86asm.pl b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
index 28080caaa..eb543db2f 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86asm.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86asm.pl
@@ -80,6 +80,57 @@ sub ::movq
{ &::generic("movq",@_); }
}
+# SSE>2 instructions
+my %regrm = ( "eax"=>0, "ecx"=>1, "edx"=>2, "ebx"=>3,
+ "esp"=>4, "ebp"=>5, "esi"=>6, "edi"=>7 );
+sub ::pextrd
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /(e[a-dsd][ixp]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x16,0xc0|($2<<3)|$regrm{$1},$imm); }
+ else
+ { &::generic("pextrd",@_); }
+}
+
+sub ::pinsrd
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):(e[a-dsd][ixp])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x22,0xc0|($1<<3)|$regrm{$2},$imm); }
+ else
+ { &::generic("pinsrd",@_); }
+}
+
+sub ::pshufb
+{ my($dst,$src)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &data_byte(0x66,0x0f,0x38,0x00,0xc0|($1<<3)|$2); }
+ else
+ { &::generic("pshufb",@_); }
+}
+
+sub ::palignr
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x0f,0xc0|($1<<3)|$2,$imm); }
+ else
+ { &::generic("palignr",@_); }
+}
+
+sub ::pclmulqdq
+{ my($dst,$src,$imm)=@_;
+ if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+ { &::data_byte(0x66,0x0f,0x3a,0x44,0xc0|($1<<3)|$2,$imm); }
+ else
+ { &::generic("pclmulqdq",@_); }
+}
+
+sub ::rdrand
+{ my ($dst)=@_;
+ if ($dst =~ /(e[a-dsd][ixp])/)
+ { &::data_byte(0x0f,0xc7,0xf0|$regrm{$dst}); }
+ else
+ { &::generic("rdrand",@_); }
+}
+
# label management
$lbdecor="L"; # local label decoration, set by package
$label="000";
@@ -167,7 +218,7 @@ sub ::asm_init
$filename=$fn;
$i386=$cpu;
- $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=0;
+ $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=$android=0;
if (($type eq "elf"))
{ $elf=1; require "x86gas.pl"; }
elsif (($type eq "a\.out"))
@@ -184,6 +235,8 @@ sub ::asm_init
{ $win32=1; require "x86masm.pl"; }
elsif (($type eq "macosx"))
{ $aout=1; $macosx=1; require "x86gas.pl"; }
+ elsif (($type eq "android"))
+ { $elf=1; $android=1; require "x86gas.pl"; }
else
{ print STDERR <<"EOF";
Pick one target type from
diff --git a/deps/openssl/openssl/crypto/perlasm/x86gas.pl b/deps/openssl/openssl/crypto/perlasm/x86gas.pl
index 6eab727fd..682a3a316 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86gas.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86gas.pl
@@ -45,9 +45,8 @@ sub ::generic
undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o);
if ($#_==0) { &::emit($opcode); }
- elsif ($opcode =~ m/^j/o && $#_==1) { &::emit($opcode,@arg); }
- elsif ($opcode eq "call" && $#_==1) { &::emit($opcode,@arg); }
- elsif ($opcode =~ m/^set/&& $#_==1) { &::emit($opcode,@arg); }
+ elsif ($#_==1 && $opcode =~ m/^(call|clflush|j|loop|set)/o)
+ { &::emit($opcode,@arg); }
else { &::emit($opcode.$suffix,@arg);}
1;
@@ -91,6 +90,7 @@ sub ::DWP
}
sub ::QWP { &::DWP(@_); }
sub ::BP { &::DWP(@_); }
+sub ::WP { &::DWP(@_); }
sub ::BC { @_; }
sub ::DWC { @_; }
@@ -149,22 +149,24 @@ sub ::public_label
{ push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); }
sub ::file_end
-{ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
- my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,4";
- if ($::elf) { push (@out,"$tmp,4\n"); }
- else { push (@out,"$tmp\n"); }
- }
- if ($::macosx)
+{ if ($::macosx)
{ if (%non_lazy_ptr)
{ push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n");
foreach $i (keys %non_lazy_ptr)
{ push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n"); }
}
}
+ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
+ my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,8";
+ if ($::macosx) { push (@out,"$tmp,2\n"); }
+ elsif ($::elf) { push (@out,"$tmp,4\n"); }
+ else { push (@out,"$tmp\n"); }
+ }
push(@out,$initseg) if ($initseg);
}
sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); }
+sub ::data_short{ push(@out,".value\t".join(',',@_)."\n"); }
sub ::data_word { push(@out,".long\t".join(',',@_)."\n"); }
sub ::align
@@ -180,7 +182,7 @@ sub ::align
sub ::picmeup
{ my($dst,$sym,$base,$reflabel)=@_;
- if ($::pic && ($::elf || $::aout))
+ if (($::pic && ($::elf || $::aout)) || $::macosx)
{ if (!defined($base))
{ &::call(&::label("PIC_me_up"));
&::set_label("PIC_me_up");
@@ -206,13 +208,17 @@ sub ::picmeup
sub ::initseg
{ my $f=$nmdecor.shift;
- if ($::elf)
+ if ($::android)
+ { $initseg.=<<___;
+.section .init_array
+.align 4
+.long $f
+___
+ }
+ elsif ($::elf)
{ $initseg.=<<___;
.section .init
call $f
- jmp .Linitalign
-.align $align
-.Linitalign:
___
}
elsif ($::coff)
diff --git a/deps/openssl/openssl/crypto/perlasm/x86masm.pl b/deps/openssl/openssl/crypto/perlasm/x86masm.pl
index 7815b17c4..6b33b146f 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86masm.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86masm.pl
@@ -14,9 +14,11 @@ sub ::generic
{ my ($opcode,@arg)=@_;
# fix hexadecimal constants
- for (@arg) { s/0x([0-9a-f]+)/0$1h/oi; }
+ for (@arg) { s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/oi; }
- if ($opcode !~ /movq/)
+ if ($opcode =~ /lea/ && @arg[1] =~ s/.*PTR\s+(\(.*\))$/OFFSET $1/) # no []
+ { $opcode="mov"; }
+ elsif ($opcode !~ /movq/)
{ # fix xmm references
$arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[1]=~/\bxmm[0-7]\b/i);
$arg[1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
@@ -31,6 +33,7 @@ sub ::generic
sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
sub ::call_ptr { &::emit("call",@_); }
sub ::jmp_ptr { &::emit("jmp",@_); }
+sub ::lock { &::data_byte(0xf0); }
sub get_mem
{ my($size,$addr,$reg1,$reg2,$idx)=@_;
@@ -65,6 +68,7 @@ sub get_mem
$ret;
}
sub ::BP { &get_mem("BYTE",@_); }
+sub ::WP { &get_mem("WORD",@_); }
sub ::DWP { &get_mem("DWORD",@_); }
sub ::QWP { &get_mem("QWORD",@_); }
sub ::BC { "@_"; }
@@ -76,7 +80,7 @@ TITLE $_[0].asm
IF \@Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.586
+.686
.MODEL FLAT
OPTION DOTNAME
IF \@Version LT 800
@@ -129,7 +133,7 @@ ___
if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
{ my $comm=<<___;
.bss SEGMENT 'BSS'
-COMM ${nmdecor}OPENSSL_ia32cap_P:DWORD
+COMM ${nmdecor}OPENSSL_ia32cap_P:QWORD
.bss ENDS
___
# comment out OPENSSL_ia32cap_P declarations
@@ -156,6 +160,9 @@ sub ::public_label
sub ::data_byte
{ push(@out,("DB\t").join(',',@_)."\n"); }
+sub ::data_short
+{ push(@out,("DW\t").join(',',@_)."\n"); }
+
sub ::data_word
{ push(@out,("DD\t").join(',',@_)."\n"); }
@@ -181,4 +188,11 @@ ___
sub ::dataseg
{ push(@out,"$segment\tENDS\n_DATA\tSEGMENT\n"); $segment="_DATA"; }
+sub ::safeseh
+{ my $nm=shift;
+ push(@out,"IF \@Version GE 710\n");
+ push(@out,".SAFESEH ".&::LABEL($nm,$nmdecor.$nm)."\n");
+ push(@out,"ENDIF\n");
+}
+
1;
diff --git a/deps/openssl/openssl/crypto/perlasm/x86nasm.pl b/deps/openssl/openssl/crypto/perlasm/x86nasm.pl
index ce2bed9bb..ca2511c9e 100644
--- a/deps/openssl/openssl/crypto/perlasm/x86nasm.pl
+++ b/deps/openssl/openssl/crypto/perlasm/x86nasm.pl
@@ -19,6 +19,8 @@ sub ::generic
{ $_[0] = "NEAR $_[0]"; }
elsif ($opcode eq "lea" && $#_==1) # wipe storage qualifier from lea
{ $_[1] =~ s/^[^\[]*\[/\[/o; }
+ elsif ($opcode eq "clflush" && $#_==0)
+ { $_[0] =~ s/^[^\[]*\[/\[/o; }
}
&::emit($opcode,@_);
1;
@@ -67,6 +69,7 @@ sub get_mem
}
sub ::BP { &get_mem("BYTE",@_); }
sub ::DWP { &get_mem("DWORD",@_); }
+sub ::WP { &get_mem("WORD",@_); }
sub ::QWP { &get_mem("",@_); }
sub ::BC { (($::mwerks)?"":"BYTE ")."@_"; }
sub ::DWC { (($::mwerks)?"":"DWORD ")."@_"; }
@@ -114,7 +117,7 @@ sub ::file_end
{ if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
{ my $comm=<<___;
${drdecor}segment .bss
-${drdecor}common ${nmdecor}OPENSSL_ia32cap_P 4
+${drdecor}common ${nmdecor}OPENSSL_ia32cap_P 8
___
# comment out OPENSSL_ia32cap_P declarations
grep {s/(^extern\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
@@ -135,7 +138,8 @@ sub ::public_label
sub ::data_byte
{ push(@out,(($::mwerks)?".byte\t":"db\t").join(',',@_)."\n"); }
-
+sub ::data_short
+{ push(@out,(($::mwerks)?".word\t":"dw\t").join(',',@_)."\n"); }
sub ::data_word
{ push(@out,(($::mwerks)?".long\t":"dd\t").join(',',@_)."\n"); }
@@ -163,4 +167,11 @@ sub ::dataseg
else { push(@out,"section\t.data align=4\n"); }
}
+sub ::safeseh
+{ my $nm=shift;
+ push(@out,"%if __NASM_VERSION_ID__ >= 0x02030000\n");
+ push(@out,"safeseh ".&::LABEL($nm,$nmdecor.$nm)."\n");
+ push(@out,"%endif\n");
+}
+
1;
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_decr.c b/deps/openssl/openssl/crypto/pkcs12/p12_decr.c
index ba77dbbe3..9d3557e8d 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_decr.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_decr.c
@@ -89,7 +89,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
goto err;
}
- EVP_CipherUpdate(&ctx, out, &i, in, inlen);
+ if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen))
+ {
+ OPENSSL_free(out);
+ out = NULL;
+ PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB);
+ goto err;
+ }
+
outlen = i;
if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
OPENSSL_free(out);
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_key.c b/deps/openssl/openssl/crypto/pkcs12/p12_key.c
index 424203f64..61d58502f 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_key.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_key.c
@@ -152,14 +152,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
for (;;) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, D, v);
- EVP_DigestUpdate(&ctx, I, Ilen);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, D, v)
+ || !EVP_DigestUpdate(&ctx, I, Ilen)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
for (j = 1; j < iter; j++) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, Ai, u);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, Ai, u)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
}
memcpy (out, Ai, min (n, u));
if (u >= n) {
@@ -174,24 +176,32 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
out += u;
for (j = 0; j < v; j++) B[j] = Ai[j % u];
/* Work out B + 1 first then can use B as tmp space */
- if (!BN_bin2bn (B, v, Bpl1)) goto err;
- if (!BN_add_word (Bpl1, 1)) goto err;
+ if (!BN_bin2bn (B, v, Bpl1))
+ goto err;
+ if (!BN_add_word (Bpl1, 1))
+ goto err;
for (j = 0; j < Ilen ; j+=v) {
- if (!BN_bin2bn (I + j, v, Ij)) goto err;
- if (!BN_add (Ij, Ij, Bpl1)) goto err;
- BN_bn2bin (Ij, B);
+ if (!BN_bin2bn(I + j, v, Ij))
+ goto err;
+ if (!BN_add(Ij, Ij, Bpl1))
+ goto err;
+ if (!BN_bn2bin(Ij, B))
+ goto err;
Ijlen = BN_num_bytes (Ij);
/* If more than 2^(v*8) - 1 cut off MSB */
if (Ijlen > v) {
- BN_bn2bin (Ij, B);
+ if (!BN_bn2bin (Ij, B))
+ goto err;
memcpy (I + j, B + 1, v);
#ifndef PKCS12_BROKEN_KEYGEN
/* If less than v bytes pad with zeroes */
} else if (Ijlen < v) {
memset(I + j, 0, v - Ijlen);
- BN_bn2bin(Ij, I + j + v - Ijlen);
+ if (!BN_bn2bin(Ij, I + j + v - Ijlen))
+ goto err;
#endif
- } else BN_bn2bin (Ij, I + j);
+ } else if (!BN_bn2bin (Ij, I + j))
+ goto err;
}
}
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c b/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c
index 292cc3ed4..206b1b0b1 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_kiss.c
@@ -167,7 +167,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
if (cert && *cert)
X509_free(*cert);
if (x)
- X509_free(*cert);
+ X509_free(x);
if (ocerts)
sk_X509_pop_free(ocerts, X509_free);
return 0;
diff --git a/deps/openssl/openssl/crypto/pkcs12/p12_mutl.c b/deps/openssl/openssl/crypto/pkcs12/p12_mutl.c
index 9ab740d51..96de1bd11 100644
--- a/deps/openssl/openssl/crypto/pkcs12/p12_mutl.c
+++ b/deps/openssl/openssl/crypto/pkcs12/p12_mutl.c
@@ -97,10 +97,14 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
return 0;
}
HMAC_CTX_init(&hmac);
- HMAC_Init_ex(&hmac, key, md_size, md_type, NULL);
- HMAC_Update(&hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length);
- HMAC_Final(&hmac, mac, maclen);
+ if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+ || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+ p12->authsafes->d.data->length)
+ || !HMAC_Final(&hmac, mac, maclen))
+ {
+ HMAC_CTX_cleanup(&hmac);
+ return 0;
+ }
HMAC_CTX_cleanup(&hmac);
return 1;
}
diff --git a/deps/openssl/openssl/crypto/pkcs7/bio_pk7.c b/deps/openssl/openssl/crypto/pkcs7/bio_pk7.c
index c8d06d6cd..0fd31e730 100644
--- a/deps/openssl/openssl/crypto/pkcs7/bio_pk7.c
+++ b/deps/openssl/openssl/crypto/pkcs7/bio_pk7.c
@@ -56,7 +56,7 @@
#include <openssl/pkcs7.h>
#include <openssl/bio.h>
-#ifndef OPENSSL_SYSNAME_NETWARE
+#if !defined(OPENSSL_SYSNAME_NETWARE) && !defined(OPENSSL_SYSNAME_VXWORKS)
#include <memory.h>
#endif
#include <stdio.h>
diff --git a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
index 3bf1a367b..77fda3b82 100644
--- a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
+++ b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
@@ -204,11 +204,11 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
unsigned char *ek = NULL;
size_t eklen;
- int ret = 0;
+ int ret = -1;
pctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pctx)
- return 0;
+ return -1;
if (EVP_PKEY_decrypt_init(pctx) <= 0)
goto err;
@@ -235,12 +235,19 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
if (EVP_PKEY_decrypt(pctx, ek, &eklen,
ri->enc_key->data, ri->enc_key->length) <= 0)
{
+ ret = 0;
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
goto err;
}
ret = 1;
+ if (*pek)
+ {
+ OPENSSL_cleanse(*pek, *peklen);
+ OPENSSL_free(*pek);
+ }
+
*pek = ek;
*peklen = eklen;
@@ -423,6 +430,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
STACK_OF(X509_ALGOR) *md_sk=NULL;
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
PKCS7_RECIP_INFO *ri=NULL;
+ unsigned char *ek = NULL, *tkey = NULL;
+ int eklen = 0, tkeylen = 0;
i=OBJ_obj2nid(p7->type);
p7->state=PKCS7_S_HEADER;
@@ -500,8 +509,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
int max;
X509_OBJECT ret;
#endif
- unsigned char *ek = NULL;
- int eklen;
if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
{
@@ -534,29 +541,28 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
}
/* If we haven't got a certificate try each ri in turn */
-
if (pcert == NULL)
{
+ /* Always attempt to decrypt all rinfo even
+ * after sucess as a defence against MMA timing
+ * attacks.
+ */
for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
{
ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
+
if (pkcs7_decrypt_rinfo(&ek, &eklen,
- ri, pkey) > 0)
- break;
+ ri, pkey) < 0)
+ goto err;
ERR_clear_error();
- ri = NULL;
- }
- if (ri == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_NO_RECIPIENT_MATCHES_KEY);
- goto err;
}
}
else
{
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) <= 0)
+ /* Only exit on fatal errors, not decrypt failure */
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
goto err;
+ ERR_clear_error();
}
evp_ctx=NULL;
@@ -565,6 +571,19 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
goto err;
if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
goto err;
+ /* Generate random key as MMA defence */
+ tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
+ tkey = OPENSSL_malloc(tkeylen);
+ if (!tkey)
+ goto err;
+ if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
+ goto err;
+ if (ek == NULL)
+ {
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
+ }
if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
/* Some S/MIME clients don't use the same key
@@ -573,11 +592,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
*/
if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen))
{
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
- goto err;
+ /* Use random key as MMA defence */
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
}
}
+ /* Clear errors so we don't leak information useful in MMA */
+ ERR_clear_error();
if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,ek,NULL,0) <= 0)
goto err;
@@ -585,6 +609,13 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
{
OPENSSL_cleanse(ek,eklen);
OPENSSL_free(ek);
+ ek = NULL;
+ }
+ if (tkey)
+ {
+ OPENSSL_cleanse(tkey,tkeylen);
+ OPENSSL_free(tkey);
+ tkey = NULL;
}
if (out == NULL)
@@ -627,6 +658,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
if (0)
{
err:
+ if (ek)
+ {
+ OPENSSL_cleanse(ek,eklen);
+ OPENSSL_free(ek);
+ }
+ if (tkey)
+ {
+ OPENSSL_cleanse(tkey,tkeylen);
+ OPENSSL_free(tkey);
+ }
if (out != NULL) BIO_free_all(out);
if (btmp != NULL) BIO_free_all(btmp);
if (etmp != NULL) BIO_free_all(etmp);
@@ -676,7 +717,11 @@ static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
}
/* Add digest */
- EVP_DigestFinal_ex(mctx, md_data,&md_len);
+ if (!EVP_DigestFinal_ex(mctx, md_data,&md_len))
+ {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+ return 0;
+ }
if (!PKCS7_add1_attrib_digest(si, md_data, md_len))
{
PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
@@ -784,7 +829,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* We now have the EVP_MD_CTX, lets do the
* signing. */
- EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
+ if (!EVP_MD_CTX_copy_ex(&ctx_tmp,mdc))
+ goto err;
sk=si->auth_attr;
@@ -822,7 +868,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (!PKCS7_find_digest(&mdc, bio,
OBJ_obj2nid(p7->d.digest->md->algorithm)))
goto err;
- EVP_DigestFinal_ex(mdc,md_data,&md_len);
+ if (!EVP_DigestFinal_ex(mdc,md_data,&md_len))
+ goto err;
M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
}
@@ -1015,7 +1062,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
/* mdc is the digest ctx that we want, unless there are attributes,
* in which case the digest is the signed attributes */
- EVP_MD_CTX_copy_ex(&mdc_tmp,mdc);
+ if (!EVP_MD_CTX_copy_ex(&mdc_tmp,mdc))
+ goto err;
sk=si->auth_attr;
if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
@@ -1025,7 +1073,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
int alen;
ASN1_OCTET_STRING *message_digest;
- EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
+ if (!EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len))
+ goto err;
message_digest=PKCS7_digest_from_attributes(sk);
if (!message_digest)
{
@@ -1050,7 +1099,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
goto err;
}
- EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL);
+ if (!EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL))
+ goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
@@ -1060,7 +1110,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
ret = -1;
goto err;
}
- EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
+ if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+ goto err;
OPENSSL_free(abuf);
}
diff --git a/deps/openssl/openssl/crypto/pkcs7/pk7_smime.c b/deps/openssl/openssl/crypto/pkcs7/pk7_smime.c
index 86742d0dc..a5104f8d0 100644
--- a/deps/openssl/openssl/crypto/pkcs7/pk7_smime.c
+++ b/deps/openssl/openssl/crypto/pkcs7/pk7_smime.c
@@ -573,15 +573,34 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
return 0;
}
ret = SMIME_text(bread, data);
+ if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER)
+ {
+ if (!BIO_get_cipher_status(tmpmem))
+ ret = 0;
+ }
BIO_free_all(bread);
return ret;
} else {
for(;;) {
i = BIO_read(tmpmem, buf, sizeof(buf));
- if(i <= 0) break;
- BIO_write(data, buf, i);
+ if(i <= 0)
+ {
+ ret = 1;
+ if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER)
+ {
+ if (!BIO_get_cipher_status(tmpmem))
+ ret = 0;
+ }
+
+ break;
+ }
+ if (BIO_write(data, buf, i) != i)
+ {
+ ret = 0;
+ break;
+ }
}
BIO_free_all(tmpmem);
- return 1;
+ return ret;
}
}
diff --git a/deps/openssl/openssl/crypto/ppccpuid.pl b/deps/openssl/openssl/crypto/ppccpuid.pl
index 369e1d0df..4ba736a1d 100644..100755
--- a/deps/openssl/openssl/crypto/ppccpuid.pl
+++ b/deps/openssl/openssl/crypto/ppccpuid.pl
@@ -23,36 +23,67 @@ $code=<<___;
.machine "any"
.text
-.globl .OPENSSL_cpuid_setup
+.globl .OPENSSL_ppc64_probe
.align 4
-.OPENSSL_cpuid_setup:
+.OPENSSL_ppc64_probe:
+ fcfid f1,f1
+ extrdi r0,r0,32,0
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+
+.globl .OPENSSL_altivec_probe
+.align 4
+.OPENSSL_altivec_probe:
+ .long 0x10000484 # vor v0,v0,v0
+ blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.globl .OPENSSL_wipe_cpu
.align 4
.OPENSSL_wipe_cpu:
xor r0,r0,r0
+ fmr f0,f31
+ fmr f1,f31
+ fmr f2,f31
mr r3,r1
+ fmr f3,f31
xor r4,r4,r4
+ fmr f4,f31
xor r5,r5,r5
+ fmr f5,f31
xor r6,r6,r6
+ fmr f6,f31
xor r7,r7,r7
+ fmr f7,f31
xor r8,r8,r8
+ fmr f8,f31
xor r9,r9,r9
+ fmr f9,f31
xor r10,r10,r10
+ fmr f10,f31
xor r11,r11,r11
+ fmr f11,f31
xor r12,r12,r12
+ fmr f12,f31
+ fmr f13,f31
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.globl .OPENSSL_atomic_add
.align 4
.OPENSSL_atomic_add:
-Loop: lwarx r5,0,r3
+Ladd: lwarx r5,0,r3
add r0,r4,r5
stwcx. r0,0,r3
- bne- Loop
+ bne- Ladd
$SIGNX r3,r0
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
.globl .OPENSSL_rdtsc
.align 4
@@ -60,6 +91,8 @@ Loop: lwarx r5,0,r3
mftb r3
mftbu r4
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
.globl .OPENSSL_cleanse
.align 4
@@ -72,7 +105,7 @@ Loop: lwarx r5,0,r3
Little: mtctr r4
stb r0,0(r3)
addi r3,r3,1
- bdnz- \$-8
+ bdnz \$-8
blr
Lot: andi. r5,r3,3
beq Laligned
@@ -85,10 +118,13 @@ Laligned:
mtctr r5
stw r0,0(r3)
addi r3,r3,4
- bdnz- \$-8
+ bdnz \$-8
andi. r4,r4,3
bne Little
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,2,0
+ .long 0
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/rand/md_rand.c b/deps/openssl/openssl/crypto/rand/md_rand.c
index b2f04ff13..1e3bcb9bc 100644
--- a/deps/openssl/openssl/crypto/rand/md_rand.c
+++ b/deps/openssl/openssl/crypto/rand/md_rand.c
@@ -109,6 +109,8 @@
*
*/
+#define OPENSSL_FIPSEVP
+
#ifdef MD_RAND_DEBUG
# ifndef NDEBUG
# define NDEBUG
@@ -121,10 +123,10 @@
#include "e_os.h"
+#include <openssl/crypto.h>
#include <openssl/rand.h>
#include "rand_lcl.h"
-#include <openssl/crypto.h>
#include <openssl/err.h>
#ifdef BN_DEBUG
@@ -157,13 +159,14 @@ const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
static void ssleay_rand_cleanup(void);
static void ssleay_rand_seed(const void *buf, int num);
static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num);
+static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo);
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_status(void);
RAND_METHOD rand_ssleay_meth={
ssleay_rand_seed,
- ssleay_rand_bytes,
+ ssleay_rand_nopseudo_bytes,
ssleay_rand_cleanup,
ssleay_rand_add,
ssleay_rand_pseudo_bytes,
@@ -328,7 +331,7 @@ static void ssleay_rand_seed(const void *buf, int num)
ssleay_rand_add(buf, num, (double)num);
}
-static int ssleay_rand_bytes(unsigned char *buf, int num)
+static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
{
static volatile int stirred_pool = 0;
int i,j,k,st_num,st_idx;
@@ -517,7 +520,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
EVP_MD_CTX_cleanup(&m);
if (ok)
return(1);
- else
+ else if (pseudo)
+ return 0;
+ else
{
RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
@@ -526,22 +531,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
}
}
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
+ {
+ return ssleay_rand_bytes(buf, num, 0);
+ }
+
/* pseudo-random bytes that are guaranteed to be unique but not
unpredictable */
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
{
- int ret;
- unsigned long err;
-
- ret = RAND_bytes(buf, num);
- if (ret == 0)
- {
- err = ERR_peek_error();
- if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
- ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
- ERR_clear_error();
- }
- return (ret);
+ return ssleay_rand_bytes(buf, num, 1);
}
static int ssleay_rand_status(void)
diff --git a/deps/openssl/openssl/crypto/rand/rand.h b/deps/openssl/openssl/crypto/rand/rand.h
index ac6c02176..dc8fcf94c 100644
--- a/deps/openssl/openssl/crypto/rand/rand.h
+++ b/deps/openssl/openssl/crypto/rand/rand.h
@@ -119,6 +119,11 @@ int RAND_event(UINT, WPARAM, LPARAM);
#endif
+#ifdef OPENSSL_FIPS
+void RAND_set_fips_drbg_type(int type, int flags);
+int RAND_init_fips(void);
+#endif
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -129,9 +134,13 @@ void ERR_load_RAND_strings(void);
/* Function codes. */
#define RAND_F_RAND_GET_RAND_METHOD 101
+#define RAND_F_RAND_INIT_FIPS 102
#define RAND_F_SSLEAY_RAND_BYTES 100
/* Reason codes. */
+#define RAND_R_ERROR_INITIALISING_DRBG 102
+#define RAND_R_ERROR_INSTANTIATING_DRBG 103
+#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
#define RAND_R_PRNG_NOT_SEEDED 100
#ifdef __cplusplus
diff --git a/deps/openssl/openssl/crypto/rand/rand_err.c b/deps/openssl/openssl/crypto/rand/rand_err.c
index 03cda4dd9..b8586c8f4 100644
--- a/deps/openssl/openssl/crypto/rand/rand_err.c
+++ b/deps/openssl/openssl/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
/* crypto/rand/rand_err.c */
/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -71,12 +71,16 @@
static ERR_STRING_DATA RAND_str_functs[]=
{
{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
+{ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"},
{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
{0,NULL}
};
static ERR_STRING_DATA RAND_str_reasons[]=
{
+{ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG),"error initialising drbg"},
+{ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG),"error instantiating drbg"},
+{ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),"no fips random method set"},
{ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"},
{0,NULL}
};
diff --git a/deps/openssl/openssl/crypto/rand/rand_lib.c b/deps/openssl/openssl/crypto/rand/rand_lib.c
index 513e33898..476a0cd18 100644
--- a/deps/openssl/openssl/crypto/rand/rand_lib.c
+++ b/deps/openssl/openssl/crypto/rand/rand_lib.c
@@ -60,10 +60,16 @@
#include <time.h>
#include "cryptlib.h"
#include <openssl/rand.h>
+
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#include <openssl/fips_rand.h>
+#endif
+
#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
static ENGINE *funct_ref =NULL;
@@ -174,3 +180,119 @@ int RAND_status(void)
return meth->status();
return 0;
}
+
+#ifdef OPENSSL_FIPS
+
+/* FIPS DRBG initialisation code. This sets up the DRBG for use by the
+ * rest of OpenSSL.
+ */
+
+/* Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather
+ * entropy internally through RAND_poll().
+ */
+
+static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
+ int entropy, size_t min_len, size_t max_len)
+ {
+ /* Round up request to multiple of block size */
+ min_len = ((min_len + 19) / 20) * 20;
+ *pout = OPENSSL_malloc(min_len);
+ if (!*pout)
+ return 0;
+ if (RAND_SSLeay()->bytes(*pout, min_len) <= 0)
+ {
+ OPENSSL_free(*pout);
+ *pout = NULL;
+ return 0;
+ }
+ return min_len;
+ }
+
+static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
+ {
+ if (out)
+ {
+ OPENSSL_cleanse(out, olen);
+ OPENSSL_free(out);
+ }
+ }
+
+/* Set "additional input" when generating random data. This uses the
+ * current PID, a time value and a counter.
+ */
+
+static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout)
+ {
+ /* Use of static variables is OK as this happens under a lock */
+ static unsigned char buf[16];
+ static unsigned long counter;
+ FIPS_get_timevec(buf, &counter);
+ *pout = buf;
+ return sizeof(buf);
+ }
+
+/* RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is
+ * correctly seeded by RAND_poll().
+ */
+
+static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen,
+ double entropy)
+ {
+ RAND_SSLeay()->add(in, inlen, entropy);
+ return 1;
+ }
+
+static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen)
+ {
+ RAND_SSLeay()->seed(in, inlen);
+ return 1;
+ }
+
+#ifndef OPENSSL_DRBG_DEFAULT_TYPE
+#define OPENSSL_DRBG_DEFAULT_TYPE NID_aes_256_ctr
+#endif
+#ifndef OPENSSL_DRBG_DEFAULT_FLAGS
+#define OPENSSL_DRBG_DEFAULT_FLAGS DRBG_FLAG_CTR_USE_DF
+#endif
+
+static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
+static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
+
+void RAND_set_fips_drbg_type(int type, int flags)
+ {
+ fips_drbg_type = type;
+ fips_drbg_flags = flags;
+ }
+
+int RAND_init_fips(void)
+ {
+ DRBG_CTX *dctx;
+ size_t plen;
+ unsigned char pers[32], *p;
+ dctx = FIPS_get_default_drbg();
+ if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
+ {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG);
+ return 0;
+ }
+
+ FIPS_drbg_set_callbacks(dctx,
+ drbg_get_entropy, drbg_free_entropy, 20,
+ drbg_get_entropy, drbg_free_entropy);
+ FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
+ drbg_rand_seed, drbg_rand_add);
+ /* Personalisation string: a string followed by date time vector */
+ strcpy((char *)pers, "OpenSSL DRBG2.0");
+ plen = drbg_get_adin(dctx, &p);
+ memcpy(pers + 16, p, plen);
+
+ if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0)
+ {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG);
+ return 0;
+ }
+ FIPS_rand_set_method(FIPS_drbg_method());
+ return 1;
+ }
+
+#endif
diff --git a/deps/openssl/openssl/crypto/rand/randfile.c b/deps/openssl/openssl/crypto/rand/randfile.c
index bc7d9c580..7f1428072 100644
--- a/deps/openssl/openssl/crypto/rand/randfile.c
+++ b/deps/openssl/openssl/crypto/rand/randfile.c
@@ -57,7 +57,9 @@
*/
/* We need to define this to get macros like S_IFBLK and S_IFCHR */
+#if !defined(OPENSSL_SYS_VXWORKS)
#define _XOPEN_SOURCE 500
+#endif
#include <errno.h>
#include <stdio.h>
@@ -137,7 +139,7 @@ int RAND_load_file(const char *file, long bytes)
in=fopen(file,"rb");
#endif
if (in == NULL) goto err;
-#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPNESSL_NO_POSIX_IO)
+#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
/* this file is a device. we don't want read an infinite number
* of bytes from a random device, nor do we want to use buffered
diff --git a/deps/openssl/openssl/crypto/rc2/Makefile b/deps/openssl/openssl/crypto/rc2/Makefile
index 73eac347e..8a9d49ab5 100644
--- a/deps/openssl/openssl/crypto/rc2/Makefile
+++ b/deps/openssl/openssl/crypto/rc2/Makefile
@@ -78,7 +78,11 @@ rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
rc2_cbc.o: rc2_cbc.c rc2_locl.h
rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
-rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
+rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rc2_skey.o: rc2_locl.h rc2_skey.c
rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
rc2cfb64.o: rc2_locl.h rc2cfb64.c
diff --git a/deps/openssl/openssl/crypto/rc2/rc2.h b/deps/openssl/openssl/crypto/rc2/rc2.h
index 34c836231..e542ec94f 100644
--- a/deps/openssl/openssl/crypto/rc2/rc2.h
+++ b/deps/openssl/openssl/crypto/rc2/rc2.h
@@ -79,7 +79,9 @@ typedef struct rc2_key_st
RC2_INT data[64];
} RC2_KEY;
-
+#ifdef OPENSSL_FIPS
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
+#endif
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
int enc);
diff --git a/deps/openssl/openssl/crypto/rc2/rc2_skey.c b/deps/openssl/openssl/crypto/rc2/rc2_skey.c
index 0150b0e03..6668ac011 100644
--- a/deps/openssl/openssl/crypto/rc2/rc2_skey.c
+++ b/deps/openssl/openssl/crypto/rc2/rc2_skey.c
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/rc2.h>
#include "rc2_locl.h"
@@ -95,6 +96,13 @@ static const unsigned char key_table[256]={
* the same as specifying 1024 for the 'bits' parameter. Bsafe uses
* a version where the bits parameter is the same as len*8 */
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(RC2);
+ private_RC2_set_key(key, len, data, bits);
+ }
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
+#endif
{
int i,j;
unsigned char *k;
diff --git a/deps/openssl/openssl/crypto/rc4/Makefile b/deps/openssl/openssl/crypto/rc4/Makefile
index 264451a21..1614d4796 100644
--- a/deps/openssl/openssl/crypto/rc4/Makefile
+++ b/deps/openssl/openssl/crypto/rc4/Makefile
@@ -21,8 +21,8 @@ TEST=rc4test.c
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_skey.c rc4_enc.c
-LIBOBJ=$(RC4_ENC)
+LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c
+LIBOBJ=$(RC4_ENC) rc4_utl.o
SRC= $(LIBSRC)
@@ -46,12 +46,14 @@ rc4-586.s: asm/rc4-586.pl ../perlasm/x86asm.pl
rc4-x86_64.s: asm/rc4-x86_64.pl
$(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) > $@
+rc4-md5-x86_64.s: asm/rc4-md5-x86_64.pl
+ $(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) > $@
rc4-ia64.S: asm/rc4-ia64.pl
$(PERL) asm/rc4-ia64.pl $(CFLAGS) > $@
-rc4-s390x.s: asm/rc4-s390x.pl
- $(PERL) asm/rc4-s390x.pl > $@
+rc4-parisc.s: asm/rc4-parisc.pl
+ $(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
rc4-ia64.s: rc4-ia64.S
@case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
@@ -60,6 +62,9 @@ rc4-ia64.s: rc4-ia64.S
*) exit 1 ;; \
esac
+# GNU make "catch all"
+rc4-%.s: asm/rc4-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -113,3 +118,8 @@ rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc4_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc4_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+rc4_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc4_utl.o: ../../include/openssl/symhacks.h rc4_utl.c
diff --git a/deps/openssl/openssl/crypto/rc4/asm/rc4-586.pl b/deps/openssl/openssl/crypto/rc4/asm/rc4-586.pl
index 38a44a70e..5c9ac6ad2 100644
--- a/deps/openssl/openssl/crypto/rc4/asm/rc4-586.pl
+++ b/deps/openssl/openssl/crypto/rc4/asm/rc4-586.pl
@@ -28,6 +28,34 @@
#
# <appro@fy.chalmers.se>
+# May 2011
+#
+# Optimize for Core2 and Westmere [and incidentally Opteron]. Current
+# performance in cycles per processed byte (less is better) and
+# improvement relative to previous version of this module is:
+#
+# Pentium 10.2 # original numbers
+# Pentium III 7.8(*)
+# Intel P4 7.5
+#
+# Opteron 6.1/+20% # new MMX numbers
+# Core2 5.3/+67%(**)
+# Westmere 5.1/+94%(**)
+# Sandy Bridge 5.0/+8%
+# Atom 12.6/+6%
+#
+# (*) PIII can actually deliver 6.6 cycles per byte with MMX code,
+# but this specific code performs poorly on Core2. And vice
+# versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs
+# poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU
+# [anymore], I chose to discard PIII-specific code path and opt
+# for original IALU-only code, which is why MMX/SSE code path
+# is guarded by SSE2 bit (see below), not MMX/SSE.
+# (**) Performance vs. block size on Core2 and Westmere had a maximum
+# at ... 64 bytes block size. And it was quite a maximum, 40-60%
+# in comparison to largest 8KB block size. Above improvement
+# coefficients are for the largest block size.
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
@@ -62,6 +90,68 @@ sub RC4_loop {
&$func ($out,&DWP(0,$dat,$ty,4));
}
+if ($alt=0) {
+ # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron,
+ # but ~40% slower on Core2 and Westmere... Attempt to add movz
+ # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet
+ # on Core2 with movz it's almost 20% slower than below alternative
+ # code... Yes, it's a total mess...
+ my @XX=($xx,$out);
+ $RC4_loop_mmx = sub { # SSE actually...
+ my $i=shift;
+ my $j=$i<=0?0:$i>>1;
+ my $mm=$i<=0?"mm0":"mm".($i&1);
+
+ &add (&LB($yy),&LB($tx));
+ &lea (@XX[1],&DWP(1,@XX[0]));
+ &pxor ("mm2","mm0") if ($i==0);
+ &psllq ("mm1",8) if ($i==0);
+ &and (@XX[1],0xff);
+ &pxor ("mm0","mm0") if ($i<=0);
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &pxor ("mm1","mm2") if ($i==0);
+ &mov (&DWP(0,$dat,$XX[0],4),$ty);
+ &add (&LB($ty),&LB($tx));
+ &movd (@XX[0],"mm7") if ($i==0);
+ &mov ($tx,&DWP(0,$dat,@XX[1],4));
+ &pxor ("mm1","mm1") if ($i==1);
+ &movq ("mm2",&QWP(0,$inp)) if ($i==1);
+ &movq (&QWP(-8,(@XX[0],$inp)),"mm1") if ($i==0);
+ &pinsrw ($mm,&DWP(0,$dat,$ty,4),$j);
+
+ push (@XX,shift(@XX)) if ($i>=0);
+ }
+} else {
+ # Using pinsrw here improves performane on Intel CPUs by 2-3%, but
+ # brings down AMD by 7%...
+ $RC4_loop_mmx = sub {
+ my $i=shift;
+
+ &add (&LB($yy),&LB($tx));
+ &psllq ("mm1",8*(($i-1)&7)) if (abs($i)!=1);
+ &mov ($ty,&DWP(0,$dat,$yy,4));
+ &mov (&DWP(0,$dat,$yy,4),$tx);
+ &mov (&DWP(0,$dat,$xx,4),$ty);
+ &inc ($xx);
+ &add ($ty,$tx);
+ &movz ($xx,&LB($xx)); # (*)
+ &movz ($ty,&LB($ty)); # (*)
+ &pxor ("mm2",$i==1?"mm0":"mm1") if ($i>=0);
+ &movq ("mm0",&QWP(0,$inp)) if ($i<=0);
+ &movq (&QWP(-8,($out,$inp)),"mm2") if ($i==0);
+ &mov ($tx,&DWP(0,$dat,$xx,4));
+ &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4));
+
+ # (*) This is the key to Core2 and Westmere performance.
+ # Whithout movz out-of-order execution logic confuses
+ # itself and fails to reorder loads and stores. Problem
+ # appears to be fixed in Sandy Bridge...
+ }
+}
+
+&external_label("OPENSSL_ia32cap_P");
+
# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
&function_begin("RC4");
&mov ($dat,&wparam(0)); # load key schedule pointer
@@ -94,11 +184,56 @@ sub RC4_loop {
&and ($ty,-4); # how many 4-byte chunks?
&jz (&label("loop1"));
+ &test ($ty,-8);
+ &mov (&wparam(3),$out); # $out as accumulator in these loops
+ &jz (&label("go4loop4"));
+
+ &picmeup($out,"OPENSSL_ia32cap_P");
+ &bt (&DWP(0,$out),26); # check SSE2 bit [could have been MMX]
+ &jnc (&label("go4loop4"));
+
+ &mov ($out,&wparam(3)) if (!$alt);
+ &movd ("mm7",&wparam(3)) if ($alt);
+ &and ($ty,-8);
+ &lea ($ty,&DWP(-8,$inp,$ty));
+ &mov (&DWP(-4,$dat),$ty); # save input+(len/8)*8-8
+
+ &$RC4_loop_mmx(-1);
+ &jmp(&label("loop_mmx_enter"));
+
+ &set_label("loop_mmx",16);
+ &$RC4_loop_mmx(0);
+ &set_label("loop_mmx_enter");
+ for ($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); }
+ &mov ($ty,$yy);
+ &xor ($yy,$yy); # this is second key to Core2
+ &mov (&LB($yy),&LB($ty)); # and Westmere performance...
+ &cmp ($inp,&DWP(-4,$dat));
+ &lea ($inp,&DWP(8,$inp));
+ &jb (&label("loop_mmx"));
+
+ if ($alt) {
+ &movd ($out,"mm7");
+ &pxor ("mm2","mm0");
+ &psllq ("mm1",8);
+ &pxor ("mm1","mm2");
+ &movq (&QWP(-8,$out,$inp),"mm1");
+ } else {
+ &psllq ("mm1",56);
+ &pxor ("mm2","mm1");
+ &movq (&QWP(-8,$out,$inp),"mm2");
+ }
+ &emms ();
+
+ &cmp ($inp,&wparam(1)); # compare to input+len
+ &je (&label("done"));
+ &jmp (&label("loop1"));
+
+&set_label("go4loop4",16);
&lea ($ty,&DWP(-4,$inp,$ty));
&mov (&wparam(2),$ty); # save input+(len/4)*4-4
- &mov (&wparam(3),$out); # $out as accumulator in this loop
- &set_label("loop4",16);
+ &set_label("loop4");
for ($i=0;$i<4;$i++) { RC4_loop($i); }
&ror ($out,8);
&xor ($out,&DWP(0,$inp));
@@ -151,7 +286,7 @@ sub RC4_loop {
&set_label("done");
&dec (&LB($xx));
- &mov (&BP(-4,$dat),&LB($yy)); # save key->y
+ &mov (&DWP(-4,$dat),$yy); # save key->y
&mov (&BP(-8,$dat),&LB($xx)); # save key->x
&set_label("abort");
&function_end("RC4");
@@ -164,10 +299,8 @@ $idi="ebp";
$ido="ecx";
$idx="edx";
-&external_label("OPENSSL_ia32cap_P");
-
# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
-&function_begin("RC4_set_key");
+&function_begin("private_RC4_set_key");
&mov ($out,&wparam(0)); # load key
&mov ($idi,&wparam(1)); # load len
&mov ($inp,&wparam(2)); # load data
@@ -245,7 +378,7 @@ $idx="edx";
&xor ("eax","eax");
&mov (&DWP(-8,$out),"eax"); # key->x=0;
&mov (&DWP(-4,$out),"eax"); # key->y=0;
-&function_end("RC4_set_key");
+&function_end("private_RC4_set_key");
# const char *RC4_options(void);
&function_begin_B("RC4_options");
@@ -254,14 +387,21 @@ $idx="edx";
&blindpop("eax");
&lea ("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax"));
&picmeup("edx","OPENSSL_ia32cap_P");
- &bt (&DWP(0,"edx"),20);
- &jnc (&label("skip"));
- &add ("eax",12);
- &set_label("skip");
+ &mov ("edx",&DWP(0,"edx"));
+ &bt ("edx",20);
+ &jc (&label("1xchar"));
+ &bt ("edx",26);
+ &jnc (&label("ret"));
+ &add ("eax",25);
+ &ret ();
+&set_label("1xchar");
+ &add ("eax",12);
+&set_label("ret");
&ret ();
&set_label("opts",64);
&asciz ("rc4(4x,int)");
&asciz ("rc4(1x,char)");
+&asciz ("rc4(8x,mmx)");
&asciz ("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>");
&align (64);
&function_end_B("RC4_options");
diff --git a/deps/openssl/openssl/crypto/rc4/asm/rc4-s390x.pl b/deps/openssl/openssl/crypto/rc4/asm/rc4-s390x.pl
index 96681fa05..7528ece13 100644
--- a/deps/openssl/openssl/crypto/rc4/asm/rc4-s390x.pl
+++ b/deps/openssl/openssl/crypto/rc4/asm/rc4-s390x.pl
@@ -13,6 +13,29 @@
# "cluster" Address Generation Interlocks, so that one pipeline stall
# resolves several dependencies.
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 50% better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
$rp="%r14";
$sp="%r15";
$code=<<___;
@@ -39,7 +62,12 @@ $code.=<<___;
.type RC4,\@function
.align 64
RC4:
- stmg %r6,%r11,48($sp)
+ stm${g} %r6,%r11,6*$SIZE_T($sp)
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+ llgfr $len,$len
+___
+$code.=<<___;
llgc $XX[0],0($key)
llgc $YY,1($key)
la $XX[0],1($XX[0])
@@ -90,7 +118,7 @@ $code.=<<___;
xgr $acc,$TX[1]
stg $acc,0($out)
la $out,8($out)
- brct $cnt,.Loop8
+ brctg $cnt,.Loop8
.Lshort:
lghi $acc,7
@@ -122,7 +150,7 @@ $code.=<<___;
ahi $XX[0],-1
stc $XX[0],0($key)
stc $YY,1($key)
- lmg %r6,%r11,48($sp)
+ lm${g} %r6,%r11,6*$SIZE_T($sp)
br $rp
.size RC4,.-RC4
.string "RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>"
@@ -143,11 +171,11 @@ $ikey="%r7";
$iinp="%r8";
$code.=<<___;
-.globl RC4_set_key
-.type RC4_set_key,\@function
+.globl private_RC4_set_key
+.type private_RC4_set_key,\@function
.align 64
-RC4_set_key:
- stmg %r6,%r8,48($sp)
+private_RC4_set_key:
+ stm${g} %r6,%r8,6*$SIZE_T($sp)
lhi $cnt,256
la $idx,0(%r0)
sth $idx,0($key)
@@ -180,9 +208,9 @@ RC4_set_key:
la $iinp,0(%r0)
j .L2ndloop
.Ldone:
- lmg %r6,%r8,48($sp)
+ lm${g} %r6,%r8,6*$SIZE_T($sp)
br $rp
-.size RC4_set_key,.-RC4_set_key
+.size private_RC4_set_key,.-private_RC4_set_key
___
}
@@ -203,3 +231,4 @@ RC4_options:
___
print $code;
+close STDOUT; # force flush
diff --git a/deps/openssl/openssl/crypto/rc4/asm/rc4-x86_64.pl b/deps/openssl/openssl/crypto/rc4/asm/rc4-x86_64.pl
index 677be5fe2..75750dbf3 100755
--- a/deps/openssl/openssl/crypto/rc4/asm/rc4-x86_64.pl
+++ b/deps/openssl/openssl/crypto/rc4/asm/rc4-x86_64.pl
@@ -7,6 +7,8 @@
# details see http://www.openssl.org/~appro/cryptogams/.
# ====================================================================
#
+# July 2004
+#
# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
# "hand-coded assembler"] doesn't stand for the whole improvement
# coefficient. It turned out that eliminating RC4_CHAR from config
@@ -19,6 +21,8 @@
# to operate on partial registers, it turned out to be the best bet.
# At least for AMD... How IA32E would perform remains to be seen...
+# November 2004
+#
# As was shown by Marc Bevand reordering of couple of load operations
# results in even higher performance gain of 3.3x:-) At least on
# Opteron... For reference, 1x in this case is RC4_CHAR C-code
@@ -26,6 +30,8 @@
# Latter means that if you want to *estimate* what to expect from
# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
+# November 2004
+#
# Intel P4 EM64T core was found to run the AMD64 code really slow...
# The only way to achieve comparable performance on P4 was to keep
# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
@@ -33,10 +39,14 @@
# on either AMD and Intel platforms, I implement both cases. See
# rc4_skey.c for further details...
+# April 2005
+#
# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing
# those with add/sub results in 50% performance improvement of folded
# loop...
+# May 2005
+#
# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
# performance by >30% [unlike P4 32-bit case that is]. But this is
# provided that loads are reordered even more aggressively! Both code
@@ -50,6 +60,8 @@
# is not implemented, then this final RC4_CHAR code-path should be
# preferred, as it provides better *all-round* performance].
+# March 2007
+#
# Intel Core2 was observed to perform poorly on both code paths:-( It
# apparently suffers from some kind of partial register stall, which
# occurs in 64-bit mode only [as virtually identical 32-bit loop was
@@ -58,6 +70,37 @@
# fit for Core2 and therefore the code was modified to skip cloop8 on
# this CPU.
+# May 2010
+#
+# Intel Westmere was observed to perform suboptimally. Adding yet
+# another movzb to cloop1 improved performance by almost 50%! Core2
+# performance is improved too, but nominally...
+
+# May 2011
+#
+# The only code path that was not modified is P4-specific one. Non-P4
+# Intel code path optimization is heavily based on submission by Maxim
+# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
+# some of the ideas even in attempt to optmize the original RC4_INT
+# code path... Current performance in cycles per processed byte (less
+# is better) and improvement coefficients relative to previous
+# version of this module are:
+#
+# Opteron 5.3/+0%(*)
+# P4 6.5
+# Core2 6.2/+15%(**)
+# Westmere 4.2/+60%
+# Sandy Bridge 4.2/+120%
+# Atom 9.3/+80%
+#
+# (*) But corresponding loop has less instructions, which should have
+# positive effect on upcoming Bulldozer, which has one less ALU.
+# For reference, Intel code runs at 6.8 cpb rate on Opteron.
+# (**) Note that Core2 result is ~15% lower than corresponding result
+# for 32-bit code, meaning that it's possible to improve it,
+# but more than likely at the cost of the others (see rc4-586.pl
+# to get the idea)...
+
$flavour = shift;
$output = shift;
if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
@@ -69,20 +112,18 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
$dat="%rdi"; # arg1
$len="%rsi"; # arg2
$inp="%rdx"; # arg3
$out="%rcx"; # arg4
-@XX=("%r8","%r10");
-@TX=("%r9","%r11");
-$YY="%r12";
-$TY="%r13";
-
+{
$code=<<___;
.text
+.extern OPENSSL_ia32cap_P
.globl RC4
.type RC4,\@function,4
@@ -95,48 +136,173 @@ RC4: or $len,$len
push %r12
push %r13
.Lprologue:
+ mov $len,%r11
+ mov $inp,%r12
+ mov $out,%r13
+___
+my $len="%r11"; # reassign input arguments
+my $inp="%r12";
+my $out="%r13";
- add \$8,$dat
- movl -8($dat),$XX[0]#d
- movl -4($dat),$YY#d
+my @XX=("%r10","%rsi");
+my @TX=("%rax","%rbx");
+my $YY="%rcx";
+my $TY="%rdx";
+
+$code.=<<___;
+ xor $XX[0],$XX[0]
+ xor $YY,$YY
+
+ lea 8($dat),$dat
+ mov -8($dat),$XX[0]#b
+ mov -4($dat),$YY#b
cmpl \$-1,256($dat)
je .LRC4_CHAR
+ mov OPENSSL_ia32cap_P(%rip),%r8d
+ xor $TX[1],$TX[1]
inc $XX[0]#b
+ sub $XX[0],$TX[1]
+ sub $inp,$out
movl ($dat,$XX[0],4),$TX[0]#d
- test \$-8,$len
+ test \$-16,$len
jz .Lloop1
- jmp .Lloop8
+ bt \$30,%r8d # Intel CPU?
+ jc .Lintel
+ and \$7,$TX[1]
+ lea 1($XX[0]),$XX[1]
+ jz .Loop8
+ sub $TX[1],$len
+.Loop8_warmup:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($inp),$TY#b
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
+ dec $TX[1]
+ jnz .Loop8_warmup
+
+ lea 1($XX[0]),$XX[1]
+ jmp .Loop8
.align 16
-.Lloop8:
+.Loop8:
___
for ($i=0;$i<8;$i++) {
+$code.=<<___ if ($i==7);
+ add \$8,$XX[1]#b
+___
$code.=<<___;
add $TX[0]#b,$YY#b
- mov $XX[0],$XX[1]
movl ($dat,$YY,4),$TY#d
- ror \$8,%rax # ror is redundant when $i=0
- inc $XX[1]#b
- movl ($dat,$XX[1],4),$TX[1]#d
- cmp $XX[1],$YY
movl $TX[0]#d,($dat,$YY,4)
- cmove $TX[0],$TX[1]
- movl $TY#d,($dat,$XX[0],4)
+ movl `4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
+ ror \$8,%r8 # ror is redundant when $i=0
+ movl $TY#d,4*$i($dat,$XX[0],4)
add $TX[0]#b,$TY#b
- movb ($dat,$TY,4),%al
+ movb ($dat,$TY,4),%r8b
___
-push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
+push(@TX,shift(@TX)); #push(@XX,shift(@XX)); # "rotate" registers
}
$code.=<<___;
- ror \$8,%rax
+ add \$8,$XX[0]#b
+ ror \$8,%r8
sub \$8,$len
- xor ($inp),%rax
- add \$8,$inp
- mov %rax,($out)
- add \$8,$out
+ xor ($inp),%r8
+ mov %r8,($out,$inp)
+ lea 8($inp),$inp
test \$-8,$len
- jnz .Lloop8
+ jnz .Loop8
+ cmp \$0,$len
+ jne .Lloop1
+ jmp .Lexit
+
+.align 16
+.Lintel:
+ test \$-32,$len
+ jz .Lloop1
+ and \$15,$TX[1]
+ jz .Loop16_is_hot
+ sub $TX[1],$len
+.Loop16_warmup:
+ add $TX[0]#b,$YY#b
+ movl ($dat,$YY,4),$TY#d
+ movl $TX[0]#d,($dat,$YY,4)
+ movl $TY#d,($dat,$XX[0],4)
+ add $TY#b,$TX[0]#b
+ inc $XX[0]#b
+ movl ($dat,$TX[0],4),$TY#d
+ movl ($dat,$XX[0],4),$TX[0]#d
+ xorb ($inp),$TY#b
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
+ dec $TX[1]
+ jnz .Loop16_warmup
+
+ mov $YY,$TX[1]
+ xor $YY,$YY
+ mov $TX[1]#b,$YY#b
+
+.Loop16_is_hot:
+ lea ($dat,$XX[0],4),$XX[1]
+___
+sub RC4_loop {
+ my $i=shift;
+ my $j=$i<0?0:$i;
+ my $xmm="%xmm".($j&1);
+
+ $code.=" add \$16,$XX[0]#b\n" if ($i==15);
+ $code.=" movdqu ($inp),%xmm2\n" if ($i==15);
+ $code.=" add $TX[0]#b,$YY#b\n" if ($i<=0);
+ $code.=" movl ($dat,$YY,4),$TY#d\n";
+ $code.=" pxor %xmm0,%xmm2\n" if ($i==0);
+ $code.=" psllq \$8,%xmm1\n" if ($i==0);
+ $code.=" pxor $xmm,$xmm\n" if ($i<=1);
+ $code.=" movl $TX[0]#d,($dat,$YY,4)\n";
+ $code.=" add $TY#b,$TX[0]#b\n";
+ $code.=" movl `4*($j+1)`($XX[1]),$TX[1]#d\n" if ($i<15);
+ $code.=" movz $TX[0]#b,$TX[0]#d\n";
+ $code.=" movl $TY#d,4*$j($XX[1])\n";
+ $code.=" pxor %xmm1,%xmm2\n" if ($i==0);
+ $code.=" lea ($dat,$XX[0],4),$XX[1]\n" if ($i==15);
+ $code.=" add $TX[1]#b,$YY#b\n" if ($i<15);
+ $code.=" pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
+ $code.=" movdqu %xmm2,($out,$inp)\n" if ($i==0);
+ $code.=" lea 16($inp),$inp\n" if ($i==0);
+ $code.=" movl ($XX[1]),$TX[1]#d\n" if ($i==15);
+}
+ RC4_loop(-1);
+$code.=<<___;
+ jmp .Loop16_enter
+.align 16
+.Loop16:
+___
+
+for ($i=0;$i<16;$i++) {
+ $code.=".Loop16_enter:\n" if ($i==1);
+ RC4_loop($i);
+ push(@TX,shift(@TX)); # "rotate" registers
+}
+$code.=<<___;
+ mov $YY,$TX[1]
+ xor $YY,$YY # keyword to partial register
+ sub \$16,$len
+ mov $TX[1]#b,$YY#b
+ test \$-16,$len
+ jnz .Loop16
+
+ psllq \$8,%xmm1
+ pxor %xmm0,%xmm2
+ pxor %xmm1,%xmm2
+ movdqu %xmm2,($out,$inp)
+ lea 16($inp),$inp
+
cmp \$0,$len
jne .Lloop1
jmp .Lexit
@@ -152,9 +318,8 @@ $code.=<<___;
movl ($dat,$TX[0],4),$TY#d
movl ($dat,$XX[0],4),$TX[0]#d
xorb ($inp),$TY#b
- inc $inp
- movb $TY#b,($out)
- inc $out
+ movb $TY#b,($out,$inp)
+ lea 1($inp),$inp
dec $len
jnz .Lloop1
jmp .Lexit
@@ -165,13 +330,11 @@ $code.=<<___;
movzb ($dat,$XX[0]),$TX[0]#d
test \$-8,$len
jz .Lcloop1
- cmpl \$0,260($dat)
- jnz .Lcloop1
jmp .Lcloop8
.align 16
.Lcloop8:
- mov ($inp),%eax
- mov 4($inp),%ebx
+ mov ($inp),%r8d
+ mov 4($inp),%r9d
___
# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
for ($i=0;$i<4;$i++) {
@@ -188,8 +351,8 @@ $code.=<<___;
mov $TX[0],$TX[1]
.Lcmov$i:
add $TX[0]#b,$TY#b
- xor ($dat,$TY),%al
- ror \$8,%eax
+ xor ($dat,$TY),%r8b
+ ror \$8,%r8d
___
push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
}
@@ -207,16 +370,16 @@ $code.=<<___;
mov $TX[0],$TX[1]
.Lcmov$i:
add $TX[0]#b,$TY#b
- xor ($dat,$TY),%bl
- ror \$8,%ebx
+ xor ($dat,$TY),%r9b
+ ror \$8,%r9d
___
push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers
}
$code.=<<___;
lea -8($len),$len
- mov %eax,($out)
+ mov %r8d,($out)
lea 8($inp),$inp
- mov %ebx,4($out)
+ mov %r9d,4($out)
lea 8($out),$out
test \$-8,$len
@@ -229,6 +392,7 @@ $code.=<<___;
.align 16
.Lcloop1:
add $TX[0]#b,$YY#b
+ movzb $YY#b,$YY#d
movzb ($dat,$YY),$TY#d
movb $TX[0]#b,($dat,$YY)
movb $TY#b,($dat,$XX[0])
@@ -260,16 +424,16 @@ $code.=<<___;
ret
.size RC4,.-RC4
___
+}
$idx="%r8";
$ido="%r9";
$code.=<<___;
-.extern OPENSSL_ia32cap_P
-.globl RC4_set_key
-.type RC4_set_key,\@function,3
+.globl private_RC4_set_key
+.type private_RC4_set_key,\@function,3
.align 16
-RC4_set_key:
+private_RC4_set_key:
lea 8($dat),$dat
lea ($inp,$len),$inp
neg $len
@@ -280,12 +444,9 @@ RC4_set_key:
xor %r11,%r11
mov OPENSSL_ia32cap_P(%rip),$idx#d
- bt \$20,$idx#d
- jnc .Lw1stloop
- bt \$30,$idx#d
- setc $ido#b
- mov $ido#d,260($dat)
- jmp .Lc1stloop
+ bt \$20,$idx#d # RC4_CHAR?
+ jc .Lc1stloop
+ jmp .Lw1stloop
.align 16
.Lw1stloop:
@@ -339,7 +500,7 @@ RC4_set_key:
mov %eax,-8($dat)
mov %eax,-4($dat)
ret
-.size RC4_set_key,.-RC4_set_key
+.size private_RC4_set_key,.-private_RC4_set_key
.globl RC4_options
.type RC4_options,\@abi-omnipotent
@@ -348,18 +509,20 @@ RC4_options:
lea .Lopts(%rip),%rax
mov OPENSSL_ia32cap_P(%rip),%edx
bt \$20,%edx
- jnc .Ldone
- add \$12,%rax
+ jc .L8xchar
bt \$30,%edx
jnc .Ldone
- add \$13,%rax
+ add \$25,%rax
+ ret
+.L8xchar:
+ add \$12,%rax
.Ldone:
ret
.align 64
.Lopts:
.asciz "rc4(8x,int)"
.asciz "rc4(8x,char)"
-.asciz "rc4(1x,char)"
+.asciz "rc4(16x,int)"
.asciz "RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 64
.size RC4_options,.-RC4_options
@@ -482,22 +645,32 @@ key_se_handler:
.rva .LSEH_end_RC4
.rva .LSEH_info_RC4
- .rva .LSEH_begin_RC4_set_key
- .rva .LSEH_end_RC4_set_key
- .rva .LSEH_info_RC4_set_key
+ .rva .LSEH_begin_private_RC4_set_key
+ .rva .LSEH_end_private_RC4_set_key
+ .rva .LSEH_info_private_RC4_set_key
.section .xdata
.align 8
.LSEH_info_RC4:
.byte 9,0,0,0
.rva stream_se_handler
-.LSEH_info_RC4_set_key:
+.LSEH_info_private_RC4_set_key:
.byte 9,0,0,0
.rva key_se_handler
___
}
-$code =~ s/#([bwd])/$1/gm;
+sub reg_part {
+my ($reg,$conv)=@_;
+ if ($reg =~ /%r[0-9]+/) { $reg .= $conv; }
+ elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; }
+ elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; }
+ elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; }
+ return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
diff --git a/deps/openssl/openssl/crypto/rc4/rc4.h b/deps/openssl/openssl/crypto/rc4/rc4.h
index 29d1acccf..88ceb46bc 100644
--- a/deps/openssl/openssl/crypto/rc4/rc4.h
+++ b/deps/openssl/openssl/crypto/rc4/rc4.h
@@ -79,6 +79,7 @@ typedef struct rc4_key_st
const char *RC4_options(void);
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata);
diff --git a/deps/openssl/openssl/crypto/rc4/rc4_skey.c b/deps/openssl/openssl/crypto/rc4/rc4_skey.c
index b22c40b0b..fda27636e 100644
--- a/deps/openssl/openssl/crypto/rc4/rc4_skey.c
+++ b/deps/openssl/openssl/crypto/rc4/rc4_skey.c
@@ -85,7 +85,7 @@ const char *RC4_options(void)
* Date: Wed, 14 Sep 1994 06:35:31 GMT
*/
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
{
register RC4_INT tmp;
register int id1,id2;
@@ -104,40 +104,6 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
d[(n)]=d[id2]; \
d[id2]=tmp; }
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
- defined(__INTEL__) || \
- defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
- if (sizeof(RC4_INT) > 1) {
- /*
- * Unlike all other x86 [and x86_64] implementations,
- * Intel P4 core [including EM64T] was found to perform
- * poorly with wider RC4_INT. Performance improvement
- * for IA-32 hand-coded assembler turned out to be 2.8x
- * if re-coded for RC4_CHAR! It's however inappropriate
- * to just switch to RC4_CHAR for x86[_64], as non-P4
- * implementations suffer from significant performance
- * losses then, e.g. PIII exhibits >2x deterioration,
- * and so does Opteron. In order to assure optimal
- * all-round performance, let us [try to] detect P4 at
- * run-time by checking upon HTT bit in CPU capability
- * vector and set up compressed key schedule, which is
- * recognized by correspondingly updated assembler
- * module...
- * <appro@fy.chalmers.se>
- */
- if (OPENSSL_ia32cap_P & (1<<28)) {
- unsigned char *cp=(unsigned char *)d;
-
- for (i=0;i<256;i++) cp[i]=i;
- for (i=0;i<256;i++) SK_LOOP(cp,i);
- /* mark schedule as compressed! */
- d[256/sizeof(RC4_INT)]=-1;
- return;
- }
- }
-# endif
-#endif
for (i=0; i < 256; i++) d[i]=i;
for (i=0; i < 256; i+=4)
{
diff --git a/deps/openssl/openssl/crypto/rc4/rc4test.c b/deps/openssl/openssl/crypto/rc4/rc4test.c
index 633a79e75..4312605cc 100644
--- a/deps/openssl/openssl/crypto/rc4/rc4test.c
+++ b/deps/openssl/openssl/crypto/rc4/rc4test.c
@@ -120,6 +120,12 @@ int main(int argc, char *argv[])
RC4_KEY key;
unsigned char obuf[512];
+#if !defined(OPENSSL_PIC)
+ void OPENSSL_cpuid_setup(void);
+
+ OPENSSL_cpuid_setup();
+#endif
+
for (i=0; i<6; i++)
{
RC4_set_key(&key,keys[i][0],&(keys[i][1]));
diff --git a/deps/openssl/openssl/crypto/ripemd/Makefile b/deps/openssl/openssl/crypto/ripemd/Makefile
index d5b1067db..25140b2a7 100644
--- a/deps/openssl/openssl/crypto/ripemd/Makefile
+++ b/deps/openssl/openssl/crypto/ripemd/Makefile
@@ -82,8 +82,11 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
-rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
+rmd_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_dgst.o: ../../include/openssl/opensslconf.h
+rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
+rmd_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
diff --git a/deps/openssl/openssl/crypto/ripemd/ripemd.h b/deps/openssl/openssl/crypto/ripemd/ripemd.h
index 5942eb618..189bd8c90 100644
--- a/deps/openssl/openssl/crypto/ripemd/ripemd.h
+++ b/deps/openssl/openssl/crypto/ripemd/ripemd.h
@@ -91,6 +91,9 @@ typedef struct RIPEMD160state_st
unsigned int num;
} RIPEMD160_CTX;
+#ifdef OPENSSL_FIPS
+int private_RIPEMD160_Init(RIPEMD160_CTX *c);
+#endif
int RIPEMD160_Init(RIPEMD160_CTX *c);
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
diff --git a/deps/openssl/openssl/crypto/ripemd/rmd_dgst.c b/deps/openssl/openssl/crypto/ripemd/rmd_dgst.c
index 59b017f8c..d8e72da51 100644
--- a/deps/openssl/openssl/crypto/ripemd/rmd_dgst.c
+++ b/deps/openssl/openssl/crypto/ripemd/rmd_dgst.c
@@ -59,6 +59,7 @@
#include <stdio.h>
#include "rmd_locl.h"
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT;
@@ -69,7 +70,7 @@ const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT;
void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num);
# endif
-int RIPEMD160_Init(RIPEMD160_CTX *c)
+fips_md_init(RIPEMD160)
{
memset (c,0,sizeof(*c));
c->A=RIPEMD160_A;
@@ -104,21 +105,21 @@ void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, size_t num)
A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- RIP1(A,B,C,D,E,WL00,SL00); HOST_c2l(data,l); X( 2)=l;
- RIP1(E,A,B,C,D,WL01,SL01); HOST_c2l(data,l); X( 3)=l;
- RIP1(D,E,A,B,C,WL02,SL02); HOST_c2l(data,l); X( 4)=l;
- RIP1(C,D,E,A,B,WL03,SL03); HOST_c2l(data,l); X( 5)=l;
- RIP1(B,C,D,E,A,WL04,SL04); HOST_c2l(data,l); X( 6)=l;
- RIP1(A,B,C,D,E,WL05,SL05); HOST_c2l(data,l); X( 7)=l;
- RIP1(E,A,B,C,D,WL06,SL06); HOST_c2l(data,l); X( 8)=l;
- RIP1(D,E,A,B,C,WL07,SL07); HOST_c2l(data,l); X( 9)=l;
- RIP1(C,D,E,A,B,WL08,SL08); HOST_c2l(data,l); X(10)=l;
- RIP1(B,C,D,E,A,WL09,SL09); HOST_c2l(data,l); X(11)=l;
- RIP1(A,B,C,D,E,WL10,SL10); HOST_c2l(data,l); X(12)=l;
- RIP1(E,A,B,C,D,WL11,SL11); HOST_c2l(data,l); X(13)=l;
- RIP1(D,E,A,B,C,WL12,SL12); HOST_c2l(data,l); X(14)=l;
- RIP1(C,D,E,A,B,WL13,SL13); HOST_c2l(data,l); X(15)=l;
+ (void)HOST_c2l(data,l); X( 0)=l;(void)HOST_c2l(data,l); X( 1)=l;
+ RIP1(A,B,C,D,E,WL00,SL00); (void)HOST_c2l(data,l); X( 2)=l;
+ RIP1(E,A,B,C,D,WL01,SL01); (void)HOST_c2l(data,l); X( 3)=l;
+ RIP1(D,E,A,B,C,WL02,SL02); (void)HOST_c2l(data,l); X( 4)=l;
+ RIP1(C,D,E,A,B,WL03,SL03); (void)HOST_c2l(data,l); X( 5)=l;
+ RIP1(B,C,D,E,A,WL04,SL04); (void)HOST_c2l(data,l); X( 6)=l;
+ RIP1(A,B,C,D,E,WL05,SL05); (void)HOST_c2l(data,l); X( 7)=l;
+ RIP1(E,A,B,C,D,WL06,SL06); (void)HOST_c2l(data,l); X( 8)=l;
+ RIP1(D,E,A,B,C,WL07,SL07); (void)HOST_c2l(data,l); X( 9)=l;
+ RIP1(C,D,E,A,B,WL08,SL08); (void)HOST_c2l(data,l); X(10)=l;
+ RIP1(B,C,D,E,A,WL09,SL09); (void)HOST_c2l(data,l); X(11)=l;
+ RIP1(A,B,C,D,E,WL10,SL10); (void)HOST_c2l(data,l); X(12)=l;
+ RIP1(E,A,B,C,D,WL11,SL11); (void)HOST_c2l(data,l); X(13)=l;
+ RIP1(D,E,A,B,C,WL12,SL12); (void)HOST_c2l(data,l); X(14)=l;
+ RIP1(C,D,E,A,B,WL13,SL13); (void)HOST_c2l(data,l); X(15)=l;
RIP1(B,C,D,E,A,WL14,SL14);
RIP1(A,B,C,D,E,WL15,SL15);
diff --git a/deps/openssl/openssl/crypto/ripemd/rmd_locl.h b/deps/openssl/openssl/crypto/ripemd/rmd_locl.h
index f14b346e6..2bd8957d1 100644
--- a/deps/openssl/openssl/crypto/ripemd/rmd_locl.h
+++ b/deps/openssl/openssl/crypto/ripemd/rmd_locl.h
@@ -88,11 +88,11 @@ void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
#define HASH_FINAL RIPEMD160_Final
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- ll=(c)->E; HOST_l2c(ll,(s)); \
+ ll=(c)->A; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->B; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->C; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->D; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->E; (void)HOST_l2c(ll,(s)); \
} while (0)
#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
diff --git a/deps/openssl/openssl/crypto/rsa/Makefile b/deps/openssl/openssl/crypto/rsa/Makefile
index bb64223e0..f798d2f74 100644
--- a/deps/openssl/openssl/crypto/rsa/Makefile
+++ b/deps/openssl/openssl/crypto/rsa/Makefile
@@ -20,11 +20,11 @@ LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
- rsa_pmeth.c
+ rsa_pmeth.c rsa_crpt.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
- rsa_pmeth.o
+ rsa_pmeth.o rsa_crpt.o
SRC= $(LIBSRC)
@@ -100,11 +100,16 @@ rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+rsa_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+rsa_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rsa_asn1.o: ../../include/openssl/opensslconf.h
rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
rsa_asn1.o: ../cryptlib.h rsa_asn1.c
rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
@@ -114,6 +119,21 @@ rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_chk.o: rsa_chk.c
+rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+rsa_crpt.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+rsa_crpt.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+rsa_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_crpt.o: ../../include/openssl/opensslconf.h
+rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+rsa_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+rsa_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_crpt.c
rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -205,11 +225,12 @@ rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-rsa_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-rsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-rsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_pmeth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+rsa_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+rsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_pmeth.o: ../../include/openssl/objects.h
rsa_pmeth.o: ../../include/openssl/opensslconf.h
rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
diff --git a/deps/openssl/openssl/crypto/rsa/rsa.h b/deps/openssl/openssl/crypto/rsa/rsa.h
index cf7434365..5f269e577 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa.h
+++ b/deps/openssl/openssl/crypto/rsa/rsa.h
@@ -222,12 +222,22 @@ struct rsa_st
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
pad, NULL)
+#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
+ EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+
#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
len, NULL)
+#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
+ 0, plen)
+
#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
@@ -236,11 +246,24 @@ struct rsa_st
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
+
+#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
+
#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
+
+#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
+#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
+#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2
@@ -257,7 +280,7 @@ struct rsa_st
RSA * RSA_new(void);
RSA * RSA_new_method(ENGINE *engine);
-int RSA_size(const RSA *);
+int RSA_size(const RSA *rsa);
/* Deprecated version */
#ifndef OPENSSL_NO_DEPRECATED
@@ -300,6 +323,16 @@ const RSA_METHOD *RSA_null_method(void);
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+typedef struct rsa_pss_params_st
+ {
+ X509_ALGOR *hashAlgorithm;
+ X509_ALGOR *maskGenAlgorithm;
+ ASN1_INTEGER *saltLength;
+ ASN1_INTEGER *trailerField;
+ } RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
#ifndef OPENSSL_NO_FP_API
int RSA_print_fp(FILE *fp, const RSA *r,int offset);
#endif
@@ -380,6 +413,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, int sLen);
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen);
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
+
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *r,int idx,void *arg);
@@ -388,6 +429,25 @@ void *RSA_get_ex_data(const RSA *r, int idx);
RSA *RSAPublicKey_dup(RSA *rsa);
RSA *RSAPrivateKey_dup(RSA *rsa);
+/* If this flag is set the RSA method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its responsibility
+ * to ensure the result is compliant.
+ */
+
+#define RSA_FLAG_FIPS_METHOD 0x0400
+
+/* If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+/* Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+#define RSA_FLAG_CHECKED 0x0800
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -405,6 +465,7 @@ void ERR_load_RSA_strings(void);
#define RSA_F_PKEY_RSA_CTRL 143
#define RSA_F_PKEY_RSA_CTRL_STR 144
#define RSA_F_PKEY_RSA_SIGN 142
+#define RSA_F_PKEY_RSA_VERIFY 154
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
#define RSA_F_RSA_BUILTIN_KEYGEN 129
#define RSA_F_RSA_CHECK_KEY 123
@@ -413,6 +474,8 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
#define RSA_F_RSA_GENERATE_KEY 105
+#define RSA_F_RSA_GENERATE_KEY_EX 155
+#define RSA_F_RSA_ITEM_VERIFY 156
#define RSA_F_RSA_MEMORY_LOCK 130
#define RSA_F_RSA_NEW_METHOD 106
#define RSA_F_RSA_NULL 124
@@ -424,6 +487,7 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_PADDING_ADD_NONE 107
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
+#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
@@ -436,8 +500,12 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_PADDING_CHECK_X931 128
#define RSA_F_RSA_PRINT 115
#define RSA_F_RSA_PRINT_FP 116
+#define RSA_F_RSA_PRIVATE_DECRYPT 150
+#define RSA_F_RSA_PRIVATE_ENCRYPT 151
#define RSA_F_RSA_PRIV_DECODE 137
#define RSA_F_RSA_PRIV_ENCODE 138
+#define RSA_F_RSA_PUBLIC_DECRYPT 152
+#define RSA_F_RSA_PUBLIC_ENCRYPT 153
#define RSA_F_RSA_PUB_DECODE 139
#define RSA_F_RSA_SETUP_BLINDING 136
#define RSA_F_RSA_SIGN 117
@@ -445,6 +513,7 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_VERIFY 119
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
+#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
/* Reason codes. */
#define RSA_R_ALGORITHM_MISMATCH 100
@@ -470,19 +539,24 @@ void ERR_load_RSA_strings(void);
#define RSA_R_INVALID_HEADER 137
#define RSA_R_INVALID_KEYBITS 145
#define RSA_R_INVALID_MESSAGE_LENGTH 131
+#define RSA_R_INVALID_MGF1_MD 156
#define RSA_R_INVALID_PADDING 138
#define RSA_R_INVALID_PADDING_MODE 141
+#define RSA_R_INVALID_PSS_PARAMETERS 149
#define RSA_R_INVALID_PSS_SALTLEN 146
+#define RSA_R_INVALID_SALT_LENGTH 150
#define RSA_R_INVALID_TRAILER 139
#define RSA_R_INVALID_X931_DIGEST 142
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_LAST_OCTET_INVALID 134
#define RSA_R_MODULUS_TOO_LARGE 105
+#define RSA_R_NON_FIPS_RSA_METHOD 157
#define RSA_R_NO_PUBLIC_EXPONENT 140
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
#define RSA_R_OAEP_DECODING_ERROR 121
+#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
#define RSA_R_PADDING_CHECK_FAILED 114
#define RSA_R_P_NOT_PRIME 128
@@ -493,7 +567,12 @@ void ERR_load_RSA_strings(void);
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+#define RSA_R_UNKNOWN_MASK_DIGEST 151
#define RSA_R_UNKNOWN_PADDING_TYPE 118
+#define RSA_R_UNKNOWN_PSS_DIGEST 152
+#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
+#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
#define RSA_R_VALUE_MISSING 147
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_ameth.c b/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
index 8c3209885..2460910ab 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
@@ -265,6 +265,147 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
}
+static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+ X509_ALGOR **pmaskHash)
+ {
+ const unsigned char *p;
+ int plen;
+ RSA_PSS_PARAMS *pss;
+
+ *pmaskHash = NULL;
+
+ if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+ return NULL;
+ p = alg->parameter->value.sequence->data;
+ plen = alg->parameter->value.sequence->length;
+ pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
+
+ if (!pss)
+ return NULL;
+
+ if (pss->maskGenAlgorithm)
+ {
+ ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+ if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
+ && param->type == V_ASN1_SEQUENCE)
+ {
+ p = param->value.sequence->data;
+ plen = param->value.sequence->length;
+ *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
+ }
+ }
+
+ return pss;
+ }
+
+static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
+ X509_ALGOR *maskHash, int indent)
+ {
+ int rv = 0;
+ if (!pss)
+ {
+ if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
+ return 0;
+ return 1;
+ }
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
+ goto err;
+
+ if (pss->hashAlgorithm)
+ {
+ if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "sha1 (default)") <= 0)
+ goto err;
+
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+
+ if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
+ goto err;
+ if (pss->maskGenAlgorithm)
+ {
+ if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, " with ") <= 0)
+ goto err;
+ if (maskHash)
+ {
+ if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "INVALID") <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Salt Length: ") <= 0)
+ goto err;
+ if (pss->saltLength)
+ {
+ if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "20 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Trailer Field: ") <= 0)
+ goto err;
+ if (pss->trailerField)
+ {
+ if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "0xbc (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ rv = 1;
+
+ err:
+ return rv;
+
+ }
+
+static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig,
+ int indent, ASN1_PCTX *pctx)
+ {
+ if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss)
+ {
+ int rv;
+ RSA_PSS_PARAMS *pss;
+ X509_ALGOR *maskHash;
+ pss = rsa_pss_decode(sigalg, &maskHash);
+ rv = rsa_pss_param_print(bp, pss, maskHash, indent);
+ if (pss)
+ RSA_PSS_PARAMS_free(pss);
+ if (maskHash)
+ X509_ALGOR_free(maskHash);
+ if (!rv)
+ return 0;
+ }
+ else if (!sig && BIO_puts(bp, "\n") <= 0)
+ return 0;
+ if (sig)
+ return X509_signature_dump(bp, sig, indent);
+ return 1;
+ }
static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
@@ -310,6 +451,211 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
}
+/* Customised RSA item verification routine. This is called
+ * when a signature is encountered requiring special handling. We
+ * currently only handle PSS.
+ */
+
+
+static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *sigalg, ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey)
+ {
+ int rv = -1;
+ int saltlen;
+ const EVP_MD *mgf1md = NULL, *md = NULL;
+ RSA_PSS_PARAMS *pss;
+ X509_ALGOR *maskHash;
+ EVP_PKEY_CTX *pkctx;
+ /* Sanity check: make sure it is PSS */
+ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
+ return -1;
+ }
+ /* Decode PSS parameters */
+ pss = rsa_pss_decode(sigalg, &maskHash);
+
+ if (pss == NULL)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_PSS_PARAMETERS);
+ goto err;
+ }
+ /* Check mask and lookup mask hash algorithm */
+ if (pss->maskGenAlgorithm)
+ {
+ if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) != NID_mgf1)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_ALGORITHM);
+ goto err;
+ }
+ if (!maskHash)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_PARAMETER);
+ goto err;
+ }
+ mgf1md = EVP_get_digestbyobj(maskHash->algorithm);
+ if (mgf1md == NULL)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_MASK_DIGEST);
+ goto err;
+ }
+ }
+ else
+ mgf1md = EVP_sha1();
+
+ if (pss->hashAlgorithm)
+ {
+ md = EVP_get_digestbyobj(pss->hashAlgorithm->algorithm);
+ if (md == NULL)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_PSS_DIGEST);
+ goto err;
+ }
+ }
+ else
+ md = EVP_sha1();
+
+ if (pss->saltLength)
+ {
+ saltlen = ASN1_INTEGER_get(pss->saltLength);
+
+ /* Could perform more salt length sanity checks but the main
+ * RSA routines will trap other invalid values anyway.
+ */
+ if (saltlen < 0)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_SALT_LENGTH);
+ goto err;
+ }
+ }
+ else
+ saltlen = 20;
+
+ /* low-level routines support only trailer field 0xbc (value 1)
+ * and PKCS#1 says we should reject any other value anyway.
+ */
+ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1)
+ {
+ RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_TRAILER);
+ goto err;
+ }
+
+ /* We have all parameters now set up context */
+
+ if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
+ goto err;
+
+ if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
+ goto err;
+ /* Carry on */
+ rv = 2;
+
+ err:
+ RSA_PSS_PARAMS_free(pss);
+ if (maskHash)
+ X509_ALGOR_free(maskHash);
+ return rv;
+ }
+
+static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *alg1, X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig)
+ {
+ int pad_mode;
+ EVP_PKEY_CTX *pkctx = ctx->pctx;
+ if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
+ return 0;
+ if (pad_mode == RSA_PKCS1_PADDING)
+ return 2;
+ if (pad_mode == RSA_PKCS1_PSS_PADDING)
+ {
+ const EVP_MD *sigmd, *mgf1md;
+ RSA_PSS_PARAMS *pss = NULL;
+ X509_ALGOR *mgf1alg = NULL;
+ ASN1_STRING *os1 = NULL, *os2 = NULL;
+ EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
+ int saltlen, rv = 0;
+ sigmd = EVP_MD_CTX_md(ctx);
+ if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
+ goto err;
+ if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
+ goto err;
+ if (saltlen == -1)
+ saltlen = EVP_MD_size(sigmd);
+ else if (saltlen == -2)
+ {
+ saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
+ if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
+ saltlen--;
+ }
+ pss = RSA_PSS_PARAMS_new();
+ if (!pss)
+ goto err;
+ if (saltlen != 20)
+ {
+ pss->saltLength = ASN1_INTEGER_new();
+ if (!pss->saltLength)
+ goto err;
+ if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
+ goto err;
+ }
+ if (EVP_MD_type(sigmd) != NID_sha1)
+ {
+ pss->hashAlgorithm = X509_ALGOR_new();
+ if (!pss->hashAlgorithm)
+ goto err;
+ X509_ALGOR_set_md(pss->hashAlgorithm, sigmd);
+ }
+ if (EVP_MD_type(mgf1md) != NID_sha1)
+ {
+ ASN1_STRING *stmp = NULL;
+ /* need to embed algorithm ID inside another */
+ mgf1alg = X509_ALGOR_new();
+ X509_ALGOR_set_md(mgf1alg, mgf1md);
+ if (!ASN1_item_pack(mgf1alg, ASN1_ITEM_rptr(X509_ALGOR),
+ &stmp))
+ goto err;
+ pss->maskGenAlgorithm = X509_ALGOR_new();
+ if (!pss->maskGenAlgorithm)
+ goto err;
+ X509_ALGOR_set0(pss->maskGenAlgorithm,
+ OBJ_nid2obj(NID_mgf1),
+ V_ASN1_SEQUENCE, stmp);
+ }
+ /* Finally create string with pss parameter encoding. */
+ if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os1))
+ goto err;
+ if (alg2)
+ {
+ os2 = ASN1_STRING_dup(os1);
+ if (!os2)
+ goto err;
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss),
+ V_ASN1_SEQUENCE, os2);
+ }
+ X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss),
+ V_ASN1_SEQUENCE, os1);
+ os1 = os2 = NULL;
+ rv = 3;
+ err:
+ if (mgf1alg)
+ X509_ALGOR_free(mgf1alg);
+ if (pss)
+ RSA_PSS_PARAMS_free(pss);
+ if (os1)
+ ASN1_STRING_free(os1);
+ return rv;
+
+ }
+ return 2;
+ }
const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] =
{
@@ -335,10 +681,13 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] =
0,0,0,0,0,0,
+ rsa_sig_print,
int_rsa_free,
rsa_pkey_ctrl,
old_rsa_priv_decode,
- old_rsa_priv_encode
+ old_rsa_priv_encode,
+ rsa_item_verify,
+ rsa_item_sign
},
{
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_asn1.c b/deps/openssl/openssl/crypto/rsa/rsa_asn1.c
index 4efca8cdc..6ed5de3db 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_asn1.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_asn1.c
@@ -60,6 +60,7 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
+#include <openssl/x509.h>
#include <openssl/asn1t.h>
/* Override the default free and new methods */
@@ -96,6 +97,15 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
ASN1_SIMPLE(RSA, e, BIGNUM),
} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
+ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+ ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_eay.c b/deps/openssl/openssl/crypto/rsa/rsa_eay.c
index 2e1ddd48d..88ee2cb55 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_eay.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_eay.c
@@ -847,12 +847,12 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err;
/* If p < q it is occasionally possible for the correction of
- * adding 'p' if r0 is negative above to leave the result still
+ * adding 'p' if r0 is negative above to leave the result still
* negative. This can break the private key operations: the following
* second correction should *always* correct this rare occurrence.
* This will *never* happen with OpenSSL generated keys because
- * they ensure p > q [steve]
- */
+ * they ensure p > q [steve]
+ */
if (BN_is_negative(r0))
if (!BN_add(r0,r0,rsa->p)) goto err;
if (!BN_mul(r1,r0,rsa->q,ctx)) goto err;
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_err.c b/deps/openssl/openssl/crypto/rsa/rsa_err.c
index cf9f1106b..46e0bf998 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_err.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
/* crypto/rsa/rsa_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -78,6 +78,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
+{ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
@@ -86,6 +87,8 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
+{ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
+{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
@@ -97,6 +100,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1), "RSA_padding_add_PKCS1_PSS_mgf1"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
@@ -109,8 +113,12 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
+{ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
+{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
+{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
+{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
@@ -118,6 +126,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
+{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
{0,NULL}
};
@@ -146,19 +155,24 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
{ERR_REASON(RSA_R_INVALID_KEYBITS) ,"invalid keybits"},
{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
+{ERR_REASON(RSA_R_INVALID_MGF1_MD) ,"invalid mgf1 md"},
{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
{ERR_REASON(RSA_R_INVALID_PADDING_MODE) ,"invalid padding mode"},
+{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS),"invalid pss parameters"},
{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN) ,"invalid pss saltlen"},
+{ERR_REASON(RSA_R_INVALID_SALT_LENGTH) ,"invalid salt length"},
{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
{ERR_REASON(RSA_R_INVALID_X931_DIGEST) ,"invalid x931 digest"},
{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
+{ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD) ,"non fips rsa method"},
{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
+{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"},
{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
@@ -169,7 +183,12 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
+{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST) ,"unknown mask digest"},
{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
+{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST) ,"unknown pss digest"},
+{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),"unsupported mask algorithm"},
+{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),"unsupported mask parameter"},
+{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),"unsupported signature type"},
{ERR_REASON(RSA_R_VALUE_MISSING) ,"value missing"},
{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
{0,NULL}
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_gen.c b/deps/openssl/openssl/crypto/rsa/rsa_gen.c
index 767f7ab68..42290cce6 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_gen.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_gen.c
@@ -67,6 +67,9 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
@@ -77,8 +80,20 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
* now just because key-generation is part of RSA_METHOD. */
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
+ {
+ RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
if(rsa->meth->rsa_keygen)
return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
+#endif
return rsa_builtin_keygen(rsa, bits, e_value, cb);
}
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_lib.c b/deps/openssl/openssl/crypto/rsa/rsa_lib.c
index de45088d7..c95ceafc8 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_lib.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_lib.c
@@ -67,6 +67,10 @@
#include <openssl/engine.h>
#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
static const RSA_METHOD *default_RSA_meth=NULL;
@@ -87,12 +91,15 @@ const RSA_METHOD *RSA_get_default_method(void)
{
if (default_RSA_meth == NULL)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_rsa_pkcs1_ssleay();
+ else
+ return RSA_PKCS1_SSLeay();
+#else
#ifdef RSA_NULL
default_RSA_meth=RSA_null_method();
#else
-#if 0 /* was: #ifdef RSAref */
- default_RSA_meth=RSA_PKCS1_RSAref();
-#else
default_RSA_meth=RSA_PKCS1_SSLeay();
#endif
#endif
@@ -181,7 +188,7 @@ RSA *RSA_new_method(ENGINE *engine)
ret->blinding=NULL;
ret->mt_blinding=NULL;
ret->bignum_data=NULL;
- ret->flags=ret->meth->flags;
+ ret->flags=ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
{
#ifndef OPENSSL_NO_ENGINE
@@ -280,163 +287,6 @@ void *RSA_get_ex_data(const RSA *r, int idx)
return(CRYPTO_get_ex_data(&r->ex_data,idx));
}
-int RSA_size(const RSA *r)
- {
- return(BN_num_bytes(r->n));
- }
-
-int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
- }
-
-int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
- }
-
-int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
- }
-
-int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
- RSA *rsa, int padding)
- {
- return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
- }
-
-int RSA_flags(const RSA *r)
- {
- return((r == NULL)?0:r->meth->flags);
- }
-
-void RSA_blinding_off(RSA *rsa)
- {
- if (rsa->blinding != NULL)
- {
- BN_BLINDING_free(rsa->blinding);
- rsa->blinding=NULL;
- }
- rsa->flags &= ~RSA_FLAG_BLINDING;
- rsa->flags |= RSA_FLAG_NO_BLINDING;
- }
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
- {
- int ret=0;
-
- if (rsa->blinding != NULL)
- RSA_blinding_off(rsa);
-
- rsa->blinding = RSA_setup_blinding(rsa, ctx);
- if (rsa->blinding == NULL)
- goto err;
-
- rsa->flags |= RSA_FLAG_BLINDING;
- rsa->flags &= ~RSA_FLAG_NO_BLINDING;
- ret=1;
-err:
- return(ret);
- }
-
-static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
- const BIGNUM *q, BN_CTX *ctx)
-{
- BIGNUM *ret = NULL, *r0, *r1, *r2;
-
- if (d == NULL || p == NULL || q == NULL)
- return NULL;
-
- BN_CTX_start(ctx);
- r0 = BN_CTX_get(ctx);
- r1 = BN_CTX_get(ctx);
- r2 = BN_CTX_get(ctx);
- if (r2 == NULL)
- goto err;
-
- if (!BN_sub(r1, p, BN_value_one())) goto err;
- if (!BN_sub(r2, q, BN_value_one())) goto err;
- if (!BN_mul(r0, r1, r2, ctx)) goto err;
-
- ret = BN_mod_inverse(NULL, d, r0, ctx);
-err:
- BN_CTX_end(ctx);
- return ret;
-}
-
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
-{
- BIGNUM local_n;
- BIGNUM *e,*n;
- BN_CTX *ctx;
- BN_BLINDING *ret = NULL;
-
- if (in_ctx == NULL)
- {
- if ((ctx = BN_CTX_new()) == NULL) return 0;
- }
- else
- ctx = in_ctx;
-
- BN_CTX_start(ctx);
- e = BN_CTX_get(ctx);
- if (e == NULL)
- {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (rsa->e == NULL)
- {
- e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
- if (e == NULL)
- {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
- goto err;
- }
- }
- else
- e = rsa->e;
-
-
- if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
- {
- /* if PRNG is not properly seeded, resort to secret
- * exponent as unpredictable seed */
- RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
- }
-
- if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
- {
- /* Set BN_FLG_CONSTTIME flag */
- n = &local_n;
- BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
- }
- else
- n = rsa->n;
-
- ret = BN_BLINDING_create_param(NULL, e, n, ctx,
- rsa->meth->bn_mod_exp, rsa->_method_mod_n);
- if (ret == NULL)
- {
- RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
- goto err;
- }
- CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
-err:
- BN_CTX_end(ctx);
- if (in_ctx == NULL)
- BN_CTX_free(ctx);
- if(rsa->e == NULL)
- BN_free(e);
-
- return ret;
-}
-
int RSA_memory_lock(RSA *r)
{
int i,j,k,off;
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_oaep.c b/deps/openssl/openssl/crypto/rsa/rsa_oaep.c
index 18d307ea9..af4d24a56 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_oaep.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_oaep.c
@@ -56,7 +56,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
seed = to + 1;
db = to + SHA_DIGEST_LENGTH + 1;
- EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL))
+ return 0;
memset(db + SHA_DIGEST_LENGTH, 0,
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
@@ -145,9 +146,10 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
for (i = 0; i < dblen; i++)
db[i] ^= maskeddb[i];
- EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
+ return -1;
- if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
+ if (CRYPTO_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
goto decoding_err;
else
{
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_pmeth.c b/deps/openssl/openssl/crypto/rsa/rsa_pmeth.c
index c6892ecd0..5b2ecf56a 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_pmeth.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_pmeth.c
@@ -63,6 +63,12 @@
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
#include "evp_locl.h"
#include "rsa_locl.h"
@@ -79,6 +85,8 @@ typedef struct
int pad_mode;
/* message digest */
const EVP_MD *md;
+ /* message digest for MGF1 */
+ const EVP_MD *mgf1md;
/* PSS/OAEP salt length */
int saltlen;
/* Temp buffer */
@@ -95,6 +103,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
rctx->pub_exp = NULL;
rctx->pad_mode = RSA_PKCS1_PADDING;
rctx->md = NULL;
+ rctx->mgf1md = NULL;
rctx->tbuf = NULL;
rctx->saltlen = -2;
@@ -147,6 +156,31 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
OPENSSL_free(rctx);
}
}
+#ifdef OPENSSL_FIPS
+/* FIP checker. Return value indicates status of context parameters:
+ * 1 : redirect to FIPS.
+ * 0 : don't redirect to FIPS.
+ * -1 : illegal operation in FIPS mode.
+ */
+
+static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
+ {
+ RSA_PKEY_CTX *rctx = ctx->data;
+ RSA *rsa = ctx->pkey->pkey.rsa;
+ int rv = -1;
+ if (!FIPS_mode())
+ return 0;
+ if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+ rv = 0;
+ if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
+ return -1;
+ if (rctx->md && !(rctx->md->flags & EVP_MD_FLAG_FIPS))
+ return rv;
+ if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS))
+ return rv;
+ return 1;
+ }
+#endif
static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen)
@@ -155,6 +189,15 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
RSA_PKEY_CTX *rctx = ctx->data;
RSA *rsa = ctx->pkey->pkey.rsa;
+#ifdef OPENSSL_FIPS
+ ret = pkey_fips_check_ctx(ctx);
+ if (ret < 0)
+ {
+ RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
+
if (rctx->md)
{
if (tbslen != (size_t)EVP_MD_size(rctx->md))
@@ -163,7 +206,36 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
RSA_R_INVALID_DIGEST_LENGTH);
return -1;
}
- if (rctx->pad_mode == RSA_X931_PADDING)
+#ifdef OPENSSL_FIPS
+ if (ret > 0)
+ {
+ unsigned int slen;
+ ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md,
+ rctx->pad_mode,
+ rctx->saltlen,
+ rctx->mgf1md,
+ sig, &slen);
+ if (ret > 0)
+ *siglen = slen;
+ else
+ *siglen = 0;
+ return ret;
+ }
+#endif
+
+ if (EVP_MD_type(rctx->md) == NID_mdc2)
+ {
+ unsigned int sltmp;
+ if (rctx->pad_mode != RSA_PKCS1_PADDING)
+ return -1;
+ ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
+ tbs, tbslen, sig, &sltmp, rsa);
+
+ if (ret <= 0)
+ return ret;
+ ret = sltmp;
+ }
+ else if (rctx->pad_mode == RSA_X931_PADDING)
{
if (!setup_tbuf(rctx, ctx))
return -1;
@@ -186,8 +258,10 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
{
if (!setup_tbuf(rctx, ctx))
return -1;
- if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs,
- rctx->md, rctx->saltlen))
+ if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
+ rctx->tbuf, tbs,
+ rctx->md, rctx->mgf1md,
+ rctx->saltlen))
return -1;
ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
sig, rsa, RSA_NO_PADDING);
@@ -269,8 +343,30 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
RSA_PKEY_CTX *rctx = ctx->data;
RSA *rsa = ctx->pkey->pkey.rsa;
size_t rslen;
+#ifdef OPENSSL_FIPS
+ int rv;
+ rv = pkey_fips_check_ctx(ctx);
+ if (rv < 0)
+ {
+ RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
if (rctx->md)
{
+#ifdef OPENSSL_FIPS
+ if (rv > 0)
+ {
+ return FIPS_rsa_verify_digest(rsa,
+ tbs, tbslen,
+ rctx->md,
+ rctx->pad_mode,
+ rctx->saltlen,
+ rctx->mgf1md,
+ sig, siglen);
+
+ }
+#endif
if (rctx->pad_mode == RSA_PKCS1_PADDING)
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
sig, siglen, rsa);
@@ -289,7 +385,8 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
rsa, RSA_NO_PADDING);
if (ret <= 0)
return 0;
- ret = RSA_verify_PKCS1_PSS(rsa, tbs, rctx->md,
+ ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
+ rctx->md, rctx->mgf1md,
rctx->tbuf, rctx->saltlen);
if (ret <= 0)
return 0;
@@ -403,15 +500,25 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
return -2;
+ case EVP_PKEY_CTRL_GET_RSA_PADDING:
+ *(int *)p2 = rctx->pad_mode;
+ return 1;
+
case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
- if (p1 < -2)
- return -2;
+ case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING)
{
RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
return -2;
}
- rctx->saltlen = p1;
+ if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN)
+ *(int *)p2 = rctx->saltlen;
+ else
+ {
+ if (p1 < -2)
+ return -2;
+ rctx->saltlen = p1;
+ }
return 1;
case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
@@ -435,16 +542,45 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
rctx->md = p2;
return 1;
+ case EVP_PKEY_CTRL_RSA_MGF1_MD:
+ case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
+ if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING)
+ {
+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_MGF1_MD);
+ return -2;
+ }
+ if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD)
+ {
+ if (rctx->mgf1md)
+ *(const EVP_MD **)p2 = rctx->mgf1md;
+ else
+ *(const EVP_MD **)p2 = rctx->md;
+ }
+ else
+ rctx->mgf1md = p2;
+ return 1;
+
case EVP_PKEY_CTRL_DIGESTINIT:
case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT:
case EVP_PKEY_CTRL_PKCS7_SIGN:
+ return 1;
#ifndef OPENSSL_NO_CMS
- case EVP_PKEY_CTRL_CMS_ENCRYPT:
case EVP_PKEY_CTRL_CMS_DECRYPT:
+ {
+ X509_ALGOR *alg = NULL;
+ ASN1_OBJECT *encalg = NULL;
+ if (p2)
+ CMS_RecipientInfo_ktri_get0_algs(p2, NULL, NULL, &alg);
+ if (alg)
+ X509_ALGOR_get0(&encalg, NULL, NULL, alg);
+ if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
+ rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
+ }
+ case EVP_PKEY_CTRL_CMS_ENCRYPT:
case EVP_PKEY_CTRL_CMS_SIGN:
-#endif
return 1;
+#endif
case EVP_PKEY_CTRL_PEER_KEY:
RSAerr(RSA_F_PKEY_RSA_CTRL,
RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_pss.c b/deps/openssl/openssl/crypto/rsa/rsa_pss.c
index ac211e2ff..5f9f533d0 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_pss.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_pss.c
@@ -73,6 +73,13 @@ static const unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const unsigned char *EM, int sLen)
{
+ return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
+ }
+
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen)
+ {
int i;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
@@ -80,6 +87,10 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
unsigned char *DB = NULL;
EVP_MD_CTX ctx;
unsigned char H_[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX_init(&ctx);
+
+ if (mgf1Hash == NULL)
+ mgf1Hash = Hash;
hLen = EVP_MD_size(Hash);
if (hLen < 0)
@@ -94,7 +105,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
else if (sLen == -2) sLen = -2;
else if (sLen < -2)
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
@@ -102,7 +113,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
emLen = RSA_size(rsa);
if (EM[0] & (0xFF << MSBits))
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_FIRST_OCTET_INVALID);
goto err;
}
if (MSBits == 0)
@@ -112,12 +123,12 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
}
if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
goto err;
}
if (EM[emLen - 1] != 0xbc)
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_LAST_OCTET_INVALID);
goto err;
}
maskedDBLen = emLen - hLen - 1;
@@ -125,10 +136,10 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
DB = OPENSSL_malloc(maskedDBLen);
if (!DB)
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash) < 0)
+ if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0)
goto err;
for (i = 0; i < maskedDBLen; i++)
DB[i] ^= EM[i];
@@ -137,25 +148,28 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ;
if (DB[i++] != 0x1)
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED);
goto err;
}
if (sLen >= 0 && (maskedDBLen - i) != sLen)
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
if (maskedDBLen - i)
- EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i);
- EVP_DigestFinal(&ctx, H_, NULL);
- EVP_MD_CTX_cleanup(&ctx);
+ {
+ if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+ goto err;
+ }
+ if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
+ goto err;
if (memcmp(H_, H, hLen))
{
- RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE);
+ RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
ret = 0;
}
else
@@ -164,6 +178,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
err:
if (DB)
OPENSSL_free(DB);
+ EVP_MD_CTX_cleanup(&ctx);
return ret;
@@ -173,12 +188,22 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, int sLen)
{
+ return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
+ }
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen)
+ {
int i;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
unsigned char *H, *salt = NULL, *p;
EVP_MD_CTX ctx;
+ if (mgf1Hash == NULL)
+ mgf1Hash = Hash;
+
hLen = EVP_MD_size(Hash);
if (hLen < 0)
goto err;
@@ -192,7 +217,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
else if (sLen == -2) sLen = -2;
else if (sLen < -2)
{
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
@@ -209,8 +234,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
}
else if (emLen < (hLen + sLen + 2))
{
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
- RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
if (sLen > 0)
@@ -218,8 +242,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
salt = OPENSSL_malloc(sLen);
if (!salt)
{
- RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
- ERR_R_MALLOC_FAILURE);
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,ERR_R_MALLOC_FAILURE);
goto err;
}
if (RAND_bytes(salt, sLen) <= 0)
@@ -228,16 +251,18 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
- if (sLen)
- EVP_DigestUpdate(&ctx, salt, sLen);
- EVP_DigestFinal(&ctx, H, NULL);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
+ if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx, H, NULL))
+ goto err;
EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
- if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash))
+ if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
goto err;
p = EM;
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_sign.c b/deps/openssl/openssl/crypto/rsa/rsa_sign.c
index 0be4ec7fb..b6f6037ae 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_sign.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_sign.c
@@ -77,6 +77,14 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
const unsigned char *s = NULL;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
+ {
+ RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign)
{
return rsa->meth->rsa_sign(type, m, m_len,
@@ -153,6 +161,15 @@ int int_rsa_verify(int dtype, const unsigned char *m,
unsigned char *s;
X509_SIG *sig=NULL;
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+ && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
+ {
+ RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD);
+ return 0;
+ }
+#endif
+
if (siglen != (unsigned int)RSA_size(rsa))
{
RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
@@ -182,6 +199,22 @@ int int_rsa_verify(int dtype, const unsigned char *m,
i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
if (i <= 0) goto err;
+ /* Oddball MDC2 case: signature can be OCTET STRING.
+ * check for correct tag and length octets.
+ */
+ if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10)
+ {
+ if (rm)
+ {
+ memcpy(rm, s + 2, 16);
+ *prm_len = 16;
+ ret = 1;
+ }
+ else if(memcmp(m, s + 2, 16))
+ RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+ else
+ ret = 1;
+ }
/* Special case: SSL signature */
if(dtype == NID_md5_sha1) {
diff --git a/deps/openssl/openssl/crypto/s390xcap.c b/deps/openssl/openssl/crypto/s390xcap.c
index ffbe0235f..f2e94ef47 100644
--- a/deps/openssl/openssl/crypto/s390xcap.c
+++ b/deps/openssl/openssl/crypto/s390xcap.c
@@ -4,7 +4,7 @@
#include <setjmp.h>
#include <signal.h>
-extern unsigned long OPENSSL_s390xcap_P;
+extern unsigned long OPENSSL_s390xcap_P[];
static sigjmp_buf ill_jmp;
static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
@@ -16,7 +16,9 @@ void OPENSSL_cpuid_setup(void)
sigset_t oset;
struct sigaction ill_act,oact;
- if (OPENSSL_s390xcap_P) return;
+ if (OPENSSL_s390xcap_P[0]) return;
+
+ OPENSSL_s390xcap_P[0] = 1UL<<(8*sizeof(unsigned long)-1);
memset(&ill_act,0,sizeof(ill_act));
ill_act.sa_handler = ill_handler;
@@ -27,10 +29,8 @@ void OPENSSL_cpuid_setup(void)
sigaction (SIGILL,&ill_act,&oact);
/* protection against missing store-facility-list-extended */
- if (sigsetjmp(ill_jmp,0) == 0)
- OPENSSL_s390xcap_P = OPENSSL_s390x_facilities();
- else
- OPENSSL_s390xcap_P = 1UL<<63;
+ if (sigsetjmp(ill_jmp,1) == 0)
+ OPENSSL_s390x_facilities();
sigaction (SIGILL,&oact,NULL);
sigprocmask(SIG_SETMASK,&oset,NULL);
diff --git a/deps/openssl/openssl/crypto/s390xcpuid.S b/deps/openssl/openssl/crypto/s390xcpuid.S
index b053c6a28..06815347e 100644
--- a/deps/openssl/openssl/crypto/s390xcpuid.S
+++ b/deps/openssl/openssl/crypto/s390xcpuid.S
@@ -5,10 +5,14 @@
.align 16
OPENSSL_s390x_facilities:
lghi %r0,0
- .long 0xb2b0f010 # stfle 16(%r15)
- lg %r2,16(%r15)
- larl %r1,OPENSSL_s390xcap_P
- stg %r2,0(%r1)
+ larl %r2,OPENSSL_s390xcap_P
+ stg %r0,8(%r2)
+ .long 0xb2b02000 # stfle 0(%r2)
+ brc 8,.Ldone
+ lghi %r0,1
+ .long 0xb2b02000 # stfle 0(%r2)
+.Ldone:
+ lg %r2,0(%r2)
br %r14
.size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
@@ -58,6 +62,9 @@ OPENSSL_wipe_cpu:
.type OPENSSL_cleanse,@function
.align 16
OPENSSL_cleanse:
+#if !defined(__s390x__) && !defined(__s390x)
+ llgfr %r3,%r3
+#endif
lghi %r4,15
lghi %r0,0
clgr %r3,%r4
@@ -89,4 +96,4 @@ OPENSSL_cleanse:
.section .init
brasl %r14,OPENSSL_cpuid_setup
-.comm OPENSSL_s390xcap_P,8,8
+.comm OPENSSL_s390xcap_P,16,8
diff --git a/deps/openssl/openssl/crypto/seed/seed.c b/deps/openssl/openssl/crypto/seed/seed.c
index 2bc384a19..3e675a8d7 100644
--- a/deps/openssl/openssl/crypto/seed/seed.c
+++ b/deps/openssl/openssl/crypto/seed/seed.c
@@ -32,9 +32,14 @@
#include <memory.h>
#endif
+#include <openssl/crypto.h>
#include <openssl/seed.h>
#include "seed_locl.h"
+#ifdef SS /* can get defined on Solaris by inclusion of <stdlib.h> */
+#undef SS
+#endif
+
static const seed_word SS[4][256] = { {
0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
@@ -192,8 +197,14 @@ static const seed_word KC[] = {
KC0, KC1, KC2, KC3, KC4, KC5, KC6, KC7,
KC8, KC9, KC10, KC11, KC12, KC13, KC14, KC15 };
#endif
-
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks)
+#ifdef OPENSSL_FIPS
+ {
+ fips_cipher_abort(SEED);
+ private_SEED_set_key(rawkey, ks);
+ }
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks)
+#endif
{
seed_word x1, x2, x3, x4;
seed_word t0, t1;
diff --git a/deps/openssl/openssl/crypto/seed/seed.h b/deps/openssl/openssl/crypto/seed/seed.h
index 6ffa5f024..c50fdd360 100644
--- a/deps/openssl/openssl/crypto/seed/seed.h
+++ b/deps/openssl/openssl/crypto/seed/seed.h
@@ -116,7 +116,9 @@ typedef struct seed_key_st {
#endif
} SEED_KEY_SCHEDULE;
-
+#ifdef OPENSSL_FIPS
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
+#endif
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
diff --git a/deps/openssl/openssl/crypto/sha/Makefile b/deps/openssl/openssl/crypto/sha/Makefile
index e6eccb05f..6d191d393 100644
--- a/deps/openssl/openssl/crypto/sha/Makefile
+++ b/deps/openssl/openssl/crypto/sha/Makefile
@@ -56,8 +56,11 @@ sha256-ia64.s: asm/sha512-ia64.pl
sha512-ia64.s: asm/sha512-ia64.pl
(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
-sha256-armv4.s: asm/sha256-armv4.pl
- $(PERL) $< $@
+sha256-armv4.S: asm/sha256-armv4.pl
+ $(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-alpha.s: asm/sha1-alpha.pl
+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
# Solaris make has to be explicitly told
sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
@@ -71,10 +74,22 @@ sha1-ppc.s: asm/sha1-ppc.pl; $(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
sha256-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
sha512-ppc.s: asm/sha512-ppc.pl; $(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha1-parisc.s: asm/sha1-parisc.pl; $(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+sha256-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+sha512-parisc.s:asm/sha512-parisc.pl; $(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+
+sha1-mips.S: asm/sha1-mips.pl; $(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+sha256-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+sha512-mips.S: asm/sha512-mips.pl; $(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+
# GNU make "catch all"
-sha1-%.s: asm/sha1-%.pl; $(PERL) $< $@
-sha256-%.s: asm/sha512-%.pl; $(PERL) $< $@
-sha512-%.s: asm/sha512-%.pl; $(PERL) $< $@
+sha1-%.S: asm/sha1-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+sha256-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+sha512-%.S: asm/sha512-%.pl; $(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-armv4-large.o: sha1-armv4-large.S
+sha256-armv4.o: sha256-armv4.S
+sha512-armv4.o: sha512-armv4.S
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -119,8 +134,11 @@ sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha1_one.o: sha1_one.c
-sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1dgst.o: ../../include/openssl/opensslconf.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -135,8 +153,11 @@ sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha512.o: ../cryptlib.h sha512.c
-sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
+sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_dgst.o: ../../include/openssl/opensslconf.h
+sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-586.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-586.pl
index a1f876281..1084d227f 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-586.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-586.pl
@@ -12,6 +12,8 @@
# commentary below], and in 2006 the rest was rewritten in order to
# gain freedom to liberate licensing terms.
+# January, September 2004.
+#
# It was noted that Intel IA-32 C compiler generates code which
# performs ~30% *faster* on P4 CPU than original *hand-coded*
# SHA1 assembler implementation. To address this problem (and
@@ -31,12 +33,92 @@
# ----------------------------------------------------------------
# <appro@fy.chalmers.se>
+# August 2009.
+#
+# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as
+# '(c&d) + (b&(c^d))', which allows to accumulate partial results
+# and lighten "pressure" on scratch registers. This resulted in
+# >12% performance improvement on contemporary AMD cores (with no
+# degradation on other CPUs:-). Also, the code was revised to maximize
+# "distance" between instructions producing input to 'lea' instruction
+# and the 'lea' instruction itself, which is essential for Intel Atom
+# core and resulted in ~15% improvement.
+
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. The idea is not novel,
+# and in SSE2 context was first explored by Dean Gaudet in 2004, see
+# http://arctic.org/~dean/crypto/sha1.html. Since then several things
+# have changed that made it interesting again:
+#
+# a) XMM units became faster and wider;
+# b) instruction set became more versatile;
+# c) an important observation was made by Max Locktykhin, which made
+# it possible to reduce amount of instructions required to perform
+# the operation in question, for further details see
+# http://software.intel.com/en-us/articles/improving-the-performance-of-the-secure-hash-algorithm-1/.
+
+# April 2011.
+#
+# Add AVX code path, probably most controversial... The thing is that
+# switch to AVX alone improves performance by as little as 4% in
+# comparison to SSSE3 code path. But below result doesn't look like
+# 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as
+# pair of µ-ops, and it's the additional µ-ops, two per round, that
+# make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded
+# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with
+# equivalent 'sh[rl]d' that is responsible for the impressive 5.1
+# cycles per processed byte. But 'sh[rl]d' is not something that used
+# to be fast, nor does it appear to be fast in upcoming Bulldozer
+# [according to its optimization manual]. Which is why AVX code path
+# is guarded by *both* AVX and synthetic bit denoting Intel CPUs.
+# One can argue that it's unfair to AMD, but without 'sh[rl]d' it
+# makes no sense to keep the AVX code path. If somebody feels that
+# strongly, it's probably more appropriate to discuss possibility of
+# using vector rotate XOP on AMD...
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+# x86 SSSE3 AVX
+# Pentium 15.7 -
+# PIII 11.5 -
+# P4 10.6 -
+# AMD K8 7.1 -
+# Core2 7.3 6.1/+20% -
+# Atom 12.5 9.5(*)/+32% -
+# Westmere 7.3 5.6/+30% -
+# Sandy Bridge 8.8 6.2/+40% 5.1(**)/+70%
+#
+# (*) Loop is 1056 instructions long and expected result is ~8.25.
+# It remains mystery [to me] why ILP is limited to 1.7.
+#
+# (**) As per above comment, the result is for AVX *plus* sh[rl]d.
+
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
+$xmm=$ymm=0;
+for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+$ymm=1 if ($xmm &&
+ `$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+ =~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+ $1>=2.19); # first version supporting AVX
+
+$ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32n" &&
+ `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+ $1>=2.03); # first version supporting AVX
+
+&external_label("OPENSSL_ia32cap_P") if ($xmm);
+
+
$A="eax";
$B="ebx";
$C="ecx";
@@ -47,6 +129,10 @@ $tmp1="ebp";
@V=($A,$B,$C,$D,$E,$T);
+$alt=0; # 1 denotes alternative IALU implementation, which performs
+ # 8% *worse* on P4, same on Westmere and Atom, 2% better on
+ # Sandy Bridge...
+
sub BODY_00_15
{
local($n,$a,$b,$c,$d,$e,$f)=@_;
@@ -59,16 +145,18 @@ sub BODY_00_15
&rotl($tmp1,5); # tmp1=ROTATE(a,5)
&xor($f,$d);
&add($tmp1,$e); # tmp1+=e;
- &and($f,$b);
- &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded
+ &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded
# with xi, also note that e becomes
# f in next round...
- &xor($f,$d); # f holds F_00_19(b,c,d)
+ &and($f,$b);
&rotr($b,2); # b=ROTATE(b,30)
- &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi
+ &xor($f,$d); # f holds F_00_19(b,c,d)
+ &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi
- if ($n==15) { &add($f,$tmp1); } # f+=tmp1
+ if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round
+ &add($f,$tmp1); } # f+=tmp1
else { &add($tmp1,$f); } # f becomes a in next round
+ &mov($tmp1,$a) if ($alt && $n==15);
}
sub BODY_16_19
@@ -77,22 +165,41 @@ sub BODY_16_19
&comment("16_19 $n");
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
- &xor($f,&swtmp(($n+2)%16));
- &xor($tmp1,$d);
- &xor($f,&swtmp(($n+8)%16));
- &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d)
- &rotr($b,2); # b=ROTATE(b,30)
+if ($alt) {
+ &xor($c,$d);
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &and($tmp1,$c); # tmp1 to hold F_00_19(b,c,d), b&=c^d
+ &xor($f,&swtmp(($n+8)%16));
+ &xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &add($e,$tmp1); # e+=F_00_19(b,c,d)
+ &xor($c,$d); # restore $c
+ &mov($tmp1,$a); # b in next round
+ &rotr($b,$n==16?2:7); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+} else {
+ &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &and($tmp1,$b);
&xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
&xor($tmp1,$d); # tmp1=F_00_19(b,c,d)
- &mov(&swtmp($n%16),$f); # xi=f
- &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e
- &mov($e,$a); # e becomes volatile
- &rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=F_00_19(b,c,d)
- &add($f,$e); # f+=ROTATE(a,5)
+ &add($e,$tmp1); # e+=F_00_19(b,c,d)
+ &mov($tmp1,$a);
+ &rotr($b,2); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($tmp1,5); # ROTATE(a,5)
+ &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$tmp1); # f+=ROTATE(a,5)
+}
}
sub BODY_20_39
@@ -102,21 +209,41 @@ sub BODY_20_39
&comment("20_39 $n");
+if ($alt) {
+ &xor($tmp1,$c); # tmp1 to hold F_20_39(b,c,d), b^=c
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
+ &xor($f,&swtmp(($n+8)%16));
+ &add($e,$tmp1); # e+=F_20_39(b,c,d)
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &mov($tmp1,$a); # b in next round
+ &rotr($b,7); # b=ROTATE(b,30)
+ &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &xor($b,$c) if($n==39);# warm up for BODY_40_59
+ &and($tmp1,$b) if($n==39);
+ &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY
+ &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+ &rotr($a,5) if ($n==79);
+} else {
&mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d)
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &rotr($b,2); # b=ROTATE(b,30)
- &xor($f,&swtmp(($n+2)%16));
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
&xor($tmp1,$c);
&xor($f,&swtmp(($n+8)%16));
&xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d)
&xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
- &add($tmp1,$e);
- &mov(&swtmp($n%16),$f); # xi=f
- &mov($e,$a); # e becomes volatile
- &rotl($e,5); # e=ROTATE(a,5)
- &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e
- &add($f,$e); # f+=ROTATE(a,5)
+ &add($e,$tmp1); # e+=F_20_39(b,c,d)
+ &rotr($b,2); # b=ROTATE(b,30)
+ &mov($tmp1,$a);
+ &rotl($tmp1,5); # ROTATE(a,5)
+ &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+ &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY
+ &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+ &add($f,$tmp1); # f+=ROTATE(a,5)
+}
}
sub BODY_40_59
@@ -125,41 +252,86 @@ sub BODY_40_59
&comment("40_59 $n");
- &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
- &mov($tmp1,&swtmp(($n+2)%16));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp(($n+8)%16));
- &xor($f,$tmp1);
- &mov($tmp1,&swtmp(($n+13)%16));
- &xor($f,$tmp1); # f holds xa^xb^xc^xd
- &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d)
+if ($alt) {
+ &add($e,$tmp1); # e+=b&(c^d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &mov($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &xor($c,$d); # restore $c
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
&rotl($f,1); # f=ROTATE(f,1)
- &or($tmp1,$c);
- &mov(&swtmp($n%16),$f); # xi=f
- &and($tmp1,$d);
- &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e
- &mov($e,$b); # e becomes volatile and is used
- # to calculate F_40_59(b,c,d)
+ &and($tmp1,$c);
+ &rotr($b,7); # b=ROTATE(b,30)
+ &add($e,$tmp1); # e+=c&d
+ &mov($tmp1,$a); # b in next round
+ &mov(&swtmp($n%16),$f); # xi=f
+ &rotl($a,5); # ROTATE(a,5)
+ &xor($b,$c) if ($n<59);
+ &and($tmp1,$b) if ($n<59);# tmp1 to hold F_40_59(b,c,d)
+ &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e+(b&(c^d))
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$a); # f+=ROTATE(a,5)
+} else {
+ &mov($tmp1,$c); # tmp1 to hold F_40_59(b,c,d)
+ &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd)
+ &xor($tmp1,$d);
+ &xor($f,&swtmp(($n+8)%16));
+ &and($tmp1,$b);
+ &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd
+ &rotl($f,1); # f=ROTATE(f,1)
+ &add($tmp1,$e); # b&(c^d)+=e
&rotr($b,2); # b=ROTATE(b,30)
- &and($e,$c);
- &or($tmp1,$e); # tmp1 holds F_40_59(b,c,d)
- &mov($e,$a);
- &rotl($e,5); # e=ROTATE(a,5)
- &add($f,$tmp1); # f+=tmp1;
+ &mov($e,$a); # e becomes volatile
+ &rotl($e,5); # ROTATE(a,5)
+ &mov(&swtmp($n%16),$f); # xi=f
+ &lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d))
+ &mov($tmp1,$c);
&add($f,$e); # f+=ROTATE(a,5)
+ &and($tmp1,$d);
+ &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round
+ &add($f,$tmp1); # f+=c&d
+}
}
&function_begin("sha1_block_data_order");
+if ($xmm) {
+ &static_label("ssse3_shortcut");
+ &static_label("avx_shortcut") if ($ymm);
+ &static_label("K_XX_XX");
+
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &picmeup($T,"OPENSSL_ia32cap_P",$tmp1,&label("pic_point"));
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+
+ &mov ($A,&DWP(0,$T));
+ &mov ($D,&DWP(4,$T));
+ &test ($D,1<<9); # check SSSE3 bit
+ &jz (&label("x86"));
+ &test ($A,1<<24); # check FXSR bit
+ &jz (&label("x86"));
+ if ($ymm) {
+ &and ($D,1<<28); # mask AVX bit
+ &and ($A,1<<30); # mask "Intel CPU" bit
+ &or ($A,$D);
+ &cmp ($A,1<<28|1<<30);
+ &je (&label("avx_shortcut"));
+ }
+ &jmp (&label("ssse3_shortcut"));
+ &set_label("x86",16);
+}
&mov($tmp1,&wparam(0)); # SHA_CTX *c
&mov($T,&wparam(1)); # const void *input
&mov($A,&wparam(2)); # size_t num
- &stack_push(16); # allocate X[16]
+ &stack_push(16+3); # allocate X[16]
&shl($A,6);
&add($A,$T);
&mov(&wparam(2),$A); # pointer beyond the end of input
&mov($E,&DWP(16,$tmp1));# pre-load E
+ &jmp(&label("loop"));
- &set_label("loop",16);
+&set_label("loop",16);
# copy input chunk to X, but reversing byte order!
for ($i=0; $i<16; $i+=4)
@@ -213,8 +385,845 @@ sub BODY_40_59
&mov(&DWP(16,$tmp1),$C);
&jb(&label("loop"));
- &stack_pop(16);
+ &stack_pop(16+3);
&function_end("sha1_block_data_order");
+
+if ($xmm) {
+######################################################################
+# The SSSE3 implementation.
+#
+# %xmm[0-7] are used as ring @X[] buffer containing quadruples of last
+# 32 elements of the message schedule or Xupdate outputs. First 4
+# quadruples are simply byte-swapped input, next 4 are calculated
+# according to method originally suggested by Dean Gaudet (modulo
+# being implemented in SSSE3). Once 8 quadruples or 32 elements are
+# collected, it switches to routine proposed by Max Locktyukhin.
+#
+# Calculations inevitably require temporary reqisters, and there are
+# no %xmm registers left to spare. For this reason part of the ring
+# buffer, X[2..4] to be specific, is offloaded to 3 quadriples ring
+# buffer on the stack. Keep in mind that X[2] is alias X[-6], X[3] -
+# X[-5], and X[4] - X[-4]...
+#
+# Another notable optimization is aggressive stack frame compression
+# aiming to minimize amount of 9-byte instructions...
+#
+# Yet another notable optimization is "jumping" $B variable. It means
+# that there is no register permanently allocated for $B value. This
+# allowed to eliminate one instruction from body_20_39...
+#
+my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0; # hash round
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+&function_begin("_sha1_block_data_order_ssse3");
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("ssse3_shortcut");
+
+ &movdqa (@X[3],&QWP(0,$tmp1)); # K_00_19
+ &movdqa (@X[4],&QWP(16,$tmp1)); # K_20_39
+ &movdqa (@X[5],&QWP(32,$tmp1)); # K_40_59
+ &movdqa (@X[6],&QWP(48,$tmp1)); # K_60_79
+ &movdqa (@X[2],&QWP(64,$tmp1)); # pbswap mask
+
+ &mov ($E,&wparam(0)); # load argument block
+ &mov ($inp=@T[1],&wparam(1));
+ &mov ($D,&wparam(2));
+ &mov (@T[0],"esp");
+
+ # stack frame layout
+ #
+ # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area
+ # X[4]+K X[5]+K X[6]+K X[7]+K
+ # X[8]+K X[9]+K X[10]+K X[11]+K
+ # X[12]+K X[13]+K X[14]+K X[15]+K
+ #
+ # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area
+ # X[4] X[5] X[6] X[7]
+ # X[8] X[9] X[10] X[11] # even borrowed for K_00_19
+ #
+ # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants
+ # K_40_59 K_40_59 K_40_59 K_40_59
+ # K_60_79 K_60_79 K_60_79 K_60_79
+ # K_00_19 K_00_19 K_00_19 K_00_19
+ # pbswap mask
+ #
+ # +192 ctx # argument block
+ # +196 inp
+ # +200 end
+ # +204 esp
+ &sub ("esp",208);
+ &and ("esp",-64);
+
+ &movdqa (&QWP(112+0,"esp"),@X[4]); # copy constants
+ &movdqa (&QWP(112+16,"esp"),@X[5]);
+ &movdqa (&QWP(112+32,"esp"),@X[6]);
+ &shl ($D,6); # len*64
+ &movdqa (&QWP(112+48,"esp"),@X[3]);
+ &add ($D,$inp); # end of input
+ &movdqa (&QWP(112+64,"esp"),@X[2]);
+ &add ($inp,64);
+ &mov (&DWP(192+0,"esp"),$E); # save argument block
+ &mov (&DWP(192+4,"esp"),$inp);
+ &mov (&DWP(192+8,"esp"),$D);
+ &mov (&DWP(192+12,"esp"),@T[0]); # save original %esp
+
+ &mov ($A,&DWP(0,$E)); # load context
+ &mov ($B,&DWP(4,$E));
+ &mov ($C,&DWP(8,$E));
+ &mov ($D,&DWP(12,$E));
+ &mov ($E,&DWP(16,$E));
+ &mov (@T[0],$B); # magic seed
+
+ &movdqu (@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3]
+ &movdqu (@X[-3&7],&QWP(-48,$inp));
+ &movdqu (@X[-2&7],&QWP(-32,$inp));
+ &movdqu (@X[-1&7],&QWP(-16,$inp));
+ &pshufb (@X[-4&7],@X[2]); # byte swap
+ &pshufb (@X[-3&7],@X[2]);
+ &pshufb (@X[-2&7],@X[2]);
+ &movdqa (&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot
+ &pshufb (@X[-1&7],@X[2]);
+ &paddd (@X[-4&7],@X[3]); # add K_00_19
+ &paddd (@X[-3&7],@X[3]);
+ &paddd (@X[-2&7],@X[3]);
+ &movdqa (&QWP(0,"esp"),@X[-4&7]); # X[]+K xfer to IALU
+ &psubd (@X[-4&7],@X[3]); # restore X[]
+ &movdqa (&QWP(0+16,"esp"),@X[-3&7]);
+ &psubd (@X[-3&7],@X[3]);
+ &movdqa (&QWP(0+32,"esp"),@X[-2&7]);
+ &psubd (@X[-2&7],@X[3]);
+ &movdqa (@X[0],@X[-3&7]);
+ &jmp (&label("loop"));
+
+######################################################################
+# SSE instruction sequence is first broken to groups of indepentent
+# instructions, independent in respect to their inputs and shifter
+# (not all architectures have more than one). Then IALU instructions
+# are "knitted in" between the SSE groups. Distance is maintained for
+# SSE latency of 2 in hope that it fits better upcoming AMD Bulldozer
+# [which allegedly also implements SSSE3]...
+#
+# Temporary registers usage. X[2] is volatile at the entry and at the
+# end is restored from backtrace ring buffer. X[3] is expected to
+# contain current K_XX_XX constant and is used to caclulate X[-1]+K
+# from previous round, it becomes volatile the moment the value is
+# saved to stack for transfer to IALU. X[4] becomes volatile whenever
+# X[-4] is accumulated and offloaded to backtrace ring buffer, at the
+# end it is loaded with next K_XX_XX [which becomes X[3] in next
+# round]...
+#
+sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &palignr(@X[0],@X[-4&7],8); # compose "X[-14]" in "X[0]"
+ &movdqa (@X[2],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &paddd (@X[3],@X[-1&7]);
+ &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psrldq (@X[2],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pxor (@X[0],@X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[2],@X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0],@X[2]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (@X[4],@X[0]);
+ &movdqa (@X[2],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslldq (@X[4],12); # "X[0]"<<96, extract one dword
+ &paddd (@X[0],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@X[2],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[3],@X[4]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@X[4],30);
+ &por (@X[0],@X[2]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslld (@X[3],2);
+ &pxor (@X[0],@X[4]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0],@X[3]); # "X[0]"^=("X[0]"<<96)<<<2
+ &movdqa (@X[1],@X[-2&7]) if ($Xi<7);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@X[2],@X[-1&7]) if ($Xi==8);
+ eval(shift(@insns)); # body_20_39
+ &pxor (@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ &palignr(@X[2],@X[-2&7],8); # compose "X[-6]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &pxor (@X[0],@X[-7&7]); # "X[0]"^="X[-28]"
+ &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]); # save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ if ($Xi%5) {
+ &movdqa (@X[4],@X[3]); # "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &movdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+ }
+ &paddd (@X[3],@X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pxor (@X[0],@X[2]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &movdqa (@X[2],@X[0]);
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pslld (@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &psrld (@X[2],30);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &por (@X[0],@X[2]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ &movdqa (@X[3],@X[0]) if ($Xi<19);
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &paddd (@X[3],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &mov ($inp=@T[1],&DWP(192+4,"esp"));
+ &cmp ($inp,&DWP(192+8,"esp"));
+ &je (&label("done"));
+
+ &movdqa (@X[3],&QWP(112+48,"esp")); # K_00_19
+ &movdqa (@X[2],&QWP(112+64,"esp")); # pbswap mask
+ &movdqu (@X[-4&7],&QWP(0,$inp)); # load input
+ &movdqu (@X[-3&7],&QWP(16,$inp));
+ &movdqu (@X[-2&7],&QWP(32,$inp));
+ &movdqu (@X[-1&7],&QWP(48,$inp));
+ &add ($inp,64);
+ &pshufb (@X[-4&7],@X[2]); # byte swap
+ &mov (&DWP(192+4,"esp"),$inp);
+ &movdqa (&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot
+
+ $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pshufb (@X[($Xi-3)&7],@X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &paddd (@X[($Xi-4)&7],@X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (&QWP(0+16*$Xi,"esp"),@X[($Xi-4)&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psubd (@X[($Xi-4)&7],@X[3]);
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,&DWP(4*($j&15),"esp"));', # X[]+K xfer
+ '&xor ($c,$d);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&xor ($c,$d);', # restore $c
+ '&xor (@T[0],$d);',
+ '&add ($e,$a);',
+ '&$_ror ($b,$j?7:2);', # $b>>>2
+ '&add ($e,@T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_20_39 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer
+ '&xor (@T[0],$d);', # ($b^$d)
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&xor (@T[0],$c);', # ($b^$d^$c)
+ '&add ($e,$a);',
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e,@T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_40_59 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&mov (@T[1],$c);',
+ '&xor ($c,$d);',
+ '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer
+ '&and (@T[1],$d);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e,@T[1]);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&add ($e,@T[0]);',
+ '&xor ($c,$d);', # restore $c
+ '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+&set_label("loop",16);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xuplast_ssse3_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0,@T[1]));
+ &add (@T[0],&DWP(4,@T[1])); # $b
+ &add ($C,&DWP(8,@T[1]));
+ &mov (&DWP(0,@T[1]),$A);
+ &add ($D,&DWP(12,@T[1]));
+ &mov (&DWP(4,@T[1]),@T[0]);
+ &add ($E,&DWP(16,@T[1]));
+ &mov (&DWP(8,@T[1]),$C);
+ &mov ($B,@T[0]);
+ &mov (&DWP(12,@T[1]),$D);
+ &mov (&DWP(16,@T[1]),$E);
+ &movdqa (@X[0],@X[-3&7]);
+
+ &jmp (&label("loop"));
+
+&set_label("done",16); $j=$saved_j; @V=@saved_V;
+
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0,@T[1]));
+ &mov ("esp",&DWP(192+12,"esp")); # restore %esp
+ &add (@T[0],&DWP(4,@T[1])); # $b
+ &add ($C,&DWP(8,@T[1]));
+ &mov (&DWP(0,@T[1]),$A);
+ &add ($D,&DWP(12,@T[1]));
+ &mov (&DWP(4,@T[1]),@T[0]);
+ &add ($E,&DWP(16,@T[1]));
+ &mov (&DWP(8,@T[1]),$C);
+ &mov (&DWP(12,@T[1]),$D);
+ &mov (&DWP(16,@T[1]),$E);
+
+&function_end("_sha1_block_data_order_ssse3");
+
+if ($ymm) {
+my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0; # hash round
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &shld(@_[0],@_) };
+my $_ror=sub { &shrd(@_[0],@_) };
+
+&function_begin("_sha1_block_data_order_avx");
+ &call (&label("pic_point")); # make it PIC!
+ &set_label("pic_point");
+ &blindpop($tmp1);
+ &lea ($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("avx_shortcut");
+ &vzeroall();
+
+ &vmovdqa(@X[3],&QWP(0,$tmp1)); # K_00_19
+ &vmovdqa(@X[4],&QWP(16,$tmp1)); # K_20_39
+ &vmovdqa(@X[5],&QWP(32,$tmp1)); # K_40_59
+ &vmovdqa(@X[6],&QWP(48,$tmp1)); # K_60_79
+ &vmovdqa(@X[2],&QWP(64,$tmp1)); # pbswap mask
+
+ &mov ($E,&wparam(0)); # load argument block
+ &mov ($inp=@T[1],&wparam(1));
+ &mov ($D,&wparam(2));
+ &mov (@T[0],"esp");
+
+ # stack frame layout
+ #
+ # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area
+ # X[4]+K X[5]+K X[6]+K X[7]+K
+ # X[8]+K X[9]+K X[10]+K X[11]+K
+ # X[12]+K X[13]+K X[14]+K X[15]+K
+ #
+ # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area
+ # X[4] X[5] X[6] X[7]
+ # X[8] X[9] X[10] X[11] # even borrowed for K_00_19
+ #
+ # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants
+ # K_40_59 K_40_59 K_40_59 K_40_59
+ # K_60_79 K_60_79 K_60_79 K_60_79
+ # K_00_19 K_00_19 K_00_19 K_00_19
+ # pbswap mask
+ #
+ # +192 ctx # argument block
+ # +196 inp
+ # +200 end
+ # +204 esp
+ &sub ("esp",208);
+ &and ("esp",-64);
+
+ &vmovdqa(&QWP(112+0,"esp"),@X[4]); # copy constants
+ &vmovdqa(&QWP(112+16,"esp"),@X[5]);
+ &vmovdqa(&QWP(112+32,"esp"),@X[6]);
+ &shl ($D,6); # len*64
+ &vmovdqa(&QWP(112+48,"esp"),@X[3]);
+ &add ($D,$inp); # end of input
+ &vmovdqa(&QWP(112+64,"esp"),@X[2]);
+ &add ($inp,64);
+ &mov (&DWP(192+0,"esp"),$E); # save argument block
+ &mov (&DWP(192+4,"esp"),$inp);
+ &mov (&DWP(192+8,"esp"),$D);
+ &mov (&DWP(192+12,"esp"),@T[0]); # save original %esp
+
+ &mov ($A,&DWP(0,$E)); # load context
+ &mov ($B,&DWP(4,$E));
+ &mov ($C,&DWP(8,$E));
+ &mov ($D,&DWP(12,$E));
+ &mov ($E,&DWP(16,$E));
+ &mov (@T[0],$B); # magic seed
+
+ &vmovdqu(@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3]
+ &vmovdqu(@X[-3&7],&QWP(-48,$inp));
+ &vmovdqu(@X[-2&7],&QWP(-32,$inp));
+ &vmovdqu(@X[-1&7],&QWP(-16,$inp));
+ &vpshufb(@X[-4&7],@X[-4&7],@X[2]); # byte swap
+ &vpshufb(@X[-3&7],@X[-3&7],@X[2]);
+ &vpshufb(@X[-2&7],@X[-2&7],@X[2]);
+ &vmovdqa(&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot
+ &vpshufb(@X[-1&7],@X[-1&7],@X[2]);
+ &vpaddd (@X[0],@X[-4&7],@X[3]); # add K_00_19
+ &vpaddd (@X[1],@X[-3&7],@X[3]);
+ &vpaddd (@X[2],@X[-2&7],@X[3]);
+ &vmovdqa(&QWP(0,"esp"),@X[0]); # X[]+K xfer to IALU
+ &vmovdqa(&QWP(0+16,"esp"),@X[1]);
+ &vmovdqa(&QWP(0+32,"esp"),@X[2]);
+ &jmp (&label("loop"));
+
+sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpalignr(@X[0],@X[-3&7],@X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpaddd (@X[3],@X[3],@X[-1&7]);
+ &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpsrldq(@X[2],@X[-1&7],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[2],@X[2],@X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@X[2]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@X[2],@X[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslldq(@X[4],@X[0],12); # "X[0]"<<96, extract one dword
+ &vpaddd (@X[0],@X[0],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@X[3],@X[4],30);
+ &vpor (@X[0],@X[0],@X[2]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslld (@X[4],@X[4],2);
+ &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0],@X[0],@X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@X[4]); # "X[0]"^=("X[0]"<<96)<<<2
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &vpalignr(@X[2],@X[-1&7],@X[-2&7],8); # compose "X[-6]"
+ &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpxor (@X[0],@X[0],@X[-7&7]); # "X[0]"^="X[-28]"
+ &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]); # save X[] to backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns));
+ if ($Xi%5) {
+ &vmovdqa (@X[4],@X[3]); # "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &vmovdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+ }
+ &vpaddd (@X[3],@X[3],@X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@X[2]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpsrld (@X[2],@X[0],30);
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpslld (@X[0],@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpor (@X[0],@X[0],@X[2]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &vpaddd (@X[3],@X[3],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &mov ($inp=@T[1],&DWP(192+4,"esp"));
+ &cmp ($inp,&DWP(192+8,"esp"));
+ &je (&label("done"));
+
+ &vmovdqa(@X[3],&QWP(112+48,"esp")); # K_00_19
+ &vmovdqa(@X[2],&QWP(112+64,"esp")); # pbswap mask
+ &vmovdqu(@X[-4&7],&QWP(0,$inp)); # load input
+ &vmovdqu(@X[-3&7],&QWP(16,$inp));
+ &vmovdqu(@X[-2&7],&QWP(32,$inp));
+ &vmovdqu(@X[-1&7],&QWP(48,$inp));
+ &add ($inp,64);
+ &vpshufb(@X[-4&7],@X[-4&7],@X[2]); # byte swap
+ &mov (&DWP(192+4,"esp"),$inp);
+ &vmovdqa(&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot
+
+ $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpshufb (@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpaddd (@X[$Xi&7],@X[($Xi-4)&7],@X[3]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (&QWP(0+16*$Xi,"esp"),@X[$Xi&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+&set_label("loop",16);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xuplast_avx_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0,@T[1]));
+ &add (@T[0],&DWP(4,@T[1])); # $b
+ &add ($C,&DWP(8,@T[1]));
+ &mov (&DWP(0,@T[1]),$A);
+ &add ($D,&DWP(12,@T[1]));
+ &mov (&DWP(4,@T[1]),@T[0]);
+ &add ($E,&DWP(16,@T[1]));
+ &mov (&DWP(8,@T[1]),$C);
+ &mov ($B,@T[0]);
+ &mov (&DWP(12,@T[1]),$D);
+ &mov (&DWP(16,@T[1]),$E);
+
+ &jmp (&label("loop"));
+
+&set_label("done",16); $j=$saved_j; @V=@saved_V;
+
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+
+ &vzeroall();
+
+ &mov (@T[1],&DWP(192,"esp")); # update context
+ &add ($A,&DWP(0,@T[1]));
+ &mov ("esp",&DWP(192+12,"esp")); # restore %esp
+ &add (@T[0],&DWP(4,@T[1])); # $b
+ &add ($C,&DWP(8,@T[1]));
+ &mov (&DWP(0,@T[1]),$A);
+ &add ($D,&DWP(12,@T[1]));
+ &mov (&DWP(4,@T[1]),@T[0]);
+ &add ($E,&DWP(16,@T[1]));
+ &mov (&DWP(8,@T[1]),$C);
+ &mov (&DWP(12,@T[1]),$D);
+ &mov (&DWP(16,@T[1]),$E);
+&function_end("_sha1_block_data_order_avx");
+}
+&set_label("K_XX_XX",64);
+&data_word(0x5a827999,0x5a827999,0x5a827999,0x5a827999); # K_00_19
+&data_word(0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1); # K_20_39
+&data_word(0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc); # K_40_59
+&data_word(0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6); # K_60_79
+&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f); # pbswap mask
+}
&asciz("SHA1 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
&asm_finish();
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-armv4-large.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-armv4-large.pl
index 79e3f6137..33da3e0e3 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-armv4-large.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-armv4-large.pl
@@ -47,6 +47,10 @@
# Cortex A8 core and in absolute terms ~870 cycles per input block
# [or 13.6 cycles per byte].
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 10%
+# improvement on Cortex A8 core and 12.2 cycles per byte.
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
@@ -76,31 +80,41 @@ $code.=<<___;
add $e,$K,$e,ror#2 @ E+=K_xx_xx
ldr $t3,[$Xi,#2*4]
eor $t0,$t0,$t1
- eor $t2,$t2,$t3
+ eor $t2,$t2,$t3 @ 1 cycle stall
eor $t1,$c,$d @ F_xx_xx
mov $t0,$t0,ror#31
add $e,$e,$a,ror#27 @ E+=ROR(A,27)
eor $t0,$t0,$t2,ror#31
+ str $t0,[$Xi,#-4]!
$opt1 @ F_xx_xx
$opt2 @ F_xx_xx
add $e,$e,$t0 @ E+=X[i]
- str $t0,[$Xi,#-4]!
___
}
sub BODY_00_15 {
my ($a,$b,$c,$d,$e)=@_;
$code.=<<___;
- ldrb $t0,[$inp],#4
- ldrb $t1,[$inp,#-1]
- ldrb $t2,[$inp,#-2]
+#if __ARM_ARCH__<7
+ ldrb $t1,[$inp,#2]
+ ldrb $t0,[$inp,#3]
+ ldrb $t2,[$inp,#1]
add $e,$K,$e,ror#2 @ E+=K_00_19
- ldrb $t3,[$inp,#-3]
+ ldrb $t3,[$inp],#4
+ orr $t0,$t0,$t1,lsl#8
+ eor $t1,$c,$d @ F_xx_xx
+ orr $t0,$t0,$t2,lsl#16
add $e,$e,$a,ror#27 @ E+=ROR(A,27)
- orr $t0,$t1,$t0,lsl#24
+ orr $t0,$t0,$t3,lsl#24
+#else
+ ldr $t0,[$inp],#4 @ handles unaligned
+ add $e,$K,$e,ror#2 @ E+=K_00_19
eor $t1,$c,$d @ F_xx_xx
- orr $t0,$t0,$t2,lsl#8
- orr $t0,$t0,$t3,lsl#16
+ add $e,$e,$a,ror#27 @ E+=ROR(A,27)
+#ifdef __ARMEL__
+ rev $t0,$t0 @ byte swap
+#endif
+#endif
and $t1,$b,$t1,ror#2
add $e,$e,$t0 @ E+=X[i]
eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D)
@@ -136,6 +150,8 @@ ___
}
$code=<<___;
+#include "arm_arch.h"
+
.text
.global sha1_block_data_order
@@ -161,7 +177,7 @@ for($i=0;$i<5;$i++) {
$code.=<<___;
teq $Xi,sp
bne .L_00_15 @ [((11+4)*5+2)*3]
- sub sp,sp,#5*4
+ sub sp,sp,#25*4
___
&BODY_00_15(@V); unshift(@V,pop(@V));
&BODY_16_19(@V); unshift(@V,pop(@V));
@@ -171,7 +187,6 @@ ___
$code.=<<___;
ldr $K,.LK_20_39 @ [+15+16*4]
- sub sp,sp,#20*4
cmn sp,#0 @ [+3], clear carry to denote 20_39
.L_20_39_or_60_79:
___
@@ -210,10 +225,14 @@ $code.=<<___;
teq $inp,$len
bne .Lloop @ [+18], total 1307
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
ldmia sp!,{r4-r12,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
+#endif
.align 2
.LK_00_19: .word 0x5a827999
.LK_20_39: .word 0x6ed9eba1
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-ia64.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-ia64.pl
index 51c4f47ec..02d35d161 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-ia64.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-ia64.pl
@@ -15,7 +15,7 @@
# is >50% better than HP C and >2x better than gcc.
$code=<<___;
-.ident \"sha1-ia64.s, version 1.2\"
+.ident \"sha1-ia64.s, version 1.3\"
.ident \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
.explicit
@@ -26,14 +26,10 @@ if ($^O eq "hpux") {
$ADDP="addp4";
for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
} else { $ADDP="add"; }
-for (@ARGV) { $big_endian=1 if (/\-DB_ENDIAN/);
- $big_endian=0 if (/\-DL_ENDIAN/); }
-if (!defined($big_endian))
- { $big_endian=(unpack('L',pack('N',1))==1); }
#$human=1;
if ($human) { # useful for visual code auditing...
- ($A,$B,$C,$D,$E,$T) = ("A","B","C","D","E","T");
+ ($A,$B,$C,$D,$E) = ("A","B","C","D","E");
($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4");
($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
( "K_00_19","K_20_39","K_40_59","K_60_79" );
@@ -41,47 +37,50 @@ if ($human) { # useful for visual code auditing...
"X8", "X9","X10","X11","X12","X13","X14","X15" );
}
else {
- ($A,$B,$C,$D,$E,$T) = ("loc0","loc1","loc2","loc3","loc4","loc5");
- ($h0,$h1,$h2,$h3,$h4) = ("loc6","loc7","loc8","loc9","loc10");
+ ($A,$B,$C,$D,$E) = ("loc0","loc1","loc2","loc3","loc4");
+ ($h0,$h1,$h2,$h3,$h4) = ("loc5","loc6","loc7","loc8","loc9");
($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
- ( "r14", "r15", "loc11", "loc12" );
+ ( "r14", "r15", "loc10", "loc11" );
@X= ( "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31" );
}
sub BODY_00_15 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___ if ($i==0);
-{ .mmi; ld1 $X[$i&0xf]=[inp],2 // MSB
+{ .mmi; ld1 $X[$i]=[inp],2 // MSB
ld1 tmp2=[tmp3],2 };;
{ .mmi; ld1 tmp0=[inp],2
ld1 tmp4=[tmp3],2 // LSB
- dep $X[$i&0xf]=$X[$i&0xf],tmp2,8,8 };;
+ dep $X[$i]=$X[$i],tmp2,8,8 };;
___
if ($i<15) {
$code.=<<___;
-{ .mmi; ld1 $X[($i+1)&0xf]=[inp],2 // +1
+{ .mmi; ld1 $Xn=[inp],2 // forward Xload
+ nop.m 0x0
dep tmp1=tmp0,tmp4,8,8 };;
-{ .mmi; ld1 tmp2=[tmp3],2 // +1
+{ .mmi; ld1 tmp2=[tmp3],2 // forward Xload
and tmp4=$c,$b
- dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;;
-{ .mmi; andcm tmp1=$d,$b
- add tmp0=$e,$K_00_19
+ dep $X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi; add $e=$e,$K_00_19 // e+=K_00_19
+ andcm tmp1=$d,$b
dep.z tmp5=$a,5,27 };; // a<<5
-{ .mmi; or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19
+{ .mmi; add $e=$e,$X[$i] // e+=Xload
+ or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 };; // a>>27
-{ .mmi; ld1 tmp0=[inp],2 // +1
- add $f=$f,tmp4 // f+=F_00_19(b,c,d)
+{ .mmi; ld1 tmp0=[inp],2 // forward Xload
+ add $e=$e,tmp4 // e+=F_00_19(b,c,d)
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
-{ .mmi; ld1 tmp4=[tmp3],2 // +1
+{ .mmi; ld1 tmp4=[tmp3],2 // forward Xload
or tmp5=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp5 // f+=ROTATE(a,5)
- dep $X[($i+1)&0xf]=$X[($i+1)&0xf],tmp2,8,8 // +1
- mux2 $X[$i&0xf]=$X[$i&0xf],0x44 } //;;
+{ .mii; add $e=$e,tmp5 // e+=ROTATE(a,5)
+ dep $Xn=$Xn,tmp2,8,8 // forward Xload
+ mux2 $X[$i]=$X[$i],0x44 } //;;
___
}
@@ -89,24 +88,24 @@ else {
$code.=<<___;
{ .mii; and tmp3=$c,$b
dep tmp1=tmp0,tmp4,8,8;;
- dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;;
-{ .mmi; andcm tmp1=$d,$b
- add tmp0=$e,$K_00_19
+ dep $X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi; add $e=$e,$K_00_19 // e+=K_00_19
+ andcm tmp1=$d,$b
dep.z tmp5=$a,5,27 };; // a<<5
-{ .mmi; or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19
+{ .mmi; add $e=$e,$X[$i] // e+=Xupdate
+ or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
+{ .mmi; xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
nop.i 0 };;
-{ .mmi; add $f=$f,tmp4 // f+=F_00_19(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; add $e=$e,tmp4 // e+=F_00_19(b,c,d)
+ xor $Xn=$Xn,tmp3 // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
- mux2 $X[$i&0xf]=$X[$i&0xf],0x44 };;
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+ mux2 $X[$i]=$X[$i],0x44 };;
___
}
@@ -114,27 +113,28 @@ ___
sub BODY_16_19 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___;
-{ .mmi; mov $X[$i&0xf]=$f // Xupdate
- and tmp0=$c,$b
+{ .mib; add $e=$e,$K_00_19 // e+=K_00_19
dep.z tmp5=$a,5,27 } // a<<5
-{ .mmi; andcm tmp1=$d,$b
- add tmp4=$e,$K_00_19 };;
-{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
- add $f=$f,tmp4 // f+=e+K_00_19
+{ .mib; andcm tmp1=$d,$b
+ and tmp0=$c,$b };;
+{ .mmi; add $e=$e,$X[$i%16] // e+=Xupdate
+ or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
+{ .mmi; xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
nop.i 0 };;
-{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; add $e=$e,tmp0 // f+=F_00_19(b,c,d)
+ xor $Xn=$Xn,tmp3 // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
nop.i 0 };;
___
@@ -142,49 +142,47 @@ ___
sub BODY_20_39 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f,$Konst)=@_;
+my ($i,$a,$b,$c,$d,$e,$Konst)=@_;
$Konst = $K_20_39 if (!defined($Konst));
+my $j=$i+1;
+my $Xn=@X[$j%16];
if ($i<79) {
$code.=<<___;
-{ .mib; mov $X[$i&0xf]=$f // Xupdate
+{ .mib; add $e=$e,$Konst // e+=K_XX_XX
dep.z tmp5=$a,5,27 } // a<<5
{ .mib; xor tmp0=$c,$b
- add tmp4=$e,$Konst };;
-{ .mmi; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
- add $f=$f,tmp4 // f+=e+K_20_39
+ xor $Xn=$Xn,$X[($j+2)%16] };; // forward Xupdate
+{ .mib; add $e=$e,$X[$i%16] // e+=Xupdate
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
- nop.i 0 };;
-{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d)
- xor tmp2=tmp2,tmp3 // +1
+{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
+ xor $Xn=$Xn,$X[($j+8)%16] };; // forward Xupdate
+{ .mmi; add $e=$e,tmp0 // e+=F_20_39(b,c,d)
+ xor $Xn=$Xn,$X[($j+13)%16] // forward Xupdate
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5)
- shrp $e=tmp2,tmp2,31 // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
nop.i 0 };;
___
}
else {
$code.=<<___;
-{ .mib; mov $X[$i&0xf]=$f // Xupdate
+{ .mib; add $e=$e,$Konst // e+=K_60_79
dep.z tmp5=$a,5,27 } // a<<5
{ .mib; xor tmp0=$c,$b
- add tmp4=$e,$Konst };;
-{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
- extr.u tmp1=$a,27,5 } // a>>27
-{ .mib; add $f=$f,tmp4 // f+=e+K_20_39
add $h1=$h1,$a };; // wrap up
-{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d)
- shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) ;;?
-{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
+{ .mib; add $e=$e,$X[$i%16] // e+=Xupdate
+ extr.u tmp1=$a,27,5 } // a>>27
+{ .mib; xor tmp0=tmp0,$d // F_20_39(b,c,d)=b^c^d
add $h3=$h3,$c };; // wrap up
-{ .mib; add tmp3=1,inp // used in unaligned codepath
- add $f=$f,tmp1 } // f+=ROTATE(a,5)
-{ .mib; add $h2=$h2,$b // wrap up
+{ .mmi; add $e=$e,tmp0 // e+=F_20_39(b,c,d)
+ or tmp1=tmp1,tmp5 // ROTATE(a,5)
+ shrp $b=tmp6,tmp6,2 };; // b=ROTATE(b,30) ;;?
+{ .mmi; add $e=$e,tmp1 // e+=ROTATE(a,5)
+ add tmp3=1,inp // used in unaligned codepath
add $h4=$h4,$d };; // wrap up
___
@@ -193,29 +191,29 @@ ___
sub BODY_40_59 {
local *code=shift;
-local ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $Xn=@X[$j%16];
$code.=<<___;
-{ .mmi; mov $X[$i&0xf]=$f // Xupdate
- and tmp0=$c,$b
+{ .mib; add $e=$e,$K_40_59 // e+=K_40_59
dep.z tmp5=$a,5,27 } // a<<5
-{ .mmi; and tmp1=$d,$b
- add tmp4=$e,$K_40_59 };;
-{ .mmi; or tmp0=tmp0,tmp1 // (b&c)|(b&d)
- add $f=$f,tmp4 // f+=e+K_40_59
+{ .mib; and tmp1=$c,$d
+ xor tmp0=$c,$d };;
+{ .mmi; add $e=$e,$X[$i%16] // e+=Xupdate
+ add tmp5=tmp5,tmp1 // a<<5+(c&d)
extr.u tmp1=$a,27,5 } // a>>27
-{ .mmi; and tmp4=$c,$d
- xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1
- xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
- };;
-{ .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5)
- xor tmp2=tmp2,tmp3 // +1
+{ .mmi; and tmp0=tmp0,$b
+ xor $Xn=$Xn,$X[($j+2)%16] // forward Xupdate
+ xor tmp3=$X[($j+8)%16],$X[($j+13)%16] };; // forward Xupdate
+{ .mmi; add $e=$e,tmp0 // e+=b&(c^d)
+ add tmp5=tmp5,tmp1 // ROTATE(a,5)+(c&d)
shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30)
-{ .mmi; or tmp0=tmp0,tmp4 // F_40_59(b,c,d)=(b&c)|(b&d)|(c&d)
+{ .mmi; xor $Xn=$Xn,tmp3
mux2 tmp6=$a,0x44 };; // see b in next iteration
-{ .mii; add $f=$f,tmp0 // f+=F_40_59(b,c,d)
- shrp $e=tmp2,tmp2,31;; // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
- add $f=$f,tmp1 };; // f+=ROTATE(a,5)
+{ .mii; add $e=$e,tmp5 // e+=ROTATE(a,5)+(c&d)
+ shrp $Xn=$Xn,$Xn,31 // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+ nop.i 0x0 };;
___
}
@@ -237,7 +235,7 @@ inp=r33; // in1
.align 32
sha1_block_data_order:
.prologue
-{ .mmi; alloc tmp1=ar.pfs,3,15,0,0
+{ .mmi; alloc tmp1=ar.pfs,3,14,0,0
$ADDP tmp0=4,ctx
.save ar.lc,r3
mov r3=ar.lc }
@@ -245,8 +243,8 @@ sha1_block_data_order:
$ADDP inp=0,inp
mov r2=pr };;
tmp4=in2;
-tmp5=loc13;
-tmp6=loc14;
+tmp5=loc12;
+tmp6=loc13;
.body
{ .mlx; ld4 $h0=[ctx],8
movl $K_00_19=0x5a827999 }
@@ -273,7 +271,8 @@ tmp6=loc14;
___
-{ my $i,@V=($A,$B,$C,$D,$E,$T);
+{ my $i;
+ my @V=($A,$B,$C,$D,$E);
for($i=0;$i<16;$i++) { &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); }
for(;$i<20;$i++) { &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); }
@@ -281,12 +280,12 @@ ___
for(;$i<60;$i++) { &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); }
for(;$i<80;$i++) { &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); }
- (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check
+ (($V[0] eq $A) and ($V[4] eq $E)) or die; # double-check
}
$code.=<<___;
-{ .mmb; add $h0=$h0,$E
- nop.m 0
+{ .mmb; add $h0=$h0,$A
+ add $h2=$h2,$C
br.ctop.dptk.many .Ldtop };;
.Ldend:
{ .mmi; add tmp0=4,ctx
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl
index dcd0fcdfc..2140dd2f8 100644..100755
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl
@@ -24,12 +24,14 @@ $flavour = shift;
if ($flavour =~ /64/) {
$SIZE_T =8;
+ $LRSAVE =2*$SIZE_T;
$UCMP ="cmpld";
$STU ="stdu";
$POP ="ld";
$PUSH ="std";
} elsif ($flavour =~ /32/) {
$SIZE_T =4;
+ $LRSAVE =$SIZE_T;
$UCMP ="cmplw";
$STU ="stwu";
$POP ="lwz";
@@ -43,7 +45,8 @@ die "can't locate ppc-xlate.pl";
open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-$FRAME=24*$SIZE_T;
+$FRAME=24*$SIZE_T+64;
+$LOCALS=6*$SIZE_T;
$K ="r0";
$sp ="r1";
@@ -162,9 +165,8 @@ $code=<<___;
.globl .sha1_block_data_order
.align 4
.sha1_block_data_order:
+ $STU $sp,-$FRAME($sp)
mflr r0
- $STU $sp,`-($FRAME+64)`($sp)
- $PUSH r0,`$FRAME-$SIZE_T*18`($sp)
$PUSH r15,`$FRAME-$SIZE_T*17`($sp)
$PUSH r16,`$FRAME-$SIZE_T*16`($sp)
$PUSH r17,`$FRAME-$SIZE_T*15`($sp)
@@ -182,6 +184,7 @@ $code=<<___;
$PUSH r29,`$FRAME-$SIZE_T*3`($sp)
$PUSH r30,`$FRAME-$SIZE_T*2`($sp)
$PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
lwz $A,0($ctx)
lwz $B,4($ctx)
lwz $C,8($ctx)
@@ -192,37 +195,14 @@ $code=<<___;
Laligned:
mtctr $num
bl Lsha1_block_private
-Ldone:
- $POP r0,`$FRAME-$SIZE_T*18`($sp)
- $POP r15,`$FRAME-$SIZE_T*17`($sp)
- $POP r16,`$FRAME-$SIZE_T*16`($sp)
- $POP r17,`$FRAME-$SIZE_T*15`($sp)
- $POP r18,`$FRAME-$SIZE_T*14`($sp)
- $POP r19,`$FRAME-$SIZE_T*13`($sp)
- $POP r20,`$FRAME-$SIZE_T*12`($sp)
- $POP r21,`$FRAME-$SIZE_T*11`($sp)
- $POP r22,`$FRAME-$SIZE_T*10`($sp)
- $POP r23,`$FRAME-$SIZE_T*9`($sp)
- $POP r24,`$FRAME-$SIZE_T*8`($sp)
- $POP r25,`$FRAME-$SIZE_T*7`($sp)
- $POP r26,`$FRAME-$SIZE_T*6`($sp)
- $POP r27,`$FRAME-$SIZE_T*5`($sp)
- $POP r28,`$FRAME-$SIZE_T*4`($sp)
- $POP r29,`$FRAME-$SIZE_T*3`($sp)
- $POP r30,`$FRAME-$SIZE_T*2`($sp)
- $POP r31,`$FRAME-$SIZE_T*1`($sp)
- mtlr r0
- addi $sp,$sp,`$FRAME+64`
- blr
-___
+ b Ldone
-# PowerPC specification allows an implementation to be ill-behaved
-# upon unaligned access which crosses page boundary. "Better safe
-# than sorry" principle makes me treat it specially. But I don't
-# look for particular offending word, but rather for 64-byte input
-# block which crosses the boundary. Once found that block is aligned
-# and hashed separately...
-$code.=<<___;
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for 64-byte input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
.align 4
Lunaligned:
subfic $t1,$inp,4096
@@ -237,7 +217,7 @@ Lunaligned:
Lcross_page:
li $t1,16
mtctr $t1
- addi r20,$sp,$FRAME ; spot below the frame
+ addi r20,$sp,$LOCALS ; spot within the frame
Lmemcpy:
lbz r16,0($inp)
lbz r17,1($inp)
@@ -251,15 +231,40 @@ Lmemcpy:
addi r20,r20,4
bdnz Lmemcpy
- $PUSH $inp,`$FRAME-$SIZE_T*19`($sp)
+ $PUSH $inp,`$FRAME-$SIZE_T*18`($sp)
li $t1,1
- addi $inp,$sp,$FRAME
+ addi $inp,$sp,$LOCALS
mtctr $t1
bl Lsha1_block_private
- $POP $inp,`$FRAME-$SIZE_T*19`($sp)
+ $POP $inp,`$FRAME-$SIZE_T*18`($sp)
addic. $num,$num,-1
bne- Lunaligned
- b Ldone
+
+Ldone:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
___
# This is private block function, which uses tailored calling
@@ -309,6 +314,8 @@ $code.=<<___;
addi $inp,$inp,`16*4`
bdnz- Lsha1_block_private
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
___
$code.=<<___;
.asciz "SHA1 block transform for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl
index 4b1784828..9193dda45 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl
@@ -21,9 +21,28 @@
# instructions to favour dual-issue z10 pipeline. On z10 hardware is
# "only" ~2.3x faster than software.
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific.
+
$kimdfunc=1; # magic function code for kimd instruction
-$output=shift;
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$K_00_39="%r0"; $K=$K_00_39;
@@ -42,13 +61,14 @@ $t1="%r11";
@X=("%r12","%r13","%r14");
$sp="%r15";
-$frame=160+16*4;
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*4;
sub Xupdate {
my $i=shift;
$code.=<<___ if ($i==15);
- lg $prefetch,160($sp) ### Xupdate(16) warm-up
+ lg $prefetch,$stdframe($sp) ### Xupdate(16) warm-up
lr $X[0],$X[2]
___
return if ($i&1); # Xupdate is vectorized and executed every 2nd cycle
@@ -58,8 +78,8 @@ $code.=<<___ if ($i<16);
___
$code.=<<___ if ($i>=16);
xgr $X[0],$prefetch ### Xupdate($i)
- lg $prefetch,`160+4*(($i+2)%16)`($sp)
- xg $X[0],`160+4*(($i+8)%16)`($sp)
+ lg $prefetch,`$stdframe+4*(($i+2)%16)`($sp)
+ xg $X[0],`$stdframe+4*(($i+8)%16)`($sp)
xgr $X[0],$prefetch
rll $X[0],$X[0],1
rllg $X[1],$X[0],32
@@ -68,7 +88,7 @@ $code.=<<___ if ($i>=16);
lr $X[2],$X[1] # feedback
___
$code.=<<___ if ($i<=70);
- stg $X[0],`160+4*($i%16)`($sp)
+ stg $X[0],`$stdframe+4*($i%16)`($sp)
___
unshift(@X,pop(@X));
}
@@ -148,9 +168,9 @@ $code.=<<___ if ($kimdfunc);
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
lghi %r0,0
- la %r1,16($sp)
+ la %r1,`2*$SIZE_T`($sp)
.long 0xb93e0002 # kimd %r0,%r2
- lg %r0,16($sp)
+ lg %r0,`2*$SIZE_T`($sp)
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
@@ -165,11 +185,11 @@ $code.=<<___ if ($kimdfunc);
___
$code.=<<___;
lghi %r1,-$frame
- stg $ctx,16($sp)
- stmg %r6,%r15,48($sp)
+ st${g} $ctx,`2*$SIZE_T`($sp)
+ stm${g} %r6,%r15,`6*$SIZE_T`($sp)
lgr %r0,$sp
la $sp,0(%r1,$sp)
- stg %r0,0($sp)
+ st${g} %r0,0($sp)
larl $t0,Ktable
llgf $A,0($ctx)
@@ -199,7 +219,7 @@ ___
for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
$code.=<<___;
- lg $ctx,`$frame+16`($sp)
+ l${g} $ctx,`$frame+2*$SIZE_T`($sp)
la $inp,64($inp)
al $A,0($ctx)
al $B,4($ctx)
@@ -211,13 +231,13 @@ $code.=<<___;
st $C,8($ctx)
st $D,12($ctx)
st $E,16($ctx)
- brct $len,.Lloop
+ brct${g} $len,.Lloop
- lmg %r6,%r15,`$frame+48`($sp)
+ lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp)
br %r14
.size sha1_block_data_order,.-sha1_block_data_order
.string "SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm OPENSSL_s390xcap_P,8,8
+.comm OPENSSL_s390xcap_P,16,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-sparcv9a.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-sparcv9a.pl
index 85e8d6808..e65291bbd 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-sparcv9a.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-sparcv9a.pl
@@ -549,7 +549,7 @@ ___
# programmer detect if current CPU is VIS capable at run-time.
sub unvis {
my ($mnemonic,$rs1,$rs2,$rd)=@_;
-my $ref,$opf;
+my ($ref,$opf);
my %visopf = ( "fmul8ulx16" => 0x037,
"faligndata" => 0x048,
"fpadd32" => 0x052,
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl b/deps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl
index 4edc5ea9a..cfdc45cce 100755
--- a/deps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha1-x86_64.pl
@@ -16,7 +16,7 @@
# There was suggestion to mechanically translate 32-bit code, but I
# dismissed it, reasoning that x86_64 offers enough register bank
# capacity to fully utilize SHA-1 parallelism. Therefore this fresh
-# implementation:-) However! While 64-bit code does performs better
+# implementation:-) However! While 64-bit code does perform better
# on Opteron, I failed to beat 32-bit assembler on EM64T core. Well,
# x86_64 does offer larger *addressable* bank, but out-of-order core
# reaches for even more registers through dynamic aliasing, and EM64T
@@ -29,6 +29,38 @@
# Xeon P4 +65% +0% 9.9
# Core2 +60% +10% 7.0
+# August 2009.
+#
+# The code was revised to minimize code size and to maximize
+# "distance" between instructions producing input to 'lea'
+# instruction and the 'lea' instruction itself, which is essential
+# for Intel Atom core.
+
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. See sha1-586.pl module
+# for background and implementation details. The only difference from
+# 32-bit code is that 64-bit code doesn't have to spill @X[] elements
+# to free temporary registers.
+
+# April 2011.
+#
+# Add AVX code path. See sha1-586.pl for further information.
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+# x86_64 SSSE3 AVX
+# P4 9.8 -
+# Opteron 6.6 -
+# Core2 6.7 6.1/+10% -
+# Atom 11.0 9.7/+13% -
+# Westmere 7.1 5.6/+27% -
+# Sandy Bridge 7.9 6.3/+25% 5.2/+51%
+
$flavour = shift;
$output = shift;
if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
@@ -40,7 +72,18 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+ =~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+ $1>=2.19);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+ `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+ $1>=2.09);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+ `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
+ $1>=10);
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
$ctx="%rdi"; # 1st arg
$inp="%rsi"; # 2nd arg
@@ -51,196 +94,994 @@ $ctx="%r8";
$inp="%r9";
$num="%r10";
-$xi="%eax";
-$t0="%ebx";
-$t1="%ecx";
-$A="%edx";
-$B="%esi";
-$C="%edi";
-$D="%ebp";
-$E="%r11d";
-$T="%r12d";
-
-@V=($A,$B,$C,$D,$E,$T);
+$t0="%eax";
+$t1="%ebx";
+$t2="%ecx";
+@xi=("%edx","%ebp");
+$A="%esi";
+$B="%edi";
+$C="%r11d";
+$D="%r12d";
+$E="%r13d";
-sub PROLOGUE {
-my $func=shift;
-$code.=<<___;
-.globl $func
-.type $func,\@function,3
-.align 16
-$func:
- push %rbx
- push %rbp
- push %r12
- mov %rsp,%r11
- mov %rdi,$ctx # reassigned argument
- sub \$`8+16*4`,%rsp
- mov %rsi,$inp # reassigned argument
- and \$-64,%rsp
- mov %rdx,$num # reassigned argument
- mov %r11,`16*4`(%rsp)
-.Lprologue:
-
- mov 0($ctx),$A
- mov 4($ctx),$B
- mov 8($ctx),$C
- mov 12($ctx),$D
- mov 16($ctx),$E
-___
-}
-
-sub EPILOGUE {
-my $func=shift;
-$code.=<<___;
- mov `16*4`(%rsp),%rsi
- mov (%rsi),%r12
- mov 8(%rsi),%rbp
- mov 16(%rsi),%rbx
- lea 24(%rsi),%rsp
-.Lepilogue:
- ret
-.size $func,.-$func
-___
-}
+@V=($A,$B,$C,$D,$E);
sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e,$f,$host)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
$code.=<<___ if ($i==0);
- mov `4*$i`($inp),$xi
- `"bswap $xi" if(!defined($host))`
- mov $xi,`4*$i`(%rsp)
+ mov `4*$i`($inp),$xi[0]
+ bswap $xi[0]
+ mov $xi[0],`4*$i`(%rsp)
___
$code.=<<___ if ($i<15);
- lea 0x5a827999($xi,$e),$f
mov $c,$t0
- mov `4*$j`($inp),$xi
- mov $a,$e
+ mov `4*$j`($inp),$xi[1]
+ mov $a,$t2
xor $d,$t0
- `"bswap $xi" if(!defined($host))`
- rol \$5,$e
+ bswap $xi[1]
+ rol \$5,$t2
+ lea 0x5a827999($xi[0],$e),$e
and $b,$t0
- mov $xi,`4*$j`(%rsp)
- add $e,$f
+ mov $xi[1],`4*$j`(%rsp)
+ add $t2,$e
xor $d,$t0
rol \$30,$b
- add $t0,$f
+ add $t0,$e
___
$code.=<<___ if ($i>=15);
- lea 0x5a827999($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
+ mov `4*($j%16)`(%rsp),$xi[1]
mov $c,$t0
- mov $a,$e
- xor `4*(($j+2)%16)`(%rsp),$xi
+ mov $a,$t2
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
xor $d,$t0
- rol \$5,$e
- xor `4*(($j+8)%16)`(%rsp),$xi
+ rol \$5,$t2
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
and $b,$t0
- add $e,$f
- xor `4*(($j+13)%16)`(%rsp),$xi
+ lea 0x5a827999($xi[0],$e),$e
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
xor $d,$t0
+ rol \$1,$xi[1]
+ add $t2,$e
rol \$30,$b
- add $t0,$f
- rol \$1,$xi
- mov $xi,`4*($j%16)`(%rsp)
+ mov $xi[1],`4*($j%16)`(%rsp)
+ add $t0,$e
___
+unshift(@xi,pop(@xi));
}
sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
$code.=<<___ if ($i<79);
- lea $K($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
+ mov `4*($j%16)`(%rsp),$xi[1]
mov $c,$t0
- mov $a,$e
- xor `4*(($j+2)%16)`(%rsp),$xi
+ mov $a,$t2
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
xor $b,$t0
- rol \$5,$e
- xor `4*(($j+8)%16)`(%rsp),$xi
+ rol \$5,$t2
+ lea $K($xi[0],$e),$e
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
xor $d,$t0
- add $e,$f
- xor `4*(($j+13)%16)`(%rsp),$xi
+ add $t2,$e
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
rol \$30,$b
- add $t0,$f
- rol \$1,$xi
+ add $t0,$e
+ rol \$1,$xi[1]
___
$code.=<<___ if ($i<76);
- mov $xi,`4*($j%16)`(%rsp)
+ mov $xi[1],`4*($j%16)`(%rsp)
___
$code.=<<___ if ($i==79);
- lea $K($xi,$e),$f
mov $c,$t0
- mov $a,$e
+ mov $a,$t2
xor $b,$t0
- rol \$5,$e
+ lea $K($xi[0],$e),$e
+ rol \$5,$t2
xor $d,$t0
- add $e,$f
+ add $t2,$e
rol \$30,$b
- add $t0,$f
+ add $t0,$e
___
+unshift(@xi,pop(@xi));
}
sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my ($i,$a,$b,$c,$d,$e)=@_;
my $j=$i+1;
$code.=<<___;
- lea 0x8f1bbcdc($xi,$e),$f
- mov `4*($j%16)`(%rsp),$xi
- mov $b,$t0
- mov $b,$t1
- xor `4*(($j+2)%16)`(%rsp),$xi
- mov $a,$e
- and $c,$t0
- xor `4*(($j+8)%16)`(%rsp),$xi
- or $c,$t1
- rol \$5,$e
- xor `4*(($j+13)%16)`(%rsp),$xi
- and $d,$t1
- add $e,$f
- rol \$1,$xi
- or $t1,$t0
+ mov `4*($j%16)`(%rsp),$xi[1]
+ mov $c,$t0
+ mov $c,$t1
+ xor `4*(($j+2)%16)`(%rsp),$xi[1]
+ and $d,$t0
+ mov $a,$t2
+ xor `4*(($j+8)%16)`(%rsp),$xi[1]
+ xor $d,$t1
+ lea 0x8f1bbcdc($xi[0],$e),$e
+ rol \$5,$t2
+ xor `4*(($j+13)%16)`(%rsp),$xi[1]
+ add $t0,$e
+ and $b,$t1
+ rol \$1,$xi[1]
+ add $t1,$e
rol \$30,$b
- mov $xi,`4*($j%16)`(%rsp)
- add $t0,$f
+ mov $xi[1],`4*($j%16)`(%rsp)
+ add $t2,$e
___
+unshift(@xi,pop(@xi));
}
-$code=".text\n";
+$code.=<<___;
+.text
+.extern OPENSSL_ia32cap_P
-&PROLOGUE("sha1_block_data_order");
-$code.=".align 4\n.Lloop:\n";
+.globl sha1_block_data_order
+.type sha1_block_data_order,\@function,3
+.align 16
+sha1_block_data_order:
+ mov OPENSSL_ia32cap_P+0(%rip),%r9d
+ mov OPENSSL_ia32cap_P+4(%rip),%r8d
+ test \$`1<<9`,%r8d # check SSSE3 bit
+ jz .Lialu
+___
+$code.=<<___ if ($avx);
+ and \$`1<<28`,%r8d # mask AVX bit
+ and \$`1<<30`,%r9d # mask "Intel CPU" bit
+ or %r9d,%r8d
+ cmp \$`1<<28|1<<30`,%r8d
+ je _avx_shortcut
+___
+$code.=<<___;
+ jmp _ssse3_shortcut
+
+.align 16
+.Lialu:
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ mov %rsp,%r11
+ mov %rdi,$ctx # reassigned argument
+ sub \$`8+16*4`,%rsp
+ mov %rsi,$inp # reassigned argument
+ and \$-64,%rsp
+ mov %rdx,$num # reassigned argument
+ mov %r11,`16*4`(%rsp)
+.Lprologue:
+
+ mov 0($ctx),$A
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov 16($ctx),$E
+ jmp .Lloop
+
+.align 16
+.Lloop:
+___
for($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
$code.=<<___;
- add 0($ctx),$E
- add 4($ctx),$T
- add 8($ctx),$A
- add 12($ctx),$B
- add 16($ctx),$C
- mov $E,0($ctx)
- mov $T,4($ctx)
- mov $A,8($ctx)
- mov $B,12($ctx)
- mov $C,16($ctx)
-
- xchg $E,$A # mov $E,$A
- xchg $T,$B # mov $T,$B
- xchg $E,$C # mov $A,$C
- xchg $T,$D # mov $B,$D
- # mov $C,$E
- lea `16*4`($inp),$inp
+ add 0($ctx),$A
+ add 4($ctx),$B
+ add 8($ctx),$C
+ add 12($ctx),$D
+ add 16($ctx),$E
+ mov $A,0($ctx)
+ mov $B,4($ctx)
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+
sub \$1,$num
+ lea `16*4`($inp),$inp
jnz .Lloop
+
+ mov `16*4`(%rsp),%rsi
+ mov (%rsi),%r13
+ mov 8(%rsi),%r12
+ mov 16(%rsi),%rbp
+ mov 24(%rsi),%rbx
+ lea 32(%rsi),%rsp
+.Lepilogue:
+ ret
+.size sha1_block_data_order,.-sha1_block_data_order
___
-&EPILOGUE("sha1_block_data_order");
+{{{
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+my $j=0;
+my $K_XX_XX="%r11";
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+$code.=<<___;
+.type sha1_block_data_order_ssse3,\@function,3
+.align 16
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+ push %rbx
+ push %rbp
+ push %r12
+ lea `-64-($win64?5*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,64+0(%rsp)
+ movaps %xmm7,64+16(%rsp)
+ movaps %xmm8,64+32(%rsp)
+ movaps %xmm9,64+48(%rsp)
+ movaps %xmm10,64+64(%rsp)
+.Lprologue_ssse3:
+___
+$code.=<<___;
+ mov %rdi,$ctx # reassigned argument
+ mov %rsi,$inp # reassigned argument
+ mov %rdx,$num # reassigned argument
+
+ shl \$6,$num
+ add $inp,$num
+ lea K_XX_XX(%rip),$K_XX_XX
+
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B,@T[0] # magic seed
+ mov 16($ctx),$E
+
+ movdqa 64($K_XX_XX),@X[2] # pbswap mask
+ movdqa 0($K_XX_XX),@Tx[1] # K_00_19
+ movdqu 0($inp),@X[-4&7] # load input to %xmm[0-3]
+ movdqu 16($inp),@X[-3&7]
+ movdqu 32($inp),@X[-2&7]
+ movdqu 48($inp),@X[-1&7]
+ pshufb @X[2],@X[-4&7] # byte swap
+ add \$64,$inp
+ pshufb @X[2],@X[-3&7]
+ pshufb @X[2],@X[-2&7]
+ pshufb @X[2],@X[-1&7]
+ paddd @Tx[1],@X[-4&7] # add K_00_19
+ paddd @Tx[1],@X[-3&7]
+ paddd @Tx[1],@X[-2&7]
+ movdqa @X[-4&7],0(%rsp) # X[]+K xfer to IALU
+ psubd @Tx[1],@X[-4&7] # restore X[]
+ movdqa @X[-3&7],16(%rsp)
+ psubd @Tx[1],@X[-3&7]
+ movdqa @X[-2&7],32(%rsp)
+ psubd @Tx[1],@X[-2&7]
+ jmp .Loop_ssse3
+___
+
+sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+ my $arg = pop;
+ $arg = "\$$arg" if ($arg*1 eq $arg);
+ $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@X[0],@X[-3&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[0],@X[-1&7]);
+ &palignr(@X[0],@X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &paddd (@Tx[1],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psrldq (@Tx[0],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pxor (@X[0],@X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@Tx[0],@X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0],@Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (@Tx[2],@X[0]);
+ &movdqa (@Tx[0],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslldq (@Tx[2],12); # "X[0]"<<96, extract one dword
+ &paddd (@X[0],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[1],@Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &psrld (@Tx[2],30);
+ &por (@X[0],@Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pslld (@Tx[1],2);
+ &pxor (@X[0],@Tx[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &pxor (@X[0],@Tx[1]); # "X[0]"^=("X[0]">>96)<<<2
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &movdqa (@Tx[0],@X[-1&7]) if ($Xi==8);
+ eval(shift(@insns)); # body_20_39
+ &pxor (@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ &palignr(@Tx[0],@X[-2&7],8); # compose "X[-6]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &pxor (@X[0],@X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &movdqa (@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &movdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &paddd (@Tx[1],@X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pxor (@X[0],@Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &movdqa (@Tx[0],@X[0]);
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &pslld (@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &psrld (@Tx[0],30);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &por (@X[0],@Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &movdqa (@Tx[1],@X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &paddd (@Tx[1],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$num);
+ &je (".Ldone_ssse3");
+
+ unshift(@Tx,pop(@Tx));
+
+ &movdqa (@X[2],"64($K_XX_XX)"); # pbswap mask
+ &movdqa (@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &movdqu (@X[-4&7],"0($inp)"); # load input
+ &movdqu (@X[-3&7],"16($inp)");
+ &movdqu (@X[-2&7],"32($inp)");
+ &movdqu (@X[-1&7],"48($inp)");
+ &pshufb (@X[-4&7],@X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &pshufb (@X[($Xi-3)&7],@X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &paddd (@X[($Xi-4)&7],@Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &movdqa (eval(16*$Xi)."(%rsp)",@X[($Xi-4)&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &psubd (@X[($Xi-4)&7],@Tx[1]);
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j&15))."(%rsp)");', # X[]+K xfer
+ '&xor ($c,$d);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&xor ($c,$d);', # restore $c
+ '&xor (@T[0],$d);',
+ '&add ($e,$a);',
+ '&$_ror ($b,$j?7:2);', # $b>>>2
+ '&add ($e,@T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_20_39 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&xor (@T[0],$d);', # ($b^$d)
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&xor (@T[0],$c);', # ($b^$d^$c)
+ '&add ($e,$a);',
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e,@T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
+
+sub body_40_59 () {
+ (
+ '($a,$b,$c,$d,$e)=@V;'.
+ '&mov (@T[1],$c);',
+ '&xor ($c,$d);',
+ '&add ($e,eval(4*($j++&15))."(%rsp)");', # X[]+K xfer
+ '&and (@T[1],$d);',
+ '&and (@T[0],$c);', # ($b&($c^$d))
+ '&$_ror ($b,7);', # $b>>>2
+ '&add ($e,@T[1]);',
+ '&mov (@T[1],$a);', # $b in next round
+ '&$_rol ($a,5);',
+ '&add ($e,@T[0]);',
+ '&xor ($c,$d);', # restore $c
+ '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+ );
+}
$code.=<<___;
-.asciz "SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
.align 16
+.Loop_ssse3:
+___
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_16_31(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_00_19);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_40_59);
+ &Xupdate_ssse3_32_79(\&body_20_39);
+ &Xuplast_ssse3_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+ &Xloop_ssse3(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx),@T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_ssse3
+
+.align 16
+.Ldone_ssse3:
+___
+ $j=$saved_j; @V=@saved_V;
+
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+ &Xtail_ssse3(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx),@T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+___
+$code.=<<___ if ($win64);
+ movaps 64+0(%rsp),%xmm6
+ movaps 64+16(%rsp),%xmm7
+ movaps 64+32(%rsp),%xmm8
+ movaps 64+48(%rsp),%xmm9
+ movaps 64+64(%rsp),%xmm10
+___
+$code.=<<___;
+ lea `64+($win64?5*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r12
+ mov 8(%rsi),%rbp
+ mov 16(%rsi),%rbx
+ lea 24(%rsi),%rsp
+.Lepilogue_ssse3:
+ ret
+.size sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
+___
+
+if ($avx) {
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp"); # size optimization
+my @T=("%esi","%edi");
+my $j=0;
+my $K_XX_XX="%r11";
+
+my $_rol=sub { &shld(@_[0],@_) };
+my $_ror=sub { &shrd(@_[0],@_) };
+
+$code.=<<___;
+.type sha1_block_data_order_avx,\@function,3
+.align 16
+sha1_block_data_order_avx:
+_avx_shortcut:
+ push %rbx
+ push %rbp
+ push %r12
+ lea `-64-($win64?5*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+ movaps %xmm6,64+0(%rsp)
+ movaps %xmm7,64+16(%rsp)
+ movaps %xmm8,64+32(%rsp)
+ movaps %xmm9,64+48(%rsp)
+ movaps %xmm10,64+64(%rsp)
+.Lprologue_avx:
+___
+$code.=<<___;
+ mov %rdi,$ctx # reassigned argument
+ mov %rsi,$inp # reassigned argument
+ mov %rdx,$num # reassigned argument
+ vzeroall
+
+ shl \$6,$num
+ add $inp,$num
+ lea K_XX_XX(%rip),$K_XX_XX
+
+ mov 0($ctx),$A # load context
+ mov 4($ctx),$B
+ mov 8($ctx),$C
+ mov 12($ctx),$D
+ mov $B,@T[0] # magic seed
+ mov 16($ctx),$E
+
+ vmovdqa 64($K_XX_XX),@X[2] # pbswap mask
+ vmovdqa 0($K_XX_XX),@Tx[1] # K_00_19
+ vmovdqu 0($inp),@X[-4&7] # load input to %xmm[0-3]
+ vmovdqu 16($inp),@X[-3&7]
+ vmovdqu 32($inp),@X[-2&7]
+ vmovdqu 48($inp),@X[-1&7]
+ vpshufb @X[2],@X[-4&7],@X[-4&7] # byte swap
+ add \$64,$inp
+ vpshufb @X[2],@X[-3&7],@X[-3&7]
+ vpshufb @X[2],@X[-2&7],@X[-2&7]
+ vpshufb @X[2],@X[-1&7],@X[-1&7]
+ vpaddd @Tx[1],@X[-4&7],@X[0] # add K_00_19
+ vpaddd @Tx[1],@X[-3&7],@X[1]
+ vpaddd @Tx[1],@X[-2&7],@X[2]
+ vmovdqa @X[0],0(%rsp) # X[]+K xfer to IALU
+ vmovdqa @X[1],16(%rsp)
+ vmovdqa @X[2],32(%rsp)
+ jmp .Loop_avx
+___
+
+sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 40 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpalignr(@X[0],@X[-3&7],@X[-4&7],8); # compose "X[-14]" in "X[0]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpaddd (@Tx[1],@Tx[1],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpsrldq(@Tx[0],@X[-1&7],4); # "X[-3]", 3 dwords
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"^="X[-16]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@Tx[0],@Tx[0],@X[-2&7]); # "X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@Tx[0]); # "X[0]"^="X[-3]"^"X[-8]"
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[0],@X[0],31);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslldq(@Tx[2],@X[0],12); # "X[0]"<<96, extract one dword
+ &vpaddd (@X[0],@X[0],@X[0]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpsrld (@Tx[1],@Tx[2],30);
+ &vpor (@X[0],@X[0],@Tx[0]); # "X[0]"<<<=1
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpslld (@Tx[2],@Tx[2],2);
+ &vpxor (@X[0],@X[0],@Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@Tx[2]); # "X[0]"^=("X[0]">>96)<<<2
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa (@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)"); # K_XX_XX
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+
+ foreach (@insns) { eval; } # remaining instructions [if any]
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions
+ my ($a,$b,$c,$d,$e);
+
+ &vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8); # compose "X[-6]"
+ &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpxor (@X[0],@X[0],@X[-7&7]); # "X[0]"^="X[-28]"
+ eval(shift(@insns));
+ eval(shift(@insns)) if (@insns[0] !~ /&ro[rl]/);
+ if ($Xi%5) {
+ &vmovdqa (@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
+ } else { # ... or load next one
+ &vmovdqa (@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+ }
+ &vpaddd (@Tx[1],@Tx[1],@X[-1&7]);
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpxor (@X[0],@X[0],@Tx[0]); # "X[0]"^="X[-6]"
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+
+ &vpsrld (@Tx[0],@X[0],30);
+ &vmovdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpslld (@X[0],@X[0],2);
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # ror
+ eval(shift(@insns));
+
+ &vpor (@X[0],@X[0],@Tx[0]); # "X[0]"<<<=2
+ eval(shift(@insns)); # body_20_39
+ eval(shift(@insns));
+ &vmovdqa (@Tx[1],@X[0]) if ($Xi<19);
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns)); # rol
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ $Xi++; push(@X,shift(@X)); # "rotate" X[]
+ push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ &vpaddd (@Tx[1],@Tx[1],@X[-1&7]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ &movdqa (eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]); # X[]+K xfer IALU
+
+ foreach (@insns) { eval; } # remaining instructions
+
+ &cmp ($inp,$num);
+ &je (".Ldone_avx");
+
+ unshift(@Tx,pop(@Tx));
+
+ &vmovdqa(@X[2],"64($K_XX_XX)"); # pbswap mask
+ &vmovdqa(@Tx[1],"0($K_XX_XX)"); # K_00_19
+ &vmovdqu(@X[-4&7],"0($inp)"); # load input
+ &vmovdqu(@X[-3&7],"16($inp)");
+ &vmovdqu(@X[-2&7],"32($inp)");
+ &vmovdqu(@X[-1&7],"48($inp)");
+ &vpshufb(@X[-4&7],@X[-4&7],@X[2]); # byte swap
+ &add ($inp,64);
+
+ $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vpaddd (@X[$Xi&7],@X[($Xi-4)&7],@Tx[1]);
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ eval(shift(@insns));
+ &vmovdqa(eval(16*$Xi)."(%rsp)",@X[$Xi&7]); # X[]+K xfer to IALU
+ eval(shift(@insns));
+ eval(shift(@insns));
+
+ foreach (@insns) { eval; }
+ $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+ my $body = shift;
+ my @insns = (&$body,&$body,&$body,&$body); # 32 instructions
+ my ($a,$b,$c,$d,$e);
+
+ foreach (@insns) { eval; }
+}
+
+$code.=<<___;
+.align 16
+.Loop_avx:
+___
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_16_31(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_00_19);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_40_59);
+ &Xupdate_avx_32_79(\&body_20_39);
+ &Xuplast_avx_80(\&body_20_39); # can jump to "done"
+
+ $saved_j=$j; @saved_V=@V;
+
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+ &Xloop_avx(\&body_20_39);
+
+$code.=<<___;
+ add 0($ctx),$A # update context
+ add 4($ctx),@T[0]
+ add 8($ctx),$C
+ add 12($ctx),$D
+ mov $A,0($ctx)
+ add 16($ctx),$E
+ mov @T[0],4($ctx)
+ mov @T[0],$B # magic seed
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+ jmp .Loop_avx
+
+.align 16
+.Ldone_avx:
+___
+ $j=$saved_j; @V=@saved_V;
+
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+ &Xtail_avx(\&body_20_39);
+
+$code.=<<___;
+ vzeroall
+
+ add 0($ctx),$A # update context
+ add 4($ctx),@T[0]
+ add 8($ctx),$C
+ mov $A,0($ctx)
+ add 12($ctx),$D
+ mov @T[0],4($ctx)
+ add 16($ctx),$E
+ mov $C,8($ctx)
+ mov $D,12($ctx)
+ mov $E,16($ctx)
+___
+$code.=<<___ if ($win64);
+ movaps 64+0(%rsp),%xmm6
+ movaps 64+16(%rsp),%xmm7
+ movaps 64+32(%rsp),%xmm8
+ movaps 64+48(%rsp),%xmm9
+ movaps 64+64(%rsp),%xmm10
+___
+$code.=<<___;
+ lea `64+($win64?5*16:0)`(%rsp),%rsi
+ mov 0(%rsi),%r12
+ mov 8(%rsi),%rbp
+ mov 16(%rsi),%rbx
+ lea 24(%rsi),%rsp
+.Lepilogue_avx:
+ ret
+.size sha1_block_data_order_avx,.-sha1_block_data_order_avx
+___
+}
+$code.=<<___;
+.align 64
+K_XX_XX:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999 # K_00_19
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1 # K_20_39
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc # K_40_59
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6 # K_60_79
+.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f # pbswap mask
+___
+}}}
+$code.=<<___;
+.asciz "SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align 64
___
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
@@ -272,25 +1113,75 @@ se_handler:
lea .Lprologue(%rip),%r10
cmp %r10,%rbx # context->Rip<.Lprologue
- jb .Lin_prologue
+ jb .Lcommon_seh_tail
mov 152($context),%rax # pull context->Rsp
lea .Lepilogue(%rip),%r10
cmp %r10,%rbx # context->Rip>=.Lepilogue
- jae .Lin_prologue
+ jae .Lcommon_seh_tail
mov `16*4`(%rax),%rax # pull saved stack pointer
- lea 24(%rax),%rax
+ lea 32(%rax),%rax
mov -8(%rax),%rbx
mov -16(%rax),%rbp
mov -24(%rax),%r12
+ mov -32(%rax),%r13
mov %rbx,144($context) # restore context->Rbx
mov %rbp,160($context) # restore context->Rbp
mov %r12,216($context) # restore context->R12
+ mov %r13,224($context) # restore context->R13
+
+ jmp .Lcommon_seh_tail
+.size se_handler,.-se_handler
-.Lin_prologue:
+.type ssse3_handler,\@abi-omnipotent
+.align 16
+ssse3_handler:
+ push %rsi
+ push %rdi
+ push %rbx
+ push %rbp
+ push %r12
+ push %r13
+ push %r14
+ push %r15
+ pushfq
+ sub \$64,%rsp
+
+ mov 120($context),%rax # pull context->Rax
+ mov 248($context),%rbx # pull context->Rip
+
+ mov 8($disp),%rsi # disp->ImageBase
+ mov 56($disp),%r11 # disp->HandlerData
+
+ mov 0(%r11),%r10d # HandlerData[0]
+ lea (%rsi,%r10),%r10 # prologue label
+ cmp %r10,%rbx # context->Rip<prologue label
+ jb .Lcommon_seh_tail
+
+ mov 152($context),%rax # pull context->Rsp
+
+ mov 4(%r11),%r10d # HandlerData[1]
+ lea (%rsi,%r10),%r10 # epilogue label
+ cmp %r10,%rbx # context->Rip>=epilogue label
+ jae .Lcommon_seh_tail
+
+ lea 64(%rax),%rsi
+ lea 512($context),%rdi # &context.Xmm6
+ mov \$10,%ecx
+ .long 0xa548f3fc # cld; rep movsq
+ lea `24+64+5*16`(%rax),%rax # adjust stack pointer
+
+ mov -8(%rax),%rbx
+ mov -16(%rax),%rbp
+ mov -24(%rax),%r12
+ mov %rbx,144($context) # restore context->Rbx
+ mov %rbp,160($context) # restore context->Rbp
+ mov %r12,216($context) # restore cotnext->R12
+
+.Lcommon_seh_tail:
mov 8(%rax),%rdi
mov 16(%rax),%rsi
mov %rax,152($context) # restore context->Rsp
@@ -328,19 +1219,38 @@ se_handler:
pop %rdi
pop %rsi
ret
-.size se_handler,.-se_handler
+.size ssse3_handler,.-ssse3_handler
.section .pdata
.align 4
.rva .LSEH_begin_sha1_block_data_order
.rva .LSEH_end_sha1_block_data_order
.rva .LSEH_info_sha1_block_data_order
-
+ .rva .LSEH_begin_sha1_block_data_order_ssse3
+ .rva .LSEH_end_sha1_block_data_order_ssse3
+ .rva .LSEH_info_sha1_block_data_order_ssse3
+___
+$code.=<<___ if ($avx);
+ .rva .LSEH_begin_sha1_block_data_order_avx
+ .rva .LSEH_end_sha1_block_data_order_avx
+ .rva .LSEH_info_sha1_block_data_order_avx
+___
+$code.=<<___;
.section .xdata
.align 8
.LSEH_info_sha1_block_data_order:
.byte 9,0,0,0
.rva se_handler
+.LSEH_info_sha1_block_data_order_ssse3:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_ssse3,.Lepilogue_ssse3 # HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_sha1_block_data_order_avx:
+ .byte 9,0,0,0
+ .rva ssse3_handler
+ .rva .Lprologue_avx,.Lepilogue_avx # HandlerData[]
___
}
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha256-586.pl b/deps/openssl/openssl/crypto/sha/asm/sha256-586.pl
index ecc8b69c7..928ec5312 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha256-586.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha256-586.pl
@@ -14,8 +14,8 @@
# Pentium PIII P4 AMD K8 Core2
# gcc 46 36 41 27 26
# icc 57 33 38 25 23
-# x86 asm 40 30 35 20 20
-# x86_64 asm(*) - - 21 15.8 16.5
+# x86 asm 40 30 33 20 18
+# x86_64 asm(*) - - 21 16 16
#
# (*) x86_64 assembler performance is presented for reference
# purposes.
@@ -48,20 +48,19 @@ sub BODY_00_15() {
my $in_16_63=shift;
&mov ("ecx",$E);
- &add ($T,&DWP(4*(8+15+16-9),"esp")) if ($in_16_63); # T += X[-7]
- &ror ("ecx",6);
- &mov ("edi",$E);
- &ror ("edi",11);
+ &add ($T,"edi") if ($in_16_63); # T += sigma1(X[-2])
+ &ror ("ecx",25-11);
&mov ("esi",$Foff);
- &xor ("ecx","edi");
- &ror ("edi",25-11);
+ &xor ("ecx",$E);
+ &ror ("ecx",11-6);
&mov (&DWP(4*(8+15),"esp"),$T) if ($in_16_63); # save X[0]
- &xor ("ecx","edi"); # Sigma1(e)
+ &xor ("ecx",$E);
+ &ror ("ecx",6); # Sigma1(e)
&mov ("edi",$Goff);
&add ($T,"ecx"); # T += Sigma1(e)
- &mov ($Eoff,$E); # modulo-scheduled
&xor ("esi","edi");
+ &mov ($Eoff,$E); # modulo-scheduled
&mov ("ecx",$A);
&and ("esi",$E);
&mov ($E,$Doff); # e becomes d, which is e in next iteration
@@ -69,14 +68,14 @@ sub BODY_00_15() {
&mov ("edi",$A);
&add ($T,"esi"); # T += Ch(e,f,g)
- &ror ("ecx",2);
+ &ror ("ecx",22-13);
&add ($T,$Hoff); # T += h
- &ror ("edi",13);
+ &xor ("ecx",$A);
+ &ror ("ecx",13-2);
&mov ("esi",$Boff);
- &xor ("ecx","edi");
- &ror ("edi",22-13);
+ &xor ("ecx",$A);
+ &ror ("ecx",2); # Sigma0(a)
&add ($E,$T); # d += T
- &xor ("ecx","edi"); # Sigma0(a)
&mov ("edi",$Coff);
&add ($T,"ecx"); # T += Sigma0(a)
@@ -168,23 +167,22 @@ sub BODY_00_15() {
&set_label("16_63",16);
&mov ("esi",$T);
&mov ("ecx",&DWP(4*(8+15+16-14),"esp"));
- &shr ($T,3);
- &ror ("esi",7);
- &xor ($T,"esi");
&ror ("esi",18-7);
&mov ("edi","ecx");
- &xor ($T,"esi"); # T = sigma0(X[-15])
+ &xor ("esi",$T);
+ &ror ("esi",7);
+ &shr ($T,3);
- &shr ("ecx",10);
- &mov ("esi",&DWP(4*(8+15+16),"esp"));
- &ror ("edi",17);
- &xor ("ecx","edi");
&ror ("edi",19-17);
- &add ($T,"esi"); # T += X[-16]
- &xor ("edi","ecx") # sigma1(X[-2])
+ &xor ($T,"esi"); # T = sigma0(X[-15])
+ &xor ("edi","ecx");
+ &ror ("edi",17);
+ &shr ("ecx",10);
+ &add ($T,&DWP(4*(8+15+16),"esp")); # T += X[-16]
+ &xor ("edi","ecx"); # sigma1(X[-2])
- &add ($T,"edi"); # T += sigma1(X[-2])
- # &add ($T,&DWP(4*(8+15+16-9),"esp")); # T += X[-7], moved to BODY_00_15(1)
+ &add ($T,&DWP(4*(8+15+16-9),"esp")); # T += X[-7]
+ # &add ($T,"edi"); # T += sigma1(X[-2])
# &mov (&DWP(4*(8+15),"esp"),$T); # save X[0]
&BODY_00_15(1);
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha256-armv4.pl b/deps/openssl/openssl/crypto/sha/asm/sha256-armv4.pl
index 492cb62bc..9c84e8d93 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha256-armv4.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha256-armv4.pl
@@ -18,11 +18,16 @@
# Rescheduling for dual-issue pipeline resulted in 22% improvement on
# Cortex A8 core and ~20 cycles per processed byte.
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~17 cycles per processed byte.
+
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
$ctx="r0"; $t0="r0";
-$inp="r1";
+$inp="r1"; $t3="r1";
$len="r2"; $t1="r2";
$T1="r3";
$A="r4";
@@ -46,6 +51,9 @@ sub BODY_00_15 {
my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___ if ($i<16);
+#if __ARM_ARCH__>=7
+ ldr $T1,[$inp],#4
+#else
ldrb $T1,[$inp,#3] @ $i
ldrb $t2,[$inp,#2]
ldrb $t1,[$inp,#1]
@@ -53,16 +61,24 @@ $code.=<<___ if ($i<16);
orr $T1,$T1,$t2,lsl#8
orr $T1,$T1,$t1,lsl#16
orr $T1,$T1,$t0,lsl#24
- `"str $inp,[sp,#17*4]" if ($i==15)`
+#endif
___
$code.=<<___;
- ldr $t2,[$Ktbl],#4 @ *K256++
mov $t0,$e,ror#$Sigma1[0]
- str $T1,[sp,#`$i%16`*4]
+ ldr $t2,[$Ktbl],#4 @ *K256++
eor $t0,$t0,$e,ror#$Sigma1[1]
eor $t1,$f,$g
+#if $i>=16
+ add $T1,$T1,$t3 @ from BODY_16_xx
+#elif __ARM_ARCH__>=7 && defined(__ARMEL__)
+ rev $T1,$T1
+#endif
+#if $i==15
+ str $inp,[sp,#17*4] @ leave room for $t3
+#endif
eor $t0,$t0,$e,ror#$Sigma1[2] @ Sigma1(e)
and $t1,$t1,$e
+ str $T1,[sp,#`$i%16`*4]
add $T1,$T1,$t0
eor $t1,$t1,$g @ Ch(e,f,g)
add $T1,$T1,$h
@@ -71,6 +87,9 @@ $code.=<<___;
eor $h,$h,$a,ror#$Sigma0[1]
add $T1,$T1,$t2
eor $h,$h,$a,ror#$Sigma0[2] @ Sigma0(a)
+#if $i>=15
+ ldr $t3,[sp,#`($i+2)%16`*4] @ from BODY_16_xx
+#endif
orr $t0,$a,$b
and $t1,$a,$b
and $t0,$t0,$c
@@ -85,24 +104,26 @@ sub BODY_16_XX {
my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___;
- ldr $t1,[sp,#`($i+1)%16`*4] @ $i
+ @ ldr $t3,[sp,#`($i+1)%16`*4] @ $i
ldr $t2,[sp,#`($i+14)%16`*4]
+ mov $t0,$t3,ror#$sigma0[0]
ldr $T1,[sp,#`($i+0)%16`*4]
- mov $t0,$t1,ror#$sigma0[0]
- ldr $inp,[sp,#`($i+9)%16`*4]
- eor $t0,$t0,$t1,ror#$sigma0[1]
- eor $t0,$t0,$t1,lsr#$sigma0[2] @ sigma0(X[i+1])
- mov $t1,$t2,ror#$sigma1[0]
+ eor $t0,$t0,$t3,ror#$sigma0[1]
+ ldr $t1,[sp,#`($i+9)%16`*4]
+ eor $t0,$t0,$t3,lsr#$sigma0[2] @ sigma0(X[i+1])
+ mov $t3,$t2,ror#$sigma1[0]
add $T1,$T1,$t0
- eor $t1,$t1,$t2,ror#$sigma1[1]
- add $T1,$T1,$inp
- eor $t1,$t1,$t2,lsr#$sigma1[2] @ sigma1(X[i+14])
+ eor $t3,$t3,$t2,ror#$sigma1[1]
add $T1,$T1,$t1
+ eor $t3,$t3,$t2,lsr#$sigma1[2] @ sigma1(X[i+14])
+ @ add $T1,$T1,$t3
___
&BODY_00_15(@_);
}
$code=<<___;
+#include "arm_arch.h"
+
.text
.code 32
@@ -132,7 +153,7 @@ K256:
sha256_block_data_order:
sub r3,pc,#8 @ sha256_block_data_order
add $len,$inp,$len,lsl#6 @ len to point at the end of inp
- stmdb sp!,{$ctx,$inp,$len,r4-r12,lr}
+ stmdb sp!,{$ctx,$inp,$len,r4-r11,lr}
ldmia $ctx,{$A,$B,$C,$D,$E,$F,$G,$H}
sub $Ktbl,r3,#256 @ K256
sub sp,sp,#16*4 @ alloca(X[16])
@@ -171,10 +192,14 @@ $code.=<<___;
bne .Loop
add sp,sp,#`16+3`*4 @ destroy frame
- ldmia sp!,{r4-r12,lr}
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r11,pc}
+#else
+ ldmia sp!,{r4-r11,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
+#endif
.size sha256_block_data_order,.-sha256_block_data_order
.asciz "SHA256 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-586.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-586.pl
index 5b9f3337a..7eab6a5b8 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-586.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-586.pl
@@ -142,9 +142,9 @@ sub BODY_00_15_x86 {
&mov ("edx",$Ehi);
&mov ("esi","ecx");
- &shr ("ecx",9) # lo>>9
+ &shr ("ecx",9); # lo>>9
&mov ("edi","edx");
- &shr ("edx",9) # hi>>9
+ &shr ("edx",9); # hi>>9
&mov ("ebx","ecx");
&shl ("esi",14); # lo<<14
&mov ("eax","edx");
@@ -207,9 +207,9 @@ sub BODY_00_15_x86 {
&mov ($Dhi,"ebx");
&mov ("esi","ecx");
- &shr ("ecx",2) # lo>>2
+ &shr ("ecx",2); # lo>>2
&mov ("edi","edx");
- &shr ("edx",2) # hi>>2
+ &shr ("edx",2); # hi>>2
&mov ("ebx","ecx");
&shl ("esi",4); # lo<<4
&mov ("eax","edx");
@@ -452,9 +452,9 @@ if ($sse2) {
&mov ("edx",&DWP(8*(9+15+16-1)+4,"esp"));
&mov ("esi","ecx");
- &shr ("ecx",1) # lo>>1
+ &shr ("ecx",1); # lo>>1
&mov ("edi","edx");
- &shr ("edx",1) # hi>>1
+ &shr ("edx",1); # hi>>1
&mov ("eax","ecx");
&shl ("esi",24); # lo<<24
&mov ("ebx","edx");
@@ -488,9 +488,9 @@ if ($sse2) {
&mov ("edx",&DWP(8*(9+15+16-14)+4,"esp"));
&mov ("esi","ecx");
- &shr ("ecx",6) # lo>>6
+ &shr ("ecx",6); # lo>>6
&mov ("edi","edx");
- &shr ("edx",6) # hi>>6
+ &shr ("edx",6); # hi>>6
&mov ("eax","ecx");
&shl ("esi",3); # lo<<3
&mov ("ebx","edx");
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-armv4.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-armv4.pl
index 3a35861ac..7faf37b14 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-armv4.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-armv4.pl
@@ -18,22 +18,33 @@
# Rescheduling for dual-issue pipeline resulted in 6% improvement on
# Cortex A8 core and ~40 cycles per processed byte.
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 7%
+# improvement on Coxtex A8 core and ~38 cycles per byte.
+
+# March 2011.
+#
+# Add NEON implementation. On Cortex A8 it was measured to process
+# one byte in 25.5 cycles or 47% faster than integer-only code.
+
# Byte order [in]dependence. =========================================
#
-# Caller is expected to maintain specific *dword* order in h[0-7],
-# namely with most significant dword at *lower* address, which is
-# reflected in below two parameters. *Byte* order within these dwords
-# in turn is whatever *native* byte order on current platform.
-$hi=0;
-$lo=4;
+# Originally caller was expected to maintain specific *dword* order in
+# h[0-7], namely with most significant dword at *lower* address, which
+# was reflected in below two parameters as 0 and 4. Now caller is
+# expected to maintain native byte order for whole 64-bit values.
+$hi="HI";
+$lo="LO";
# ====================================================================
while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
-$ctx="r0";
+$ctx="r0"; # parameter block
$inp="r1";
$len="r2";
+
$Tlo="r3";
$Thi="r4";
$Alo="r5";
@@ -61,15 +72,17 @@ $Xoff=8*8;
sub BODY_00_15() {
my $magic = shift;
$code.=<<___;
- ldr $t2,[sp,#$Hoff+0] @ h.lo
- ldr $t3,[sp,#$Hoff+4] @ h.hi
@ Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
@ LO lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
@ HI hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
mov $t0,$Elo,lsr#14
+ str $Tlo,[sp,#$Xoff+0]
mov $t1,$Ehi,lsr#14
+ str $Thi,[sp,#$Xoff+4]
eor $t0,$t0,$Ehi,lsl#18
+ ldr $t2,[sp,#$Hoff+0] @ h.lo
eor $t1,$t1,$Elo,lsl#18
+ ldr $t3,[sp,#$Hoff+4] @ h.hi
eor $t0,$t0,$Elo,lsr#18
eor $t1,$t1,$Ehi,lsr#18
eor $t0,$t0,$Ehi,lsl#14
@@ -96,25 +109,24 @@ $code.=<<___;
and $t1,$t1,$Ehi
str $Ahi,[sp,#$Aoff+4]
eor $t0,$t0,$t2
- ldr $t2,[$Ktbl,#4] @ K[i].lo
+ ldr $t2,[$Ktbl,#$lo] @ K[i].lo
eor $t1,$t1,$t3 @ Ch(e,f,g)
- ldr $t3,[$Ktbl,#0] @ K[i].hi
+ ldr $t3,[$Ktbl,#$hi] @ K[i].hi
adds $Tlo,$Tlo,$t0
ldr $Elo,[sp,#$Doff+0] @ d.lo
adc $Thi,$Thi,$t1 @ T += Ch(e,f,g)
ldr $Ehi,[sp,#$Doff+4] @ d.hi
adds $Tlo,$Tlo,$t2
+ and $t0,$t2,#0xff
adc $Thi,$Thi,$t3 @ T += K[i]
adds $Elo,$Elo,$Tlo
+ ldr $t2,[sp,#$Boff+0] @ b.lo
adc $Ehi,$Ehi,$Thi @ d += T
-
- and $t0,$t2,#0xff
teq $t0,#$magic
- orreq $Ktbl,$Ktbl,#1
- ldr $t2,[sp,#$Boff+0] @ b.lo
ldr $t3,[sp,#$Coff+0] @ c.lo
+ orreq $Ktbl,$Ktbl,#1
@ Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
@ LO lo>>28^hi<<4 ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
@ HI hi>>28^lo<<4 ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
@@ -131,80 +143,100 @@ $code.=<<___;
eor $t0,$t0,$Alo,lsl#25
eor $t1,$t1,$Ahi,lsl#25 @ Sigma0(a)
adds $Tlo,$Tlo,$t0
+ and $t0,$Alo,$t2
adc $Thi,$Thi,$t1 @ T += Sigma0(a)
- and $t0,$Alo,$t2
- orr $Alo,$Alo,$t2
ldr $t1,[sp,#$Boff+4] @ b.hi
+ orr $Alo,$Alo,$t2
ldr $t2,[sp,#$Coff+4] @ c.hi
and $Alo,$Alo,$t3
- orr $Alo,$Alo,$t0 @ Maj(a,b,c).lo
and $t3,$Ahi,$t1
orr $Ahi,$Ahi,$t1
+ orr $Alo,$Alo,$t0 @ Maj(a,b,c).lo
and $Ahi,$Ahi,$t2
- orr $Ahi,$Ahi,$t3 @ Maj(a,b,c).hi
adds $Alo,$Alo,$Tlo
- adc $Ahi,$Ahi,$Thi @ h += T
-
+ orr $Ahi,$Ahi,$t3 @ Maj(a,b,c).hi
sub sp,sp,#8
+ adc $Ahi,$Ahi,$Thi @ h += T
+ tst $Ktbl,#1
add $Ktbl,$Ktbl,#8
___
}
$code=<<___;
+#include "arm_arch.h"
+#ifdef __ARMEL__
+# define LO 0
+# define HI 4
+# define WORD64(hi0,lo0,hi1,lo1) .word lo0,hi0, lo1,hi1
+#else
+# define HI 0
+# define LO 4
+# define WORD64(hi0,lo0,hi1,lo1) .word hi0,lo0, hi1,lo1
+#endif
+
.text
.code 32
.type K512,%object
.align 5
K512:
-.word 0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
-.word 0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
-.word 0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
-.word 0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
-.word 0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
-.word 0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
-.word 0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
-.word 0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
-.word 0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
-.word 0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
-.word 0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
-.word 0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
-.word 0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
-.word 0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
-.word 0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
-.word 0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
-.word 0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
-.word 0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
-.word 0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
-.word 0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
-.word 0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
-.word 0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
-.word 0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
-.word 0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
-.word 0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
-.word 0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
-.word 0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
-.word 0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
-.word 0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
-.word 0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
-.word 0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
-.word 0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
-.word 0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
-.word 0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
-.word 0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
-.word 0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
-.word 0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
-.word 0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
-.word 0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
-.word 0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
+WORD64(0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd)
+WORD64(0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc)
+WORD64(0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019)
+WORD64(0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118)
+WORD64(0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe)
+WORD64(0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2)
+WORD64(0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1)
+WORD64(0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694)
+WORD64(0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3)
+WORD64(0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65)
+WORD64(0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483)
+WORD64(0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5)
+WORD64(0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210)
+WORD64(0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4)
+WORD64(0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725)
+WORD64(0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70)
+WORD64(0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926)
+WORD64(0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df)
+WORD64(0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8)
+WORD64(0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b)
+WORD64(0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001)
+WORD64(0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30)
+WORD64(0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910)
+WORD64(0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8)
+WORD64(0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53)
+WORD64(0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8)
+WORD64(0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb)
+WORD64(0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3)
+WORD64(0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60)
+WORD64(0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec)
+WORD64(0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9)
+WORD64(0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b)
+WORD64(0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207)
+WORD64(0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178)
+WORD64(0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6)
+WORD64(0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b)
+WORD64(0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493)
+WORD64(0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c)
+WORD64(0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a)
+WORD64(0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817)
.size K512,.-K512
+.LOPENSSL_armcap:
+.word OPENSSL_armcap_P-sha512_block_data_order
+.skip 32-4
.global sha512_block_data_order
.type sha512_block_data_order,%function
sha512_block_data_order:
sub r3,pc,#8 @ sha512_block_data_order
add $len,$inp,$len,lsl#7 @ len to point at the end of inp
+#if __ARM_ARCH__>=7
+ ldr r12,.LOPENSSL_armcap
+ ldr r12,[r3,r12] @ OPENSSL_armcap_P
+ tst r12,#1
+ bne .LNEON
+#endif
stmdb sp!,{r4-r12,lr}
- sub $Ktbl,r3,#640 @ K512
+ sub $Ktbl,r3,#672 @ K512
sub sp,sp,#9*8
ldr $Elo,[$ctx,#$Eoff+$lo]
@@ -238,6 +270,7 @@ sha512_block_data_order:
str $Thi,[sp,#$Foff+4]
.L00_15:
+#if __ARM_ARCH__<7
ldrb $Tlo,[$inp,#7]
ldrb $t0, [$inp,#6]
ldrb $t1, [$inp,#5]
@@ -252,26 +285,30 @@ sha512_block_data_order:
orr $Thi,$Thi,$t3,lsl#8
orr $Thi,$Thi,$t0,lsl#16
orr $Thi,$Thi,$t1,lsl#24
- str $Tlo,[sp,#$Xoff+0]
- str $Thi,[sp,#$Xoff+4]
+#else
+ ldr $Tlo,[$inp,#4]
+ ldr $Thi,[$inp],#8
+#ifdef __ARMEL__
+ rev $Tlo,$Tlo
+ rev $Thi,$Thi
+#endif
+#endif
___
&BODY_00_15(0x94);
$code.=<<___;
tst $Ktbl,#1
beq .L00_15
- bic $Ktbl,$Ktbl,#1
-
-.L16_79:
ldr $t0,[sp,#`$Xoff+8*(16-1)`+0]
ldr $t1,[sp,#`$Xoff+8*(16-1)`+4]
- ldr $t2,[sp,#`$Xoff+8*(16-14)`+0]
- ldr $t3,[sp,#`$Xoff+8*(16-14)`+4]
-
+ bic $Ktbl,$Ktbl,#1
+.L16_79:
@ sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7))
@ LO lo>>1^hi<<31 ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
@ HI hi>>1^lo<<31 ^ hi>>8^lo<<24 ^ hi>>7
mov $Tlo,$t0,lsr#1
+ ldr $t2,[sp,#`$Xoff+8*(16-14)`+0]
mov $Thi,$t1,lsr#1
+ ldr $t3,[sp,#`$Xoff+8*(16-14)`+4]
eor $Tlo,$Tlo,$t1,lsl#31
eor $Thi,$Thi,$t0,lsl#31
eor $Tlo,$Tlo,$t0,lsr#8
@@ -295,25 +332,24 @@ $code.=<<___;
eor $t1,$t1,$t3,lsl#3
eor $t0,$t0,$t2,lsr#6
eor $t1,$t1,$t3,lsr#6
+ ldr $t2,[sp,#`$Xoff+8*(16-9)`+0]
eor $t0,$t0,$t3,lsl#26
- ldr $t2,[sp,#`$Xoff+8*(16-9)`+0]
ldr $t3,[sp,#`$Xoff+8*(16-9)`+4]
adds $Tlo,$Tlo,$t0
+ ldr $t0,[sp,#`$Xoff+8*16`+0]
adc $Thi,$Thi,$t1
- ldr $t0,[sp,#`$Xoff+8*16`+0]
ldr $t1,[sp,#`$Xoff+8*16`+4]
adds $Tlo,$Tlo,$t2
adc $Thi,$Thi,$t3
adds $Tlo,$Tlo,$t0
adc $Thi,$Thi,$t1
- str $Tlo,[sp,#$Xoff+0]
- str $Thi,[sp,#$Xoff+4]
___
&BODY_00_15(0x17);
$code.=<<___;
- tst $Ktbl,#1
+ ldreq $t0,[sp,#`$Xoff+8*(16-1)`+0]
+ ldreq $t1,[sp,#`$Xoff+8*(16-1)`+4]
beq .L16_79
bic $Ktbl,$Ktbl,#1
@@ -324,12 +360,12 @@ $code.=<<___;
ldr $t2, [$ctx,#$Boff+$lo]
ldr $t3, [$ctx,#$Boff+$hi]
adds $t0,$Alo,$t0
- adc $t1,$Ahi,$t1
- adds $t2,$Tlo,$t2
- adc $t3,$Thi,$t3
str $t0, [$ctx,#$Aoff+$lo]
+ adc $t1,$Ahi,$t1
str $t1, [$ctx,#$Aoff+$hi]
+ adds $t2,$Tlo,$t2
str $t2, [$ctx,#$Boff+$lo]
+ adc $t3,$Thi,$t3
str $t3, [$ctx,#$Boff+$hi]
ldr $Alo,[sp,#$Coff+0]
@@ -341,12 +377,12 @@ $code.=<<___;
ldr $t2, [$ctx,#$Doff+$lo]
ldr $t3, [$ctx,#$Doff+$hi]
adds $t0,$Alo,$t0
- adc $t1,$Ahi,$t1
- adds $t2,$Tlo,$t2
- adc $t3,$Thi,$t3
str $t0, [$ctx,#$Coff+$lo]
+ adc $t1,$Ahi,$t1
str $t1, [$ctx,#$Coff+$hi]
+ adds $t2,$Tlo,$t2
str $t2, [$ctx,#$Doff+$lo]
+ adc $t3,$Thi,$t3
str $t3, [$ctx,#$Doff+$hi]
ldr $Tlo,[sp,#$Foff+0]
@@ -356,12 +392,12 @@ $code.=<<___;
ldr $t2, [$ctx,#$Foff+$lo]
ldr $t3, [$ctx,#$Foff+$hi]
adds $Elo,$Elo,$t0
- adc $Ehi,$Ehi,$t1
- adds $t2,$Tlo,$t2
- adc $t3,$Thi,$t3
str $Elo,[$ctx,#$Eoff+$lo]
+ adc $Ehi,$Ehi,$t1
str $Ehi,[$ctx,#$Eoff+$hi]
+ adds $t2,$Tlo,$t2
str $t2, [$ctx,#$Foff+$lo]
+ adc $t3,$Thi,$t3
str $t3, [$ctx,#$Foff+$hi]
ldr $Alo,[sp,#$Goff+0]
@@ -373,12 +409,12 @@ $code.=<<___;
ldr $t2, [$ctx,#$Hoff+$lo]
ldr $t3, [$ctx,#$Hoff+$hi]
adds $t0,$Alo,$t0
- adc $t1,$Ahi,$t1
- adds $t2,$Tlo,$t2
- adc $t3,$Thi,$t3
str $t0, [$ctx,#$Goff+$lo]
+ adc $t1,$Ahi,$t1
str $t1, [$ctx,#$Goff+$hi]
+ adds $t2,$Tlo,$t2
str $t2, [$ctx,#$Hoff+$lo]
+ adc $t3,$Thi,$t3
str $t3, [$ctx,#$Hoff+$hi]
add sp,sp,#640
@@ -388,13 +424,156 @@ $code.=<<___;
bne .Loop
add sp,sp,#8*9 @ destroy frame
+#if __ARM_ARCH__>=5
+ ldmia sp!,{r4-r12,pc}
+#else
ldmia sp!,{r4-r12,lr}
tst lr,#1
moveq pc,lr @ be binary compatible with V4, yet
bx lr @ interoperable with Thumb ISA:-)
-.size sha512_block_data_order,.-sha512_block_data_order
-.asciz "SHA512 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+#endif
+___
+
+{
+my @Sigma0=(28,34,39);
+my @Sigma1=(14,18,41);
+my @sigma0=(1, 8, 7);
+my @sigma1=(19,61,6);
+
+my $Ktbl="r3";
+my $cnt="r12"; # volatile register known as ip, intra-procedure-call scratch
+
+my @X=map("d$_",(0..15));
+my @V=($A,$B,$C,$D,$E,$F,$G,$H)=map("d$_",(16..23));
+
+sub NEON_00_15() {
+my $i=shift;
+my ($a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my ($t0,$t1,$t2,$T1,$K,$Ch,$Maj)=map("d$_",(24..31)); # temps
+
+$code.=<<___ if ($i<16 || $i&1);
+ vshr.u64 $t0,$e,#@Sigma1[0] @ $i
+#if $i<16
+ vld1.64 {@X[$i%16]},[$inp]! @ handles unaligned
+#endif
+ vshr.u64 $t1,$e,#@Sigma1[1]
+ vshr.u64 $t2,$e,#@Sigma1[2]
+___
+$code.=<<___;
+ vld1.64 {$K},[$Ktbl,:64]! @ K[i++]
+ vsli.64 $t0,$e,#`64-@Sigma1[0]`
+ vsli.64 $t1,$e,#`64-@Sigma1[1]`
+ vsli.64 $t2,$e,#`64-@Sigma1[2]`
+#if $i<16 && defined(__ARMEL__)
+ vrev64.8 @X[$i],@X[$i]
+#endif
+ vadd.i64 $T1,$K,$h
+ veor $Ch,$f,$g
+ veor $t0,$t1
+ vand $Ch,$e
+ veor $t0,$t2 @ Sigma1(e)
+ veor $Ch,$g @ Ch(e,f,g)
+ vadd.i64 $T1,$t0
+ vshr.u64 $t0,$a,#@Sigma0[0]
+ vadd.i64 $T1,$Ch
+ vshr.u64 $t1,$a,#@Sigma0[1]
+ vshr.u64 $t2,$a,#@Sigma0[2]
+ vsli.64 $t0,$a,#`64-@Sigma0[0]`
+ vsli.64 $t1,$a,#`64-@Sigma0[1]`
+ vsli.64 $t2,$a,#`64-@Sigma0[2]`
+ vadd.i64 $T1,@X[$i%16]
+ vorr $Maj,$a,$c
+ vand $Ch,$a,$c
+ veor $h,$t0,$t1
+ vand $Maj,$b
+ veor $h,$t2 @ Sigma0(a)
+ vorr $Maj,$Ch @ Maj(a,b,c)
+ vadd.i64 $h,$T1
+ vadd.i64 $d,$T1
+ vadd.i64 $h,$Maj
+___
+}
+
+sub NEON_16_79() {
+my $i=shift;
+
+if ($i&1) { &NEON_00_15($i,@_); return; }
+
+# 2x-vectorized, therefore runs every 2nd round
+my @X=map("q$_",(0..7)); # view @X as 128-bit vector
+my ($t0,$t1,$s0,$s1) = map("q$_",(12..15)); # temps
+my ($d0,$d1,$d2) = map("d$_",(24..26)); # temps from NEON_00_15
+my $e=@_[4]; # $e from NEON_00_15
+$i /= 2;
+$code.=<<___;
+ vshr.u64 $t0,@X[($i+7)%8],#@sigma1[0]
+ vshr.u64 $t1,@X[($i+7)%8],#@sigma1[1]
+ vshr.u64 $s1,@X[($i+7)%8],#@sigma1[2]
+ vsli.64 $t0,@X[($i+7)%8],#`64-@sigma1[0]`
+ vext.8 $s0,@X[$i%8],@X[($i+1)%8],#8 @ X[i+1]
+ vsli.64 $t1,@X[($i+7)%8],#`64-@sigma1[1]`
+ veor $s1,$t0
+ vshr.u64 $t0,$s0,#@sigma0[0]
+ veor $s1,$t1 @ sigma1(X[i+14])
+ vshr.u64 $t1,$s0,#@sigma0[1]
+ vadd.i64 @X[$i%8],$s1
+ vshr.u64 $s1,$s0,#@sigma0[2]
+ vsli.64 $t0,$s0,#`64-@sigma0[0]`
+ vsli.64 $t1,$s0,#`64-@sigma0[1]`
+ vext.8 $s0,@X[($i+4)%8],@X[($i+5)%8],#8 @ X[i+9]
+ veor $s1,$t0
+ vshr.u64 $d0,$e,#@Sigma1[0] @ from NEON_00_15
+ vadd.i64 @X[$i%8],$s0
+ vshr.u64 $d1,$e,#@Sigma1[1] @ from NEON_00_15
+ veor $s1,$t1 @ sigma0(X[i+1])
+ vshr.u64 $d2,$e,#@Sigma1[2] @ from NEON_00_15
+ vadd.i64 @X[$i%8],$s1
+___
+ &NEON_00_15(2*$i,@_);
+}
+
+$code.=<<___;
+#if __ARM_ARCH__>=7
+.fpu neon
+
+.align 4
+.LNEON:
+ dmb @ errata #451034 on early Cortex A8
+ vstmdb sp!,{d8-d15} @ ABI specification says so
+ sub $Ktbl,r3,#672 @ K512
+ vldmia $ctx,{$A-$H} @ load context
+.Loop_neon:
+___
+for($i=0;$i<16;$i++) { &NEON_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ mov $cnt,#4
+.L16_79_neon:
+ subs $cnt,#1
+___
+for(;$i<32;$i++) { &NEON_16_79($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+ bne .L16_79_neon
+
+ vldmia $ctx,{d24-d31} @ load context to temp
+ vadd.i64 q8,q12 @ vectorized accumulate
+ vadd.i64 q9,q13
+ vadd.i64 q10,q14
+ vadd.i64 q11,q15
+ vstmia $ctx,{$A-$H} @ save context
+ teq $inp,$len
+ sub $Ktbl,#640 @ rewind K512
+ bne .Loop_neon
+
+ vldmia sp!,{d8-d15} @ epilogue
+ bx lr
+#endif
+___
+}
+$code.=<<___;
+.size sha512_block_data_order,.-sha512_block_data_order
+.asciz "SHA512 block transform for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
.align 2
+.comm OPENSSL_armcap_P,4,4
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl
index 768a6a6fa..6b44a68e5 100644..100755
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl
@@ -40,6 +40,7 @@ $output =shift;
if ($flavour =~ /64/) {
$SIZE_T=8;
+ $LRSAVE=2*$SIZE_T;
$STU="stdu";
$UCMP="cmpld";
$SHL="sldi";
@@ -47,6 +48,7 @@ if ($flavour =~ /64/) {
$PUSH="std";
} elsif ($flavour =~ /32/) {
$SIZE_T=4;
+ $LRSAVE=$SIZE_T;
$STU="stwu";
$UCMP="cmplw";
$SHL="slwi";
@@ -87,7 +89,8 @@ if ($output =~ /512/) {
$SHR="srwi";
}
-$FRAME=32*$SIZE_T;
+$FRAME=32*$SIZE_T+16*$SZ;
+$LOCALS=6*$SIZE_T;
$sp ="r1";
$toc="r2";
@@ -179,13 +182,12 @@ $code=<<___;
.globl $func
.align 6
$func:
+ $STU $sp,-$FRAME($sp)
mflr r0
- $STU $sp,`-($FRAME+16*$SZ)`($sp)
$SHL $num,$num,`log(16*$SZ)/log(2)`
$PUSH $ctx,`$FRAME-$SIZE_T*22`($sp)
- $PUSH r0,`$FRAME-$SIZE_T*21`($sp)
$PUSH $toc,`$FRAME-$SIZE_T*20`($sp)
$PUSH r13,`$FRAME-$SIZE_T*19`($sp)
$PUSH r14,`$FRAME-$SIZE_T*18`($sp)
@@ -206,6 +208,7 @@ $func:
$PUSH r29,`$FRAME-$SIZE_T*3`($sp)
$PUSH r30,`$FRAME-$SIZE_T*2`($sp)
$PUSH r31,`$FRAME-$SIZE_T*1`($sp)
+ $PUSH r0,`$FRAME+$LRSAVE`($sp)
$LD $A,`0*$SZ`($ctx)
mr $inp,r4 ; incarnate $inp
@@ -217,7 +220,7 @@ $func:
$LD $G,`6*$SZ`($ctx)
$LD $H,`7*$SZ`($ctx)
- b LPICmeup
+ bl LPICmeup
LPICedup:
andi. r0,$inp,3
bne Lunaligned
@@ -226,40 +229,14 @@ Laligned:
$PUSH $num,`$FRAME-$SIZE_T*24`($sp) ; end pointer
$PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
bl Lsha2_block_private
-Ldone:
- $POP r0,`$FRAME-$SIZE_T*21`($sp)
- $POP $toc,`$FRAME-$SIZE_T*20`($sp)
- $POP r13,`$FRAME-$SIZE_T*19`($sp)
- $POP r14,`$FRAME-$SIZE_T*18`($sp)
- $POP r15,`$FRAME-$SIZE_T*17`($sp)
- $POP r16,`$FRAME-$SIZE_T*16`($sp)
- $POP r17,`$FRAME-$SIZE_T*15`($sp)
- $POP r18,`$FRAME-$SIZE_T*14`($sp)
- $POP r19,`$FRAME-$SIZE_T*13`($sp)
- $POP r20,`$FRAME-$SIZE_T*12`($sp)
- $POP r21,`$FRAME-$SIZE_T*11`($sp)
- $POP r22,`$FRAME-$SIZE_T*10`($sp)
- $POP r23,`$FRAME-$SIZE_T*9`($sp)
- $POP r24,`$FRAME-$SIZE_T*8`($sp)
- $POP r25,`$FRAME-$SIZE_T*7`($sp)
- $POP r26,`$FRAME-$SIZE_T*6`($sp)
- $POP r27,`$FRAME-$SIZE_T*5`($sp)
- $POP r28,`$FRAME-$SIZE_T*4`($sp)
- $POP r29,`$FRAME-$SIZE_T*3`($sp)
- $POP r30,`$FRAME-$SIZE_T*2`($sp)
- $POP r31,`$FRAME-$SIZE_T*1`($sp)
- mtlr r0
- addi $sp,$sp,`$FRAME+16*$SZ`
- blr
-___
+ b Ldone
-# PowerPC specification allows an implementation to be ill-behaved
-# upon unaligned access which crosses page boundary. "Better safe
-# than sorry" principle makes me treat it specially. But I don't
-# look for particular offending word, but rather for the input
-# block which crosses the boundary. Once found that block is aligned
-# and hashed separately...
-$code.=<<___;
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for the input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
.align 4
Lunaligned:
subfic $t1,$inp,4096
@@ -278,7 +255,7 @@ Lunaligned:
Lcross_page:
li $t1,`16*$SZ/4`
mtctr $t1
- addi r20,$sp,$FRAME ; aligned spot below the frame
+ addi r20,$sp,$LOCALS ; aligned spot below the frame
Lmemcpy:
lbz r16,0($inp)
lbz r17,1($inp)
@@ -293,8 +270,8 @@ Lmemcpy:
bdnz Lmemcpy
$PUSH $inp,`$FRAME-$SIZE_T*26`($sp) ; save real inp
- addi $t1,$sp,`$FRAME+16*$SZ` ; fictitious end pointer
- addi $inp,$sp,$FRAME ; fictitious inp pointer
+ addi $t1,$sp,`$LOCALS+16*$SZ` ; fictitious end pointer
+ addi $inp,$sp,$LOCALS ; fictitious inp pointer
$PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real num
$PUSH $t1,`$FRAME-$SIZE_T*24`($sp) ; end pointer
$PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
@@ -303,10 +280,36 @@ Lmemcpy:
$POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real num
addic. $num,$num,`-16*$SZ` ; num--
bne- Lunaligned
- b Ldone
-___
-$code.=<<___;
+Ldone:
+ $POP r0,`$FRAME+$LRSAVE`($sp)
+ $POP $toc,`$FRAME-$SIZE_T*20`($sp)
+ $POP r13,`$FRAME-$SIZE_T*19`($sp)
+ $POP r14,`$FRAME-$SIZE_T*18`($sp)
+ $POP r15,`$FRAME-$SIZE_T*17`($sp)
+ $POP r16,`$FRAME-$SIZE_T*16`($sp)
+ $POP r17,`$FRAME-$SIZE_T*15`($sp)
+ $POP r18,`$FRAME-$SIZE_T*14`($sp)
+ $POP r19,`$FRAME-$SIZE_T*13`($sp)
+ $POP r20,`$FRAME-$SIZE_T*12`($sp)
+ $POP r21,`$FRAME-$SIZE_T*11`($sp)
+ $POP r22,`$FRAME-$SIZE_T*10`($sp)
+ $POP r23,`$FRAME-$SIZE_T*9`($sp)
+ $POP r24,`$FRAME-$SIZE_T*8`($sp)
+ $POP r25,`$FRAME-$SIZE_T*7`($sp)
+ $POP r26,`$FRAME-$SIZE_T*6`($sp)
+ $POP r27,`$FRAME-$SIZE_T*5`($sp)
+ $POP r28,`$FRAME-$SIZE_T*4`($sp)
+ $POP r29,`$FRAME-$SIZE_T*3`($sp)
+ $POP r30,`$FRAME-$SIZE_T*2`($sp)
+ $POP r31,`$FRAME-$SIZE_T*1`($sp)
+ mtlr r0
+ addi $sp,$sp,$FRAME
+ blr
+ .long 0
+ .byte 0,12,4,1,0x80,18,3,0
+ .long 0
+
.align 4
Lsha2_block_private:
___
@@ -372,6 +375,8 @@ $code.=<<___;
$ST $H,`7*$SZ`($ctx)
bne Lsha2_block_private
blr
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
___
# Ugly hack here, because PPC assembler syntax seem to vary too
@@ -379,22 +384,15 @@ ___
$code.=<<___;
.align 6
LPICmeup:
- bl LPIC
- addi $Tbl,$Tbl,`64-4` ; "distance" between . and last nop
- b LPICedup
- nop
- nop
- nop
- nop
- nop
-LPIC: mflr $Tbl
+ mflr r0
+ bcl 20,31,\$+4
+ mflr $Tbl ; vvvvvv "distance" between . and 1st data entry
+ addi $Tbl,$Tbl,`64-8`
+ mtlr r0
blr
- nop
- nop
- nop
- nop
- nop
- nop
+ .long 0
+ .byte 0,12,0x14,0,0,0,0,0
+ .space `64-9*4`
___
$code.=<<___ if ($SZ==8);
.long 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl
index e7ef2d5a9..079a3fc78 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl
@@ -26,6 +26,26 @@
# favour dual-issue z10 pipeline. Hardware SHA256/512 is ~4.7x faster
# than software.
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z900 SHA256 was measured to
+# perform 2.4x and SHA512 - 13x better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+ $SIZE_T=4;
+ $g="";
+} else {
+ $SIZE_T=8;
+ $g="g";
+}
+
$t0="%r0";
$t1="%r1";
$ctx="%r2"; $t2="%r2";
@@ -44,7 +64,7 @@ $tbl="%r13";
$T1="%r14";
$sp="%r15";
-$output=shift;
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
open STDOUT,">$output";
if ($output =~ /512/) {
@@ -78,7 +98,8 @@ if ($output =~ /512/) {
}
$Func="sha${label}_block_data_order";
$Table="K${label}";
-$frame=160+16*$SZ;
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*$SZ;
sub BODY_00_15 {
my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
@@ -93,9 +114,9 @@ $code.=<<___;
xgr $t0,$t1
$ROT $t1,$t1,`$Sigma1[2]-$Sigma1[1]`
xgr $t2,$g
- $ST $T1,`160+$SZ*($i%16)`($sp)
+ $ST $T1,`$stdframe+$SZ*($i%16)`($sp)
xgr $t0,$t1 # Sigma1(e)
- la $T1,0($T1,$h) # T1+=h
+ algr $T1,$h # T1+=h
ngr $t2,$e
lgr $t1,$a
algr $T1,$t0 # T1+=Sigma1(e)
@@ -113,7 +134,7 @@ $code.=<<___;
ngr $t2,$b
algr $h,$T1 # h+=T1
ogr $t2,$t1 # Maj(a,b,c)
- la $d,0($d,$T1) # d+=T1
+ algr $d,$T1 # d+=T1
algr $h,$t2 # h+=Maj(a,b,c)
___
}
@@ -122,19 +143,19 @@ sub BODY_16_XX {
my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___;
- $LD $T1,`160+$SZ*(($i+1)%16)`($sp) ### $i
- $LD $t1,`160+$SZ*(($i+14)%16)`($sp)
+ $LD $T1,`$stdframe+$SZ*(($i+1)%16)`($sp) ### $i
+ $LD $t1,`$stdframe+$SZ*(($i+14)%16)`($sp)
$ROT $t0,$T1,$sigma0[0]
$SHR $T1,$sigma0[2]
$ROT $t2,$t0,`$sigma0[1]-$sigma0[0]`
xgr $T1,$t0
$ROT $t0,$t1,$sigma1[0]
- xgr $T1,$t2 # sigma0(X[i+1])
+ xgr $T1,$t2 # sigma0(X[i+1])
$SHR $t1,$sigma1[2]
- $ADD $T1,`160+$SZ*($i%16)`($sp) # +=X[i]
+ $ADD $T1,`$stdframe+$SZ*($i%16)`($sp) # +=X[i]
xgr $t1,$t0
$ROT $t0,$t0,`$sigma1[1]-$sigma1[0]`
- $ADD $T1,`160+$SZ*(($i+9)%16)`($sp) # +=X[i+9]
+ $ADD $T1,`$stdframe+$SZ*(($i+9)%16)`($sp) # +=X[i+9]
xgr $t1,$t0 # sigma1(X[i+14])
algr $T1,$t1 # +=sigma1(X[i+14])
___
@@ -212,6 +233,7 @@ $code.=<<___;
.globl $Func
.type $Func,\@function
$Func:
+ sllg $len,$len,`log(16*$SZ)/log(2)`
___
$code.=<<___ if ($kimdfunc);
larl %r1,OPENSSL_s390xcap_P
@@ -219,15 +241,15 @@ $code.=<<___ if ($kimdfunc);
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
lghi %r0,0
- la %r1,16($sp)
+ la %r1,`2*$SIZE_T`($sp)
.long 0xb93e0002 # kimd %r0,%r2
- lg %r0,16($sp)
+ lg %r0,`2*$SIZE_T`($sp)
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
lgr %r1,$ctx
lgr %r2,$inp
- sllg %r3,$len,`log(16*$SZ)/log(2)`
+ lgr %r3,$len
.long 0xb93e0002 # kimd %r0,%r2
brc 1,.-4 # pay attention to "partial completion"
br %r14
@@ -235,13 +257,12 @@ $code.=<<___ if ($kimdfunc);
.Lsoftware:
___
$code.=<<___;
- sllg $len,$len,`log(16*$SZ)/log(2)`
lghi %r1,-$frame
- agr $len,$inp
- stmg $ctx,%r15,16($sp)
+ la $len,0($len,$inp)
+ stm${g} $ctx,%r15,`2*$SIZE_T`($sp)
lgr %r0,$sp
la $sp,0(%r1,$sp)
- stg %r0,0($sp)
+ st${g} %r0,0($sp)
larl $tbl,$Table
$LD $A,`0*$SZ`($ctx)
@@ -265,7 +286,7 @@ $code.=<<___;
clgr $len,$t0
jne .Lrounds_16_xx
- lg $ctx,`$frame+16`($sp)
+ l${g} $ctx,`$frame+2*$SIZE_T`($sp)
la $inp,`16*$SZ`($inp)
$ADD $A,`0*$SZ`($ctx)
$ADD $B,`1*$SZ`($ctx)
@@ -283,14 +304,14 @@ $code.=<<___;
$ST $F,`5*$SZ`($ctx)
$ST $G,`6*$SZ`($ctx)
$ST $H,`7*$SZ`($ctx)
- clg $inp,`$frame+32`($sp)
+ cl${g} $inp,`$frame+4*$SIZE_T`($sp)
jne .Lloop
- lmg %r6,%r15,`$frame+48`($sp)
+ lm${g} %r6,%r15,`$frame+6*$SIZE_T`($sp)
br %r14
.size $Func,.-$Func
.string "SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm OPENSSL_s390xcap_P,8,8
+.comm OPENSSL_s390xcap_P,16,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
index ec5d78135..585740789 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
@@ -305,9 +305,9 @@ $code.=<<___;
srlx @X[(($i+9)/2)%8],32,$tmp1 ! X[i+9]
xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14])
srl @X[($i/2)%8],0,$tmp0
+ add $tmp2,$tmp1,$tmp1
add $xi,$T1,$T1 ! +=X[i]
xor $tmp0,@X[($i/2)%8],@X[($i/2)%8]
- add $tmp2,$T1,$T1
add $tmp1,$T1,$T1
srl $T1,0,$T1
@@ -318,9 +318,9 @@ ___
$code.=<<___;
srlx @X[($i/2)%8],32,$tmp1 ! X[i]
xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14])
- srl @X[($i/2)%8],0,@X[($i/2)%8]
add $xi,$T1,$T1 ! +=X[i+9]
- add $tmp2,$T1,$T1
+ add $tmp2,$tmp1,$tmp1
+ srl @X[($i/2)%8],0,@X[($i/2)%8]
add $tmp1,$T1,$T1
sllx $T1,32,$tmp0
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl
index e6643f8cf..8d5167855 100755
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-x86_64.pl
@@ -51,7 +51,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
if ($output =~ /512/) {
$func="sha512_block_data_order";
@@ -95,50 +96,44 @@ sub ROUND_00_15()
{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___;
- mov $e,$a0
- mov $e,$a1
+ ror \$`$Sigma1[2]-$Sigma1[1]`,$a0
mov $f,$a2
+ mov $T1,`$SZ*($i&0xf)`(%rsp)
- ror \$$Sigma1[0],$a0
- ror \$$Sigma1[1],$a1
+ ror \$`$Sigma0[2]-$Sigma0[1]`,$a1
+ xor $e,$a0
xor $g,$a2 # f^g
- xor $a1,$a0
- ror \$`$Sigma1[2]-$Sigma1[1]`,$a1
+ ror \$`$Sigma1[1]-$Sigma1[0]`,$a0
+ add $h,$T1 # T1+=h
+ xor $a,$a1
+
+ add ($Tbl,$round,$SZ),$T1 # T1+=K[round]
and $e,$a2 # (f^g)&e
- mov $T1,`$SZ*($i&0xf)`(%rsp)
+ mov $b,$h
- xor $a1,$a0 # Sigma1(e)
+ ror \$`$Sigma0[1]-$Sigma0[0]`,$a1
+ xor $e,$a0
xor $g,$a2 # Ch(e,f,g)=((f^g)&e)^g
- add $h,$T1 # T1+=h
-
- mov $a,$h
- add $a0,$T1 # T1+=Sigma1(e)
+ xor $c,$h # b^c
+ xor $a,$a1
add $a2,$T1 # T1+=Ch(e,f,g)
- mov $a,$a0
- mov $a,$a1
+ mov $b,$a2
- ror \$$Sigma0[0],$h
- ror \$$Sigma0[1],$a0
- mov $a,$a2
- add ($Tbl,$round,$SZ),$T1 # T1+=K[round]
+ ror \$$Sigma1[0],$a0 # Sigma1(e)
+ and $a,$h # h=(b^c)&a
+ and $c,$a2 # b&c
- xor $a0,$h
- ror \$`$Sigma0[2]-$Sigma0[1]`,$a0
- or $c,$a1 # a|c
+ ror \$$Sigma0[0],$a1 # Sigma0(a)
+ add $a0,$T1 # T1+=Sigma1(e)
+ add $a2,$h # h+=b&c (completes +=Maj(a,b,c)
- xor $a0,$h # h=Sigma0(a)
- and $c,$a2 # a&c
add $T1,$d # d+=T1
-
- and $b,$a1 # (a|c)&b
add $T1,$h # h+=T1
-
- or $a2,$a1 # Maj(a,b,c)=((a|c)&b)|(a&c)
lea 1($round),$round # round++
+ add $a1,$h # h+=Sigma0(a)
- add $a1,$h # h+=Maj(a,b,c)
___
}
@@ -147,32 +142,30 @@ sub ROUND_16_XX()
$code.=<<___;
mov `$SZ*(($i+1)&0xf)`(%rsp),$a0
- mov `$SZ*(($i+14)&0xf)`(%rsp),$T1
-
- mov $a0,$a2
+ mov `$SZ*(($i+14)&0xf)`(%rsp),$a1
+ mov $a0,$T1
+ mov $a1,$a2
+ ror \$`$sigma0[1]-$sigma0[0]`,$T1
+ xor $a0,$T1
shr \$$sigma0[2],$a0
- ror \$$sigma0[0],$a2
-
- xor $a2,$a0
- ror \$`$sigma0[1]-$sigma0[0]`,$a2
- xor $a2,$a0 # sigma0(X[(i+1)&0xf])
- mov $T1,$a1
+ ror \$$sigma0[0],$T1
+ xor $T1,$a0 # sigma0(X[(i+1)&0xf])
+ mov `$SZ*(($i+9)&0xf)`(%rsp),$T1
- shr \$$sigma1[2],$T1
- ror \$$sigma1[0],$a1
-
- xor $a1,$T1
- ror \$`$sigma1[1]-$sigma1[0]`,$a1
-
- xor $a1,$T1 # sigma1(X[(i+14)&0xf])
+ ror \$`$sigma1[1]-$sigma1[0]`,$a2
+ xor $a1,$a2
+ shr \$$sigma1[2],$a1
+ ror \$$sigma1[0],$a2
add $a0,$T1
-
- add `$SZ*(($i+9)&0xf)`(%rsp),$T1
+ xor $a2,$a1 # sigma1(X[(i+14)&0xf])
add `$SZ*($i&0xf)`(%rsp),$T1
+ mov $e,$a0
+ add $a1,$T1
+ mov $a,$a1
___
&ROUND_00_15(@_);
}
@@ -219,6 +212,8 @@ $func:
___
for($i=0;$i<16;$i++) {
$code.=" mov $SZ*$i($inp),$T1\n";
+ $code.=" mov @ROT[4],$a0\n";
+ $code.=" mov @ROT[0],$a1\n";
$code.=" bswap $T1\n";
&ROUND_00_15($i,@ROT);
unshift(@ROT,pop(@ROT));
diff --git a/deps/openssl/openssl/crypto/sha/sha.h b/deps/openssl/openssl/crypto/sha/sha.h
index 16cacf9fc..8a6bf4bbb 100644
--- a/deps/openssl/openssl/crypto/sha/sha.h
+++ b/deps/openssl/openssl/crypto/sha/sha.h
@@ -106,6 +106,9 @@ typedef struct SHAstate_st
} SHA_CTX;
#ifndef OPENSSL_NO_SHA0
+#ifdef OPENSSL_FIPS
+int private_SHA_Init(SHA_CTX *c);
+#endif
int SHA_Init(SHA_CTX *c);
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
int SHA_Final(unsigned char *md, SHA_CTX *c);
@@ -113,6 +116,9 @@ unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
#endif
#ifndef OPENSSL_NO_SHA1
+#ifdef OPENSSL_FIPS
+int private_SHA1_Init(SHA_CTX *c);
+#endif
int SHA1_Init(SHA_CTX *c);
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
int SHA1_Final(unsigned char *md, SHA_CTX *c);
@@ -135,6 +141,10 @@ typedef struct SHA256state_st
} SHA256_CTX;
#ifndef OPENSSL_NO_SHA256
+#ifdef OPENSSL_FIPS
+int private_SHA224_Init(SHA256_CTX *c);
+int private_SHA256_Init(SHA256_CTX *c);
+#endif
int SHA224_Init(SHA256_CTX *c);
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
@@ -182,6 +192,10 @@ typedef struct SHA512state_st
#endif
#ifndef OPENSSL_NO_SHA512
+#ifdef OPENSSL_FIPS
+int private_SHA384_Init(SHA512_CTX *c);
+int private_SHA512_Init(SHA512_CTX *c);
+#endif
int SHA384_Init(SHA512_CTX *c);
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
diff --git a/deps/openssl/openssl/crypto/sha/sha1_one.c b/deps/openssl/openssl/crypto/sha/sha1_one.c
index 7c65b6027..c56ec9402 100644
--- a/deps/openssl/openssl/crypto/sha/sha1_one.c
+++ b/deps/openssl/openssl/crypto/sha/sha1_one.c
@@ -58,8 +58,8 @@
#include <stdio.h>
#include <string.h>
-#include <openssl/sha.h>
#include <openssl/crypto.h>
+#include <openssl/sha.h>
#ifndef OPENSSL_NO_SHA1
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
diff --git a/deps/openssl/openssl/crypto/sha/sha1dgst.c b/deps/openssl/openssl/crypto/sha/sha1dgst.c
index 50d1925cd..a98690225 100644
--- a/deps/openssl/openssl/crypto/sha/sha1dgst.c
+++ b/deps/openssl/openssl/crypto/sha/sha1dgst.c
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
diff --git a/deps/openssl/openssl/crypto/sha/sha256.c b/deps/openssl/openssl/crypto/sha/sha256.c
index 8952d8767..4eae07484 100644
--- a/deps/openssl/openssl/crypto/sha/sha256.c
+++ b/deps/openssl/openssl/crypto/sha/sha256.c
@@ -16,7 +16,7 @@
const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
-int SHA224_Init (SHA256_CTX *c)
+fips_md_init_ctx(SHA224, SHA256)
{
memset (c,0,sizeof(*c));
c->h[0]=0xc1059ed8UL; c->h[1]=0x367cd507UL;
@@ -27,7 +27,7 @@ int SHA224_Init (SHA256_CTX *c)
return 1;
}
-int SHA256_Init (SHA256_CTX *c)
+fips_md_init(SHA256)
{
memset (c,0,sizeof(*c));
c->h[0]=0x6a09e667UL; c->h[1]=0xbb67ae85UL;
@@ -88,17 +88,17 @@ int SHA224_Final (unsigned char *md, SHA256_CTX *c)
switch ((c)->md_len) \
{ case SHA224_DIGEST_LENGTH: \
for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++) \
- { ll=(c)->h[nn]; HOST_l2c(ll,(s)); } \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
case SHA256_DIGEST_LENGTH: \
for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++) \
- { ll=(c)->h[nn]; HOST_l2c(ll,(s)); } \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
default: \
if ((c)->md_len > SHA256_DIGEST_LENGTH) \
return 0; \
for (nn=0;nn<(c)->md_len/4;nn++) \
- { ll=(c)->h[nn]; HOST_l2c(ll,(s)); } \
+ { ll=(c)->h[nn]; (void)HOST_l2c(ll,(s)); } \
break; \
} \
} while (0)
diff --git a/deps/openssl/openssl/crypto/sha/sha512.c b/deps/openssl/openssl/crypto/sha/sha512.c
index cbc0e58c4..50dd7dc74 100644
--- a/deps/openssl/openssl/crypto/sha/sha512.c
+++ b/deps/openssl/openssl/crypto/sha/sha512.c
@@ -59,21 +59,8 @@ const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT;
#define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
#endif
-int SHA384_Init (SHA512_CTX *c)
+fips_md_init_ctx(SHA384, SHA512)
{
-#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
- /* maintain dword order required by assembler module */
- unsigned int *h = (unsigned int *)c->h;
-
- h[0] = 0xcbbb9d5d; h[1] = 0xc1059ed8;
- h[2] = 0x629a292a; h[3] = 0x367cd507;
- h[4] = 0x9159015a; h[5] = 0x3070dd17;
- h[6] = 0x152fecd8; h[7] = 0xf70e5939;
- h[8] = 0x67332667; h[9] = 0xffc00b31;
- h[10] = 0x8eb44a87; h[11] = 0x68581511;
- h[12] = 0xdb0c2e0d; h[13] = 0x64f98fa7;
- h[14] = 0x47b5481d; h[15] = 0xbefa4fa4;
-#else
c->h[0]=U64(0xcbbb9d5dc1059ed8);
c->h[1]=U64(0x629a292a367cd507);
c->h[2]=U64(0x9159015a3070dd17);
@@ -82,27 +69,14 @@ int SHA384_Init (SHA512_CTX *c)
c->h[5]=U64(0x8eb44a8768581511);
c->h[6]=U64(0xdb0c2e0d64f98fa7);
c->h[7]=U64(0x47b5481dbefa4fa4);
-#endif
+
c->Nl=0; c->Nh=0;
c->num=0; c->md_len=SHA384_DIGEST_LENGTH;
return 1;
}
-int SHA512_Init (SHA512_CTX *c)
+fips_md_init(SHA512)
{
-#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
- /* maintain dword order required by assembler module */
- unsigned int *h = (unsigned int *)c->h;
-
- h[0] = 0x6a09e667; h[1] = 0xf3bcc908;
- h[2] = 0xbb67ae85; h[3] = 0x84caa73b;
- h[4] = 0x3c6ef372; h[5] = 0xfe94f82b;
- h[6] = 0xa54ff53a; h[7] = 0x5f1d36f1;
- h[8] = 0x510e527f; h[9] = 0xade682d1;
- h[10] = 0x9b05688c; h[11] = 0x2b3e6c1f;
- h[12] = 0x1f83d9ab; h[13] = 0xfb41bd6b;
- h[14] = 0x5be0cd19; h[15] = 0x137e2179;
-#else
c->h[0]=U64(0x6a09e667f3bcc908);
c->h[1]=U64(0xbb67ae8584caa73b);
c->h[2]=U64(0x3c6ef372fe94f82b);
@@ -111,7 +85,7 @@ int SHA512_Init (SHA512_CTX *c)
c->h[5]=U64(0x9b05688c2b3e6c1f);
c->h[6]=U64(0x1f83d9abfb41bd6b);
c->h[7]=U64(0x5be0cd19137e2179);
-#endif
+
c->Nl=0; c->Nh=0;
c->num=0; c->md_len=SHA512_DIGEST_LENGTH;
return 1;
@@ -160,24 +134,6 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
if (md==0) return 0;
-#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
- /* recall assembler dword order... */
- n = c->md_len;
- if (n == SHA384_DIGEST_LENGTH || n == SHA512_DIGEST_LENGTH)
- {
- unsigned int *h = (unsigned int *)c->h, t;
-
- for (n/=4;n;n--)
- {
- t = *(h++);
- *(md++) = (unsigned char)(t>>24);
- *(md++) = (unsigned char)(t>>16);
- *(md++) = (unsigned char)(t>>8);
- *(md++) = (unsigned char)(t);
- }
- }
- else return 0;
-#else
switch (c->md_len)
{
/* Let compiler decide if it's appropriate to unroll... */
@@ -214,7 +170,7 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
/* ... as well as make sure md_len is not abused. */
default: return 0;
}
-#endif
+
return 1;
}
diff --git a/deps/openssl/openssl/crypto/sha/sha_dgst.c b/deps/openssl/openssl/crypto/sha/sha_dgst.c
index 70eb56032..fb63b17ff 100644
--- a/deps/openssl/openssl/crypto/sha/sha_dgst.c
+++ b/deps/openssl/openssl/crypto/sha/sha_dgst.c
@@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
+#include <openssl/crypto.h>
#include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
diff --git a/deps/openssl/openssl/crypto/sha/sha_locl.h b/deps/openssl/openssl/crypto/sha/sha_locl.h
index 672c26eee..d673255f7 100644
--- a/deps/openssl/openssl/crypto/sha/sha_locl.h
+++ b/deps/openssl/openssl/crypto/sha/sha_locl.h
@@ -69,11 +69,11 @@
#define HASH_CBLOCK SHA_CBLOCK
#define HASH_MAKE_STRING(c,s) do { \
unsigned long ll; \
- ll=(c)->h0; HOST_l2c(ll,(s)); \
- ll=(c)->h1; HOST_l2c(ll,(s)); \
- ll=(c)->h2; HOST_l2c(ll,(s)); \
- ll=(c)->h3; HOST_l2c(ll,(s)); \
- ll=(c)->h4; HOST_l2c(ll,(s)); \
+ ll=(c)->h0; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h1; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h2; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h3; (void)HOST_l2c(ll,(s)); \
+ ll=(c)->h4; (void)HOST_l2c(ll,(s)); \
} while (0)
#if defined(SHA_0)
@@ -122,7 +122,11 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
#define INIT_DATA_h3 0x10325476UL
#define INIT_DATA_h4 0xc3d2e1f0UL
-int HASH_INIT (SHA_CTX *c)
+#ifdef SHA_0
+fips_md_init(SHA)
+#else
+fips_md_init_ctx(SHA1, SHA)
+#endif
{
memset (c,0,sizeof(*c));
c->h0=INIT_DATA_h0;
@@ -252,21 +256,21 @@ static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
}
else
{
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
- BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
- BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
- BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
- BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
- BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
- BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
- BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
- BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
- BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
- BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
- BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
- BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
- BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
+ (void)HOST_c2l(data,l); X( 0)=l; (void)HOST_c2l(data,l); X( 1)=l;
+ BODY_00_15( 0,A,B,C,D,E,T,X( 0)); (void)HOST_c2l(data,l); X( 2)=l;
+ BODY_00_15( 1,T,A,B,C,D,E,X( 1)); (void)HOST_c2l(data,l); X( 3)=l;
+ BODY_00_15( 2,E,T,A,B,C,D,X( 2)); (void)HOST_c2l(data,l); X( 4)=l;
+ BODY_00_15( 3,D,E,T,A,B,C,X( 3)); (void)HOST_c2l(data,l); X( 5)=l;
+ BODY_00_15( 4,C,D,E,T,A,B,X( 4)); (void)HOST_c2l(data,l); X( 6)=l;
+ BODY_00_15( 5,B,C,D,E,T,A,X( 5)); (void)HOST_c2l(data,l); X( 7)=l;
+ BODY_00_15( 6,A,B,C,D,E,T,X( 6)); (void)HOST_c2l(data,l); X( 8)=l;
+ BODY_00_15( 7,T,A,B,C,D,E,X( 7)); (void)HOST_c2l(data,l); X( 9)=l;
+ BODY_00_15( 8,E,T,A,B,C,D,X( 8)); (void)HOST_c2l(data,l); X(10)=l;
+ BODY_00_15( 9,D,E,T,A,B,C,X( 9)); (void)HOST_c2l(data,l); X(11)=l;
+ BODY_00_15(10,C,D,E,T,A,B,X(10)); (void)HOST_c2l(data,l); X(12)=l;
+ BODY_00_15(11,B,C,D,E,T,A,X(11)); (void)HOST_c2l(data,l); X(13)=l;
+ BODY_00_15(12,A,B,C,D,E,T,X(12)); (void)HOST_c2l(data,l); X(14)=l;
+ BODY_00_15(13,T,A,B,C,D,E,X(13)); (void)HOST_c2l(data,l); X(15)=l;
BODY_00_15(14,E,T,A,B,C,D,X(14));
BODY_00_15(15,D,E,T,A,B,C,X(15));
}
diff --git a/deps/openssl/openssl/crypto/sparccpuid.S b/deps/openssl/openssl/crypto/sparccpuid.S
index ae61f7f5c..0cc247e48 100644
--- a/deps/openssl/openssl/crypto/sparccpuid.S
+++ b/deps/openssl/openssl/crypto/sparccpuid.S
@@ -235,10 +235,10 @@ _sparcv9_rdtick:
.global _sparcv9_vis1_probe
.align 8
_sparcv9_vis1_probe:
- .word 0x81b00d80 !fxor %f0,%f0,%f0
add %sp,BIAS+2,%o1
- retl
.word 0xc19a5a40 !ldda [%o1]ASI_FP16_P,%f0
+ retl
+ .word 0x81b00d80 !fxor %f0,%f0,%f0
.type _sparcv9_vis1_probe,#function
.size _sparcv9_vis1_probe,.-_sparcv9_vis1_probe
diff --git a/deps/openssl/openssl/crypto/sparcv9cap.c b/deps/openssl/openssl/crypto/sparcv9cap.c
index ed195ab40..43b3ac6f8 100644
--- a/deps/openssl/openssl/crypto/sparcv9cap.c
+++ b/deps/openssl/openssl/crypto/sparcv9cap.c
@@ -19,7 +19,8 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_U
int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
- if ((OPENSSL_sparcv9cap_P&(SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
+ if (num>=8 && !(num&1) &&
+ (OPENSSL_sparcv9cap_P&(SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
(SPARCV9_PREFER_FPU|SPARCV9_VIS1))
return bn_mul_mont_fpu(rp,ap,bp,np,n0,num);
else
@@ -169,7 +170,6 @@ void OPENSSL_cpuid_setup(void)
char *e;
struct sigaction common_act,ill_oact,bus_oact;
sigset_t all_masked,oset;
- int sig;
static int trigger=0;
if (trigger) return;
diff --git a/deps/openssl/openssl/crypto/stack/safestack.h b/deps/openssl/openssl/crypto/stack/safestack.h
index 3e76aa58f..ea3aa0d80 100644
--- a/deps/openssl/openssl/crypto/stack/safestack.h
+++ b/deps/openssl/openssl/crypto/stack/safestack.h
@@ -1459,6 +1459,94 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
+#define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
+#define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
+#define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
+#define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
+#define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
+#define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
+#define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
+#define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
+#define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
+#define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
+#define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
+#define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
+#define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
+#define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
+#define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
+#define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
+#define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
+#define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
+#define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
+#define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
+#define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
+
+#define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
+#define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
+#define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
+#define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
+#define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
+#define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
+#define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
+#define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
+#define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
+#define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
+#define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
+#define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
+#define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
+
+#define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
+#define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
+#define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
+#define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
+#define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
+#define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
+#define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
+#define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
+#define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
+#define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
+#define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
+#define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
+#define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
+
+#define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
+#define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
+#define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
+#define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
+#define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
+#define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
+#define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
+#define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
+#define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
+#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
+#define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
+#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
+#define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
+#define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
+#define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
+#define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
+
#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
@@ -2056,31 +2144,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
-#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
-#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
-#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
-#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
-#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
-#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
-#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
- ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
- sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
-#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
-
-
#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
@@ -2106,6 +2169,31 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
+#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
+#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
+#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
+ ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+ sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
+#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
+
+
#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
diff --git a/deps/openssl/openssl/crypto/symhacks.h b/deps/openssl/openssl/crypto/symhacks.h
index 3fd4a8169..07a412f84 100644
--- a/deps/openssl/openssl/crypto/symhacks.h
+++ b/deps/openssl/openssl/crypto/symhacks.h
@@ -176,7 +176,6 @@
#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
#undef SSL_COMP_get_compression_methods
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
-
#undef ssl_add_clienthello_renegotiate_ext
#define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
#undef ssl_add_serverhello_renegotiate_ext
@@ -185,6 +184,26 @@
#define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
#undef ssl_parse_serverhello_renegotiate_ext
#define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
+#undef SSL_srp_server_param_with_username
+#define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
+#undef SSL_CTX_set_srp_client_pwd_callback
+#define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
+#undef SSL_CTX_set_srp_verify_param_callback
+#define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
+#undef SSL_CTX_set_srp_username_callback
+#define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
+#undef ssl_add_clienthello_use_srtp_ext
+#define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
+#undef ssl_add_serverhello_use_srtp_ext
+#define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
+#undef ssl_parse_clienthello_use_srtp_ext
+#define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
+#undef ssl_parse_serverhello_use_srtp_ext
+#define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
+#undef SSL_CTX_set_next_protos_advertised_cb
+#define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
+#undef SSL_CTX_set_next_proto_select_cb
+#define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
/* Hack some long ENGINE names */
#undef ENGINE_get_default_BN_mod_exp_crt
@@ -238,6 +257,9 @@
#define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
#undef EC_GROUP_clear_free_all_extra_data
#define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
+#undef EC_KEY_set_public_key_affine_coordinates
+#define EC_KEY_set_public_key_affine_coordinates \
+ EC_KEY_set_pub_key_aff_coords
#undef EC_POINT_set_Jprojective_coordinates_GFp
#define EC_POINT_set_Jprojective_coordinates_GFp \
EC_POINT_set_Jproj_coords_GFp
@@ -294,8 +316,6 @@
#define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
#undef ec_GFp_simple_points_make_affine
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
-#undef ec_GFp_simple_group_get_curve_GFp
-#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
#undef ec_GFp_simple_set_Jprojective_coordinates_GFp
#define ec_GFp_simple_set_Jprojective_coordinates_GFp \
ec_GFp_smp_set_Jproj_coords_GFp
@@ -399,6 +419,12 @@
#undef dtls1_retransmit_buffered_messages
#define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
+/* Hack some long SRP names */
+#undef SRP_generate_server_master_secret
+#define SRP_generate_server_master_secret SRP_gen_server_master_secret
+#undef SRP_generate_client_master_secret
+#define SRP_generate_client_master_secret SRP_gen_client_master_secret
+
/* Hack some long UI names */
#undef UI_method_get_prompt_constructor
#define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
diff --git a/deps/openssl/openssl/crypto/ts/ts.h b/deps/openssl/openssl/crypto/ts/ts.h
index 190e8a1bf..c2448e3c3 100644
--- a/deps/openssl/openssl/crypto/ts/ts.h
+++ b/deps/openssl/openssl/crypto/ts/ts.h
@@ -86,9 +86,6 @@
#include <openssl/dh.h>
#endif
-#include <openssl/evp.h>
-
-
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c b/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
index e1f3b534a..afe16afbe 100644
--- a/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
+++ b/deps/openssl/openssl/crypto/ts/ts_rsp_verify.c
@@ -614,12 +614,15 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
goto err;
}
- EVP_DigestInit(&md_ctx, md);
+ if (!EVP_DigestInit(&md_ctx, md))
+ goto err;
while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0)
{
- EVP_DigestUpdate(&md_ctx, buffer, length);
+ if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+ goto err;
}
- EVP_DigestFinal(&md_ctx, *imprint, NULL);
+ if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+ goto err;
return 1;
err:
diff --git a/deps/openssl/openssl/crypto/ui/ui.h b/deps/openssl/openssl/crypto/ui/ui.h
index 2b1cfa228..bd78aa413 100644
--- a/deps/openssl/openssl/crypto/ui/ui.h
+++ b/deps/openssl/openssl/crypto/ui/ui.h
@@ -316,7 +316,7 @@ int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_closer(UI_METHOD *method))(UI*);
-char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
+char * (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
/* The following functions are helpers for method writers to access relevant
data from a UI_STRING. */
diff --git a/deps/openssl/openssl/crypto/ui/ui_openssl.c b/deps/openssl/openssl/crypto/ui/ui_openssl.c
index b05cbf348..a38c7581e 100644
--- a/deps/openssl/openssl/crypto/ui/ui_openssl.c
+++ b/deps/openssl/openssl/crypto/ui/ui_openssl.c
@@ -122,9 +122,15 @@
* sigaction and fileno included. -pedantic would be more appropriate for
* the intended purposes, but we can't prevent users from adding -ansi.
*/
+#if defined(OPENSSL_SYSNAME_VXWORKS)
+#include <sys/types.h>
+#endif
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
#ifndef _POSIX_C_SOURCE
#define _POSIX_C_SOURCE 2
#endif
+#endif
#include <signal.h>
#include <stdio.h>
#include <string.h>
@@ -184,7 +190,7 @@
# undef SGTTY
#endif
-#if defined(linux) && !defined(TERMIO) && !defined(__ANDROID__)
+#if defined(linux) && !defined(TERMIO)
# undef TERMIOS
# define TERMIO
# undef SGTTY
diff --git a/deps/openssl/openssl/crypto/vms_rms.h b/deps/openssl/openssl/crypto/vms_rms.h
index 00a00d993..00a00d993 100644..100755
--- a/deps/openssl/openssl/crypto/vms_rms.h
+++ b/deps/openssl/openssl/crypto/vms_rms.h
diff --git a/deps/openssl/openssl/crypto/whrlpool/Makefile b/deps/openssl/openssl/crypto/whrlpool/Makefile
index 566b99629..f4d46e4d1 100644
--- a/deps/openssl/openssl/crypto/whrlpool/Makefile
+++ b/deps/openssl/openssl/crypto/whrlpool/Makefile
@@ -89,5 +89,8 @@ clean:
wp_block.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
wp_block.o: ../../include/openssl/whrlpool.h wp_block.c wp_locl.h
-wp_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+wp_dgst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wp_dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wp_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
wp_dgst.o: ../../include/openssl/whrlpool.h wp_dgst.c wp_locl.h
diff --git a/deps/openssl/openssl/crypto/whrlpool/asm/wp-mmx.pl b/deps/openssl/openssl/crypto/whrlpool/asm/wp-mmx.pl
index 32cf16380..cb2381c22 100644
--- a/deps/openssl/openssl/crypto/whrlpool/asm/wp-mmx.pl
+++ b/deps/openssl/openssl/crypto/whrlpool/asm/wp-mmx.pl
@@ -119,7 +119,7 @@ $tbl="ebp";
&mov ("eax",&DWP(0,"esp"));
&mov ("ebx",&DWP(4,"esp"));
for($i=0;$i<8;$i++) {
- my $func = ($i==0)? movq : pxor;
+ my $func = ($i==0)? \&movq : \&pxor;
&movb (&LB("ecx"),&LB("eax"));
&movb (&LB("edx"),&HB("eax"));
&scale ("esi","ecx");
diff --git a/deps/openssl/openssl/crypto/whrlpool/asm/wp-x86_64.pl b/deps/openssl/openssl/crypto/whrlpool/asm/wp-x86_64.pl
index 87c0843dc..24b2ff60c 100644
--- a/deps/openssl/openssl/crypto/whrlpool/asm/wp-x86_64.pl
+++ b/deps/openssl/openssl/crypto/whrlpool/asm/wp-x86_64.pl
@@ -41,7 +41,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| $^X $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
sub L() { $code.=".byte ".join(',',@_)."\n"; }
sub LL(){ $code.=".byte ".join(',',@_).",".join(',',@_)."\n"; }
diff --git a/deps/openssl/openssl/crypto/whrlpool/whrlpool.h b/deps/openssl/openssl/crypto/whrlpool/whrlpool.h
index 03c91da11..9e01f5b07 100644
--- a/deps/openssl/openssl/crypto/whrlpool/whrlpool.h
+++ b/deps/openssl/openssl/crypto/whrlpool/whrlpool.h
@@ -24,6 +24,9 @@ typedef struct {
} WHIRLPOOL_CTX;
#ifndef OPENSSL_NO_WHIRLPOOL
+#ifdef OPENSSL_FIPS
+int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
+#endif
int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
diff --git a/deps/openssl/openssl/crypto/whrlpool/wp_block.c b/deps/openssl/openssl/crypto/whrlpool/wp_block.c
index 221f6cc59..824ed1827 100644
--- a/deps/openssl/openssl/crypto/whrlpool/wp_block.c
+++ b/deps/openssl/openssl/crypto/whrlpool/wp_block.c
@@ -68,9 +68,9 @@ typedef unsigned long long u64;
CPUs this is actually faster! */
# endif
# define GO_FOR_MMX(ctx,inp,num) do { \
- extern unsigned long OPENSSL_ia32cap_P; \
+ extern unsigned int OPENSSL_ia32cap_P[]; \
void whirlpool_block_mmx(void *,const void *,size_t); \
- if (!(OPENSSL_ia32cap_P & (1<<23))) break; \
+ if (!(OPENSSL_ia32cap_P[0] & (1<<23))) break; \
whirlpool_block_mmx(ctx->H.c,inp,num); return; \
} while (0)
# endif
diff --git a/deps/openssl/openssl/crypto/whrlpool/wp_dgst.c b/deps/openssl/openssl/crypto/whrlpool/wp_dgst.c
index ee5c5c1bf..7e28bef51 100644
--- a/deps/openssl/openssl/crypto/whrlpool/wp_dgst.c
+++ b/deps/openssl/openssl/crypto/whrlpool/wp_dgst.c
@@ -52,9 +52,10 @@
*/
#include "wp_locl.h"
+#include <openssl/crypto.h>
#include <string.h>
-int WHIRLPOOL_Init (WHIRLPOOL_CTX *c)
+fips_md_init(WHIRLPOOL)
{
memset (c,0,sizeof(*c));
return(1);
diff --git a/deps/openssl/openssl/crypto/x509/by_dir.c b/deps/openssl/openssl/crypto/x509/by_dir.c
index 03293ac2d..27ca5150c 100644
--- a/deps/openssl/openssl/crypto/x509/by_dir.c
+++ b/deps/openssl/openssl/crypto/x509/by_dir.c
@@ -287,8 +287,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
int ok=0;
int i,j,k;
unsigned long h;
- unsigned long hash_array[2];
- int hash_index;
BUF_MEM *b=NULL;
X509_OBJECT stmp,*tmp;
const char *postfix="";
@@ -325,11 +323,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
ctx=(BY_DIR *)xl->method_data;
h=X509_NAME_hash(name);
- hash_array[0]=h;
- hash_array[1]=X509_NAME_hash_old(name);
- for (hash_index=0; hash_index < 2; hash_index++)
- {
- h=hash_array[hash_index];
for (i=0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++)
{
BY_DIR_ENTRY *ent;
@@ -483,7 +476,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
goto finish;
}
}
- }
finish:
if (b != NULL) BUF_MEM_free(b);
return(ok);
diff --git a/deps/openssl/openssl/crypto/x509/x509.h b/deps/openssl/openssl/crypto/x509/x509.h
index e6f8a4039..092dd7450 100644
--- a/deps/openssl/openssl/crypto/x509/x509.h
+++ b/deps/openssl/openssl/crypto/x509/x509.h
@@ -657,11 +657,15 @@ int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent);
int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_pubkey_digest(const X509 *data,const EVP_MD *type,
@@ -763,6 +767,7 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
X509_NAME *X509_NAME_dup(X509_NAME *xn);
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
@@ -896,6 +901,9 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature,
void *data, EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it,
+ X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
#endif
int X509_set_version(X509 *x,long version);
@@ -1161,6 +1169,9 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen,
unsigned char *aiv, int prf_nid);
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen);
+
/* PKCS#8 utilities */
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
diff --git a/deps/openssl/openssl/crypto/x509/x509_cmp.c b/deps/openssl/openssl/crypto/x509/x509_cmp.c
index 4bc9da07e..352aa3743 100644
--- a/deps/openssl/openssl/crypto/x509/x509_cmp.c
+++ b/deps/openssl/openssl/crypto/x509/x509_cmp.c
@@ -86,16 +86,20 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
EVP_MD_CTX_init(&ctx);
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
- ret=strlen(f);
- EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
- EVP_DigestUpdate(&ctx,(unsigned char *)f,ret);
+ if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f)))
+ goto err;
OPENSSL_free(f);
- EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
- (unsigned long)a->cert_info->serialNumber->length);
- EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
+ if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL))
+ goto err;
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
)&0xffffffffL;
+ err:
EVP_MD_CTX_cleanup(&ctx);
return(ret);
}
@@ -219,7 +223,9 @@ unsigned long X509_NAME_hash(X509_NAME *x)
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x,NULL);
- EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
+ NULL))
+ return 0;
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
@@ -234,16 +240,22 @@ unsigned long X509_NAME_hash(X509_NAME *x)
unsigned long X509_NAME_hash_old(X509_NAME *x)
{
+ EVP_MD_CTX md_ctx;
unsigned long ret=0;
unsigned char md[16];
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x,NULL);
- EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
+ EVP_MD_CTX_init(&md_ctx);
+ EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
+ && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
+ && EVP_DigestFinal_ex(&md_ctx,md,NULL))
+ ret=(((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
+ ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+ )&0xffffffffL;
+ EVP_MD_CTX_cleanup(&md_ctx);
- ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
return(ret);
}
#endif
diff --git a/deps/openssl/openssl/crypto/x509/x509_lu.c b/deps/openssl/openssl/crypto/x509/x509_lu.c
index 3a6e04a1d..38525a8cd 100644
--- a/deps/openssl/openssl/crypto/x509/x509_lu.c
+++ b/deps/openssl/openssl/crypto/x509/x509_lu.c
@@ -87,7 +87,7 @@ void X509_LOOKUP_free(X509_LOOKUP *ctx)
if (ctx == NULL) return;
if ( (ctx->method != NULL) &&
(ctx->method->free != NULL))
- ctx->method->free(ctx);
+ (*ctx->method->free)(ctx);
OPENSSL_free(ctx);
}
diff --git a/deps/openssl/openssl/crypto/x509/x509_vfy.c b/deps/openssl/openssl/crypto/x509/x509_vfy.c
index 701ec565e..12d71f54e 100644
--- a/deps/openssl/openssl/crypto/x509/x509_vfy.c
+++ b/deps/openssl/openssl/crypto/x509/x509_vfy.c
@@ -153,7 +153,6 @@ static int x509_subject_cmp(X509 **a, X509 **b)
int X509_verify_cert(X509_STORE_CTX *ctx)
{
X509 *x,*xtmp,*chain_ss=NULL;
- X509_NAME *xn;
int bad_chain = 0;
X509_VERIFY_PARAM *param = ctx->param;
int depth,i,ok=0;
@@ -205,7 +204,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
*/
/* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
if (ctx->check_issued(ctx, x,x)) break;
/* If we were passed a cert chain, use it first */
@@ -242,7 +240,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
i=sk_X509_num(ctx->chain);
x=sk_X509_value(ctx->chain,i-1);
- xn = X509_get_subject_name(x);
if (ctx->check_issued(ctx, x, x))
{
/* we have a self signed certificate */
@@ -291,7 +288,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
if (depth < num) break;
/* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
if (ctx->check_issued(ctx,x,x)) break;
ok = ctx->get_issuer(&xtmp, ctx, x);
@@ -310,7 +306,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
}
/* we now have our chain, lets check it... */
- xn=X509_get_issuer_name(x);
/* Is last certificate looked up self signed? */
if (!ctx->check_issued(ctx,x,x))
@@ -877,7 +872,7 @@ static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
{
ASN1_OCTET_STRING *exta, *extb;
int i;
- i = X509_CRL_get_ext_by_NID(a, nid, 0);
+ i = X509_CRL_get_ext_by_NID(a, nid, -1);
if (i >= 0)
{
/* Can't have multiple occurrences */
@@ -888,7 +883,7 @@ static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
else
exta = NULL;
- i = X509_CRL_get_ext_by_NID(b, nid, 0);
+ i = X509_CRL_get_ext_by_NID(b, nid, -1);
if (i >= 0)
{
diff --git a/deps/openssl/openssl/crypto/x509/x509type.c b/deps/openssl/openssl/crypto/x509/x509type.c
index 3385ad3f6..9702ec531 100644
--- a/deps/openssl/openssl/crypto/x509/x509type.c
+++ b/deps/openssl/openssl/crypto/x509/x509type.c
@@ -100,20 +100,26 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
break;
}
- i=X509_get_signature_type(x);
- switch (i)
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i))
{
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret|=EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret|=EVP_PKS_EC;
- break;
- default:
- break;
+
+ switch (i)
+ {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret|=EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret|=EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret|=EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
}
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
diff --git a/deps/openssl/openssl/crypto/x509/x_all.c b/deps/openssl/openssl/crypto/x509/x_all.c
index 8ec88c215..b94aeeb87 100644
--- a/deps/openssl/openssl/crypto/x509/x_all.c
+++ b/deps/openssl/openssl/crypto/x509/x_all.c
@@ -95,12 +95,25 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
x->sig_alg, x->signature, x->cert_info,pkey,md));
}
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
+ {
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
+ x->cert_info->signature,
+ x->sig_alg, x->signature, x->cert_info, ctx);
+ }
+
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
return(ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),x->sig_alg, NULL,
x->signature, x->req_info,pkey,md));
}
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
+ {
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
+ x->sig_alg, NULL, x->signature, x->req_info, ctx);
+ }
+
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
x->crl->enc.modified = 1;
@@ -108,6 +121,12 @@ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
x->sig_alg, x->signature, x->crl,pkey,md));
}
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
+ {
+ return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
+ x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
+ }
+
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
{
return(ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor,NULL,
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_asid.c b/deps/openssl/openssl/crypto/x509v3/v3_asid.c
index 3f434c060..1587e8ed7 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_asid.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_asid.c
@@ -358,6 +358,20 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
goto done;
}
+ /*
+ * Check for inverted range.
+ */
+ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+ {
+ ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+ ASN1_INTEGER *a_min, *a_max;
+ if (a != NULL && a->type == ASIdOrRange_range) {
+ extract_min_max(a, &a_min, &a_max);
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+ goto done;
+ }
+ }
+
ret = 1;
done:
@@ -392,9 +406,18 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
return 1;
/*
- * We have a list. Sort it.
+ * If not a list, or if empty list, it's broken.
+ */
+ if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
+ sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) {
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ return 0;
+ }
+
+ /*
+ * We have a non-empty list. Sort it.
*/
- OPENSSL_assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
/*
@@ -415,6 +438,13 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
/*
+ * Punt inverted ranges.
+ */
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
+ ASN1_INTEGER_cmp(b_min, b_max) > 0)
+ goto done;
+
+ /*
* Check for overlaps.
*/
if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
@@ -465,12 +495,26 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
break;
}
ASIdOrRange_free(b);
- sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
+ (void) sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
i--;
continue;
}
}
+ /*
+ * Check for final inverted range.
+ */
+ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+ {
+ ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+ ASN1_INTEGER *a_min, *a_max;
+ if (a != NULL && a->type == ASIdOrRange_range) {
+ extract_min_max(a, &a_min, &a_max);
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+ goto done;
+ }
+ }
+
OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
ret = 1;
@@ -498,6 +542,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values)
{
+ ASN1_INTEGER *min = NULL, *max = NULL;
ASIdentifiers *asid = NULL;
int i;
@@ -508,7 +553,6 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
- ASN1_INTEGER *min = NULL, *max = NULL;
int i1, i2, i3, is_range, which;
/*
@@ -578,18 +622,19 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
max = s2i_ASN1_INTEGER(NULL, s + i2);
OPENSSL_free(s);
if (min == NULL || max == NULL) {
- ASN1_INTEGER_free(min);
- ASN1_INTEGER_free(max);
X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
goto err;
}
+ if (ASN1_INTEGER_cmp(min, max) > 0) {
+ X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_EXTENSION_VALUE_ERROR);
+ goto err;
+ }
}
if (!v3_asid_add_id_or_range(asid, which, min, max)) {
- ASN1_INTEGER_free(min);
- ASN1_INTEGER_free(max);
X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
goto err;
}
+ min = max = NULL;
}
/*
@@ -601,6 +646,8 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
err:
ASIdentifiers_free(asid);
+ ASN1_INTEGER_free(min);
+ ASN1_INTEGER_free(max);
return NULL;
}
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_purp.c b/deps/openssl/openssl/crypto/x509v3/v3_purp.c
index 181bd3497..ad688657e 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_purp.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_purp.c
@@ -474,11 +474,11 @@ static void x509v3_cache_extensions(X509 *x)
for (i = 0; i < X509_get_ext_count(x); i++)
{
ex = X509_get_ext(x, i);
- if (!X509_EXTENSION_get_critical(ex))
- continue;
if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
== NID_freshest_crl)
x->ex_flags |= EXFLAG_FRESHEST;
+ if (!X509_EXTENSION_get_critical(ex))
+ continue;
if (!X509_supported_extension(ex))
{
x->ex_flags |= EXFLAG_CRITICAL;
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_skey.c b/deps/openssl/openssl/crypto/x509v3/v3_skey.c
index 202c9e489..0a984fbaa 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_skey.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_skey.c
@@ -129,7 +129,8 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
goto err;
}
- EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL);
+ if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+ goto err;
if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
diff --git a/deps/openssl/openssl/crypto/x86_64cpuid.pl b/deps/openssl/openssl/crypto/x86_64cpuid.pl
index c96821a3c..6ebfd017e 100644
--- a/deps/openssl/openssl/crypto/x86_64cpuid.pl
+++ b/deps/openssl/openssl/crypto/x86_64cpuid.pl
@@ -7,15 +7,25 @@ if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-open STDOUT,"| $^X ${dir}perlasm/x86_64-xlate.pl $flavour $output";
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx"); # Unix order
-if ($win64) { $arg1="%rcx"; $arg2="%rdx"; }
-else { $arg1="%rdi"; $arg2="%rsi"; }
print<<___;
.extern OPENSSL_cpuid_setup
+.hidden OPENSSL_cpuid_setup
.section .init
call OPENSSL_cpuid_setup
+.hidden OPENSSL_ia32cap_P
+.comm OPENSSL_ia32cap_P,8,4
+
.text
.globl OPENSSL_atomic_add
@@ -46,7 +56,7 @@ OPENSSL_rdtsc:
.type OPENSSL_ia32_cpuid,\@abi-omnipotent
.align 16
OPENSSL_ia32_cpuid:
- mov %rbx,%r8
+ mov %rbx,%r8 # save %rbx
xor %eax,%eax
cpuid
@@ -78,7 +88,15 @@ OPENSSL_ia32_cpuid:
# AMD specific
mov \$0x80000000,%eax
cpuid
- cmp \$0x80000008,%eax
+ cmp \$0x80000001,%eax
+ jb .Lintel
+ mov %eax,%r10d
+ mov \$0x80000001,%eax
+ cpuid
+ or %ecx,%r9d
+ and \$0x00000801,%r9d # isolate AMD XOP bit, 1<<11
+
+ cmp \$0x80000008,%r10d
jb .Lintel
mov \$0x80000008,%eax
@@ -89,12 +107,12 @@ OPENSSL_ia32_cpuid:
mov \$1,%eax
cpuid
bt \$28,%edx # test hyper-threading bit
- jnc .Ldone
+ jnc .Lgeneric
shr \$16,%ebx # number of logical processors
cmp %r10b,%bl
- ja .Ldone
+ ja .Lgeneric
and \$0xefffffff,%edx # ~(1<<28)
- jmp .Ldone
+ jmp .Lgeneric
.Lintel:
cmp \$4,%r11d
@@ -111,30 +129,47 @@ OPENSSL_ia32_cpuid:
.Lnocacheinfo:
mov \$1,%eax
cpuid
+ and \$0xbfefffff,%edx # force reserved bits to 0
cmp \$0,%r9d
jne .Lnotintel
- or \$0x00100000,%edx # use reserved 20th bit to engage RC4_CHAR
+ or \$0x40000000,%edx # set reserved bit#30 on Intel CPUs
and \$15,%ah
cmp \$15,%ah # examine Family ID
- je .Lnotintel
- or \$0x40000000,%edx # use reserved bit to skip unrolled loop
+ jne .Lnotintel
+ or \$0x00100000,%edx # set reserved bit#20 to engage RC4_CHAR
.Lnotintel:
bt \$28,%edx # test hyper-threading bit
- jnc .Ldone
+ jnc .Lgeneric
and \$0xefffffff,%edx # ~(1<<28)
cmp \$0,%r10d
- je .Ldone
+ je .Lgeneric
or \$0x10000000,%edx # 1<<28
shr \$16,%ebx
cmp \$1,%bl # see if cache is shared
- ja .Ldone
+ ja .Lgeneric
and \$0xefffffff,%edx # ~(1<<28)
+.Lgeneric:
+ and \$0x00000800,%r9d # isolate AMD XOP flag
+ and \$0xfffff7ff,%ecx
+ or %ecx,%r9d # merge AMD XOP flag
+
+ mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx
+ bt \$27,%r9d # check OSXSAVE bit
+ jnc .Lclear_avx
+ xor %ecx,%ecx # XCR0
+ .byte 0x0f,0x01,0xd0 # xgetbv
+ and \$6,%eax # isolate XMM and YMM state support
+ cmp \$6,%eax
+ je .Ldone
+.Lclear_avx:
+ mov \$0xefffe7ff,%eax # ~(1<<28|1<<12|1<<11)
+ and %eax,%r9d # clear AVX, FMA and AMD XOP bits
.Ldone:
- shl \$32,%rcx
- mov %edx,%eax
- mov %r8,%rbx
- or %rcx,%rax
+ shl \$32,%r9
+ mov %r10d,%eax
+ mov %r8,%rbx # restore %rbx
+ or %r9,%rax
ret
.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
@@ -229,4 +264,21 @@ OPENSSL_wipe_cpu:
.size OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
___
+print<<___;
+.globl OPENSSL_ia32_rdrand
+.type OPENSSL_ia32_rdrand,\@abi-omnipotent
+.align 16
+OPENSSL_ia32_rdrand:
+ mov \$8,%ecx
+.Loop_rdrand:
+ rdrand %rax
+ jc .Lbreak_rdrand
+ loop .Loop_rdrand
+.Lbreak_rdrand:
+ cmp \$0,%rax
+ cmove %rcx,%rax
+ ret
+.size OPENSSL_ia32_rdrand,.-OPENSSL_ia32_rdrand
+___
+
close STDOUT; # flush
diff --git a/deps/openssl/openssl/crypto/x86cpuid.pl b/deps/openssl/openssl/crypto/x86cpuid.pl
index a7464af19..c18b0e248 100644
--- a/deps/openssl/openssl/crypto/x86cpuid.pl
+++ b/deps/openssl/openssl/crypto/x86cpuid.pl
@@ -19,9 +19,9 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&pushf ();
&pop ("eax");
&xor ("ecx","eax");
- &bt ("ecx",21);
- &jnc (&label("done"));
&xor ("eax","eax");
+ &bt ("ecx",21);
+ &jnc (&label("nocpuid"));
&cpuid ();
&mov ("edi","eax"); # max value for standard query level
@@ -51,7 +51,14 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
# AMD specific
&mov ("eax",0x80000000);
&cpuid ();
- &cmp ("eax",0x80000008);
+ &cmp ("eax",0x80000001);
+ &jb (&label("intel"));
+ &mov ("esi","eax");
+ &mov ("eax",0x80000001);
+ &cpuid ();
+ &or ("ebp","ecx");
+ &and ("ebp",1<<11|1); # isolate XOP bit
+ &cmp ("esi",0x80000008);
&jb (&label("intel"));
&mov ("eax",0x80000008);
@@ -62,13 +69,13 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&mov ("eax",1);
&cpuid ();
&bt ("edx",28);
- &jnc (&label("done"));
+ &jnc (&label("generic"));
&shr ("ebx",16);
&and ("ebx",0xff);
&cmp ("ebx","esi");
- &ja (&label("done"));
+ &ja (&label("generic"));
&and ("edx",0xefffffff); # clear hyper-threading bit
- &jmp (&label("done"));
+ &jmp (&label("generic"));
&set_label("intel");
&cmp ("edi",4);
@@ -85,27 +92,51 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&set_label("nocacheinfo");
&mov ("eax",1);
&cpuid ();
+ &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0
&cmp ("ebp",0);
- &jne (&label("notP4"));
+ &jne (&label("notintel"));
+ &or ("edx",1<<30); # set reserved bit#30 on Intel CPUs
&and (&HB("eax"),15); # familiy ID
&cmp (&HB("eax"),15); # P4?
- &jne (&label("notP4"));
- &or ("edx",1<<20); # use reserved bit to engage RC4_CHAR
-&set_label("notP4");
+ &jne (&label("notintel"));
+ &or ("edx",1<<20); # set reserved bit#20 to engage RC4_CHAR
+&set_label("notintel");
&bt ("edx",28); # test hyper-threading bit
- &jnc (&label("done"));
+ &jnc (&label("generic"));
&and ("edx",0xefffffff);
&cmp ("edi",0);
- &je (&label("done"));
+ &je (&label("generic"));
&or ("edx",0x10000000);
&shr ("ebx",16);
&cmp (&LB("ebx"),1);
- &ja (&label("done"));
+ &ja (&label("generic"));
&and ("edx",0xefffffff); # clear hyper-threading bit if not
+
+&set_label("generic");
+ &and ("ebp",1<<11); # isolate AMD XOP flag
+ &and ("ecx",0xfffff7ff); # force 11th bit to 0
+ &mov ("esi","edx");
+ &or ("ebp","ecx"); # merge AMD XOP flag
+
+ &bt ("ecx",27); # check OSXSAVE bit
+ &jnc (&label("clear_avx"));
+ &xor ("ecx","ecx");
+ &data_byte(0x0f,0x01,0xd0); # xgetbv
+ &and ("eax",6);
+ &cmp ("eax",6);
+ &je (&label("done"));
+ &cmp ("eax",2);
+ &je (&label("clear_avx"));
+&set_label("clear_xmm");
+ &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits
+ &and ("esi",0xfeffffff); # clear FXSR
+&set_label("clear_avx");
+ &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits
&set_label("done");
- &mov ("eax","edx");
- &mov ("edx","ecx");
+ &mov ("eax","esi");
+ &mov ("edx","ebp");
+&set_label("nocpuid");
&function_end("OPENSSL_ia32_cpuid");
&external_label("OPENSSL_ia32cap_P");
@@ -134,7 +165,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&jnz (&label("nohalt")); # not enough privileges
&pushf ();
- &pop ("eax")
+ &pop ("eax");
&bt ("eax",9);
&jnc (&label("nohalt")); # interrupts are disabled
@@ -199,8 +230,9 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&bt (&DWP(0,"ecx"),1);
&jnc (&label("no_x87"));
if ($sse2) {
- &bt (&DWP(0,"ecx"),26);
- &jnc (&label("no_sse2"));
+ &and ("ecx",1<<26|1<<24); # check SSE2 and FXSR bits
+ &cmp ("ecx",1<<26|1<<24);
+ &jne (&label("no_sse2"));
&pxor ("xmm0","xmm0");
&pxor ("xmm1","xmm1");
&pxor ("xmm2","xmm2");
@@ -248,7 +280,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
# arguments is 1 or 2!
&function_begin_B("OPENSSL_indirect_call");
{
- my $i,$max=7; # $max has to be chosen as 4*n-1
+ my ($max,$i)=(7,); # $max has to be chosen as 4*n-1
# in order to preserve eventual
# stack alignment
&push ("ebp");
@@ -307,6 +339,18 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&ret ();
&function_end_B("OPENSSL_cleanse");
+&function_begin_B("OPENSSL_ia32_rdrand");
+ &mov ("ecx",8);
+&set_label("loop");
+ &rdrand ("eax");
+ &jc (&label("break"));
+ &loop (&label("loop"));
+&set_label("break");
+ &cmp ("eax",0);
+ &cmove ("eax","ecx");
+ &ret ();
+&function_end_B("OPENSSL_ia32_rdrand");
+
&initseg("OPENSSL_cpuid_setup");
&asm_finish();
diff --git a/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt b/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
index 3d36b02f6..f98ec3607 100644
--- a/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
+++ b/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
@@ -57,7 +57,7 @@ following methods:
- in all other cases, proxy certificate validation can be enabled
before starting the application by setting the envirnoment variable
- OPENSSL_ALLOW_PROXY with some non-empty value.
+ OPENSSL_ALLOW_PROXY_CERTS with some non-empty value.
There are thoughts to allow proxy certificates with a line in the
default openssl.cnf, but that's still in the future.
diff --git a/deps/openssl/openssl/doc/apps/CA.pl.pod b/deps/openssl/openssl/doc/apps/CA.pl.pod
index ed69952f3..d326101cd 100644
--- a/deps/openssl/openssl/doc/apps/CA.pl.pod
+++ b/deps/openssl/openssl/doc/apps/CA.pl.pod
@@ -39,13 +39,13 @@ prints a usage message.
=item B<-newcert>
-creates a new self signed certificate. The private key and certificate are
-written to the file "newreq.pem".
+creates a new self signed certificate. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
=item B<-newreq>
-creates a new certificate request. The private key and request are
-written to the file "newreq.pem".
+creates a new certificate request. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
=item B<-newreq-nodes>
diff --git a/deps/openssl/openssl/doc/apps/genpkey.pod b/deps/openssl/openssl/doc/apps/genpkey.pod
index 1611b5ca7..c74d097fb 100644
--- a/deps/openssl/openssl/doc/apps/genpkey.pod
+++ b/deps/openssl/openssl/doc/apps/genpkey.pod
@@ -114,6 +114,8 @@ hexadecimal value if preceded by B<0x>. Default value is 65537.
The number of bits in the generated parameters. If not specified 1024 is used.
+=back
+
=head1 DH PARAMETER GENERATION OPTIONS
=over 4
diff --git a/deps/openssl/openssl/doc/apps/openssl.pod b/deps/openssl/openssl/doc/apps/openssl.pod
index 738142e9f..64a160c20 100644
--- a/deps/openssl/openssl/doc/apps/openssl.pod
+++ b/deps/openssl/openssl/doc/apps/openssl.pod
@@ -287,8 +287,6 @@ SHA Digest
SHA-1 Digest
-=back
-
=item B<sha224>
SHA-224 Digest
@@ -305,6 +303,8 @@ SHA-384 Digest
SHA-512 Digest
+=back
+
=head2 ENCODING AND CIPHER COMMANDS
=over 10
diff --git a/deps/openssl/openssl/doc/apps/verify.pod b/deps/openssl/openssl/doc/apps/verify.pod
index 336098f1e..da683004b 100644
--- a/deps/openssl/openssl/doc/apps/verify.pod
+++ b/deps/openssl/openssl/doc/apps/verify.pod
@@ -54,35 +54,37 @@ in PEM format concatenated together.
=item B<-untrusted file>
A file of untrusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
=item B<-purpose purpose>
-the intended use for the certificate. Without this option no chain verification
-will be done. Currently accepted uses are B<sslclient>, B<sslserver>,
-B<nssslserver>, B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION>
-section for more information.
+The intended use for the certificate. If this option is not specified,
+B<verify> will not consider certificate purpose during chain verification.
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
=item B<-help>
-prints out a usage message.
+Print out a usage message.
=item B<-verbose>
-print extra information about the operations being performed.
+Print extra information about the operations being performed.
=item B<-issuer_checks>
-print out diagnostics relating to searches for the issuer certificate
-of the current certificate. This shows why each candidate issuer
-certificate was rejected. However the presence of rejection messages
-does not itself imply that anything is wrong: during the normal
-verify process several rejections may take place.
+Print out diagnostics relating to searches for the issuer certificate of the
+current certificate. This shows why each candidate issuer certificate was
+rejected. The presence of rejection messages does not itself imply that
+anything is wrong; during the normal verification process, several
+rejections may take place.
=item B<-policy arg>
-Enable policy processing and add B<arg> to the user-initial-policy-set
-(see RFC3280 et al). The policy B<arg> can be an object name an OID in numeric
-form. This argument can appear more than once.
+Enable policy processing and add B<arg> to the user-initial-policy-set (see
+RFC5280). The policy B<arg> can be an object name an OID in numeric form.
+This argument can appear more than once.
=item B<-policy_check>
@@ -90,41 +92,40 @@ Enables certificate policy processing.
=item B<-explicit_policy>
-Set policy variable require-explicit-policy (see RFC3280 et al).
+Set policy variable require-explicit-policy (see RFC5280).
=item B<-inhibit_any>
-Set policy variable inhibit-any-policy (see RFC3280 et al).
+Set policy variable inhibit-any-policy (see RFC5280).
=item B<-inhibit_map>
-Set policy variable inhibit-policy-mapping (see RFC3280 et al).
+Set policy variable inhibit-policy-mapping (see RFC5280).
=item B<-policy_print>
-Print out diagnostics, related to policy checking
+Print out diagnostics related to policy processing.
=item B<-crl_check>
-Checks end entity certificate validity by attempting to lookup a valid CRL.
+Checks end entity certificate validity by attempting to look up a valid CRL.
If a valid CRL cannot be found an error occurs.
=item B<-crl_check_all>
Checks the validity of B<all> certificates in the chain by attempting
-to lookup valid CRLs.
+to look up valid CRLs.
=item B<-ignore_critical>
Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by
-RFC3280 et al). If this option is set critical extensions are
-ignored.
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
+If this option is set critical extensions are ignored.
=item B<-x509_strict>
-Disable workarounds for broken certificates which have to be disabled
-for strict X.509 compliance.
+For strict X.509 compliance, disable non-compliant workarounds for broken
+certificates.
=item B<-extended_crl>
@@ -142,16 +143,15 @@ because it doesn't add any security.
=item B<->
-marks the last option. All arguments following this are assumed to be
+Indicates the last option. All arguments following this are assumed to be
certificate files. This is useful if the first certificate filename begins
with a B<->.
=item B<certificates>
-one or more certificates to verify. If no certificate filenames are included
-then an attempt is made to read a certificate from standard input. They should
-all be in PEM format.
-
+One or more certificates to verify. If no certificates are given, B<verify>
+will attempt to read a certificate from standard input. Certificates must be
+in PEM format.
=back
diff --git a/deps/openssl/openssl/doc/apps/x509.pod b/deps/openssl/openssl/doc/apps/x509.pod
index 3002b0812..d2d9eb812 100644
--- a/deps/openssl/openssl/doc/apps/x509.pod
+++ b/deps/openssl/openssl/doc/apps/x509.pod
@@ -29,6 +29,7 @@ B<openssl> B<x509>
[B<-purpose>]
[B<-dates>]
[B<-modulus>]
+[B<-pubkey>]
[B<-fingerprint>]
[B<-alias>]
[B<-noout>]
@@ -135,6 +136,10 @@ section for more information.
this option prevents output of the encoded version of the request.
+=item B<-pubkey>
+
+outputs the the certificate's SubjectPublicKeyInfo block in PEM format.
+
=item B<-modulus>
this option prints out the value of the modulus of the public key
diff --git a/deps/openssl/openssl/doc/crypto/EVP_DigestInit.pod b/deps/openssl/openssl/doc/crypto/EVP_DigestInit.pod
index 5b477ac6e..367691cc7 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_DigestInit.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_DigestInit.pod
@@ -6,7 +6,8 @@ EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size,
EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type,
-EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2,
+EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_sha224, EVP_sha256,
+EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
EVP digest routines
@@ -33,16 +34,15 @@ EVP digest routines
int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
- #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+ #define EVP_MAX_MD_SIZE 64 /* SHA512 */
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
- #define EVP_MD_type(e) ((e)->type)
- #define EVP_MD_pkey_type(e) ((e)->pkey_type)
- #define EVP_MD_size(e) ((e)->md_size)
- #define EVP_MD_block_size(e) ((e)->block_size)
-
- #define EVP_MD_CTX_md(e) (e)->digest)
- #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
@@ -56,6 +56,11 @@ EVP digest routines
const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void);
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);
+
const EVP_MD *EVP_get_digestbyname(const char *name);
#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
@@ -124,12 +129,14 @@ B<EVP_MD_CTX>.
EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
with this digest. For example EVP_sha1() is associated with RSA so this will
-return B<NID_sha1WithRSAEncryption>. This "link" between digests and signature
-algorithms may not be retained in future versions of OpenSSL.
+return B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms
+are no longer linked this function is only retained for compatibility
+reasons.
-EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160()
-return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest
-algorithms respectively. The associated signature algorithm is RSA in each case.
+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
+structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
+and RIPEMD160 digest algorithms respectively.
EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
algorithms but using DSS (DSA) for the signature algorithm. Note: there is
@@ -171,8 +178,8 @@ The B<EVP> interface to message digests should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the digest used and much more flexible.
-SHA1 is the digest of choice for new applications. The other digest algorithms
-are still in common use.
+New applications should use the SHA2 digest algorithms such as SHA256.
+The other digest algorithms are still in common use.
For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
set to NULL to use the default digest implementation.
@@ -187,6 +194,19 @@ implementations of digests to be specified.
In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
memory leaks will occur.
+Stack allocation of EVP_MD_CTX structures is common, for example:
+
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+
+This will cause binary compatibility issues if the size of EVP_MD_CTX
+structure changes (this will only happen with a major release of OpenSSL).
+Applications wishing to avoid this should use EVP_MD_CTX_create() instead:
+
+ EVP_MD_CTX *mctx;
+ mctx = EVP_MD_CTX_create();
+
+
=head1 EXAMPLE
This example digests the data "Test Message\n" and "Hello World\n", using the
@@ -197,7 +217,7 @@ digest name passed on the command line.
main(int argc, char *argv[])
{
- EVP_MD_CTX mdctx;
+ EVP_MD_CTX *mdctx;
const EVP_MD *md;
char mess1[] = "Test Message\n";
char mess2[] = "Hello World\n";
@@ -218,12 +238,12 @@ digest name passed on the command line.
exit(1);
}
- EVP_MD_CTX_init(&mdctx);
- EVP_DigestInit_ex(&mdctx, md, NULL);
- EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
- EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
- EVP_MD_CTX_cleanup(&mdctx);
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, md, NULL);
+ EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+ EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+ EVP_MD_CTX_destroy(mdctx);
printf("Digest is: ");
for(i = 0; i < md_len; i++) printf("%02x", md_value[i]);
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod
index f2f455990..13b91f1e6 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod
@@ -117,7 +117,7 @@ L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_decrypt.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_decrypt.pod
index 42b2a8c44..847983237 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_decrypt.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_decrypt.pod
@@ -83,7 +83,7 @@ L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_derive.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_derive.pod
index d9d6d76c7..27464be57 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_derive.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_derive.pod
@@ -84,7 +84,7 @@ L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_encrypt.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_encrypt.pod
index 91c9c5d0a..e495a8124 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_encrypt.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_encrypt.pod
@@ -83,7 +83,7 @@ L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod
index 1a9c7954c..8ff597d44 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod
@@ -32,7 +32,7 @@ public key algorithm.
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_keygen.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_keygen.pod
index 37c6fe950..fd431ace6 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_keygen.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_keygen.pod
@@ -151,7 +151,7 @@ L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_sign.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_sign.pod
index 2fb52c348..a044f2c13 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_sign.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_sign.pod
@@ -86,7 +86,7 @@ L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/EVP_PKEY_verify.pod b/deps/openssl/openssl/doc/crypto/EVP_PKEY_verify.pod
index f93e5fc6c..90612ba2f 100644
--- a/deps/openssl/openssl/doc/crypto/EVP_PKEY_verify.pod
+++ b/deps/openssl/openssl/doc/crypto/EVP_PKEY_verify.pod
@@ -81,7 +81,7 @@ L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
=head1 HISTORY
diff --git a/deps/openssl/openssl/doc/crypto/ecdsa.pod b/deps/openssl/openssl/doc/crypto/ecdsa.pod
index 49b10f224..20edff97f 100644
--- a/deps/openssl/openssl/doc/crypto/ecdsa.pod
+++ b/deps/openssl/openssl/doc/crypto/ecdsa.pod
@@ -114,7 +114,7 @@ using the public key B<eckey>.
ECDSA_size() returns the maximum length signature or 0 on error.
-ECDSA_sign_setup() and ECDSA_sign() return 1 if successful or -1
+ECDSA_sign_setup() and ECDSA_sign() return 1 if successful or 0
on error.
ECDSA_verify() and ECDSA_do_verify() return 1 for a valid
diff --git a/deps/openssl/openssl/doc/ssl/SSL_alert_type_string.pod b/deps/openssl/openssl/doc/ssl/SSL_alert_type_string.pod
index 94e28cc30..0329c3486 100644
--- a/deps/openssl/openssl/doc/ssl/SSL_alert_type_string.pod
+++ b/deps/openssl/openssl/doc/ssl/SSL_alert_type_string.pod
@@ -214,6 +214,11 @@ satisfy a request; the process might receive security parameters
difficult to communicate changes to these parameters after that
point. This message is always a warning.
+=item "UP"/"unknown PSK identity"
+
+Sent by the server to indicate that it does not recognize a PSK
+identity or an SRP identity.
+
=item "UK"/"unknown"
This indicates that no description is available for this alert type.
diff --git a/deps/openssl/openssl/e_os.h b/deps/openssl/openssl/e_os.h
index 5ceeeeb95..79c139257 100644
--- a/deps/openssl/openssl/e_os.h
+++ b/deps/openssl/openssl/e_os.h
@@ -99,7 +99,6 @@ extern "C" {
# ifndef MAC_OS_GUSI_SOURCE
# define MAC_OS_pre_X
# define NO_SYS_TYPES_H
- typedef long ssize_t;
# endif
# define NO_SYS_PARAM_H
# define NO_CHMOD
@@ -340,8 +339,6 @@ static unsigned int _strlen31(const char *str)
# define OPENSSL_NO_POSIX_IO
# endif
-# define ssize_t long
-
# if defined (__BORLANDC__)
# define _setmode setmode
# define _O_TEXT O_TEXT
@@ -456,9 +453,6 @@ static unsigned int _strlen31(const char *str)
* (unless when compiling with -D_POSIX_SOURCE,
* which doesn't work for us) */
# endif
-# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
-# define ssize_t int /* ditto */
-# endif
# ifdef OPENSSL_SYS_NEWS4 /* setvbuf is missing on mips-sony-bsd */
# define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
typedef unsigned long clock_t;
@@ -637,12 +631,6 @@ static unsigned int _strlen31(const char *str)
#endif
-#if defined(__ultrix)
-# ifndef ssize_t
-# define ssize_t int
-# endif
-#endif
-
#if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
/* include headers first, so our defines don't break it */
#include <stdlib.h>
diff --git a/deps/openssl/openssl/e_os2.h b/deps/openssl/openssl/e_os2.h
index d30724d30..d22c0368f 100644
--- a/deps/openssl/openssl/e_os2.h
+++ b/deps/openssl/openssl/e_os2.h
@@ -289,6 +289,26 @@ extern "C" {
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
#endif
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
+# define ossl_ssize_t long
+#endif
+
+#ifdef OPENSSL_SYS_MSDOS
+# define ossl_ssize_t long
+#endif
+
+#if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
+# define ssize_t int
+#endif
+
+#if defined(__ultrix) && !defined(ssize_t)
+# define ossl_ssize_t int
+#endif
+
+#ifndef ossl_ssize_t
+# define ossl_ssize_t ssize_t
+#endif
+
#ifdef __cplusplus
}
#endif
diff --git a/deps/openssl/openssl/engines/ccgost/Makefile b/deps/openssl/openssl/engines/ccgost/Makefile
index dadb5230e..d661c1082 100644
--- a/deps/openssl/openssl/engines/ccgost/Makefile
+++ b/deps/openssl/openssl/engines/ccgost/Makefile
@@ -142,13 +142,13 @@ gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_ameth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-gost_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost_ameth.o: ../../include/openssl/objects.h
+gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+gost_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_ameth.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
gost_ameth.o: ../../include/openssl/opensslconf.h
gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
diff --git a/deps/openssl/openssl/engines/ccgost/gost89.c b/deps/openssl/openssl/engines/ccgost/gost89.c
index 7ebae0f71..b0568c6b3 100644
--- a/deps/openssl/openssl/engines/ccgost/gost89.c
+++ b/deps/openssl/openssl/engines/ccgost/gost89.c
@@ -369,7 +369,13 @@ int gost_mac(gost_ctx *ctx,int mac_len,const unsigned char *data,
memset(buf2,0,8);
memcpy(buf2,data+i,data_len-i);
mac_block(ctx,buffer,buf2);
- }
+ i+=8;
+ }
+ if (i==8)
+ {
+ memset(buf2,0,8);
+ mac_block(ctx,buffer,buf2);
+ }
get_mac(buffer,mac_len,mac);
return 1;
}
@@ -389,7 +395,13 @@ int gost_mac_iv(gost_ctx *ctx,int mac_len,const unsigned char *iv,const unsigned
memset(buf2,0,8);
memcpy(buf2,data+i,data_len-i);
mac_block(ctx,buffer,buf2);
+ i+=8;
}
+ if (i==8)
+ {
+ memset(buf2,0,8);
+ mac_block(ctx,buffer,buf2);
+ }
get_mac(buffer,mac_len,mac);
return 1;
}
diff --git a/deps/openssl/openssl/engines/ccgost/gost_ameth.c b/deps/openssl/openssl/engines/ccgost/gost_ameth.c
index e6c2839e5..2cde1fcfd 100644
--- a/deps/openssl/openssl/engines/ccgost/gost_ameth.c
+++ b/deps/openssl/openssl/engines/ccgost/gost_ameth.c
@@ -13,6 +13,9 @@
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
#include "gost_params.h"
#include "gost_lcl.h"
#include "e_gost_err.h"
@@ -230,6 +233,24 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
}
return 1;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0)
+ {
+ X509_ALGOR *alg1 = NULL, *alg2 = NULL;
+ int nid = EVP_PKEY_base_id(pkey);
+ CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2,
+ NULL, NULL, &alg1, &alg2);
+ X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
+ V_ASN1_NULL, 0);
+ if (nid == NID_undef)
+ {
+ return (-1);
+ }
+ X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
+ }
+ return 1;
+#endif
case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
if (arg1 == 0)
{
@@ -244,6 +265,22 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
V_ASN1_SEQUENCE, params);
}
return 1;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+ if (arg1 == 0)
+ {
+ X509_ALGOR *alg;
+ ASN1_STRING * params = encode_gost_algor_params(pkey);
+ if (!params)
+ {
+ return -1;
+ }
+ CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, NULL, &alg);
+ X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
+ V_ASN1_SEQUENCE, params);
+ }
+ return 1;
+#endif
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_id_GostR3411_94;
return 2;
diff --git a/deps/openssl/openssl/engines/ccgost/gost_crypt.c b/deps/openssl/openssl/engines/ccgost/gost_crypt.c
index cde58c0e9..52aef15ac 100644
--- a/deps/openssl/openssl/engines/ccgost/gost_crypt.c
+++ b/deps/openssl/openssl/engines/ccgost/gost_crypt.c
@@ -11,6 +11,14 @@
#include <openssl/rand.h>
#include "e_gost_err.h"
#include "gost_lcl.h"
+
+#if !defined(CCGOST_DEBUG) && !defined(DEBUG)
+# ifndef NDEBUG
+# define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
@@ -206,12 +214,13 @@ int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
static void gost_crypt_mesh (void *ctx,unsigned char *iv,unsigned char *buf)
{
struct ossl_gost_cipher_ctx *c = ctx;
- if (c->count&&c->key_meshing && c->count%1024==0)
+ assert(c->count%8 == 0 && c->count <= 1024);
+ if (c->key_meshing && c->count==1024)
{
cryptopro_key_meshing(&(c->cctx),iv);
}
gostcrypt(&(c->cctx),iv,buf);
- c->count+=8;
+ c->count = c->count%1024 + 8;
}
static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf)
@@ -219,7 +228,8 @@ static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf)
struct ossl_gost_cipher_ctx *c = ctx;
word32 g,go;
unsigned char buf1[8];
- if (c->count && c->key_meshing && c->count %1024 ==0)
+ assert(c->count%8 == 0 && c->count <= 1024);
+ if (c->key_meshing && c->count==1024)
{
cryptopro_key_meshing(&(c->cctx),iv);
}
@@ -248,7 +258,7 @@ static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf)
buf1[7]=(unsigned char)((g>>24)&0xff);
memcpy(iv,buf1,8);
gostcrypt(&(c->cctx),buf1,buf);
- c->count +=8;
+ c->count = c->count%1024 + 8;
}
/* GOST encryption in CFB mode */
@@ -511,12 +521,13 @@ static void mac_block_mesh(struct ossl_gost_imit_ctx *c,const unsigned char *dat
* interpret internal state of MAC algorithm as iv during keymeshing
* (but does initialize internal state from iv in key transport
*/
- if (c->key_meshing&& c->count && c->count %1024 ==0)
+ assert(c->count%8 == 0 && c->count <= 1024);
+ if (c->key_meshing && c->count==1024)
{
cryptopro_key_meshing(&(c->cctx),buffer);
}
mac_block(&(c->cctx),c->buffer,data);
- c->count +=8;
+ c->count = c->count%1024 + 8;
}
int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
@@ -565,6 +576,12 @@ int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md)
GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
return 0;
}
+ if (c->count==0 && c->bytes_left)
+ {
+ unsigned char buffer[8];
+ memset(buffer, 0, 8);
+ gost_imit_update(ctx, buffer, 8);
+ }
if (c->bytes_left)
{
int i;
diff --git a/deps/openssl/openssl/engines/ccgost/gost_eng.c b/deps/openssl/openssl/engines/ccgost/gost_eng.c
index d2cbe3b83..8f29bf6f8 100644
--- a/deps/openssl/openssl/engines/ccgost/gost_eng.c
+++ b/deps/openssl/openssl/engines/ccgost/gost_eng.c
@@ -64,6 +64,13 @@ static int gost_engine_finish(ENGINE *e)
static int gost_engine_destroy(ENGINE *e)
{
gost_param_free();
+
+ pmeth_GostR3410_94 = NULL;
+ pmeth_GostR3410_2001 = NULL;
+ pmeth_Gost28147_MAC = NULL;
+ ameth_GostR3410_94 = NULL;
+ ameth_GostR3410_2001 = NULL;
+ ameth_Gost28147_MAC = NULL;
return 1;
}
@@ -71,6 +78,11 @@ static int bind_gost (ENGINE *e,const char *id)
{
int ret = 0;
if (id && strcmp(id, engine_gost_id)) return 0;
+ if (ameth_GostR3410_94)
+ {
+ printf("GOST engine already loaded\n");
+ goto end;
+ }
if (!ENGINE_set_id(e, engine_gost_id))
{
@@ -263,7 +275,10 @@ static ENGINE *engine_gost(void)
void ENGINE_load_gost(void)
{
- ENGINE *toadd =engine_gost();
+ ENGINE *toadd;
+ if (pmeth_GostR3410_94)
+ return;
+ toadd = engine_gost();
if (!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
diff --git a/deps/openssl/openssl/engines/ccgost/gost_lcl.h b/deps/openssl/openssl/engines/ccgost/gost_lcl.h
index 437a48cc8..00aa42cea 100644
--- a/deps/openssl/openssl/engines/ccgost/gost_lcl.h
+++ b/deps/openssl/openssl/engines/ccgost/gost_lcl.h
@@ -136,7 +136,7 @@ extern EVP_MD imit_gost_cpa;
/* Cipher context used for EVP_CIPHER operation */
struct ossl_gost_cipher_ctx {
int paramNID;
- off_t count;
+ unsigned int count;
int key_meshing;
gost_ctx cctx;
};
@@ -151,7 +151,7 @@ struct ossl_gost_imit_ctx {
gost_ctx cctx;
unsigned char buffer[8];
unsigned char partial_block[8];
- off_t count;
+ unsigned int count;
int key_meshing;
int bytes_left;
int key_set;
diff --git a/deps/openssl/openssl/engines/ccgost/gost_pmeth.c b/deps/openssl/openssl/engines/ccgost/gost_pmeth.c
index caaea99d3..f91c9b193 100644
--- a/deps/openssl/openssl/engines/ccgost/gost_pmeth.c
+++ b/deps/openssl/openssl/engines/ccgost/gost_pmeth.c
@@ -89,6 +89,12 @@ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT:
case EVP_PKEY_CTRL_PKCS7_SIGN:
+ case EVP_PKEY_CTRL_DIGESTINIT:
+#ifndef OPENSSL_NO_CMS
+ case EVP_PKEY_CTRL_CMS_ENCRYPT:
+ case EVP_PKEY_CTRL_CMS_DECRYPT:
+ case EVP_PKEY_CTRL_CMS_SIGN:
+#endif
return 1;
case EVP_PKEY_CTRL_GOST_PARAMSET:
@@ -123,7 +129,7 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
}
if (strlen(value) == 1)
{
- switch(toupper(value[0]))
+ switch(toupper((unsigned char)value[0]))
{
case 'A':
param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
@@ -142,9 +148,9 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
break;
}
}
- else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+ else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
{
- switch (toupper(value[1]))
+ switch (toupper((unsigned char)value[1]))
{
case 'A':
param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
@@ -198,7 +204,7 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
}
if (strlen(value) == 1)
{
- switch(toupper(value[0]))
+ switch(toupper((unsigned char)value[0]))
{
case 'A':
param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
@@ -217,9 +223,9 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
break;
}
}
- else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+ else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
{
- switch (toupper(value[1]))
+ switch (toupper((unsigned char)value[1]))
{
case 'A':
param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
@@ -521,6 +527,7 @@ static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
{
GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
GOST_R_INVALID_MAC_KEY_LENGTH);
+ OPENSSL_free(keybuf);
return 0;
}
ret= pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
diff --git a/deps/openssl/openssl/engines/ccgost/gosthash.c b/deps/openssl/openssl/engines/ccgost/gosthash.c
index a5c0662ff..8c278aa64 100644
--- a/deps/openssl/openssl/engines/ccgost/gosthash.c
+++ b/deps/openssl/openssl/engines/ccgost/gosthash.c
@@ -42,7 +42,7 @@ static void circle_xor8 (const byte *w, byte *k)
byte buf[8];
int i;
memcpy(buf,w,8);
- memcpy(k,w+8,24);
+ memmove(k,w+8,24);
for(i=0;i<8;i++)
k[i+24]=buf[i]^k[i];
}
diff --git a/deps/openssl/openssl/engines/e_aep.c b/deps/openssl/openssl/engines/e_aep.c
index d7f89e515..1953f0643 100644
--- a/deps/openssl/openssl/engines/e_aep.c
+++ b/deps/openssl/openssl/engines/e_aep.c
@@ -85,7 +85,6 @@ extern int GetThreadID(void);
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
-#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_AEP
diff --git a/deps/openssl/openssl/engines/e_capi.c b/deps/openssl/openssl/engines/e_capi.c
index 24b620fc0..c1085b56c 100644
--- a/deps/openssl/openssl/engines/e_capi.c
+++ b/deps/openssl/openssl/engines/e_capi.c
@@ -442,28 +442,36 @@ static int capi_init(ENGINE *e)
CAPI_CTX *ctx;
const RSA_METHOD *ossl_rsa_meth;
const DSA_METHOD *ossl_dsa_meth;
- capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
- cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0);
+
+ if (capi_idx < 0)
+ {
+ capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
+ if (capi_idx < 0)
+ goto memerr;
+
+ cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0);
+
+ /* Setup RSA_METHOD */
+ rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+ ossl_rsa_meth = RSA_PKCS1_SSLeay();
+ capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
+ capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
+ capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
+ capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
+
+ /* Setup DSA Method */
+ dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+ ossl_dsa_meth = DSA_OpenSSL();
+ capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
+ capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
+ capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
+ }
ctx = capi_ctx_new();
- if (!ctx || (capi_idx < 0))
+ if (!ctx)
goto memerr;
ENGINE_set_ex_data(e, capi_idx, ctx);
- /* Setup RSA_METHOD */
- rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
- ossl_rsa_meth = RSA_PKCS1_SSLeay();
- capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
- capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
- capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
- capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
-
- /* Setup DSA Method */
- dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
- ossl_dsa_meth = DSA_OpenSSL();
- capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
- capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
- capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
#ifdef OPENSSL_CAPIENG_DIALOG
{
@@ -522,6 +530,7 @@ static int bind_capi(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_capi_id)
|| !ENGINE_set_name(e, engine_capi_name)
+ || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
|| !ENGINE_set_init_function(e, capi_init)
|| !ENGINE_set_finish_function(e, capi_finish)
|| !ENGINE_set_destroy_function(e, capi_destroy)
@@ -1155,6 +1164,7 @@ static int capi_list_containers(CAPI_CTX *ctx, BIO *out)
{
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
capi_addlasterror();
+ CryptReleaseContext(hprov, 0);
return 0;
}
CAPI_trace(ctx, "Got max container len %d\n", buflen);
@@ -1422,10 +1432,13 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id, HCERTSTORE h
static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const char *contname, char *provname, DWORD ptype, DWORD keyspec)
{
CAPI_KEY *key;
+ DWORD dwFlags = 0;
key = OPENSSL_malloc(sizeof(CAPI_KEY));
CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
contname, provname, ptype);
- if (!CryptAcquireContextA(&key->hprov, contname, provname, ptype, 0))
+ if(ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE)
+ dwFlags = CRYPT_MACHINE_KEYSET;
+ if (!CryptAcquireContextA(&key->hprov, contname, provname, ptype, dwFlags))
{
CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror();
@@ -1572,6 +1585,8 @@ static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int che
}
CryptReleaseContext(hprov, 0);
}
+ if (ctx->cspname)
+ OPENSSL_free(ctx->cspname);
ctx->cspname = BUF_strdup(pname);
ctx->csptype = type;
return 1;
@@ -1581,9 +1596,12 @@ static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx)
{
LPSTR pname;
DWORD type;
+ int res;
if (capi_get_provname(ctx, &pname, &type, idx) != 1)
return 0;
- return capi_ctx_set_provname(ctx, pname, type, 0);
+ res = capi_ctx_set_provname(ctx, pname, type, 0);
+ OPENSSL_free(pname);
+ return res;
}
static int cert_issuer_match(STACK_OF(X509_NAME) *ca_dn, X509 *x)
diff --git a/deps/openssl/openssl/engines/e_padlock.c b/deps/openssl/openssl/engines/e_padlock.c
index 7d0941980..9f7a85a8d 100644
--- a/deps/openssl/openssl/engines/e_padlock.c
+++ b/deps/openssl/openssl/engines/e_padlock.c
@@ -104,11 +104,13 @@
# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
(defined(_MSC_VER) && defined(_M_IX86))
# define COMPILE_HW_PADLOCK
-static ENGINE *ENGINE_padlock (void);
# endif
#endif
#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+#ifdef COMPILE_HW_PADLOCK
+static ENGINE *ENGINE_padlock (void);
+#endif
void ENGINE_load_padlock (void)
{
@@ -197,6 +199,8 @@ padlock_bind_helper(ENGINE *e)
return 1;
}
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+
/* Constructor */
static ENGINE *
ENGINE_padlock(void)
@@ -215,6 +219,8 @@ ENGINE_padlock(void)
return eng;
}
+#endif
+
/* Check availability of the engine */
static int
padlock_init(ENGINE *e)
diff --git a/deps/openssl/openssl/makevms.com b/deps/openssl/openssl/makevms.com
index eb22f20db..de1dbd905 100755
--- a/deps/openssl/openssl/makevms.com
+++ b/deps/openssl/openssl/makevms.com
@@ -263,8 +263,10 @@ $ CONFIG_LOGICALS := AES,-
DH,-
DSA,-
EC,-
+ EC2M,-
ECDH,-
ECDSA,-
+ EC_NISTP_64_GCC_128,-
ENGINE,-
ERR,-
EVP,-
@@ -296,7 +298,9 @@ $ CONFIG_LOGICALS := AES,-
SHA256,-
SHA512,-
SOCK,-
+ SRP,-
SSL2,-
+ SSL_INTERN,-
STACK,-
STATIC_ENGINE,-
STDIO,-
@@ -335,7 +339,8 @@ $ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
DSA/GOST;-
DH/GOST;-
/STATIC_ENGINE;-
- /KRB5
+ /KRB5;-
+ /EC_NISTP_64_GCC_128
$ CONFIG_ENABLE_RULES := ZLIB_DYNAMIC/ZLIB;-
/THREADS
$
@@ -498,6 +503,9 @@ $ WRITE H_FILE " * value _IONBF is not supported."
$ WRITE H_FILE " * So, skip it on VMS."
$ WRITE H_FILE " */"
$ WRITE H_FILE "#define OPENSSL_NO_SETVBUF_IONBF"
+$ WRITE H_FILE "/* STCP support comes with TCPIP 5.7 ECO 2 "
+$ WRITE H_FILE " * enable on newer systems / 2012-02-24 arpadffy */"
+$ WRITE H_FILE "#define OPENSSL_NO_SCTP"
$ WRITE H_FILE ""
$!
$! Add in the common "crypto/opensslconf.h.in".
@@ -704,7 +712,7 @@ $ SDIRS := , -
BUFFER, BIO, STACK, LHASH, RAND, ERR, -
EVP, ASN1, PEM, X509, X509V3, CONF, TXT_DB, PKCS7, PKCS12, -
COMP, OCSP, UI, KRB5, -
- STORE, CMS, PQUEUE, TS, JPAKE
+ CMS, PQUEUE, TS, JPAKE, SRP, STORE, CMAC
$!
$ EXHEADER_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
$ EXHEADER_'ARCHD' := opensslconf.h
@@ -756,12 +764,14 @@ $ EXHEADER_COMP := comp.h
$ EXHEADER_OCSP := ocsp.h
$ EXHEADER_UI := ui.h, ui_compat.h
$ EXHEADER_KRB5 := krb5_asn.h
-$!!! EXHEADER_STORE := store.h, str_compat.h
-$ EXHEADER_STORE := store.h
$ EXHEADER_CMS := cms.h
$ EXHEADER_PQUEUE := pqueue.h
$ EXHEADER_TS := ts.h
$ EXHEADER_JPAKE := jpake.h
+$ EXHEADER_SRP := srp.h
+$!!! EXHEADER_STORE := store.h, str_compat.h
+$ EXHEADER_STORE := store.h
+$ EXHEADER_CMAC := cmac.h
$!
$ i = 0
$ loop_sdirs:
@@ -777,7 +787,7 @@ $!
$! Copy All The ".H" Files From The [.SSL] Directory.
$!
$! (keep these in the same order as ssl/Makefile)
-$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h
+$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
$ copy sys$disk:[.ssl]'exheader' sys$disk:[.include.openssl]
$!
$! Purge the [.include.openssl] header files.
diff --git a/deps/openssl/openssl/ms/do_win64a.bat b/deps/openssl/openssl/ms/do_win64a.bat
index 495f1ea7d..ff8b19ccf 100755
--- a/deps/openssl/openssl/ms/do_win64a.bat
+++ b/deps/openssl/openssl/ms/do_win64a.bat
@@ -1,9 +1,19 @@
-
perl util\mkfiles.pl >MINFO
-perl ms\uplink.pl win64a > ms\uptable.asm
+
+cmd /c "nasm -f win64 -v" >NUL: 2>&1
+if %errorlevel% neq 0 goto ml64
+
+perl ms\uplink-x86_64.pl nasm > ms\uptable.asm
+nasm -f win64 -o ms\uptable.obj ms\uptable.asm
+goto proceed
+
+:ml64
+perl ms\uplink-x86_64.pl masm > ms\uptable.asm
ml64 -c -Foms\uptable.obj ms\uptable.asm
-perl util\mk1mf.pl no-asm VC-WIN64A >ms\nt.mak
-perl util\mk1mf.pl dll no-asm VC-WIN64A >ms\ntdll.mak
+
+:proceed
+perl util\mk1mf.pl VC-WIN64A >ms\nt.mak
+perl util\mk1mf.pl dll VC-WIN64A >ms\ntdll.mak
perl util\mkdef.pl 32 libeay > ms\libeay32.def
perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/deps/openssl/openssl/ms/do_win64i.bat b/deps/openssl/openssl/ms/do_win64i.bat
index 15ebcaaeb..088f5e1d0 100755
--- a/deps/openssl/openssl/ms/do_win64i.bat
+++ b/deps/openssl/openssl/ms/do_win64i.bat
@@ -1,9 +1,9 @@
perl util\mkfiles.pl >MINFO
-perl ms\uplink.pl win64i > ms\uptable.asm
+perl ms\uplink-ia64.pl > ms\uptable.asm
ias -o ms\uptable.obj ms\uptable.asm
-perl util\mk1mf.pl no-asm VC-WIN64I >ms\nt.mak
-perl util\mk1mf.pl dll no-asm VC-WIN64I >ms\ntdll.mak
+perl util\mk1mf.pl VC-WIN64I >ms\nt.mak
+perl util\mk1mf.pl dll VC-WIN64I >ms\ntdll.mak
perl util\mkdef.pl 32 libeay > ms\libeay32.def
perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/deps/openssl/openssl/ms/uplink-common.pl b/deps/openssl/openssl/ms/uplink-common.pl
index 1d20e6e03..1d20e6e03 100644..100755
--- a/deps/openssl/openssl/ms/uplink-common.pl
+++ b/deps/openssl/openssl/ms/uplink-common.pl
diff --git a/deps/openssl/openssl/ms/uplink-ia64.pl b/deps/openssl/openssl/ms/uplink-ia64.pl
index 4204c73d5..4204c73d5 100644..100755
--- a/deps/openssl/openssl/ms/uplink-ia64.pl
+++ b/deps/openssl/openssl/ms/uplink-ia64.pl
diff --git a/deps/openssl/openssl/ms/uplink-x86.pl b/deps/openssl/openssl/ms/uplink-x86.pl
index 0dffc14fc..0dffc14fc 100644..100755
--- a/deps/openssl/openssl/ms/uplink-x86.pl
+++ b/deps/openssl/openssl/ms/uplink-x86.pl
diff --git a/deps/openssl/openssl/ms/uplink-x86_64.pl b/deps/openssl/openssl/ms/uplink-x86_64.pl
index 9acbf6be6..48bf559ee 100644..100755
--- a/deps/openssl/openssl/ms/uplink-x86_64.pl
+++ b/deps/openssl/openssl/ms/uplink-x86_64.pl
@@ -2,7 +2,8 @@
$output=shift;
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-open STDOUT,"| $^X ${dir}../crypto/perlasm/x86_64-xlate.pl $output";
+open OUT,"| \"$^X\" ${dir}../crypto/perlasm/x86_64-xlate.pl $output";
+*STDOUT=*OUT;
push(@INC,"${dir}.");
require "uplink-common.pl";
diff --git a/deps/openssl/openssl/ms/uplink.h b/deps/openssl/openssl/ms/uplink.h
index a4a67d3c1..4881ba7d4 100644
--- a/deps/openssl/openssl/ms/uplink.h
+++ b/deps/openssl/openssl/ms/uplink.h
@@ -23,7 +23,7 @@ extern void *OPENSSL_UplinkTable[];
#define UP_fileno (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FILENO])
#define UP_open (*(int (*)(const char *,int,...))OPENSSL_UplinkTable[APPLINK_OPEN])
-#define UP_read (*(ssize_t (*)(int,void *,size_t))OPENSSL_UplinkTable[APPLINK_READ])
-#define UP_write (*(ssize_t (*)(int,const void *,size_t))OPENSSL_UplinkTable[APPLINK_WRITE])
+#define UP_read (*(ossl_ssize_t (*)(int,void *,size_t))OPENSSL_UplinkTable[APPLINK_READ])
+#define UP_write (*(ossl_ssize_t (*)(int,const void *,size_t))OPENSSL_UplinkTable[APPLINK_WRITE])
#define UP_lseek (*(long (*)(int,long,int))OPENSSL_UplinkTable[APPLINK_LSEEK])
#define UP_close (*(int (*)(int))OPENSSL_UplinkTable[APPLINK_CLOSE])
diff --git a/deps/openssl/openssl/openssl.spec b/deps/openssl/openssl/openssl.spec
index 703cea2a5..8ad98b363 100644
--- a/deps/openssl/openssl/openssl.spec
+++ b/deps/openssl/openssl/openssl.spec
@@ -1,8 +1,8 @@
%define _unpackaged_files_terminate_build 0
%define libmaj 1
%define libmin 0
-%define librel 0
-%define librev f
+%define librel 1
+%define librev e
Release: 1
%define openssldir /var/ssl
diff --git a/deps/openssl/openssl/ssl/Makefile b/deps/openssl/openssl/ssl/Makefile
index 2b275faf6..debe07405 100644
--- a/deps/openssl/openssl/ssl/Makefile
+++ b/deps/openssl/openssl/ssl/Makefile
@@ -22,30 +22,30 @@ LIB=$(TOP)/libssl.a
SHARED_LIB= libssl$(SHLIB_EXT)
LIBSRC= \
s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \
- s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \
+ s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \
d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \
- d1_both.c d1_enc.c \
+ d1_both.c d1_enc.c d1_srtp.c \
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c \
- bio_ssl.c ssl_err.c kssl.c t1_reneg.c
+ bio_ssl.c ssl_err.c kssl.c tls_srp.c t1_reneg.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
- s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \
+ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \
d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \
- d1_both.o d1_enc.o \
+ d1_both.o d1_enc.o d1_srtp.o\
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o \
- bio_ssl.o ssl_err.o kssl.o t1_reneg.o
+ bio_ssl.o ssl_err.o kssl.o tls_srp.o t1_reneg.o
SRC= $(LIBSRC)
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
HEADER= $(EXHEADER) ssl_locl.h kssl_lcl.h
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -118,11 +118,11 @@ bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bio_ssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-bio_ssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-bio_ssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-bio_ssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-bio_ssl.o: ../include/openssl/x509_vfy.h bio_ssl.c
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -137,12 +137,12 @@ d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-d1_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_both.c
-d1_both.o: ssl_locl.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
d1_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
@@ -159,11 +159,12 @@ d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_clnt.o: ../include/openssl/x509_vfy.h d1_clnt.c kssl_lcl.h ssl_locl.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: kssl_lcl.h ssl_locl.h
d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -179,11 +180,12 @@ d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_enc.o: ../include/openssl/x509_vfy.h d1_enc.c ssl_locl.h
+d1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_enc.c
+d1_enc.o: ssl_locl.h
d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -198,11 +200,12 @@ d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_lib.o: ../include/openssl/x509_vfy.h d1_lib.c ssl_locl.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
+d1_lib.o: ssl_locl.h
d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -217,11 +220,12 @@ d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_meth.o: ../include/openssl/x509_vfy.h d1_meth.c ssl_locl.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
+d1_meth.o: ssl_locl.h
d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -236,12 +240,32 @@ d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-d1_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-d1_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-d1_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-d1_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-d1_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_pkt.c
-d1_pkt.o: ssl_locl.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+d1_srtp.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+d1_srtp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+d1_srtp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+d1_srtp.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
d1_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
@@ -258,11 +282,12 @@ d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-d1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-d1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-d1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-d1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-d1_srvr.o: ../include/openssl/x509_vfy.h d1_srvr.c ssl_locl.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
kssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
@@ -276,11 +301,12 @@ kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-kssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-kssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-kssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-kssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-kssl.o: ../include/openssl/x509_vfy.h kssl.c kssl_lcl.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -295,12 +321,12 @@ s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_clnt.c
-s23_clnt.o: ssl_locl.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -315,11 +341,12 @@ s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_lib.o: ../include/openssl/x509_vfy.h s23_lib.c ssl_locl.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
+s23_lib.o: ssl_locl.h
s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -334,11 +361,12 @@ s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_meth.o: ../include/openssl/x509_vfy.h s23_meth.c ssl_locl.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
+s23_meth.o: ssl_locl.h
s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -353,11 +381,12 @@ s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_pkt.o: ../include/openssl/x509_vfy.h s23_pkt.c ssl_locl.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
+s23_pkt.o: ssl_locl.h
s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -372,12 +401,12 @@ s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_srvr.c
-s23_srvr.o: ssl_locl.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -392,12 +421,12 @@ s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
-s2_clnt.o: ssl_locl.h
+s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -412,11 +441,12 @@ s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_enc.o: ../include/openssl/x509_vfy.h s2_enc.c ssl_locl.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
+s2_enc.o: ssl_locl.h
s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -431,12 +461,12 @@ s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
-s2_lib.o: ssl_locl.h
+s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -451,11 +481,12 @@ s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_meth.o: ../include/openssl/x509_vfy.h s2_meth.c ssl_locl.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
+s2_meth.o: ssl_locl.h
s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -470,11 +501,12 @@ s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_pkt.o: ../include/openssl/x509_vfy.h s2_pkt.c ssl_locl.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
+s2_pkt.o: ssl_locl.h
s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -489,12 +521,12 @@ s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
-s2_srvr.o: ssl_locl.h
+s2_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -509,12 +541,32 @@ s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_both.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_both.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_both.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_both.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_both.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_both.c
-s3_both.o: ssl_locl.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
+s3_cbc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_cbc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
+s3_cbc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_cbc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_cbc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+s3_cbc.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+s3_cbc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_cbc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_cbc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_cbc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_cbc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_cbc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_cbc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_cbc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_cbc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_cbc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_cbc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_cbc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_cbc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_cbc.o: ../include/openssl/x509_vfy.h s3_cbc.c ssl_locl.h
s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
@@ -531,12 +583,12 @@ s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h
s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -551,12 +603,12 @@ s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_enc.c
-s3_enc.o: ssl_locl.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
s3_lib.o: ../crypto/ec/ec_lcl.h ../e_os.h ../include/openssl/asn1.h
s3_lib.o: ../include/openssl/bio.h ../include/openssl/bn.h
s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
@@ -573,11 +625,12 @@ s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_lib.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_lib.c ssl_locl.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_lib.o: s3_lib.c ssl_locl.h
s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -592,11 +645,12 @@ s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_meth.o: ../include/openssl/x509_vfy.h s3_meth.c ssl_locl.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
+s3_meth.o: ssl_locl.h
s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -609,8 +663,9 @@ s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-s3_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -632,12 +687,12 @@ s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_srvr.o: s3_srvr.c ssl_locl.h
+s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -652,11 +707,12 @@ ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_algs.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_algs.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_algs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_algs.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_algs.o: ../include/openssl/x509_vfy.h ssl_algs.c ssl_locl.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
+ssl_algs.o: ssl_locl.h
ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
@@ -671,12 +727,12 @@ ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_asn1.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_asn1.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_asn1.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_asn1.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_asn1.c
-ssl_asn1.o: ssl_locl.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/comp.h
@@ -693,12 +749,12 @@ ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_cert.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_cert.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_cert.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_cert.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_cert.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
-ssl_cert.o: ssl_cert.c ssl_locl.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -713,12 +769,12 @@ ssl_ciph.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_ciph.o: ../include/openssl/pem.h ../include/openssl/pem2.h
ssl_ciph.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
-ssl_ciph.o: ssl_locl.h
+ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_ciph.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_ciph.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_ciph.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_ciph.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_ciph.o: ../include/openssl/x509_vfy.h ssl_ciph.c ssl_locl.h
ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_err.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
@@ -732,11 +788,11 @@ ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_err.o: ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
@@ -750,11 +806,11 @@ ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_err2.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_err2.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_err2.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_err2.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_err2.o: ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@@ -771,12 +827,13 @@ ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
+ssl_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h
+ssl_lib.o: ssl_lib.c ssl_locl.h
ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -791,11 +848,12 @@ ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_rsa.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_rsa.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_rsa.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_rsa.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_rsa.c
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_rsa.o: ssl_rsa.c
ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -811,11 +869,12 @@ ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h
ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h
ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
+ssl_sess.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_sess.o: ssl_sess.c
ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -830,11 +889,12 @@ ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_stat.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_stat.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_stat.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_stat.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_stat.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_stat.c
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_stat.o: ssl_stat.c
ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -849,11 +909,12 @@ ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_txt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_txt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_txt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_txt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_txt.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_txt.c
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_txt.o: ssl_txt.c
t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -868,12 +929,12 @@ t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_clnt.o: t1_clnt.c
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -887,8 +948,9 @@ t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
-t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
@@ -907,8 +969,9 @@ t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
-t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -929,11 +992,12 @@ t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_meth.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_meth.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_meth.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_meth.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_meth.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_meth.c
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_meth.o: t1_meth.c
t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_reneg.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -948,11 +1012,12 @@ t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_reneg.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_reneg.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_reneg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_reneg.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_reneg.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_reneg.c
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_reneg.o: t1_reneg.c
t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@@ -967,9 +1032,30 @@ t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_srvr.o: t1_srvr.c
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+tls_srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+tls_srp.o: ../include/openssl/err.h ../include/openssl/evp.h
+tls_srp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+tls_srp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+tls_srp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+tls_srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+tls_srp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+tls_srp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+tls_srp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srp.h ../include/openssl/srtp.h
+tls_srp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c
diff --git a/deps/openssl/openssl/ssl/d1_both.c b/deps/openssl/openssl/ssl/d1_both.c
index 9f898d699..de8bab873 100644
--- a/deps/openssl/openssl/ssl/d1_both.c
+++ b/deps/openssl/openssl/ssl/d1_both.c
@@ -227,14 +227,14 @@ int dtls1_do_write(SSL *s, int type)
unsigned int len, frag_off, mac_size, blocksize;
/* AHA! Figure out the MTU, and stick to the right size */
- if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
+ if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
{
s->d1->mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
/* I've seen the kernel return bogus numbers when it doesn't know
* (initial write), so just make sure we have a reasonable number */
- if ( s->d1->mtu < dtls1_min_mtu())
+ if (s->d1->mtu < dtls1_min_mtu())
{
s->d1->mtu = 0;
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
@@ -1084,7 +1084,11 @@ int dtls1_read_failed(SSL *s, int code)
return code;
}
- if ( ! SSL_in_init(s)) /* done, no need to send a retransmit */
+#ifndef OPENSSL_NO_HEARTBEATS
+ if (!SSL_in_init(s) && !s->tlsext_hb_pending) /* done, no need to send a retransmit */
+#else
+ if (!SSL_in_init(s)) /* done, no need to send a retransmit */
+#endif
{
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;
@@ -1417,3 +1421,171 @@ dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
ccs_hdr->type = *(data++);
}
+
+int dtls1_shutdown(SSL *s)
+ {
+ int ret;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN))
+ {
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0) return -1;
+
+ if (ret == 0)
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1, NULL);
+ }
+#endif
+ ret = ssl3_shutdown(s);
+#ifndef OPENSSL_NO_SCTP
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
+#endif
+ return ret;
+ }
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int
+dtls1_process_heartbeat(SSL *s)
+ {
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Read type and payload length first */
+ hbtype = *p++;
+ n2s(p, payload);
+ pl = p;
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ if (hbtype == TLS1_HB_REQUEST)
+ {
+ unsigned char *buffer, *bp;
+ int r;
+
+ /* Allocate memory for the response, size is 1 byte
+ * message type, plus 2 bytes payload length, plus
+ * payload, plus padding
+ */
+ buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ RAND_pseudo_bytes(bp, padding);
+
+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ }
+ else if (hbtype == TLS1_HB_RESPONSE)
+ {
+ unsigned int seq;
+
+ /* We only send sequence numbers (2 bytes unsigned int),
+ * and 16 random bytes, so we just try to read the
+ * sequence number */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq)
+ {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
+ return 0;
+ }
+
+int
+dtls1_heartbeat(SSL *s)
+ {
+ unsigned char *buf, *p;
+ int ret;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS)
+ {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending)
+ {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake)
+ {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /* Check if padding is too long, payload and padding
+ * must not exceed 2^14 - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /* Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ RAND_pseudo_bytes(p, 16);
+ p += 16;
+ /* Random padding */
+ RAND_pseudo_bytes(p, padding);
+
+ ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0)
+ {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ dtls1_start_timer(s);
+ s->tlsext_hb_pending = 1;
+ }
+
+ OPENSSL_free(buf);
+
+ return ret;
+ }
+#endif
diff --git a/deps/openssl/openssl/ssl/d1_clnt.c b/deps/openssl/openssl/ssl/d1_clnt.c
index 577667176..a6ed09c51 100644
--- a/deps/openssl/openssl/ssl/d1_clnt.c
+++ b/deps/openssl/openssl/ssl/d1_clnt.c
@@ -150,7 +150,11 @@ int dtls1_connect(SSL *s)
unsigned long Time=(unsigned long)time(NULL);
void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1;
- int new_state,state,skip=0;;
+ int new_state,state,skip=0;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
@@ -164,6 +168,27 @@ int dtls1_connect(SSL *s)
s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+#ifndef OPENSSL_NO_SCTP
+ /* Notify SCTP BIO socket to enter handshake
+ * mode and prevent stream identifier other
+ * than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* If we're awaiting a HeartbeatResponse, pretend we
+ * already got and don't await it anymore, because
+ * Heartbeats don't make sense during handshakes anyway.
+ */
+ if (s->tlsext_hb_pending)
+ {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
for (;;)
{
state=s->state;
@@ -171,7 +196,7 @@ int dtls1_connect(SSL *s)
switch(s->state)
{
case SSL_ST_RENEGOTIATE:
- s->new_session=1;
+ s->renegotiate=1;
s->state=SSL_ST_CONNECT;
s->ctx->stats.sess_connect_renegotiate++;
/* break */
@@ -226,6 +251,42 @@ int dtls1_connect(SSL *s)
s->hit = 0;
break;
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_CR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
+ {
+ s->s3->in_read_app_data=2;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state=s->s3->tmp.next_state;
+ break;
+
+ case DTLS1_SCTP_ST_CW_WRITE_SOCK:
+ /* read app data until dry event */
+
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0) goto end;
+
+ if (ret == 0)
+ {
+ s->s3->in_read_app_data=2;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state=s->d1->next_state;
+ break;
+#endif
+
case SSL3_ST_CW_CLNT_HELLO_A:
case SSL3_ST_CW_CLNT_HELLO_B:
@@ -248,9 +309,17 @@ int dtls1_connect(SSL *s)
s->init_num=0;
- /* turn on buffering for the next lot of output */
- if (s->bbio != s->wbio)
- s->wbio=BIO_push(s->bbio,s->wbio);
+#ifndef OPENSSL_NO_SCTP
+ /* Disable buffering for SCTP */
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+#endif
+ /* turn on buffering for the next lot of output */
+ if (s->bbio != s->wbio)
+ s->wbio=BIO_push(s->bbio,s->wbio);
+#ifndef OPENSSL_NO_SCTP
+ }
+#endif
break;
@@ -260,9 +329,25 @@ int dtls1_connect(SSL *s)
if (ret <= 0) goto end;
else
{
- dtls1_stop_timer(s);
if (s->hit)
+ {
+#ifndef OPENSSL_NO_SCTP
+ /* Add new shared key for SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
s->state=SSL3_ST_CR_FINISHED_A;
+ }
else
s->state=DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
}
@@ -354,12 +439,20 @@ int dtls1_connect(SSL *s)
case SSL3_ST_CR_SRVR_DONE_B:
ret=ssl3_get_server_done(s);
if (ret <= 0) goto end;
+ dtls1_stop_timer(s);
if (s->s3->tmp.cert_req)
- s->state=SSL3_ST_CW_CERT_A;
+ s->s3->tmp.next_state=SSL3_ST_CW_CERT_A;
else
- s->state=SSL3_ST_CW_KEY_EXCH_A;
+ s->s3->tmp.next_state=SSL3_ST_CW_KEY_EXCH_A;
s->init_num=0;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state=DTLS1_SCTP_ST_CR_READ_SOCK;
+ else
+#endif
+ s->state=s->s3->tmp.next_state;
break;
case SSL3_ST_CW_CERT_A:
@@ -378,6 +471,22 @@ int dtls1_connect(SSL *s)
dtls1_start_timer(s);
ret=dtls1_send_client_key_exchange(s);
if (ret <= 0) goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Add new shared key for SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
/* EAY EAY EAY need to check for DH fix cert
* sent back */
/* For TLS, cert_req is set to 2, so a cert chain
@@ -388,7 +497,15 @@ int dtls1_connect(SSL *s)
}
else
{
- s->state=SSL3_ST_CW_CHANGE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state=SSL3_ST_CW_CHANGE_A;
+ s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+ else
+#endif
+ s->state=SSL3_ST_CW_CHANGE_A;
s->s3->change_cipher_spec=0;
}
@@ -400,7 +517,15 @@ int dtls1_connect(SSL *s)
dtls1_start_timer(s);
ret=dtls1_send_client_verify(s);
if (ret <= 0) goto end;
- s->state=SSL3_ST_CW_CHANGE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state=SSL3_ST_CW_CHANGE_A;
+ s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+ else
+#endif
+ s->state=SSL3_ST_CW_CHANGE_A;
s->init_num=0;
s->s3->change_cipher_spec=0;
break;
@@ -412,6 +537,14 @@ int dtls1_connect(SSL *s)
ret=dtls1_send_change_cipher_spec(s,
SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
if (ret <= 0) goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
s->state=SSL3_ST_CW_FINISHED_A;
s->init_num=0;
@@ -457,9 +590,23 @@ int dtls1_connect(SSL *s)
if (s->hit)
{
s->s3->tmp.next_state=SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
{
s->state=SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = SSL_ST_OK;
+ s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
s->s3->delay_buf_pop_ret=0;
}
@@ -508,6 +655,16 @@ int dtls1_connect(SSL *s)
s->state=SSL3_ST_CW_CHANGE_A;
else
s->state=SSL_ST_OK;
+
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ {
+ s->d1->next_state=s->state;
+ s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
+ }
+#endif
+
s->init_num=0;
break;
@@ -515,6 +672,13 @@ int dtls1_connect(SSL *s)
s->rwstate=SSL_WRITING;
if (BIO_flush(s->wbio) <= 0)
{
+ /* If the write error was fatal, stop trying */
+ if (!BIO_should_retry(s->wbio))
+ {
+ s->rwstate=SSL_NOTHING;
+ s->state=s->s3->tmp.next_state;
+ }
+
ret= -1;
goto end;
}
@@ -541,6 +705,7 @@ int dtls1_connect(SSL *s)
/* else do it later in ssl3_write */
s->init_num=0;
+ s->renegotiate=0;
s->new_session=0;
ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
@@ -587,6 +752,15 @@ int dtls1_connect(SSL *s)
}
end:
s->in_handshake--;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Notify SCTP BIO socket to leave handshake
+ * mode and allow stream identifier other
+ * than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
+#endif
+
if (buf != NULL)
BUF_MEM_free(buf);
if (cb != NULL)
@@ -615,12 +789,6 @@ int dtls1_client_hello(SSL *s)
#endif
(s->session->not_resumable))
{
- if (!s->session_creation_enabled)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,0))
goto err;
}
diff --git a/deps/openssl/openssl/ssl/d1_enc.c b/deps/openssl/openssl/ssl/d1_enc.c
index becbab91c..712c4647f 100644
--- a/deps/openssl/openssl/ssl/d1_enc.c
+++ b/deps/openssl/openssl/ssl/d1_enc.c
@@ -126,20 +126,28 @@
#include <openssl/des.h>
#endif
+/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * short etc).
+ * 1: if the record's padding is valid / the encryption was successful.
+ * -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
+ * an internal error occured. */
int dtls1_enc(SSL *s, int send)
{
SSL3_RECORD *rec;
EVP_CIPHER_CTX *ds;
unsigned long l;
- int bs,i,ii,j,k,n=0;
+ int bs,i,j,k,mac_size=0;
const EVP_CIPHER *enc;
if (send)
{
if (EVP_MD_CTX_md(s->write_hash))
{
- n=EVP_MD_CTX_size(s->write_hash);
- if (n < 0)
+ mac_size=EVP_MD_CTX_size(s->write_hash);
+ if (mac_size < 0)
return -1;
}
ds=s->enc_write_ctx;
@@ -164,9 +172,8 @@ int dtls1_enc(SSL *s, int send)
{
if (EVP_MD_CTX_md(s->read_hash))
{
- n=EVP_MD_CTX_size(s->read_hash);
- if (n < 0)
- return -1;
+ mac_size=EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(mac_size >= 0);
}
ds=s->enc_read_ctx;
rec= &(s->s3->rrec);
@@ -231,7 +238,7 @@ int dtls1_enc(SSL *s, int send)
if (!send)
{
if (l == 0 || l%bs != 0)
- return -1;
+ return 0;
}
EVP_Cipher(ds,rec->data,rec->input,l);
@@ -246,43 +253,7 @@ int dtls1_enc(SSL *s, int send)
#endif /* KSSL_DEBUG */
if ((bs != 1) && !send)
- {
- ii=i=rec->data[l-1]; /* padding_length */
- i++;
- if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
- {
- /* First packet is even in size, so check */
- if ((memcmp(s->s3->read_sequence,
- "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
- s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
- if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
- i--;
- }
- /* TLS 1.0 does not bound the number of padding bytes by the block size.
- * All of them must have value 'padding_length'. */
- if (i > (int)rec->length)
- {
- /* Incorrect padding. SSLerr() and ssl3_alert are done
- * by caller: we don't want to reveal whether this is
- * a decryption error or a MAC verification failure
- * (see http://www.openssl.org/~bodo/tls-cbc.txt)
- */
- return -1;
- }
- for (j=(int)(l-i); j<(int)l; j++)
- {
- if (rec->data[j] != ii)
- {
- /* Incorrect padding */
- return -1;
- }
- }
- rec->length-=i;
-
- rec->data += bs; /* skip the implicit IV */
- rec->input += bs;
- rec->length -= bs;
- }
+ return tls1_cbc_remove_padding(s, rec, bs, mac_size);
}
return(1);
}
diff --git a/deps/openssl/openssl/ssl/d1_lib.c b/deps/openssl/openssl/ssl/d1_lib.c
index a94290a83..f61f71818 100644
--- a/deps/openssl/openssl/ssl/d1_lib.c
+++ b/deps/openssl/openssl/ssl/d1_lib.c
@@ -292,6 +292,15 @@ const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
void dtls1_start_timer(SSL *s)
{
+#ifndef OPENSSL_NO_SCTP
+ /* Disable timer for SCTP */
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+ return;
+ }
+#endif
+
/* If timer is not set, initialize duration with 1 second */
if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0)
{
@@ -382,6 +391,7 @@ void dtls1_double_timeout(SSL *s)
void dtls1_stop_timer(SSL *s)
{
/* Reset everything */
+ memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
s->d1->timeout_duration = 1;
BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout));
@@ -389,10 +399,28 @@ void dtls1_stop_timer(SSL *s)
dtls1_clear_record_buffer(s);
}
-int dtls1_handle_timeout(SSL *s)
+int dtls1_check_timeout_num(SSL *s)
{
- DTLS1_STATE *state;
+ s->d1->timeout.num_alerts++;
+
+ /* Reduce MTU after 2 unsuccessful retransmissions */
+ if (s->d1->timeout.num_alerts > 2)
+ {
+ s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
+ }
+ if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
+ {
+ /* fail the connection, enough alerts have been sent */
+ SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM,SSL_R_READ_TIMEOUT_EXPIRED);
+ return -1;
+ }
+
+ return 0;
+ }
+
+int dtls1_handle_timeout(SSL *s)
+ {
/* if no timer is expired, don't do anything */
if (!dtls1_is_timer_expired(s))
{
@@ -400,20 +428,23 @@ int dtls1_handle_timeout(SSL *s)
}
dtls1_double_timeout(s);
- state = s->d1;
- state->timeout.num_alerts++;
- if ( state->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
- {
- /* fail the connection, enough alerts have been sent */
- SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED);
+
+ if (dtls1_check_timeout_num(s) < 0)
return -1;
+
+ s->d1->timeout.read_timeouts++;
+ if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
+ {
+ s->d1->timeout.read_timeouts = 1;
}
- state->timeout.read_timeouts++;
- if ( state->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
+#ifndef OPENSSL_NO_HEARTBEATS
+ if (s->tlsext_hb_pending)
{
- state->timeout.read_timeouts = 1;
+ s->tlsext_hb_pending = 0;
+ return dtls1_heartbeat(s);
}
+#endif
dtls1_start_timer(s);
return dtls1_retransmit_buffered_messages(s);
diff --git a/deps/openssl/openssl/ssl/d1_pkt.c b/deps/openssl/openssl/ssl/d1_pkt.c
index 3927dad27..0bf87be6d 100644
--- a/deps/openssl/openssl/ssl/d1_pkt.c
+++ b/deps/openssl/openssl/ssl/d1_pkt.c
@@ -179,7 +179,6 @@ static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
static int dtls1_buffer_record(SSL *s, record_pqueue *q,
unsigned char *priority);
static int dtls1_process_record(SSL *s);
-static void dtls1_clear_timeouts(SSL *s);
/* copy buffered record into SSL structure */
static int
@@ -232,6 +231,14 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
item->data = rdata;
+#ifndef OPENSSL_NO_SCTP
+ /* Store bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) {
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);
+ }
+#endif
+
/* insert should not fail, since duplicates are dropped */
if (pqueue_insert(queue->q, item) == NULL)
{
@@ -369,14 +376,11 @@ static int
dtls1_process_record(SSL *s)
{
int i,al;
- int clear=0;
int enc_err;
SSL_SESSION *sess;
SSL3_RECORD *rr;
- unsigned int mac_size;
+ unsigned int mac_size, orig_len;
unsigned char md[EVP_MAX_MD_SIZE];
- int decryption_failed_or_bad_record_mac = 0;
-
rr= &(s->s3->rrec);
sess = s->session;
@@ -408,12 +412,16 @@ dtls1_process_record(SSL *s)
rr->data=rr->input;
enc_err = s->method->ssl3_enc->enc(s,0);
- if (enc_err <= 0)
+ /* enc_err is:
+ * 0: (in non-constant time) if the record is publically invalid.
+ * 1: if the padding is valid
+ * -1: if the padding is invalid */
+ if (enc_err == 0)
{
- /* To minimize information leaked via timing, we will always
- * perform all computations before discarding the message.
- */
- decryption_failed_or_bad_record_mac = 1;
+ /* For DTLS we simply ignore bad packets. */
+ rr->length = 0;
+ s->packet_length = 0;
+ goto err;
}
#ifdef TLS_DEBUG
@@ -423,49 +431,62 @@ printf("\n");
#endif
/* r->length is now the compressed data plus mac */
- if ( (sess == NULL) ||
- (s->enc_read_ctx == NULL) ||
- (s->read_hash == NULL))
- clear=1;
-
- if (!clear)
+ if ((sess != NULL) &&
+ (s->enc_read_ctx != NULL) &&
+ (EVP_MD_CTX_md(s->read_hash) != NULL))
{
- /* !clear => s->read_hash != NULL => mac_size != -1 */
- int t;
- t=EVP_MD_CTX_size(s->read_hash);
- OPENSSL_assert(t >= 0);
- mac_size=t;
-
- if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
- {
-#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
- goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
-#endif
- }
- /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
- if (rr->length < mac_size)
+ /* s->read_hash != NULL => mac_size != -1 */
+ unsigned char *mac = NULL;
+ unsigned char mac_tmp[EVP_MAX_MD_SIZE];
+ mac_size=EVP_MD_CTX_size(s->read_hash);
+ OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
+
+ /* kludge: *_cbc_remove_padding passes padding length in rr->type */
+ orig_len = rr->length+((unsigned int)rr->type>>8);
+
+ /* orig_len is the length of the record before any padding was
+ * removed. This is public information, as is the MAC in use,
+ * therefore we can safely process the record in a different
+ * amount of time if it's too short to possibly contain a MAC.
+ */
+ if (orig_len < mac_size ||
+ /* CBC records must have a padding length byte too. */
+ (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ orig_len < mac_size+1))
{
-#if 0 /* OK only for stream ciphers */
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
-#endif
}
- rr->length-=mac_size;
- i=s->method->ssl3_enc->mac(s,md,0);
- if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+
+ if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE)
{
- decryption_failed_or_bad_record_mac = 1;
+ /* We update the length so that the TLS header bytes
+ * can be constructed correctly but we need to extract
+ * the MAC in constant time from within the record,
+ * without leaking the contents of the padding bytes.
+ * */
+ mac = mac_tmp;
+ ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
+ rr->length -= mac_size;
}
+ else
+ {
+ /* In this case there's no padding, so |orig_len|
+ * equals |rec->length| and we checked that there's
+ * enough bytes for |mac_size| above. */
+ rr->length -= mac_size;
+ mac = &rr->data[rr->length];
+ }
+
+ i=s->method->ssl3_enc->mac(s,md,0 /* not send */);
+ if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
+ enc_err = -1;
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
+ enc_err = -1;
}
- if (decryption_failed_or_bad_record_mac)
+ if (enc_err < 0)
{
/* decryption failed, silently discard message */
rr->length = 0;
@@ -610,24 +631,6 @@ again:
goto again;
}
- /* If we receive a valid record larger than the current buffer size,
- * allocate some memory for it.
- */
- if (rr->length > s->s3->rbuf.len - DTLS1_RT_HEADER_LENGTH)
- {
- unsigned char *pp;
- unsigned int newlen = rr->length + DTLS1_RT_HEADER_LENGTH;
- if ((pp=OPENSSL_realloc(s->s3->rbuf.buf, newlen))==NULL)
- {
- SSLerr(SSL_F_DTLS1_GET_RECORD,ERR_R_MALLOC_FAILURE);
- return(-1);
- }
- p = pp + (p - s->s3->rbuf.buf);
- s->s3->rbuf.buf=pp;
- s->s3->rbuf.len=newlen;
- s->packet= &(s->s3->rbuf.buf[0]);
- }
-
/* now s->rstate == SSL_ST_READ_BODY */
}
@@ -662,20 +665,28 @@ again:
goto again; /* get another record */
}
- /* Check whether this is a repeat, or aged record.
- * Don't check if we're listening and this message is
- * a ClientHello. They can look as if they're replayed,
- * since they arrive from different connections and
- * would be dropped unnecessarily.
- */
- if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
- *p == SSL3_MT_CLIENT_HELLO) &&
- !dtls1_record_replay_check(s, bitmap))
- {
- rr->length = 0;
- s->packet_length=0; /* dump this record */
- goto again; /* get another record */
- }
+#ifndef OPENSSL_NO_SCTP
+ /* Only do replay check if no SCTP bio */
+ if (!BIO_dgram_is_sctp(SSL_get_rbio(s)))
+ {
+#endif
+ /* Check whether this is a repeat, or aged record.
+ * Don't check if we're listening and this message is
+ * a ClientHello. They can look as if they're replayed,
+ * since they arrive from different connections and
+ * would be dropped unnecessarily.
+ */
+ if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+ *p == SSL3_MT_CLIENT_HELLO) &&
+ !dtls1_record_replay_check(s, bitmap))
+ {
+ rr->length = 0;
+ s->packet_length=0; /* dump this record */
+ goto again; /* get another record */
+ }
+#ifndef OPENSSL_NO_SCTP
+ }
+#endif
/* just read a 0 length packet */
if (rr->length == 0) goto again;
@@ -703,7 +714,6 @@ again:
goto again; /* get another record */
}
- dtls1_clear_timeouts(s); /* done waiting */
return(1);
}
@@ -761,7 +771,17 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
/* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
+#ifndef OPENSSL_NO_SCTP
+ /* Continue handshake if it had to be interrupted to read
+ * app data with SCTP.
+ */
+ if ((!s->in_handshake && SSL_in_init(s)) ||
+ (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK) &&
+ s->s3->in_read_app_data != 2))
+#else
if (!s->in_handshake && SSL_in_init(s))
+#endif
{
/* type == SSL3_RT_APPLICATION_DATA */
i=s->handshake_func(s);
@@ -792,6 +812,15 @@ start:
item = pqueue_pop(s->d1->buffered_app_data.q);
if (item)
{
+#ifndef OPENSSL_NO_SCTP
+ /* Restore bio_dgram_sctp_rcvinfo struct */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)))
+ {
+ DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *) item->data;
+ BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo);
+ }
+#endif
+
dtls1_copy_record(s, item);
OPENSSL_free(item->data);
@@ -874,6 +903,31 @@ start:
rr->off=0;
}
}
+
+#ifndef OPENSSL_NO_SCTP
+ /* We were about to renegotiate but had to read
+ * belated application data first, so retry.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ rr->type == SSL3_RT_APPLICATION_DATA &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK))
+ {
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ }
+
+ /* We might had to delay a close_notify alert because
+ * of reordered app data. If there was an alert and there
+ * is no message to read anymore, finally set shutdown.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ s->d1->shutdown_received && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
+ {
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ return(0);
+ }
+#endif
return(n);
}
@@ -901,6 +955,19 @@ start:
dest = s->d1->alert_fragment;
dest_len = &s->d1->alert_fragment_len;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (rr->type == TLS1_RT_HEARTBEAT)
+ {
+ dtls1_process_heartbeat(s);
+
+ /* Exit and notify application to read again */
+ rr->length = 0;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return(-1);
+ }
+#endif
/* else it's a CCS message, or application data or wrong */
else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC)
{
@@ -984,6 +1051,7 @@ start:
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
!s->s3->renegotiate)
{
+ s->new_session = 1;
ssl3_renegotiate(s);
if (ssl3_renegotiate_check(s))
{
@@ -1045,6 +1113,21 @@ start:
s->s3->warn_alert = alert_descr;
if (alert_descr == SSL_AD_CLOSE_NOTIFY)
{
+#ifndef OPENSSL_NO_SCTP
+ /* With SCTP and streams the socket may deliver app data
+ * after a close_notify alert. We have to check this
+ * first so that nothing gets discarded.
+ */
+ if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+ BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
+ {
+ s->d1->shutdown_received = 1;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return -1;
+ }
+#endif
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return(0);
}
@@ -1151,6 +1234,15 @@ start:
if (s->version == DTLS1_BAD_VER)
s->d1->handshake_read_seq++;
+#ifndef OPENSSL_NO_SCTP
+ /* Remember that a CCS has been received,
+ * so that an old key of SCTP-Auth can be
+ * deleted when a CCS is sent. Will be ignored
+ * if no SCTP is used
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
+#endif
+
goto start;
}
@@ -1173,6 +1265,9 @@ start:
*/
if (msg_hdr.type == SSL3_MT_FINISHED)
{
+ if (dtls1_check_timeout_num(s) < 0)
+ return -1;
+
dtls1_retransmit_buffered_messages(s);
rr->length = 0;
goto start;
@@ -1190,6 +1285,7 @@ start:
#else
s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
#endif
+ s->renegotiate=1;
s->new_session=1;
}
i=s->handshake_func(s);
@@ -1286,7 +1382,16 @@ dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
{
int i;
- if (SSL_in_init(s) && !s->in_handshake)
+#ifndef OPENSSL_NO_SCTP
+ /* Check if we have to continue an interrupted handshake
+ * for reading belated app data with SCTP.
+ */
+ if ((SSL_in_init(s) && !s->in_handshake) ||
+ (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
+#else
+ if (SSL_in_init(s) && !s->in_handshake)
+#endif
{
i=s->handshake_func(s);
if (i < 0) return(i);
@@ -1364,7 +1469,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
SSL3_BUFFER *wb;
SSL_SESSION *sess;
int bs;
- unsigned int len_with_overhead = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD;
/* first check if there is a SSL3_BUFFER still being written
* out. This will happen with non blocking IO */
@@ -1374,16 +1478,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
return(ssl3_write_pending(s,type,buf,len));
}
- if (s->s3->wbuf.len < len_with_overhead)
- {
- if ((p=OPENSSL_realloc(s->s3->wbuf.buf, len_with_overhead)) == NULL) {
- SSLerr(SSL_F_DO_DTLS1_WRITE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- s->s3->wbuf.buf = p;
- s->s3->wbuf.len = len_with_overhead;
- }
-
/* If we have an alert to send, lets send it */
if (s->s3->alert_dispatch)
{
@@ -1797,10 +1891,3 @@ dtls1_reset_seq_numbers(SSL *s, int rw)
memset(seq, 0x00, seq_bytes);
}
-
-
-static void
-dtls1_clear_timeouts(SSL *s)
- {
- memset(&(s->d1->timeout), 0x00, sizeof(struct dtls1_timeout_st));
- }
diff --git a/deps/openssl/openssl/ssl/d1_srvr.c b/deps/openssl/openssl/ssl/d1_srvr.c
index 149983be3..29421da9a 100644
--- a/deps/openssl/openssl/ssl/d1_srvr.c
+++ b/deps/openssl/openssl/ssl/d1_srvr.c
@@ -151,6 +151,10 @@ int dtls1_accept(SSL *s)
int ret= -1;
int new_state,state,skip=0;
int listen;
+#ifndef OPENSSL_NO_SCTP
+ unsigned char sctpauthkey[64];
+ char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
@@ -168,6 +172,13 @@ int dtls1_accept(SSL *s)
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->d1->listen = listen;
+#ifndef OPENSSL_NO_SCTP
+ /* Notify SCTP BIO socket to enter handshake
+ * mode and prevent stream identifier other
+ * than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
+#endif
if (s->cert == NULL)
{
@@ -175,6 +186,19 @@ int dtls1_accept(SSL *s)
return(-1);
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* If we're awaiting a HeartbeatResponse, pretend we
+ * already got and don't await it anymore, because
+ * Heartbeats don't make sense during handshakes anyway.
+ */
+ if (s->tlsext_hb_pending)
+ {
+ dtls1_stop_timer(s);
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
for (;;)
{
state=s->state;
@@ -182,7 +206,7 @@ int dtls1_accept(SSL *s)
switch (s->state)
{
case SSL_ST_RENEGOTIATE:
- s->new_session=1;
+ s->renegotiate=1;
/* s->state=SSL_ST_ACCEPT; */
case SSL_ST_BEFORE:
@@ -227,8 +251,12 @@ int dtls1_accept(SSL *s)
{
/* Ok, we now need to push on a buffering BIO so that
* the output is sent in a way that TCP likes :-)
+ * ...but not with SCTP :-)
*/
- if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
+#ifndef OPENSSL_NO_SCTP
+ if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+#endif
+ if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
ssl3_init_finished_mac(s);
s->state=SSL3_ST_SR_CLNT_HELLO_A;
@@ -313,25 +341,75 @@ int dtls1_accept(SSL *s)
ssl3_init_finished_mac(s);
break;
+#ifndef OPENSSL_NO_SCTP
+ case DTLS1_SCTP_ST_SR_READ_SOCK:
+
+ if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
+ {
+ s->s3->in_read_app_data=2;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+
+ s->state=SSL3_ST_SR_FINISHED_A;
+ break;
+
+ case DTLS1_SCTP_ST_SW_WRITE_SOCK:
+ ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ if (ret < 0) goto end;
+
+ if (ret == 0)
+ {
+ if (s->d1->next_state != SSL_ST_OK)
+ {
+ s->s3->in_read_app_data=2;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ ret = -1;
+ goto end;
+ }
+ }
+
+ s->state=s->d1->next_state;
+ break;
+#endif
+
case SSL3_ST_SW_SRVR_HELLO_A:
case SSL3_ST_SW_SRVR_HELLO_B:
- s->new_session = 2;
+ s->renegotiate = 2;
dtls1_start_timer(s);
ret=dtls1_send_server_hello(s);
if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_TLSEXT
if (s->hit)
{
+#ifndef OPENSSL_NO_SCTP
+ /* Add new shared key for SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+#ifndef OPENSSL_NO_TLSEXT
if (s->tlsext_ticket_expected)
s->state=SSL3_ST_SW_SESSION_TICKET_A;
else
s->state=SSL3_ST_SW_CHANGE_A;
- }
#else
- if (s->hit)
- s->state=SSL3_ST_SW_CHANGE_A;
+ s->state=SSL3_ST_SW_CHANGE_A;
#endif
+ }
else
s->state=SSL3_ST_SW_CERT_A;
s->init_num=0;
@@ -441,6 +519,13 @@ int dtls1_accept(SSL *s)
skip=1;
s->s3->tmp.cert_request=0;
s->state=SSL3_ST_SW_SRVR_DONE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
}
else
{
@@ -450,9 +535,23 @@ int dtls1_accept(SSL *s)
if (ret <= 0) goto end;
#ifndef NETSCAPE_HANG_BUG
s->state=SSL3_ST_SW_SRVR_DONE_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+ s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
#else
s->state=SSL3_ST_SW_FLUSH;
s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
#endif
s->init_num=0;
}
@@ -472,6 +571,13 @@ int dtls1_accept(SSL *s)
s->rwstate=SSL_WRITING;
if (BIO_flush(s->wbio) <= 0)
{
+ /* If the write error was fatal, stop trying */
+ if (!BIO_should_retry(s->wbio))
+ {
+ s->rwstate=SSL_NOTHING;
+ s->state=s->s3->tmp.next_state;
+ }
+
ret= -1;
goto end;
}
@@ -485,15 +591,16 @@ int dtls1_accept(SSL *s)
ret = ssl3_check_client_hello(s);
if (ret <= 0)
goto end;
- dtls1_stop_timer(s);
if (ret == 2)
+ {
+ dtls1_stop_timer(s);
s->state = SSL3_ST_SR_CLNT_HELLO_C;
+ }
else {
/* could be sent for a DH cert, even if we
* have not asked for it :-) */
ret=ssl3_get_client_certificate(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
s->init_num=0;
s->state=SSL3_ST_SR_KEY_EXCH_A;
}
@@ -503,7 +610,21 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SR_KEY_EXCH_B:
ret=ssl3_get_client_key_exchange(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
+#ifndef OPENSSL_NO_SCTP
+ /* Add new shared key for SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ snprintf((char *) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+ DTLS1_SCTP_AUTH_LABEL);
+
+ SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0);
+
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+ sizeof(sctpauthkey), sctpauthkey);
+#endif
+
s->state=SSL3_ST_SR_CERT_VRFY_A;
s->init_num=0;
@@ -540,9 +661,13 @@ int dtls1_accept(SSL *s)
/* we should decide if we expected this one */
ret=ssl3_get_cert_verify(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
-
- s->state=SSL3_ST_SR_FINISHED_A;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ state == SSL_ST_RENEGOTIATE)
+ s->state=DTLS1_SCTP_ST_SR_READ_SOCK;
+ else
+#endif
+ s->state=SSL3_ST_SR_FINISHED_A;
s->init_num=0;
break;
@@ -594,6 +719,14 @@ int dtls1_accept(SSL *s)
SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
if (ret <= 0) goto end;
+
+#ifndef OPENSSL_NO_SCTP
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
s->state=SSL3_ST_SW_FINISHED_A;
s->init_num=0;
@@ -618,7 +751,16 @@ int dtls1_accept(SSL *s)
if (s->hit)
s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
else
+ {
s->s3->tmp.next_state=SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+ if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
+ {
+ s->d1->next_state = s->s3->tmp.next_state;
+ s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
+ }
+#endif
+ }
s->init_num=0;
break;
@@ -636,11 +778,9 @@ int dtls1_accept(SSL *s)
s->init_num=0;
- if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
+ if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */
{
- /* actually not necessarily a 'new' session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-
+ s->renegotiate=0;
s->new_session=0;
ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
@@ -692,6 +832,14 @@ end:
/* BIO_flush(s->wbio); */
s->in_handshake--;
+#ifndef OPENSSL_NO_SCTP
+ /* Notify SCTP BIO socket to leave handshake
+ * mode and prevent stream identifier other
+ * than 0. Will be ignored if no SCTP is used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
+#endif
+
if (cb != NULL)
cb(s,SSL_CB_ACCEPT_EXIT,ret);
return(ret);
@@ -772,7 +920,7 @@ int dtls1_send_server_hello(SSL *s)
p=s->s3->server_random;
Time=(unsigned long)time(NULL); /* Time */
l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
/* Do the message type and length last */
d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
@@ -1147,7 +1295,7 @@ int dtls1_send_server_key_exchange(SSL *s)
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
{
- if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+ if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher, NULL))
== NULL)
{
al=SSL_AD_DECODE_ERROR;
diff --git a/deps/openssl/openssl/ssl/dtls1.h b/deps/openssl/openssl/ssl/dtls1.h
index 2900d1d8a..e65d50119 100644
--- a/deps/openssl/openssl/ssl/dtls1.h
+++ b/deps/openssl/openssl/ssl/dtls1.h
@@ -57,8 +57,8 @@
*
*/
-#ifndef HEADER_DTLS1_H
-#define HEADER_DTLS1_H
+#ifndef HEADER_DTLS1_H
+#define HEADER_DTLS1_H
#include <openssl/buffer.h>
#include <openssl/pqueue.h>
@@ -72,8 +72,12 @@
#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
#include <sys/timeval.h>
#else
+#if defined(OPENSSL_SYS_VXWORKS)
+#include <sys/times.h>
+#else
#include <sys/time.h>
#endif
+#endif
#ifdef __cplusplus
extern "C" {
@@ -105,6 +109,11 @@ extern "C" {
#define DTLS1_AL_HEADER_LENGTH 2
#endif
+#ifndef OPENSSL_NO_SSL_INTERN
+
+#ifndef OPENSSL_NO_SCTP
+#define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
+#endif
typedef struct dtls1_bitmap_st
{
@@ -227,7 +236,7 @@ typedef struct dtls1_state_st
struct dtls1_timeout_st timeout;
- /* Indicates when the last handshake msg sent will timeout */
+ /* Indicates when the last handshake msg or heartbeat sent will timeout */
struct timeval next_timeout;
/* Timeout duration */
@@ -243,6 +252,13 @@ typedef struct dtls1_state_st
unsigned int retransmitting;
unsigned int change_cipher_spec_ok;
+#ifndef OPENSSL_NO_SCTP
+ /* used when SSL_ST_XX_FLUSH is entered */
+ int next_state;
+
+ int shutdown_received;
+#endif
+
} DTLS1_STATE;
typedef struct dtls1_record_data_st
@@ -251,8 +267,12 @@ typedef struct dtls1_record_data_st
unsigned int packet_length;
SSL3_BUFFER rbuf;
SSL3_RECORD rrec;
+#ifndef OPENSSL_NO_SCTP
+ struct bio_dgram_sctp_rcvinfo recordinfo;
+#endif
} DTLS1_RECORD_DATA;
+#endif
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
#define DTLS1_TMO_READ_COUNT 2
diff --git a/deps/openssl/openssl/ssl/install-ssl.com b/deps/openssl/openssl/ssl/install-ssl.com
index 1bd6ccaa7..afe6967f8 100644..100755
--- a/deps/openssl/openssl/ssl/install-ssl.com
+++ b/deps/openssl/openssl/ssl/install-ssl.com
@@ -73,7 +73,7 @@ $ if f$parse("wrk_sslxexe:") .eqs. "" then -
$ if f$parse("wrk_sslxlib:") .eqs. "" then -
create /directory /log wrk_sslxlib:
$!
-$ exheader := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h
+$ exheader := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
$ e_exe := ssl_task
$ libs := ssl_libssl
$!
diff --git a/deps/openssl/openssl/ssl/kssl.c b/deps/openssl/openssl/ssl/kssl.c
index b820e3746..fd7c67bb1 100644
--- a/deps/openssl/openssl/ssl/kssl.c
+++ b/deps/openssl/openssl/ssl/kssl.c
@@ -2194,6 +2194,22 @@ krb5_error_code kssl_build_principal_2(
return ENOMEM;
}
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
+ {
+ s->kssl_ctx = kctx;
+ }
+
+KSSL_CTX * SSL_get0_kssl_ctx(SSL *s)
+ {
+ return s->kssl_ctx;
+ }
+
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
+ {
+ if (kctx)
+ return kctx->client_princ;
+ return NULL;
+ }
#else /* !OPENSSL_NO_KRB5 */
diff --git a/deps/openssl/openssl/ssl/kssl.h b/deps/openssl/openssl/ssl/kssl.h
index a3d20e1cc..8242fd5ee 100644
--- a/deps/openssl/openssl/ssl/kssl.h
+++ b/deps/openssl/openssl/ssl/kssl.h
@@ -172,6 +172,10 @@ krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
krb5_timestamp *atimep, KSSL_ERR *kssl_err);
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
+KSSL_CTX * SSL_get0_kssl_ctx(SSL *s);
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
+
#ifdef __cplusplus
}
#endif
diff --git a/deps/openssl/openssl/ssl/s23_clnt.c b/deps/openssl/openssl/ssl/s23_clnt.c
index f41fe3ab5..47673e740 100644
--- a/deps/openssl/openssl/ssl/s23_clnt.c
+++ b/deps/openssl/openssl/ssl/s23_clnt.c
@@ -129,6 +129,10 @@ static const SSL_METHOD *ssl23_get_client_method(int ver)
return(SSLv3_client_method());
else if (ver == TLS1_VERSION)
return(TLSv1_client_method());
+ else if (ver == TLS1_1_VERSION)
+ return(TLSv1_1_client_method());
+ else if (ver == TLS1_2_VERSION)
+ return(TLSv1_2_client_method());
else
return(NULL);
}
@@ -278,24 +282,51 @@ static int ssl23_client_hello(SSL *s)
SSL_COMP *comp;
#endif
int ret;
+ unsigned long mask, options = s->options;
- ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
+ ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
ssl2_compat = 0;
- if (!(s->options & SSL_OP_NO_TLSv1))
- {
+ /*
+ * SSL_OP_NO_X disables all protocols above X *if* there are
+ * some protocols below X enabled. This is required in order
+ * to maintain "version capability" vector contiguous. So
+ * that if application wants to disable TLS1.0 in favour of
+ * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
+ * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
+ */
+ mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1
+#if !defined(OPENSSL_NO_SSL3)
+ |SSL_OP_NO_SSLv3
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ |(ssl2_compat?SSL_OP_NO_SSLv2:0)
+#endif
+ ;
+#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
+ version = TLS1_2_VERSION;
+
+ if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
+ version = TLS1_1_VERSION;
+#else
+ version = TLS1_1_VERSION;
+#endif
+ mask &= ~SSL_OP_NO_TLSv1_1;
+ if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
version = TLS1_VERSION;
- }
- else if (!(s->options & SSL_OP_NO_SSLv3))
- {
+ mask &= ~SSL_OP_NO_TLSv1;
+#if !defined(OPENSSL_NO_SSL3)
+ if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
version = SSL3_VERSION;
- }
- else if (!(s->options & SSL_OP_NO_SSLv2))
- {
+ mask &= ~SSL_OP_NO_SSLv3;
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+ if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
version = SSL2_VERSION;
- }
+#endif
+
#ifndef OPENSSL_NO_TLSEXT
if (version != SSL2_VERSION)
{
@@ -329,11 +360,29 @@ static int ssl23_client_hello(SSL *s)
if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
return -1;
- if (version == TLS1_VERSION)
+ if (version == TLS1_2_VERSION)
+ {
+ version_major = TLS1_2_VERSION_MAJOR;
+ version_minor = TLS1_2_VERSION_MINOR;
+ }
+ else if (version == TLS1_1_VERSION)
+ {
+ version_major = TLS1_1_VERSION_MAJOR;
+ version_minor = TLS1_1_VERSION_MINOR;
+ }
+ else if (version == TLS1_VERSION)
{
version_major = TLS1_VERSION_MAJOR;
version_minor = TLS1_VERSION_MINOR;
}
+#ifdef OPENSSL_FIPS
+ else if(FIPS_mode())
+ {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+ SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ return -1;
+ }
+#endif
else if (version == SSL3_VERSION)
{
version_major = SSL3_VERSION_MAJOR;
@@ -437,6 +486,15 @@ static int ssl23_client_hello(SSL *s)
SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
return -1;
}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /* Some servers hang if client hello > 256 bytes
+ * as hack workaround chop number of supported ciphers
+ * to keep it well below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
s2n(i,p);
p+=i;
@@ -491,8 +549,13 @@ static int ssl23_client_hello(SSL *s)
d=buf;
*(d++) = SSL3_RT_HANDSHAKE;
*(d++) = version_major;
- *(d++) = version_minor; /* arguably we should send the *lowest* suported version here
- * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
+ /* Some servers hang if we use long client hellos
+ * and a record number > TLS 1.0.
+ */
+ if (TLS1_get_client_version(s) > TLS1_VERSION)
+ *(d++) = 1;
+ else
+ *(d++) = version_minor;
s2n((int)l,d);
/* number of bytes to write */
@@ -608,7 +671,7 @@ static int ssl23_get_server_hello(SSL *s)
#endif
}
else if (p[1] == SSL3_VERSION_MAJOR &&
- (p[2] == SSL3_VERSION_MINOR || p[2] == TLS1_VERSION_MINOR) &&
+ p[2] <= TLS1_2_VERSION_MINOR &&
((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
{
@@ -617,6 +680,14 @@ static int ssl23_get_server_hello(SSL *s)
if ((p[2] == SSL3_VERSION_MINOR) &&
!(s->options & SSL_OP_NO_SSLv3))
{
+#ifdef OPENSSL_FIPS
+ if(FIPS_mode())
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+ SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ goto err;
+ }
+#endif
s->version=SSL3_VERSION;
s->method=SSLv3_client_method();
}
@@ -626,6 +697,18 @@ static int ssl23_get_server_hello(SSL *s)
s->version=TLS1_VERSION;
s->method=TLSv1_client_method();
}
+ else if ((p[2] == TLS1_1_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_1))
+ {
+ s->version=TLS1_1_VERSION;
+ s->method=TLSv1_1_client_method();
+ }
+ else if ((p[2] == TLS1_2_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1_2))
+ {
+ s->version=TLS1_2_VERSION;
+ s->method=TLSv1_2_client_method();
+ }
else
{
SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
@@ -687,13 +770,6 @@ static int ssl23_get_server_hello(SSL *s)
/* Since, if we are sending a ssl23 client hello, we are not
* reusing a session-id */
- if (!s->session_creation_enabled)
- {
- if (!(s->client_version == SSL2_VERSION))
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,0))
goto err;
diff --git a/deps/openssl/openssl/ssl/s23_meth.c b/deps/openssl/openssl/ssl/s23_meth.c
index c6099efcf..40eae0f0b 100644
--- a/deps/openssl/openssl/ssl/s23_meth.c
+++ b/deps/openssl/openssl/ssl/s23_meth.c
@@ -76,6 +76,10 @@ static const SSL_METHOD *ssl23_get_method(int ver)
#ifndef OPENSSL_NO_TLS1
if (ver == TLS1_VERSION)
return(TLSv1_method());
+ else if (ver == TLS1_1_VERSION)
+ return(TLSv1_1_method());
+ else if (ver == TLS1_2_VERSION)
+ return(TLSv1_2_method());
else
#endif
return(NULL);
diff --git a/deps/openssl/openssl/ssl/s23_srvr.c b/deps/openssl/openssl/ssl/s23_srvr.c
index e22879c83..487784901 100644
--- a/deps/openssl/openssl/ssl/s23_srvr.c
+++ b/deps/openssl/openssl/ssl/s23_srvr.c
@@ -115,6 +115,9 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
@@ -128,6 +131,10 @@ static const SSL_METHOD *ssl23_get_server_method(int ver)
return(SSLv3_server_method());
else if (ver == TLS1_VERSION)
return(TLSv1_server_method());
+ else if (ver == TLS1_1_VERSION)
+ return(TLSv1_1_server_method());
+ else if (ver == TLS1_2_VERSION)
+ return(TLSv1_2_server_method());
else
return(NULL);
}
@@ -283,7 +290,20 @@ int ssl23_get_client_hello(SSL *s)
/* SSLv3/TLSv1 */
if (p[4] >= TLS1_VERSION_MINOR)
{
- if (!(s->options & SSL_OP_NO_TLSv1))
+ if (p[4] >= TLS1_2_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_2))
+ {
+ s->version=TLS1_2_VERSION;
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ else if (p[4] >= TLS1_1_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_1))
+ {
+ s->version=TLS1_1_VERSION;
+ /* type=2; */ /* done later to survive restarts */
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ else if (!(s->options & SSL_OP_NO_TLSv1))
{
s->version=TLS1_VERSION;
/* type=2; */ /* done later to survive restarts */
@@ -350,7 +370,19 @@ int ssl23_get_client_hello(SSL *s)
v[1]=p[10]; /* minor version according to client_version */
if (v[1] >= TLS1_VERSION_MINOR)
{
- if (!(s->options & SSL_OP_NO_TLSv1))
+ if (v[1] >= TLS1_2_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_2))
+ {
+ s->version=TLS1_2_VERSION;
+ type=3;
+ }
+ else if (v[1] >= TLS1_1_VERSION_MINOR &&
+ !(s->options & SSL_OP_NO_TLSv1_1))
+ {
+ s->version=TLS1_1_VERSION;
+ type=3;
+ }
+ else if (!(s->options & SSL_OP_NO_TLSv1))
{
s->version=TLS1_VERSION;
type=3;
@@ -393,6 +425,15 @@ int ssl23_get_client_hello(SSL *s)
}
}
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && (s->version < TLS1_VERSION))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+ SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ goto err;
+ }
+#endif
+
if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
{
/* we have SSLv3/TLSv1 in an SSLv2 header
@@ -403,13 +444,8 @@ int ssl23_get_client_hello(SSL *s)
v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
v[1] = p[4];
-/* The SSL2 protocol allows n to be larger, just pick
- * a reasonable buffer size. */
-#if SSL3_RT_DEFAULT_PACKET_SIZE < 1024*4 - SSL3_RT_DEFAULT_WRITE_OVERHEAD
-#error "SSL3_RT_DEFAULT_PACKET_SIZE is too small."
-#endif
n=((p[0]&0x7f)<<8)|p[1];
- if (n > SSL3_RT_DEFAULT_PACKET_SIZE - 2)
+ if (n > (1024*4))
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
goto err;
@@ -572,8 +608,11 @@ int ssl23_get_client_hello(SSL *s)
s->s3->rbuf.left=0;
s->s3->rbuf.offset=0;
}
-
- if (s->version == TLS1_VERSION)
+ if (s->version == TLS1_2_VERSION)
+ s->method = TLSv1_2_server_method();
+ else if (s->version == TLS1_1_VERSION)
+ s->method = TLSv1_1_server_method();
+ else if (s->version == TLS1_VERSION)
s->method = TLSv1_server_method();
else
s->method = SSLv3_server_method();
diff --git a/deps/openssl/openssl/ssl/s2_clnt.c b/deps/openssl/openssl/ssl/s2_clnt.c
index 00ac158f9..03b6cf967 100644
--- a/deps/openssl/openssl/ssl/s2_clnt.c
+++ b/deps/openssl/openssl/ssl/s2_clnt.c
@@ -359,12 +359,14 @@ static int get_server_hello(SSL *s)
SSL_R_PEER_ERROR);
return(-1);
}
-#ifdef __APPLE_CC__
- /* The Rhapsody 5.5 (a.k.a. MacOS X) compiler bug
- * workaround. <appro@fy.chalmers.se> */
- s->hit=(i=*(p++))?1:0;
-#else
+#if 0
s->hit=(*(p++))?1:0;
+ /* Some [PPC?] compilers fail to increment p in above
+ statement, e.g. one provided with Rhapsody 5.5, but
+ most recent example XL C 11.1 for AIX, even without
+ optimization flag... */
+#else
+ s->hit=(*p)?1:0; p++;
#endif
s->s2->tmp.cert_type= *(p++);
n2s(p,i);
@@ -937,7 +939,7 @@ static int get_server_verify(SSL *s)
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
p += 1;
- if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
+ if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
diff --git a/deps/openssl/openssl/ssl/s2_pkt.c b/deps/openssl/openssl/ssl/s2_pkt.c
index ac963b2d4..8bb6ab8ba 100644
--- a/deps/openssl/openssl/ssl/s2_pkt.c
+++ b/deps/openssl/openssl/ssl/s2_pkt.c
@@ -269,8 +269,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
s->s2->ract_data_length-=mac_size;
ssl2_mac(s,mac,0);
s->s2->ract_data_length-=s->s2->padding;
- if ( (memcmp(mac,s->s2->mac_data,
- (unsigned int)mac_size) != 0) ||
+ if ( (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) ||
(s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
{
SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
diff --git a/deps/openssl/openssl/ssl/s2_srvr.c b/deps/openssl/openssl/ssl/s2_srvr.c
index bc885e8e7..2cba426bb 100644
--- a/deps/openssl/openssl/ssl/s2_srvr.c
+++ b/deps/openssl/openssl/ssl/s2_srvr.c
@@ -1059,10 +1059,12 @@ static int request_certificate(SSL *s)
EVP_PKEY *pkey=NULL;
EVP_MD_CTX_init(&ctx);
- EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
- EVP_VerifyUpdate(&ctx,s->s2->key_material,
- s->s2->key_material_length);
- EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL)
+ || !EVP_VerifyUpdate(&ctx,s->s2->key_material,
+ s->s2->key_material_length)
+ || !EVP_VerifyUpdate(&ctx,ccd,
+ SSL2_MIN_CERT_CHALLENGE_LENGTH))
+ goto msg_end;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
buf2=OPENSSL_malloc((unsigned int)i);
@@ -1073,7 +1075,11 @@ static int request_certificate(SSL *s)
}
p2=buf2;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
- EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
+ if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i))
+ {
+ OPENSSL_free(buf2);
+ goto msg_end;
+ }
OPENSSL_free(buf2);
pkey=X509_get_pubkey(x509);
diff --git a/deps/openssl/openssl/ssl/s3_both.c b/deps/openssl/openssl/ssl/s3_both.c
index 508e39021..ead01c82a 100644
--- a/deps/openssl/openssl/ssl/s3_both.c
+++ b/deps/openssl/openssl/ssl/s3_both.c
@@ -233,7 +233,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
#ifdef OPENSSL_NO_NEXTPROTONEG
/* the mac has already been generated when we received the
- * change cipher spec message and is in s->s3->tmp.peer_finish_md
+ * change cipher spec message and is in s->s3->tmp.peer_finish_md.
*/
#endif
@@ -265,7 +265,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
goto f_err;
}
- if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
+ if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
{
al=SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
@@ -347,11 +347,8 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
unsigned long l=7;
BUF_MEM *buf;
int no_chain;
- STACK_OF(X509) *cert_chain;
- cert_chain = SSL_get_certificate_chain(s, x);
-
- if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs || cert_chain)
+ if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
no_chain = 1;
else
no_chain = 0;
@@ -403,10 +400,6 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
return(0);
}
- for (i=0; i<sk_X509_num(cert_chain); i++)
- if (ssl3_add_cert_to_buf(buf, &l, sk_X509_value(cert_chain,i)))
- return(0);
-
l-=7;
p=(unsigned char *)&(buf->data[4]);
l2n3(l,p);
@@ -756,20 +749,13 @@ int ssl3_setup_read_buffer(SSL *s)
if (s->s3->rbuf.buf == NULL)
{
- if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS)
- {
- len = SSL3_RT_DEFAULT_PACKET_SIZE;
- }
- else
+ len = SSL3_RT_MAX_PLAIN_LENGTH
+ + SSL3_RT_MAX_ENCRYPTED_OVERHEAD
+ + headerlen + align;
+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
{
- len = SSL3_RT_MAX_PLAIN_LENGTH
- + SSL3_RT_MAX_ENCRYPTED_OVERHEAD
- + headerlen + align;
- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
- {
- s->s3->init_extra = 1;
- len += SSL3_RT_MAX_EXTRA;
- }
+ s->s3->init_extra = 1;
+ len += SSL3_RT_MAX_EXTRA;
}
#ifndef OPENSSL_NO_COMP
if (!(s->options & SSL_OP_NO_COMPRESSION))
@@ -805,15 +791,7 @@ int ssl3_setup_write_buffer(SSL *s)
if (s->s3->wbuf.buf == NULL)
{
- if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS)
- {
- len = SSL3_RT_DEFAULT_PACKET_SIZE;
- }
- else
- {
- len = s->max_send_fragment;
- }
- len += 0
+ len = s->max_send_fragment
+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD
+ headerlen + align;
#ifndef OPENSSL_NO_COMP
@@ -823,6 +801,7 @@ int ssl3_setup_write_buffer(SSL *s)
if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
len += headerlen + align
+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
+
if ((p=freelist_extract(s->ctx, 0, len)) == NULL)
goto err;
s->s3->wbuf.buf = p;
@@ -865,3 +844,4 @@ int ssl3_release_read_buffer(SSL *s)
}
return 1;
}
+
diff --git a/deps/openssl/openssl/ssl/s3_clnt.c b/deps/openssl/openssl/ssl/s3_clnt.c
index 04d6e5bb7..344e2eb1a 100644
--- a/deps/openssl/openssl/ssl/s3_clnt.c
+++ b/deps/openssl/openssl/ssl/s3_clnt.c
@@ -156,6 +156,9 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
@@ -199,16 +202,16 @@ int ssl3_connect(SSL *s)
s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-#if 0 /* Send app data in separate packet, otherwise, some particular site
- * (only one site so far) closes the socket.
- * Note: there is a very small chance that two TCP packets
- * could be arriving at server combined into a single TCP packet,
- * then trigger that site to break. We haven't encounter that though.
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* If we're awaiting a HeartbeatResponse, pretend we
+ * already got and don't await it anymore, because
+ * Heartbeats don't make sense during handshakes anyway.
*/
- if (SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH)
+ if (s->tlsext_hb_pending)
{
- /* Send app data along with CCS/Finished */
- s->s3->flags |= SSL3_FLAGS_DELAY_CLIENT_FINISHED;
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
}
#endif
@@ -219,7 +222,7 @@ int ssl3_connect(SSL *s)
switch(s->state)
{
case SSL_ST_RENEGOTIATE:
- s->new_session=1;
+ s->renegotiate=1;
s->state=SSL_ST_CONNECT;
s->ctx->stats.sess_connect_renegotiate++;
/* break */
@@ -292,7 +295,16 @@ int ssl3_connect(SSL *s)
if (ret <= 0) goto end;
if (s->hit)
+ {
s->state=SSL3_ST_CR_FINISHED_A;
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->tlsext_ticket_expected)
+ {
+ /* receive renewed session ticket */
+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
+ }
+#endif
+ }
else
s->state=SSL3_ST_CR_CERT_A;
s->init_num=0;
@@ -370,6 +382,17 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_SRVR_DONE_B:
ret=ssl3_get_server_done(s);
if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_SRP
+ if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP)
+ {
+ if ((ret = SRP_Calc_A_param(s))<=0)
+ {
+ SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SRP_A_CALC);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+ goto end;
+ }
+ }
+#endif
if (s->s3->tmp.cert_req)
s->state=SSL3_ST_CW_CERT_A;
else
@@ -439,12 +462,11 @@ int ssl3_connect(SSL *s)
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
s->state=SSL3_ST_CW_FINISHED_A;
#else
- if (s->next_proto_negotiated)
+ if (s->s3->next_proto_neg_seen)
s->state=SSL3_ST_CW_NEXT_PROTO_A;
else
s->state=SSL3_ST_CW_FINISHED_A;
#endif
-
s->init_num=0;
s->session->cipher=s->s3->tmp.new_cipher;
@@ -504,31 +526,14 @@ int ssl3_connect(SSL *s)
}
else
{
- if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && SSL_get_cipher_bits(s, NULL) >= 128
- && s->s3->previous_server_finished_len == 0 /* no cutthrough on renegotiation (would complicate the state machine) */
- )
- {
- if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
- {
- s->state=SSL3_ST_CUTTHROUGH_COMPLETE;
- s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
- s->s3->delay_buf_pop_ret=0;
- }
- else
- {
- s->s3->tmp.next_state=SSL3_ST_CUTTHROUGH_COMPLETE;
- }
- }
- else
- {
#ifndef OPENSSL_NO_TLSEXT
- /* Allow NewSessionTicket if ticket expected */
- if (s->tlsext_ticket_expected)
- s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
- else
+ /* Allow NewSessionTicket if ticket expected */
+ if (s->tlsext_ticket_expected)
+ s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
+ else
#endif
- s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
- }
+
+ s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
}
s->init_num=0;
break;
@@ -576,24 +581,6 @@ int ssl3_connect(SSL *s)
s->state=s->s3->tmp.next_state;
break;
- case SSL3_ST_CUTTHROUGH_COMPLETE:
-#ifndef OPENSSL_NO_TLSEXT
- /* Allow NewSessionTicket if ticket expected */
- if (s->tlsext_ticket_expected)
- s->state=SSL3_ST_CR_SESSION_TICKET_A;
- else
-#endif
- s->state=SSL3_ST_CR_FINISHED_A;
-
- /* SSL_write() will take care of flushing buffered data if
- * DELAY_CLIENT_FINISHED is set.
- */
- if (!(s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED))
- ssl_free_wbio_buffer(s);
- ret = 1;
- goto end;
- /* break; */
-
case SSL_ST_OK:
/* clean a few things up */
ssl3_cleanup_key_block(s);
@@ -611,6 +598,7 @@ int ssl3_connect(SSL *s)
/* else do it later in ssl3_write */
s->init_num=0;
+ s->renegotiate=0;
s->new_session=0;
ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
@@ -686,12 +674,6 @@ int ssl3_client_hello(SSL *s)
#endif
(sess->not_resumable))
{
- if (!s->session_creation_enabled)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,0))
goto err;
}
@@ -706,9 +688,43 @@ int ssl3_client_hello(SSL *s)
/* Do the message type and length last */
d=p= &(buf[4]);
+ /* version indicates the negotiated version: for example from
+ * an SSLv2/v3 compatible client hello). The client_version
+ * field is the maximum version we permit and it is also
+ * used in RSA encrypted premaster secrets. Some servers can
+ * choke if we initially report a higher version then
+ * renegotiate to a lower one in the premaster secret. This
+ * didn't happen with TLS 1.0 as most servers supported it
+ * but it can with TLS 1.1 or later if the server only supports
+ * 1.0.
+ *
+ * Possible scenario with previous logic:
+ * 1. Client hello indicates TLS 1.2
+ * 2. Server hello says TLS 1.0
+ * 3. RSA encrypted premaster secret uses 1.2.
+ * 4. Handhaked proceeds using TLS 1.0.
+ * 5. Server sends hello request to renegotiate.
+ * 6. Client hello indicates TLS v1.0 as we now
+ * know that is maximum server supports.
+ * 7. Server chokes on RSA encrypted premaster secret
+ * containing version 1.0.
+ *
+ * For interoperability it should be OK to always use the
+ * maximum version we support in client hello and then rely
+ * on the checking of version to ensure the servers isn't
+ * being inconsistent: for example initially negotiating with
+ * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
+ * client_version in client hello and not resetting it to
+ * the negotiated version.
+ */
+#if 0
*(p++)=s->version>>8;
*(p++)=s->version&0xff;
s->client_version=s->version;
+#else
+ *(p++)=s->client_version>>8;
+ *(p++)=s->client_version&0xff;
+#endif
/* Random stuff */
memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
@@ -738,6 +754,15 @@ int ssl3_client_hello(SSL *s)
SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
goto err;
}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+ /* Some servers hang if client hello > 256 bytes
+ * as hack workaround chop number of supported ciphers
+ * to keep it well below this if we use TLS v1.2
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION
+ && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+ i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
s2n(i,p);
p+=i;
@@ -900,12 +925,6 @@ int ssl3_get_server_hello(SSL *s)
s->hit=0;
if (s->session->session_id_length > 0)
{
- if (!s->session_creation_enabled)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,0))
{
al=SSL_AD_INTERNAL_ERROR;
@@ -924,6 +943,14 @@ int ssl3_get_server_hello(SSL *s)
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
goto f_err;
}
+ /* TLS v1.2 only ciphersuites require v1.2 or later */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
p+=ssl_put_cipher_by_char(s,NULL,NULL);
sk=ssl_get_ciphers_by_id(s);
@@ -955,9 +982,14 @@ int ssl3_get_server_hello(SSL *s)
}
}
s->s3->tmp.new_cipher=c;
- if (!ssl3_digest_cached_records(s))
+ /* Don't digest cached records if TLS v1.2: we may need them for
+ * client authentication.
+ */
+ if (TLS1_get_version(s) < TLS1_2_VERSION && !ssl3_digest_cached_records(s))
+ {
+ al = SSL_AD_INTERNAL_ERROR;
goto f_err;
-
+ }
/* lets get the compression algorithm */
/* COMPRESSION */
#ifdef OPENSSL_NO_COMP
@@ -1236,6 +1268,7 @@ int ssl3_get_key_exchange(SSL *s)
int al,i,j,param_len,ok;
long n,alg_k,alg_a;
EVP_PKEY *pkey=NULL;
+ const EVP_MD *md = NULL;
#ifndef OPENSSL_NO_RSA
RSA *rsa=NULL;
#endif
@@ -1359,6 +1392,86 @@ int ssl3_get_key_exchange(SSL *s)
}
else
#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP)
+ {
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ i = (unsigned int)(p[0]);
+ p++;
+ param_len+=i+1;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+/* We must check if there is a certificate */
+#ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+#else
+ if (0)
+ ;
+#endif
+#ifndef OPENSSL_NO_DSA
+ else if (alg_a & SSL_aDSS)
+ pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
+#endif
+ }
+ else
+#endif /* !OPENSSL_NO_SRP */
#ifndef OPENSSL_NO_RSA
if (alg_k & SSL_kRSA)
{
@@ -1606,6 +1719,38 @@ int ssl3_get_key_exchange(SSL *s)
/* if it was signed, check the signature */
if (pkey != NULL)
{
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ int sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1])
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_TYPE);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNKNOWN_DIGEST);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ }
+ else
+ md = EVP_sha1();
+
n2s(p,i);
n-=2;
j=EVP_PKEY_size(pkey);
@@ -1619,7 +1764,7 @@ int ssl3_get_key_exchange(SSL *s)
}
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
+ if (pkey->type == EVP_PKEY_RSA && TLS1_get_version(s) < TLS1_2_VERSION)
{
int num;
@@ -1627,6 +1772,8 @@ int ssl3_get_key_exchange(SSL *s)
q=md_buf;
for (num=2; num > 0; num--)
{
+ EVP_MD_CTX_set_flags(&md_ctx,
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(&md_ctx,(num == 2)
?s->ctx->md5:s->ctx->sha1, NULL);
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
@@ -1654,29 +1801,8 @@ int ssl3_get_key_exchange(SSL *s)
}
else
#endif
-#ifndef OPENSSL_NO_DSA
- if (pkey->type == EVP_PKEY_DSA)
- {
- /* lets do DSS */
- EVP_VerifyInit_ex(&md_ctx,EVP_dss1(), NULL);
- EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_VerifyUpdate(&md_ctx,param,param_len);
- if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
- {
- /* bad signature */
- al=SSL_AD_DECRYPT_ERROR;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
- goto f_err;
- }
- }
- else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
{
- /* let's do ECDSA */
- EVP_VerifyInit_ex(&md_ctx,EVP_ecdsa(), NULL);
+ EVP_VerifyInit_ex(&md_ctx, md, NULL);
EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_VerifyUpdate(&md_ctx,param,param_len);
@@ -1688,12 +1814,6 @@ int ssl3_get_key_exchange(SSL *s)
goto f_err;
}
}
- else
-#endif
- {
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
- goto err;
- }
}
else
{
@@ -1740,7 +1860,7 @@ int ssl3_get_certificate_request(SSL *s)
{
int ok,ret=0;
unsigned long n,nc,l;
- unsigned int llen,ctype_num,i;
+ unsigned int llen, ctype_num,i;
X509_NAME *xn=NULL;
const unsigned char *p,*q;
unsigned char *d;
@@ -1760,6 +1880,14 @@ int ssl3_get_certificate_request(SSL *s)
if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
{
s->s3->tmp.reuse_message=1;
+ /* If we get here we don't need any cached handshake records
+ * as we wont be doing client auth.
+ */
+ if (s->s3->handshake_buffer)
+ {
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ }
return(1);
}
@@ -1796,6 +1924,26 @@ int ssl3_get_certificate_request(SSL *s)
for (i=0; i<ctype_num; i++)
s->s3->tmp.ctype[i]= p[i];
p+=ctype_num;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ n2s(p, llen);
+ /* Check we have enough room for signature algorithms and
+ * following length value.
+ */
+ if ((unsigned long)(p - d + llen + 2) > n)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_DATA_LENGTH_TOO_LONG);
+ goto err;
+ }
+ if ((llen & 1) || !tls1_process_sigalgs(s, p, llen))
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_SIGNATURE_ALGORITHMS_ERROR);
+ goto err;
+ }
+ p += llen;
+ }
/* get the CA RDNs */
n2s(p,llen);
@@ -1808,7 +1956,7 @@ fclose(out);
}
#endif
- if ((llen+ctype_num+2+1) != n)
+ if ((unsigned long)(p - d + llen) != n)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
@@ -2630,6 +2778,39 @@ int ssl3_send_client_key_exchange(SSL *s)
EVP_PKEY_free(pub_key);
}
+#ifndef OPENSSL_NO_SRP
+ else if (alg_k & SSL_kSRP)
+ {
+ if (s->srp_ctx.A != NULL)
+ {
+ /* send off the data */
+ n=BN_num_bytes(s->srp_ctx.A);
+ s2n(n,p);
+ BN_bn2bin(s->srp_ctx.A,p);
+ n+=2;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length = SRP_generate_client_master_secret(s,s->session->master_key))<0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+#endif
#ifndef OPENSSL_NO_PSK
else if (alg_k & SSL_kPSK)
{
@@ -2749,12 +2930,13 @@ int ssl3_send_client_verify(SSL *s)
unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
EVP_PKEY *pkey;
EVP_PKEY_CTX *pctx=NULL;
-#ifndef OPENSSL_NO_RSA
+ EVP_MD_CTX mctx;
unsigned u=0;
-#endif
unsigned long n;
int j;
+ EVP_MD_CTX_init(&mctx);
+
if (s->state == SSL3_ST_CW_CERT_VRFY_A)
{
d=(unsigned char *)s->init_buf->data;
@@ -2765,7 +2947,8 @@ int ssl3_send_client_verify(SSL *s)
EVP_PKEY_sign_init(pctx);
if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1())>0)
{
- s->method->ssl3_enc->cert_verify_mac(s,
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
+ s->method->ssl3_enc->cert_verify_mac(s,
NID_sha1,
&(data[MD5_DIGEST_LENGTH]));
}
@@ -2773,6 +2956,41 @@ int ssl3_send_client_verify(SSL *s)
{
ERR_clear_error();
}
+ /* For TLS v1.2 send signature algorithm and signature
+ * using agreed digest and cached handshake records.
+ */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ long hdatalen = 0;
+ void *hdata;
+ const EVP_MD *md = s->cert->key->digest;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,
+ &hdata);
+ if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ p += 2;
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_SignInit_ex(&mctx, md, NULL)
+ || !EVP_SignUpdate(&mctx, hdata, hdatalen)
+ || !EVP_SignFinal(&mctx, p + 2, &u, pkey))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+ ERR_R_EVP_LIB);
+ goto err;
+ }
+ s2n(u,p);
+ n = u + 4;
+ if (!ssl3_digest_cached_records(s))
+ goto err;
+ }
+ else
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
@@ -2855,9 +3073,11 @@ int ssl3_send_client_verify(SSL *s)
s->init_num=(int)n+4;
s->init_off=0;
}
+ EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
err:
+ EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
return(-1);
}
@@ -2981,7 +3201,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
if (idx == SSL_PKEY_ECC)
{
if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
- s->s3->tmp.new_cipher) == 0)
+ s) == 0)
{ /* check failed */
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT);
goto f_err;
@@ -3077,13 +3297,7 @@ err:
return(0);
}
-/* Check to see if handshake is full or resumed. Usually this is just a
- * case of checking to see if a cache hit has occurred. In the case of
- * session tickets we have to check the next message to be sure.
- */
-
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_NEXTPROTONEG
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
int ssl3_send_next_proto(SSL *s)
{
unsigned int len, padding_len;
@@ -3106,9 +3320,15 @@ int ssl3_send_next_proto(SSL *s)
}
return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
- }
-# endif
+}
+#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
+/* Check to see if handshake is full or resumed. Usually this is just a
+ * case of checking to see if a cache hit has occurred. In the case of
+ * session tickets we have to check the next message to be sure.
+ */
+
+#ifndef OPENSSL_NO_TLSEXT
int ssl3_check_finished(SSL *s)
{
int ok;
diff --git a/deps/openssl/openssl/ssl/s3_enc.c b/deps/openssl/openssl/ssl/s3_enc.c
index b14597076..e3cd4f062 100644
--- a/deps/openssl/openssl/ssl/s3_enc.c
+++ b/deps/openssl/openssl/ssl/s3_enc.c
@@ -170,6 +170,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
#endif
k=0;
EVP_MD_CTX_init(&m5);
+ EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_MD_CTX_init(&s1);
for (i=0; (int)i<num; i+=MD5_DIGEST_LENGTH)
{
@@ -465,12 +466,21 @@ void ssl3_cleanup_key_block(SSL *s)
s->s3->tmp.key_block_length=0;
}
+/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * short etc).
+ * 1: if the record's padding is valid / the encryption was successful.
+ * -1: if the record's padding is invalid or, if sending, an internal error
+ * occured.
+ */
int ssl3_enc(SSL *s, int send)
{
SSL3_RECORD *rec;
EVP_CIPHER_CTX *ds;
unsigned long l;
- int bs,i;
+ int bs,i,mac_size=0;
const EVP_CIPHER *enc;
if (send)
@@ -521,32 +531,16 @@ int ssl3_enc(SSL *s, int send)
if (!send)
{
if (l == 0 || l%bs != 0)
- {
- SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
return 0;
- }
/* otherwise, rec->length >= bs */
}
EVP_Cipher(ds,rec->data,rec->input,l);
+ if (EVP_MD_CTX_md(s->read_hash) != NULL)
+ mac_size = EVP_MD_CTX_size(s->read_hash);
if ((bs != 1) && !send)
- {
- i=rec->data[l-1]+1;
- /* SSL 3.0 bounds the number of padding bytes by the block size;
- * padding bytes (except the last one) are arbitrary */
- if (i > bs)
- {
- /* Incorrect padding. SSLerr() and ssl3_alert are done
- * by caller: we don't want to reveal whether this is
- * a decryption error or a MAC verification failure
- * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
- return -1;
- }
- /* now i <= bs <= rec->length */
- rec->length-=i;
- }
+ return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
}
return(1);
}
@@ -571,12 +565,12 @@ void ssl3_free_digest_list(SSL *s)
OPENSSL_free(s->s3->handshake_dgst);
s->s3->handshake_dgst=NULL;
}
-
+
void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
{
- if (s->s3->handshake_buffer)
+ if (s->s3->handshake_buffer && !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE))
{
BIO_write (s->s3->handshake_buffer,(void *)buf,len);
}
@@ -613,9 +607,16 @@ int ssl3_digest_cached_records(SSL *s)
/* Loop through bitso of algorithm2 field and create MD_CTX-es */
for (i=0;ssl_get_handshake_digest(i,&mask,&md); i++)
{
- if ((mask & s->s3->tmp.new_cipher->algorithm2) && md)
+ if ((mask & ssl_get_algorithm2(s)) && md)
{
s->s3->handshake_dgst[i]=EVP_MD_CTX_create();
+#ifdef OPENSSL_FIPS
+ if (EVP_MD_nid(md) == NID_md5)
+ {
+ EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ }
+#endif
EVP_DigestInit_ex(s->s3->handshake_dgst[i],md,NULL);
EVP_DigestUpdate(s->s3->handshake_dgst[i],hdata,hdatalen);
}
@@ -624,9 +625,12 @@ int ssl3_digest_cached_records(SSL *s)
s->s3->handshake_dgst[i]=NULL;
}
}
- /* Free handshake_buffer BIO */
- BIO_free(s->s3->handshake_buffer);
- s->s3->handshake_buffer = NULL;
+ if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE))
+ {
+ /* Free handshake_buffer BIO */
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ }
return 1;
}
@@ -672,6 +676,7 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
return 0;
}
EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_MD_CTX_copy_ex(&ctx,d);
n=EVP_MD_CTX_size(&ctx);
if (n < 0)
@@ -704,7 +709,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p,rec_char;
- unsigned int md_size;
+ size_t md_size, orig_len;
int npad;
int t;
@@ -729,28 +734,72 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
md_size=t;
npad=(48/md_size)*md_size;
- /* Chop the digest off the end :-) */
- EVP_MD_CTX_init(&md_ctx);
-
- EVP_MD_CTX_copy_ex( &md_ctx,hash);
- EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
- EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
- EVP_DigestUpdate(&md_ctx,seq,8);
- rec_char=rec->type;
- EVP_DigestUpdate(&md_ctx,&rec_char,1);
- p=md;
- s2n(rec->length,p);
- EVP_DigestUpdate(&md_ctx,md,2);
- EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
- EVP_DigestFinal_ex( &md_ctx,md,NULL);
-
- EVP_MD_CTX_copy_ex( &md_ctx,hash);
- EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
- EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
- EVP_DigestUpdate(&md_ctx,md,md_size);
- EVP_DigestFinal_ex( &md_ctx,md,&md_size);
-
- EVP_MD_CTX_cleanup(&md_ctx);
+ /* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
+ orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+ rec->type &= 0xff;
+
+ if (!send &&
+ EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ ssl3_cbc_record_digest_supported(hash))
+ {
+ /* This is a CBC-encrypted record. We must avoid leaking any
+ * timing-side channel information about how many blocks of
+ * data we are hashing because that gives an attacker a
+ * timing-oracle. */
+
+ /* npad is, at most, 48 bytes and that's with MD5:
+ * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
+ *
+ * With SHA-1 (the largest hash speced for SSLv3) the hash size
+ * goes up 4, but npad goes down by 8, resulting in a smaller
+ * total size. */
+ unsigned char header[75];
+ unsigned j = 0;
+ memcpy(header+j, mac_sec, md_size);
+ j += md_size;
+ memcpy(header+j, ssl3_pad_1, npad);
+ j += npad;
+ memcpy(header+j, seq, 8);
+ j += 8;
+ header[j++] = rec->type;
+ header[j++] = rec->length >> 8;
+ header[j++] = rec->length & 0xff;
+
+ ssl3_cbc_digest_record(
+ hash,
+ md, &md_size,
+ header, rec->input,
+ rec->length + md_size, orig_len,
+ mac_sec, md_size,
+ 1 /* is SSLv3 */);
+ }
+ else
+ {
+ unsigned int md_size_u;
+ /* Chop the digest off the end :-) */
+ EVP_MD_CTX_init(&md_ctx);
+
+ EVP_MD_CTX_copy_ex( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
+ EVP_DigestUpdate(&md_ctx,seq,8);
+ rec_char=rec->type;
+ EVP_DigestUpdate(&md_ctx,&rec_char,1);
+ p=md;
+ s2n(rec->length,p);
+ EVP_DigestUpdate(&md_ctx,md,2);
+ EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
+ EVP_DigestFinal_ex( &md_ctx,md,NULL);
+
+ EVP_MD_CTX_copy_ex( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
+ EVP_DigestUpdate(&md_ctx,md,md_size);
+ EVP_DigestFinal_ex( &md_ctx,md,&md_size_u);
+ md_size = md_size_u;
+
+ EVP_MD_CTX_cleanup(&md_ctx);
+ }
ssl3_record_sequence_update(seq);
return(md_size);
diff --git a/deps/openssl/openssl/ssl/s3_lib.c b/deps/openssl/openssl/ssl/s3_lib.c
index 72d3f1fd5..e7c5dcb80 100644
--- a/deps/openssl/openssl/ssl/s3_lib.c
+++ b/deps/openssl/openssl/ssl/s3_lib.c
@@ -1071,6 +1071,103 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
256,
},
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 3B */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_NULL_SHA256,
+ TLS1_CK_RSA_WITH_NULL_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher 3C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_RSA_WITH_AES_256_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 3E */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 3F */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 40 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
#ifndef OPENSSL_NO_CAMELLIA
/* Camellia ciphersuites from RFC4132 (128-bit portion) */
@@ -1287,6 +1384,122 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
128,
},
#endif
+
+ /* TLS v1.2 ciphersuites */
+ /* Cipher 67 */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 68 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 69 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6A */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6B */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher 6C */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher 6D */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA256,
+ TLS1_CK_ADH_WITH_AES_256_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* GOST Ciphersuites */
+
{
1,
"GOST94-GOST89-GOST89",
@@ -1610,6 +1823,200 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
#endif /* OPENSSL_NO_SEED */
+ /* GCM ciphersuites from RFC5288 */
+
+ /* Cipher 9C */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher 9E */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9F */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A0 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A1 */
+ {
+ 0,
+ TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A2 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A3 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A4 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A5 */
+ {
+ 0,
+ TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher A6 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher A7 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
@@ -1621,7 +2028,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_STRONG_NONE,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
0,
@@ -1653,7 +2060,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@ -1669,7 +2076,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@ -1685,7 +2092,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
@@ -1701,7 +2108,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_STRONG_NONE,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
0,
@@ -1733,7 +2140,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@ -1749,7 +2156,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@ -1765,7 +2172,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
@@ -1781,7 +2188,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_STRONG_NONE,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
0,
@@ -1813,7 +2220,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@ -1829,7 +2236,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@ -1845,7 +2252,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
@@ -1861,7 +2268,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_STRONG_NONE,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
0,
@@ -1893,7 +2300,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@ -1909,7 +2316,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@ -1925,7 +2332,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
@@ -1941,7 +2348,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_STRONG_NONE,
+ SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
0,
0,
@@ -1973,7 +2380,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
@@ -1989,7 +2396,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
@@ -2005,13 +2412,423 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
},
#endif /* OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_SRP
+ /* Cipher C01A */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01B */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01C */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 168,
+ 168,
+ },
+
+ /* Cipher C01D */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01E */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01F */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C020 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C021 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C022 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
+
+ /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C023 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C024 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C025 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C026 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C027 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C028 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C029 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02A */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* GCM based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C02B */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02C */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02D */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02E */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02F */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C030 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C031 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C032 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+#endif /* OPENSSL_NO_ECDH */
+
+
#ifdef TEMP_GOST_TLS
/* Cipher FF00 */
{
@@ -2089,7 +2906,7 @@ SSL3_ENC_METHOD SSLv3_enc_data={
ssl3_alert_code,
(int (*)(SSL *, unsigned char *, size_t, const char *,
size_t, const unsigned char *, size_t,
- int use_context)) ssl_undefined_function,
+ int use_context))ssl_undefined_function,
};
long ssl3_default_timeout(void)
@@ -2131,6 +2948,9 @@ int ssl3_new(SSL *s)
s->s3=s3;
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_init(s);
+#endif
s->method->ssl_clear(s);
return(1);
err:
@@ -2171,6 +2991,9 @@ void ssl3_free(SSL *s)
BIO_free(s->s3->handshake_buffer);
}
if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
+#ifndef OPENSSL_NO_SRP
+ SSL_SRP_CTX_free(s);
+#endif
OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3=NULL;
@@ -2253,6 +3076,13 @@ void ssl3_clear(SSL *s)
#endif
}
+#ifndef OPENSSL_NO_SRP
+static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
+ {
+ return BUF_strdup(s->srp_ctx.info) ;
+ }
+#endif
+
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
int ret=0;
@@ -2498,6 +3328,27 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ret = 1;
break;
+#ifndef OPENSSL_NO_HEARTBEATS
+ case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
+ if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+ ret = dtls1_heartbeat(s);
+ else
+ ret = tls1_heartbeat(s);
+ break;
+
+ case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
+ ret = s->tlsext_hb_pending;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
+ if (larg)
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ else
+ s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+ ret = 1;
+ break;
+#endif
+
#endif /* !OPENSSL_NO_TLSEXT */
default:
break;
@@ -2730,6 +3581,38 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
break;
+#ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ if (ctx->srp_ctx.login != NULL)
+ OPENSSL_free(ctx->srp_ctx.login);
+ ctx->srp_ctx.login = NULL;
+ if (parg == NULL)
+ break;
+ if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+ return 0;
+ }
+ if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
+ ctx->srp_ctx.info=parg;
+ break;
+ case SSL_CTRL_SET_SRP_ARG:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_cb_arg=parg;
+ break;
+
+ case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
+ ctx->srp_ctx.strength=larg;
+ break;
+#endif
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
@@ -2742,6 +3625,18 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
sk_X509_push(ctx->extra_certs,(X509 *)parg);
break;
+ case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
+ *(STACK_OF(X509) **)parg = ctx->extra_certs;
+ break;
+
+ case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
+ if (ctx->extra_certs)
+ {
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ ctx->extra_certs = NULL;
+ }
+ break;
+
default:
return(0);
}
@@ -2799,6 +3694,20 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
HMAC_CTX *, int))fp;
break;
+#ifndef OPENSSL_NO_SRP
+ case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
+ break;
+ case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
+ break;
+ case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
+ ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
+ break;
+#endif
#endif
default:
return(0);
@@ -2817,6 +3726,9 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
c.id=id;
cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
+if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
+#endif
if (cp == NULL || cp->valid == 0)
return NULL;
else
@@ -2894,11 +3806,20 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
{
c=sk_SSL_CIPHER_value(prio,i);
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ continue;
+
ssl_set_cert_masks(cert,c);
mask_k = cert->mask_k;
mask_a = cert->mask_a;
emask_k = cert->export_mask_k;
emask_a = cert->export_mask_a;
+#ifndef OPENSSL_NO_SRP
+ mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
+ emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
+#endif
#ifdef KSSL_DEBUG
/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
@@ -3278,22 +4199,9 @@ int ssl3_write(SSL *s, const void *buf, int len)
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
{
- int n,ret;
+ int ret;
clear_sys_error();
- if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
- {
- /* Deal with an application that calls SSL_read() when handshake data
- * is yet to be written.
- */
- if (BIO_wpending(s->wbio) > 0)
- {
- s->rwstate=SSL_WRITING;
- n=BIO_flush(s->wbio);
- if (n <= 0) return(n);
- s->rwstate=SSL_NOTHING;
- }
- }
if (s->s3->renegotiate) ssl3_renegotiate_check(s);
s->s3->in_read_app_data=1;
ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
@@ -3360,4 +4268,15 @@ need to go to SSL_ST_ACCEPT.
}
return(ret);
}
-
+/* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
+ * to new SHA256 PRF and handshake macs
+ */
+long ssl_get_algorithm2(SSL *s)
+ {
+ long alg2 = s->s3->tmp.new_cipher->algorithm2;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION &&
+ alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
+ return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
+ return alg2;
+ }
+
diff --git a/deps/openssl/openssl/ssl/s3_pkt.c b/deps/openssl/openssl/ssl/s3_pkt.c
index 0d3874ae4..804291e27 100644
--- a/deps/openssl/openssl/ssl/s3_pkt.c
+++ b/deps/openssl/openssl/ssl/s3_pkt.c
@@ -115,6 +115,7 @@
#include "ssl_locl.h"
#include <openssl/evp.h>
#include <openssl/buffer.h>
+#include <openssl/rand.h>
static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
unsigned int len, int create_empty_fragment);
@@ -289,16 +290,8 @@ static int ssl3_get_record(SSL *s)
unsigned char *p;
unsigned char md[EVP_MAX_MD_SIZE];
short version;
- int mac_size;
- int clear=0;
+ unsigned mac_size, orig_len;
size_t extra;
- int decryption_failed_or_bad_record_mac = 0;
- unsigned char *mac = NULL;
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
- long align=SSL3_ALIGN_PAYLOAD;
-#else
- long align=0;
-#endif
rr= &(s->s3->rrec);
sess=s->session;
@@ -307,8 +300,7 @@ static int ssl3_get_record(SSL *s)
extra=SSL3_RT_MAX_EXTRA;
else
extra=0;
- if (!(SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS) &&
- extra && !s->s3->init_extra)
+ if (extra && !s->s3->init_extra)
{
/* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
* set after ssl3_setup_buffers() was done */
@@ -357,21 +349,6 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
goto err;
}
- /* If we receive a valid record larger than the current buffer size,
- * allocate some memory for it.
- */
- if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH - align)
- {
- if ((p=OPENSSL_realloc(s->s3->rbuf.buf, rr->length + SSL3_RT_HEADER_LENGTH + align))==NULL)
- {
- SSLerr(SSL_F_SSL3_GET_RECORD,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- s->s3->rbuf.buf=p;
- s->s3->rbuf.len=rr->length + SSL3_RT_HEADER_LENGTH + align;
- s->packet= &(s->s3->rbuf.buf[0]);
- }
-
if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH)
{
al=SSL_AD_RECORD_OVERFLOW;
@@ -423,17 +400,15 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
rr->data=rr->input;
enc_err = s->method->ssl3_enc->enc(s,0);
- if (enc_err <= 0)
+ /* enc_err is:
+ * 0: (in non-constant time) if the record is publically invalid.
+ * 1: if the padding is valid
+ * -1: if the padding is invalid */
+ if (enc_err == 0)
{
- if (enc_err == 0)
- /* SSLerr() and ssl3_send_alert() have been called */
- goto err;
-
- /* Otherwise enc_err == -1, which indicates bad padding
- * (rec->length has not been changed in this case).
- * To minimize information leaked via timing, we will perform
- * the MAC computation anyway. */
- decryption_failed_or_bad_record_mac = 1;
+ al=SSL_AD_DECRYPTION_FAILED;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+ goto f_err;
}
#ifdef TLS_DEBUG
@@ -443,53 +418,62 @@ printf("\n");
#endif
/* r->length is now the compressed data plus mac */
- if ( (sess == NULL) ||
- (s->enc_read_ctx == NULL) ||
- (EVP_MD_CTX_md(s->read_hash) == NULL))
- clear=1;
-
- if (!clear)
+ if ((sess != NULL) &&
+ (s->enc_read_ctx != NULL) &&
+ (EVP_MD_CTX_md(s->read_hash) != NULL))
{
- /* !clear => s->read_hash != NULL => mac_size != -1 */
+ /* s->read_hash != NULL => mac_size != -1 */
+ unsigned char *mac = NULL;
+ unsigned char mac_tmp[EVP_MAX_MD_SIZE];
mac_size=EVP_MD_CTX_size(s->read_hash);
- OPENSSL_assert(mac_size >= 0);
+ OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
- if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
+ /* kludge: *_cbc_remove_padding passes padding length in rr->type */
+ orig_len = rr->length+((unsigned int)rr->type>>8);
+
+ /* orig_len is the length of the record before any padding was
+ * removed. This is public information, as is the MAC in use,
+ * therefore we can safely process the record in a different
+ * amount of time if it's too short to possibly contain a MAC.
+ */
+ if (orig_len < mac_size ||
+ /* CBC records must have a padding length byte too. */
+ (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ orig_len < mac_size+1))
{
-#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
- al=SSL_AD_RECORD_OVERFLOW;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
-#endif
}
- /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
- if (rr->length >= (unsigned int)mac_size)
+
+ if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE)
{
+ /* We update the length so that the TLS header bytes
+ * can be constructed correctly but we need to extract
+ * the MAC in constant time from within the record,
+ * without leaking the contents of the padding bytes.
+ * */
+ mac = mac_tmp;
+ ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
rr->length -= mac_size;
- mac = &rr->data[rr->length];
}
else
{
- /* record (minus padding) is too short to contain a MAC */
-#if 0 /* OK only for stream ciphers */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
- rr->length = 0;
-#endif
- }
- i=s->method->ssl3_enc->mac(s,md,0);
- if (i < 0 || mac == NULL || memcmp(md, mac, (size_t)mac_size) != 0)
- {
- decryption_failed_or_bad_record_mac = 1;
+ /* In this case there's no padding, so |orig_len|
+ * equals |rec->length| and we checked that there's
+ * enough bytes for |mac_size| above. */
+ rr->length -= mac_size;
+ mac = &rr->data[rr->length];
}
+
+ i=s->method->ssl3_enc->mac(s,md,0 /* not send */);
+ if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
+ enc_err = -1;
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
+ enc_err = -1;
}
- if (decryption_failed_or_bad_record_mac)
+ if (enc_err < 0)
{
/* A separate 'decryption_failed' alert was introduced with TLS 1.0,
* SSL 3.0 only has 'bad_record_mac'. But unless a decryption
@@ -598,7 +582,6 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
const unsigned char *buf=buf_;
unsigned int tot,n,nw;
int i;
- unsigned int max_plain_length;
s->rwstate=SSL_NOTHING;
tot=s->s3->wnum;
@@ -618,13 +601,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
n=(len-tot);
for (;;)
{
- if (type == SSL3_RT_APPLICATION_DATA && (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS))
- max_plain_length = SSL3_RT_DEFAULT_PLAIN_LENGTH;
- else
- max_plain_length = s->max_send_fragment;
-
- if (n > max_plain_length)
- nw = max_plain_length;
+ if (n > s->max_send_fragment)
+ nw=s->max_send_fragment;
else
nw=n;
@@ -657,6 +635,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
unsigned char *p,*plen;
int i,mac_size,clear=0;
int prefix_len=0;
+ int eivlen;
long align=0;
SSL3_RECORD *wr;
SSL3_BUFFER *wb=&(s->s3->wbuf);
@@ -689,10 +668,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
if ( (sess == NULL) ||
(s->enc_write_ctx == NULL) ||
(EVP_MD_CTX_md(s->write_hash) == NULL))
+ {
+#if 1
+ clear=s->enc_write_ctx?0:1; /* must be AEAD cipher */
+#else
clear=1;
-
- if (clear)
+#endif
mac_size=0;
+ }
else
{
mac_size=EVP_MD_CTX_size(s->write_hash);
@@ -728,18 +711,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
s->s3->empty_fragment_done = 1;
}
- /* resize if necessary to hold the data. */
- if (len + SSL3_RT_DEFAULT_WRITE_OVERHEAD > wb->len)
- {
- if ((p=OPENSSL_realloc(wb->buf, len + SSL3_RT_DEFAULT_WRITE_OVERHEAD))==NULL)
- {
- SSLerr(SSL_F_DO_SSL3_WRITE,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- wb->buf = p;
- wb->len = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD;
- }
-
if (create_empty_fragment)
{
#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
@@ -773,14 +744,40 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
wr->type=type;
*(p++)=(s->version>>8);
- *(p++)=s->version&0xff;
+ /* Some servers hang if iniatial client hello is larger than 256
+ * bytes and record version number > TLS 1.0
+ */
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_B
+ && !s->renegotiate
+ && TLS1_get_version(s) > TLS1_VERSION)
+ *(p++) = 0x1;
+ else
+ *(p++)=s->version&0xff;
/* field where we are to write out packet length */
plen=p;
p+=2;
+ /* Explicit IV length, block ciphers and TLS version 1.1 or later */
+ if (s->enc_write_ctx && s->version >= TLS1_1_VERSION)
+ {
+ int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
+ if (mode == EVP_CIPH_CBC_MODE)
+ {
+ eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
+ if (eivlen <= 1)
+ eivlen = 0;
+ }
+ /* Need explicit part of IV for GCM mode */
+ else if (mode == EVP_CIPH_GCM_MODE)
+ eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ else
+ eivlen = 0;
+ }
+ else
+ eivlen = 0;
/* lets setup the record stuff. */
- wr->data=p;
+ wr->data=p + eivlen;
wr->length=(int)len;
wr->input=(unsigned char *)buf;
@@ -808,11 +805,19 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
if (mac_size != 0)
{
- if (s->method->ssl3_enc->mac(s,&(p[wr->length]),1) < 0)
+ if (s->method->ssl3_enc->mac(s,&(p[wr->length + eivlen]),1) < 0)
goto err;
wr->length+=mac_size;
- wr->input=p;
- wr->data=p;
+ }
+
+ wr->input=p;
+ wr->data=p;
+
+ if (eivlen)
+ {
+ /* if (RAND_pseudo_bytes(p, eivlen) <= 0)
+ goto err; */
+ wr->length += eivlen;
}
/* ssl3_enc can only have an error on read */
@@ -1081,6 +1086,19 @@ start:
dest = s->s3->alert_fragment;
dest_len = &s->s3->alert_fragment_len;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (rr->type == TLS1_RT_HEARTBEAT)
+ {
+ tls1_process_heartbeat(s);
+
+ /* Exit and notify application to read again */
+ rr->length = 0;
+ s->rwstate=SSL_READING;
+ BIO_clear_retry_flags(SSL_get_rbio(s));
+ BIO_set_retry_read(SSL_get_rbio(s));
+ return(-1);
+ }
+#endif
if (dest_maxlen > 0)
{
@@ -1224,6 +1242,10 @@ start:
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
goto f_err;
}
+#ifdef SSL_AD_MISSING_SRP_USERNAME
+ else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
+ return(0);
+#endif
}
else if (alert_level == 2) /* fatal */
{
@@ -1302,6 +1324,7 @@ start:
#else
s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
#endif
+ s->renegotiate=1;
s->new_session=1;
}
i=s->handshake_func(s);
@@ -1335,8 +1358,10 @@ start:
{
default:
#ifndef OPENSSL_NO_TLS
- /* TLS just ignores unknown message types */
- if (s->version == TLS1_VERSION)
+ /* TLS up to v1.1 just ignores unknown message types:
+ * TLS v1.2 give an unexpected message alert.
+ */
+ if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION)
{
rr->length = 0;
goto start;
@@ -1396,10 +1421,8 @@ err:
int ssl3_do_change_cipher_spec(SSL *s)
{
int i;
-#ifdef OPENSSL_NO_NEXTPROTONEG
const char *sender;
int slen;
-#endif
if (s->state & SSL_ST_ACCEPT)
i=SSL3_CHANGE_CIPHER_SERVER_READ;
@@ -1422,7 +1445,6 @@ int ssl3_do_change_cipher_spec(SSL *s)
if (!s->method->ssl3_enc->change_cipher_state(s,i))
return(0);
-#ifdef OPENSSL_NO_NEXTPROTONEG
/* we have to record the message digest at
* this point so we can get it before we read
* the finished message */
@@ -1439,7 +1461,6 @@ int ssl3_do_change_cipher_spec(SSL *s)
s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
sender,slen,s->s3->tmp.peer_finish_md);
-#endif
return(1);
}
diff --git a/deps/openssl/openssl/ssl/s3_srvr.c b/deps/openssl/openssl/ssl/s3_srvr.c
index 41e597f8b..bfb848054 100644
--- a/deps/openssl/openssl/ssl/s3_srvr.c
+++ b/deps/openssl/openssl/ssl/s3_srvr.c
@@ -179,6 +179,32 @@ static const SSL_METHOD *ssl3_get_server_method(int ver)
return(NULL);
}
+#ifndef OPENSSL_NO_SRP
+static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
+ {
+ int ret = SSL_ERROR_NONE;
+
+ *al = SSL_AD_UNRECOGNIZED_NAME;
+
+ if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
+ (s->srp_ctx.TLS_ext_srp_username_callback != NULL))
+ {
+ if(s->srp_ctx.login == NULL)
+ {
+ /* RFC 5054 says SHOULD reject,
+ we do so if There is no srp login name */
+ ret = SSL3_AL_FATAL;
+ *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+ }
+ else
+ {
+ ret = SSL_srp_server_param_with_username(s,al);
+ }
+ }
+ return ret;
+ }
+#endif
+
IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
ssl3_accept,
ssl_undefined_function,
@@ -211,6 +237,18 @@ int ssl3_accept(SSL *s)
return(-1);
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* If we're awaiting a HeartbeatResponse, pretend we
+ * already got and don't await it anymore, because
+ * Heartbeats don't make sense during handshakes anyway.
+ */
+ if (s->tlsext_hb_pending)
+ {
+ s->tlsext_hb_pending = 0;
+ s->tlsext_hb_seq++;
+ }
+#endif
+
for (;;)
{
state=s->state;
@@ -218,7 +256,7 @@ int ssl3_accept(SSL *s)
switch (s->state)
{
case SSL_ST_RENEGOTIATE:
- s->new_session=1;
+ s->renegotiate=1;
/* s->state=SSL_ST_ACCEPT; */
case SSL_ST_BEFORE:
@@ -314,10 +352,35 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SR_CLNT_HELLO_C:
s->shutdown=0;
- ret=ssl3_get_client_hello(s);
- if (ret <= 0) goto end;
+ if (s->rwstate != SSL_X509_LOOKUP)
+ {
+ ret=ssl3_get_client_hello(s);
+ if (ret <= 0) goto end;
+ }
+#ifndef OPENSSL_NO_SRP
+ {
+ int al;
+ if ((ret = ssl_check_srp_ext_ClientHello(s,&al)) < 0)
+ {
+ /* callback indicates firther work to be done */
+ s->rwstate=SSL_X509_LOOKUP;
+ goto end;
+ }
+ if (ret != SSL_ERROR_NONE)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ /* This is not really an error but the only means to
+ for a client to detect whether srp is supported. */
+ if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
+ SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLSEXT);
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ ret= -1;
+ goto end;
+ }
+ }
+#endif
- s->new_session = 2;
+ s->renegotiate = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
break;
@@ -346,7 +409,7 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH or anon ECDH, */
- /* normal PSK or KRB5 */
+ /* normal PSK or KRB5 or SRP */
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
@@ -411,6 +474,10 @@ int ssl3_accept(SSL *s)
#ifndef OPENSSL_NO_PSK
|| ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
+#ifndef OPENSSL_NO_SRP
+ /* SRP: send ServerKeyExchange */
+ || (alg_k & SSL_kSRP)
+#endif
|| (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
|| (alg_k & SSL_kEECDH)
|| ((alg_k & SSL_kRSA)
@@ -457,6 +524,9 @@ int ssl3_accept(SSL *s)
skip=1;
s->s3->tmp.cert_request=0;
s->state=SSL3_ST_SW_SRVR_DONE_A;
+ if (s->s3->handshake_buffer)
+ if (!ssl3_digest_cached_records(s))
+ return -1;
}
else
{
@@ -549,6 +619,24 @@ int ssl3_accept(SSL *s)
#endif
s->init_num = 0;
}
+ else if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ s->state=SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num=0;
+ if (!s->session->peer)
+ break;
+ /* For TLS v1.2 freeze the handshake buffer
+ * at this point and digest cached records.
+ */
+ if (!s->s3->handshake_buffer)
+ {
+ SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
+ s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
+ if (!ssl3_digest_cached_records(s))
+ return -1;
+ }
else
{
int offset=0;
@@ -615,14 +703,11 @@ int ssl3_accept(SSL *s)
ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
SSL3_ST_SR_FINISHED_B);
if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_ticket_expected)
- s->state=SSL3_ST_SW_SESSION_TICKET_A;
- else if (s->hit)
- s->state=SSL_ST_OK;
-#else
if (s->hit)
s->state=SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+ else if (s->tlsext_ticket_expected)
+ s->state=SSL3_ST_SW_SESSION_TICKET_A;
#endif
else
s->state=SSL3_ST_SW_CHANGE_A;
@@ -707,11 +792,9 @@ int ssl3_accept(SSL *s)
s->init_num=0;
- if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
+ if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */
{
- /* actually not necessarily a 'new' session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-
+ s->renegotiate=0;
s->new_session=0;
ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
@@ -789,14 +872,6 @@ int ssl3_check_client_hello(SSL *s)
int ok;
long n;
- /* We only allow the client to restart the handshake once per
- * negotiation. */
- if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
- {
- SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
- return -1;
- }
-
/* this function is called when we really expect a Certificate message,
* so permit appropriate message length */
n=s->method->ssl_get_message(s,
@@ -809,6 +884,13 @@ int ssl3_check_client_hello(SSL *s)
s->s3->tmp.reuse_message = 1;
if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
{
+ /* We only allow the client to restart the handshake once per
+ * negotiation. */
+ if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
+ return -1;
+ }
/* Throw away what we have done so far in the current handshake,
* which will now be aborted. (A full SSL_clear would be too much.) */
#ifndef OPENSSL_NO_DH
@@ -850,7 +932,8 @@ int ssl3_get_client_hello(SSL *s)
* If we are SSLv3, we will respond with SSLv3, even if prompted with
* TLSv1.
*/
- if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
+ if (s->state == SSL3_ST_SR_CLNT_HELLO_A
+ )
{
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
@@ -907,22 +990,19 @@ int ssl3_get_client_hello(SSL *s)
j= *(p++);
s->hit=0;
- /* Versions before 0.9.7 always allow session reuse during renegotiation
- * (i.e. when s->new_session is true), option
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is new with 0.9.7.
- * Maybe this optional behaviour should always have been the default,
- * but we cannot safely change the default behaviour (or new applications
- * might be written that become totally unsecure when compiled with
- * an earlier library version)
+ /* Versions before 0.9.7 always allow clients to resume sessions in renegotiation.
+ * 0.9.7 and later allow this by default, but optionally ignore resumption requests
+ * with flag SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
+ * than a change to default behavior so that applications relying on this for security
+ * won't even compile against older library versions).
+ *
+ * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to request
+ * renegotiation but not a new session (s->new_session remains unset): for servers,
+ * this essentially just means that the SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+ * setting will be ignored.
*/
if ((s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
{
- if (!s->session_creation_enabled)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,1))
goto err;
}
@@ -937,12 +1017,6 @@ int ssl3_get_client_hello(SSL *s)
goto err;
else /* i == 0 */
{
- if (!s->session_creation_enabled)
- {
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
- goto err;
- }
if (!ssl_get_new_session(s,1))
goto err;
}
@@ -1109,7 +1183,7 @@ int ssl3_get_client_hello(SSL *s)
goto f_err;
}
}
- if (ssl_check_clienthello_tlsext(s) <= 0) {
+ if (ssl_check_clienthello_tlsext_early(s) <= 0) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
goto err;
}
@@ -1314,8 +1388,14 @@ int ssl3_get_client_hello(SSL *s)
s->s3->tmp.new_cipher=s->session->cipher;
}
- if (!ssl3_digest_cached_records(s))
- goto f_err;
+ if (TLS1_get_version(s) < TLS1_2_VERSION || !(s->verify_mode & SSL_VERIFY_PEER))
+ {
+ if (!ssl3_digest_cached_records(s))
+ {
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
/* we now have the following setup.
* client_random
@@ -1328,6 +1408,16 @@ int ssl3_get_client_hello(SSL *s)
* s->tmp.new_cipher - the new cipher to use.
*/
+ /* Handles TLS extensions that we couldn't check earlier */
+ if (s->version >= SSL3_VERSION)
+ {
+ if (ssl_check_clienthello_tlsext_late(s) <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+ }
+
if (ret < 0) ret=1;
if (0)
{
@@ -1370,20 +1460,20 @@ int ssl3_send_server_hello(SSL *s)
memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
p+=SSL3_RANDOM_SIZE;
- /* now in theory we have 3 options to sending back the
- * session id. If it is a re-use, we send back the
- * old session-id, if it is a new session, we send
- * back the new session-id or we send back a 0 length
- * session-id if we want it to be single use.
- * Currently I will not implement the '0' length session-id
- * 12-Jan-98 - I'll now support the '0' length stuff.
- *
- * We also have an additional case where stateless session
- * resumption is successful: we always send back the old
- * session id. In this case s->hit is non zero: this can
- * only happen if stateless session resumption is succesful
- * if session caching is disabled so existing functionality
- * is unaffected.
+ /* There are several cases for the session ID to send
+ * back in the server hello:
+ * - For session reuse from the session cache,
+ * we send back the old session ID.
+ * - If stateless session reuse (using a session ticket)
+ * is successful, we send back the client's "session ID"
+ * (which doesn't actually identify the session).
+ * - If it is a new session, we send back the new
+ * session ID.
+ * - However, if we want the new session to be single-use,
+ * we send back a 0-length session ID.
+ * s->hit is non-zero in either case of session reuse,
+ * so the following won't overwrite an ID that we're supposed
+ * to send back.
*/
if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
&& !s->hit)
@@ -1484,6 +1574,7 @@ int ssl3_send_server_key_exchange(SSL *s)
BN_CTX *bn_ctx = NULL;
#endif
EVP_PKEY *pkey;
+ const EVP_MD *md = NULL;
unsigned char *p,*d;
int al,i;
unsigned long type;
@@ -1724,21 +1815,44 @@ int ssl3_send_server_key_exchange(SSL *s)
}
else
#endif /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (type & SSL_kSRP)
+ {
+ if ((s->srp_ctx.N == NULL) ||
+ (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) ||
+ (s->srp_ctx.B == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_SRP_PARAM);
+ goto err;
+ }
+ r[0]=s->srp_ctx.N;
+ r[1]=s->srp_ctx.g;
+ r[2]=s->srp_ctx.s;
+ r[3]=s->srp_ctx.B;
+ }
+ else
+#endif
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
goto f_err;
}
- for (i=0; r[i] != NULL; i++)
+ for (i=0; r[i] != NULL && i<4; i++)
{
nr[i]=BN_num_bytes(r[i]);
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ n+=1+nr[i];
+ else
+#endif
n+=2+nr[i];
}
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
{
- if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+ if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher,&md))
== NULL)
{
al=SSL_AD_DECODE_ERROR;
@@ -1760,8 +1874,16 @@ int ssl3_send_server_key_exchange(SSL *s)
d=(unsigned char *)s->init_buf->data;
p= &(d[4]);
- for (i=0; r[i] != NULL; i++)
+ for (i=0; r[i] != NULL && i<4; i++)
{
+#ifndef OPENSSL_NO_SRP
+ if ((i == 2) && (type & SSL_kSRP))
+ {
+ *p = nr[i];
+ p++;
+ }
+ else
+#endif
s2n(nr[i],p);
BN_bn2bin(r[i],p);
p+=nr[i];
@@ -1809,12 +1931,15 @@ int ssl3_send_server_key_exchange(SSL *s)
/* n is the length of the params, they start at &(d[4])
* and p points to the space at the end. */
#ifndef OPENSSL_NO_RSA
- if (pkey->type == EVP_PKEY_RSA)
+ if (pkey->type == EVP_PKEY_RSA
+ && TLS1_get_version(s) < TLS1_2_VERSION)
{
q=md_buf;
j=0;
for (num=2; num > 0; num--)
{
+ EVP_MD_CTX_set_flags(&md_ctx,
+ EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(&md_ctx,(num == 2)
?s->ctx->md5:s->ctx->sha1, NULL);
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
@@ -1836,44 +1961,41 @@ int ssl3_send_server_key_exchange(SSL *s)
}
else
#endif
-#if !defined(OPENSSL_NO_DSA)
- if (pkey->type == EVP_PKEY_DSA)
+ if (md)
{
- /* lets do DSS */
- EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
- EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
- EVP_SignUpdate(&md_ctx,&(d[4]),n);
- if (!EVP_SignFinal(&md_ctx,&(p[2]),
- (unsigned int *)&i,pkey))
+ /* For TLS1.2 and later send signature
+ * algorithm */
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
{
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
- goto err;
+ if (!tls12_get_sigandhash(p, pkey, md))
+ {
+ /* Should never happen */
+ al=SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+ p+=2;
}
- s2n(i,p);
- n+=i+2;
- }
- else
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using hash %s\n",
+ EVP_MD_name(md));
#endif
-#if !defined(OPENSSL_NO_ECDSA)
- if (pkey->type == EVP_PKEY_EC)
- {
- /* let's do ECDSA */
- EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
+ EVP_SignInit_ex(&md_ctx, md, NULL);
EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_SignUpdate(&md_ctx,&(d[4]),n);
if (!EVP_SignFinal(&md_ctx,&(p[2]),
(unsigned int *)&i,pkey))
{
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_ECDSA);
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_EVP);
goto err;
}
s2n(i,p);
n+=i+2;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ n+= 2;
}
else
-#endif
{
/* Is this error check actually needed? */
al=SSL_AD_HANDSHAKE_FAILURE;
@@ -1926,6 +2048,14 @@ int ssl3_send_certificate_request(SSL *s)
p+=n;
n++;
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ nl = tls12_get_req_sig_algs(s, p + 2);
+ s2n(nl, p);
+ p += nl + 2;
+ n += nl + 2;
+ }
+
off=n;
p+=2;
n+=2;
@@ -2645,6 +2775,44 @@ int ssl3_get_client_key_exchange(SSL *s)
}
else
#endif
+#ifndef OPENSSL_NO_SRP
+ if (alg_k & SSL_kSRP)
+ {
+ int param_len;
+
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_SRP_A_LENGTH);
+ goto f_err;
+ }
+ if (!(s->srp_ctx.A=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ if (s->session->srp_username != NULL)
+ OPENSSL_free(s->session->srp_username);
+ s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+ if (s->session->srp_username == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((s->session->master_key_length = SRP_generate_server_master_secret(s,s->session->master_key))<0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ p+=i;
+ }
+ else
+#endif /* OPENSSL_NO_SRP */
if (alg_k & SSL_kGOST)
{
int ret = 0;
@@ -2728,7 +2896,7 @@ int ssl3_get_client_key_exchange(SSL *s)
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH)
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
err:
#endif
#ifndef OPENSSL_NO_ECDH
@@ -2749,12 +2917,15 @@ int ssl3_get_cert_verify(SSL *s)
long n;
int type=0,i,j;
X509 *peer;
+ const EVP_MD *md = NULL;
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
n=s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
-1,
- 514, /* 514? */
+ 516, /* Enough for 4096 bit RSA key with TLS v1.2 */
&ok);
if (!ok) return((int)n);
@@ -2774,7 +2945,7 @@ int ssl3_get_cert_verify(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
{
s->s3->tmp.reuse_message=1;
- if ((peer != NULL) && (type | EVP_PKT_SIGN))
+ if ((peer != NULL) && (type & EVP_PKT_SIGN))
{
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
@@ -2817,6 +2988,36 @@ int ssl3_get_cert_verify(SSL *s)
}
else
{
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ int sigalg = tls12_get_sigid(pkey);
+ /* Should never happen */
+ if (sigalg == -1)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
+ al=SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ /* Check key type is consistent with signature */
+ if (sigalg != (int)p[1])
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_TYPE);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ md = tls12_get_hash(p[0]);
+ if (md == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_UNKNOWN_DIGEST);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+ p += 2;
+ n -= 2;
+ }
n2s(p,i);
n-=2;
if (i > n)
@@ -2834,6 +3035,37 @@ int ssl3_get_cert_verify(SSL *s)
goto f_err;
}
+ if (TLS1_get_version(s) >= TLS1_2_VERSION)
+ {
+ long hdatalen = 0;
+ void *hdata;
+ hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+ if (hdatalen <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+ al=SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
+ EVP_MD_name(md));
+#endif
+ if (!EVP_VerifyInit_ex(&mctx, md, NULL)
+ || !EVP_VerifyUpdate(&mctx, hdata, hdatalen))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
+ al=SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+
+ if (EVP_VerifyFinal(&mctx, p , i, pkey) <= 0)
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
#ifndef OPENSSL_NO_RSA
if (pkey->type == EVP_PKEY_RSA)
{
@@ -2924,6 +3156,13 @@ f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
}
end:
+ if (s->s3->handshake_buffer)
+ {
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
+ s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
+ }
+ EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_free(pkey);
return(ret);
}
@@ -3036,6 +3275,12 @@ int ssl3_get_client_certificate(SSL *s)
al=SSL_AD_HANDSHAKE_FAILURE;
goto f_err;
}
+ /* No client certificate so digest cached records */
+ if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s))
+ {
+ al=SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
}
else
{
@@ -3112,13 +3357,17 @@ int ssl3_send_server_certificate(SSL *s)
/* SSL3_ST_SW_CERT_B */
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
+
#ifndef OPENSSL_NO_TLSEXT
+/* send a new session ticket (not necessarily for a new session) */
int ssl3_send_newsession_ticket(SSL *s)
{
if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
{
unsigned char *p, *senc, *macstart;
- int len, slen;
+ const unsigned char *const_p;
+ int len, slen_full, slen;
+ SSL_SESSION *sess;
unsigned int hlen;
EVP_CIPHER_CTX ctx;
HMAC_CTX hctx;
@@ -3127,12 +3376,38 @@ int ssl3_send_newsession_ticket(SSL *s)
unsigned char key_name[16];
/* get session encoding length */
- slen = i2d_SSL_SESSION(s->session, NULL);
+ slen_full = i2d_SSL_SESSION(s->session, NULL);
/* Some length values are 16 bits, so forget it if session is
* too long
*/
- if (slen > 0xFF00)
+ if (slen_full > 0xFF00)
+ return -1;
+ senc = OPENSSL_malloc(slen_full);
+ if (!senc)
+ return -1;
+ p = senc;
+ i2d_SSL_SESSION(s->session, &p);
+
+ /* create a fresh copy (not shared with other threads) to clean up */
+ const_p = senc;
+ sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
+ if (sess == NULL)
+ {
+ OPENSSL_free(senc);
return -1;
+ }
+ sess->session_id_length = 0; /* ID is irrelevant for the ticket */
+
+ slen = i2d_SSL_SESSION(sess, NULL);
+ if (slen > slen_full) /* shouldn't ever happen */
+ {
+ OPENSSL_free(senc);
+ return -1;
+ }
+ p = senc;
+ i2d_SSL_SESSION(sess, &p);
+ SSL_SESSION_free(sess);
+
/* Grow buffer if need be: the length calculation is as
* follows 1 (size of message name) + 3 (message length
* bytes) + 4 (ticket lifetime hint) + 2 (ticket length) +
@@ -3144,11 +3419,6 @@ int ssl3_send_newsession_ticket(SSL *s)
26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
EVP_MAX_MD_SIZE + slen))
return -1;
- senc = OPENSSL_malloc(slen);
- if (!senc)
- return -1;
- p = senc;
- i2d_SSL_SESSION(s->session, &p);
p=(unsigned char *)s->init_buf->data;
/* do the header */
@@ -3179,7 +3449,13 @@ int ssl3_send_newsession_ticket(SSL *s)
tlsext_tick_md(), NULL);
memcpy(key_name, tctx->tlsext_tick_key_name, 16);
}
- l2n(s->session->tlsext_tick_lifetime_hint, p);
+
+ /* Ticket lifetime hint (advisory only):
+ * We leave this unspecified for resumed session (for simplicity),
+ * and guess that tickets for new sessions will live as long
+ * as their sessions. */
+ l2n(s->hit ? 0 : s->session->timeout, p);
+
/* Skip ticket length for now */
p += 2;
/* Output key name */
@@ -3255,13 +3531,13 @@ int ssl3_send_cert_status(SSL *s)
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-# ifndef OPENSSL_NO_NPN
+# ifndef OPENSSL_NO_NEXTPROTONEG
/* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It
* sets the next_proto member in s if found */
int ssl3_get_next_proto(SSL *s)
{
int ok;
- unsigned proto_len, padding_len;
+ int proto_len, padding_len;
long n;
const unsigned char *p;
diff --git a/deps/openssl/openssl/ssl/ssl-lib.com b/deps/openssl/openssl/ssl/ssl-lib.com
index 180f3a2d8..a77f7707f 100644
--- a/deps/openssl/openssl/ssl/ssl-lib.com
+++ b/deps/openssl/openssl/ssl/ssl-lib.com
@@ -218,11 +218,11 @@ $ LIB_SSL = "s2_meth,s2_srvr,s2_clnt,s2_lib,s2_enc,s2_pkt,"+ -
"s23_meth,s23_srvr,s23_clnt,s23_lib,s23_pkt,"+ -
"t1_meth,t1_srvr,t1_clnt,t1_lib,t1_enc,"+ -
"d1_meth,d1_srvr,d1_clnt,d1_lib,d1_pkt,"+ -
- "d1_both,d1_enc,"+ -
+ "d1_both,d1_enc,d1_srtp,"+ -
"ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
"ssl_ciph,ssl_stat,ssl_rsa,"+ -
"ssl_asn1,ssl_txt,ssl_algs,"+ -
- "bio_ssl,ssl_err,kssl,t1_reneg"
+ "bio_ssl,ssl_err,kssl,tls_srp,t1_reneg"
$!
$ COMPILEWITH_CC5 = ""
$!
diff --git a/deps/openssl/openssl/ssl/ssl.h b/deps/openssl/openssl/ssl/ssl.h
index fdcab6f23..593579ed3 100644
--- a/deps/openssl/openssl/ssl/ssl.h
+++ b/deps/openssl/openssl/ssl/ssl.h
@@ -252,6 +252,7 @@ extern "C" {
#define SSL_TXT_kEECDH "kEECDH"
#define SSL_TXT_kPSK "kPSK"
#define SSL_TXT_kGOST "kGOST"
+#define SSL_TXT_kSRP "kSRP"
#define SSL_TXT_aRSA "aRSA"
#define SSL_TXT_aDSS "aDSS"
@@ -275,6 +276,7 @@ extern "C" {
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
+#define SSL_TXT_SRP "SRP"
#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
@@ -285,6 +287,7 @@ extern "C" {
#define SSL_TXT_AES128 "AES128"
#define SSL_TXT_AES256 "AES256"
#define SSL_TXT_AES "AES"
+#define SSL_TXT_AES_GCM "AESGCM"
#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
#define SSL_TXT_CAMELLIA "CAMELLIA"
@@ -294,10 +297,14 @@ extern "C" {
#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
#define SSL_TXT_GOST94 "GOST94"
#define SSL_TXT_GOST89MAC "GOST89MAC"
+#define SSL_TXT_SHA256 "SHA256"
+#define SSL_TXT_SHA384 "SHA384"
#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
+#define SSL_TXT_TLSV1_1 "TLSv1.1"
+#define SSL_TXT_TLSV1_2 "TLSv1.2"
#define SSL_TXT_EXP "EXP"
#define SSL_TXT_EXPORT "EXPORT"
@@ -356,9 +363,29 @@ extern "C" {
* in SSL_CTX. */
typedef struct ssl_st *ssl_crock_st;
typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+
+DECLARE_STACK_OF(SSL_CIPHER)
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st
+ {
+ const char *name;
+ unsigned long id;
+ } SRTP_PROTECTION_PROFILE;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
+
+
+#ifndef OPENSSL_NO_SSL_INTERN
/* used to hold info on the particular ciphers used */
-typedef struct ssl_cipher_st
+struct ssl_cipher_st
{
int valid;
const char *name; /* text name */
@@ -375,15 +402,11 @@ typedef struct ssl_cipher_st
unsigned long algorithm2; /* Extra flags */
int strength_bits; /* Number of bits really used */
int alg_bits; /* Number of bits for algorithm */
- } SSL_CIPHER;
+ };
-DECLARE_STACK_OF(SSL_CIPHER)
-
-typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
-typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-typedef struct ssl_method_st
+struct ssl_method_st
{
int version;
int (*ssl_new)(SSL *s);
@@ -416,7 +439,7 @@ typedef struct ssl_method_st
int (*ssl_version)(void);
long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
- } SSL_METHOD;
+ };
/* Lets make this into an ASN.1 type structure as follows
* SSL_SESSION_ID ::= SEQUENCE {
@@ -433,14 +456,17 @@ typedef struct ssl_method_st
* Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
* Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
* HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
- * ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
- * PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- * PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
+ * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
+ * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
+ * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
+ * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
*/
-typedef struct ssl_session_st
+struct ssl_session_st
{
int ssl_version; /* what ssl version session info is
* being kept in here? */
@@ -467,6 +493,9 @@ typedef struct ssl_session_st
char *psk_identity_hint;
char *psk_identity;
#endif
+ /* Used to indicate that session resumption is not allowed.
+ * Applications can also set this bit for a new session via
+ * not_resumable_session_cb to disable session caching and tickets. */
int not_resumable;
/* The cert is the certificate used to establish this connection */
@@ -509,11 +538,15 @@ typedef struct ssl_session_st
#endif /* OPENSSL_NO_EC */
/* RFC4507 info */
unsigned char *tlsext_tick; /* Session ticket */
- size_t tlsext_ticklen; /* Session ticket length */
+ size_t tlsext_ticklen; /* Session ticket length */
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
#endif
- } SSL_SESSION;
+#ifndef OPENSSL_NO_SRP
+ char *srp_username;
+#endif
+ };
+#endif
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
@@ -536,7 +569,7 @@ typedef struct ssl_session_st
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
* This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL 0x80000FFFL
+#define SSL_OP_ALL 0x80000BFFL
/* DTLS options */
#define SSL_OP_NO_QUERY_MTU 0x00001000L
@@ -572,11 +605,17 @@ typedef struct ssl_session_st
#define SSL_OP_NO_SSLv2 0x01000000L
#define SSL_OP_NO_SSLv3 0x02000000L
#define SSL_OP_NO_TLSv1 0x04000000L
+#define SSL_OP_NO_TLSv1_2 0x08000000L
+#define SSL_OP_NO_TLSv1_1 0x10000000L
+/* These next two were never actually used for anything since SSLeay
+ * zap so we have some more flags.
+ */
/* The next flag deliberately changes the ciphertest, this is a check
* for the PKCS#1 attack */
-#define SSL_OP_PKCS1_CHECK_1 0x08000000L
-#define SSL_OP_PKCS1_CHECK_2 0x10000000L
+#define SSL_OP_PKCS1_CHECK_1 0x0
+#define SSL_OP_PKCS1_CHECK_2 0x0
+
#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
/* Make server add server-hello extension from early version of
@@ -602,13 +641,6 @@ typedef struct ssl_session_st
* TLS only.) "Released" buffers are put onto a free-list in the context
* or just freed (depending on the context's setting for freelist_max_len). */
#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-/* Use small read and write buffers: (a) lazy allocate read buffers for
- * large incoming records, and (b) limit the size of outgoing records. */
-#define SSL_MODE_SMALL_BUFFERS 0x00000020L
-/* When set, clients may send application data before receipt of CCS
- * and Finished. This mode enables full-handshakes to 'complete' in
- * one RTT. */
-#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000040L
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
* they cannot be used to clear bits. */
@@ -644,12 +676,53 @@ typedef struct ssl_session_st
#define SSL_get_secure_renegotiation_support(ssl) \
SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+#ifndef OPENSSL_NO_HEARTBEATS
+#define SSL_heartbeat(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
+#endif
+
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+#ifndef OPENSSL_NO_SRP
+#ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct srp_ctx_st
+ {
+ /* param for all the callbacks */
+ void *SRP_cb_arg;
+ /* set client Hello login callback */
+ int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
+ /* set SRP N/g param callback for verification */
+ int (*SRP_verify_param_callback)(SSL *, void *);
+ /* set SRP client passwd callback */
+ char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
+
+ char *login;
+ BIGNUM *N,*g,*s,*B,*A;
+ BIGNUM *a,*b,*v;
+ char *info;
+ int strength;
+
+ unsigned long srp_Mask;
+ } SRP_CTX;
+
+#endif
+
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
+
+#endif
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
@@ -675,7 +748,11 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
unsigned int *id_len);
-typedef struct ssl_comp_st
+typedef struct ssl_comp_st SSL_COMP;
+
+#ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_comp_st
{
int id;
const char *name;
@@ -684,7 +761,7 @@ typedef struct ssl_comp_st
#else
char *method;
#endif
- } SSL_COMP;
+ };
DECLARE_STACK_OF(SSL_COMP)
DECLARE_LHASH_OF(SSL_SESSION);
@@ -857,6 +934,28 @@ struct ssl_ctx_st
/* draft-rescorla-tls-opaque-prf-input-00.txt information */
int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
void *tlsext_opaque_prf_input_callback_arg;
+#endif
+
+#ifndef OPENSSL_NO_PSK
+ char *psk_identity_hint;
+ unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
+ unsigned int max_identity_len, unsigned char *psk,
+ unsigned int max_psk_len);
+ unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
+ unsigned char *psk, unsigned int max_psk_len);
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
+ unsigned int freelist_max_len;
+ struct ssl3_buf_freelist_st *wbuf_freelist;
+ struct ssl3_buf_freelist_st *rbuf_freelist;
+#endif
+#ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_NEXTPROTONEG
/* Next protocol negotiation information */
@@ -876,24 +975,12 @@ struct ssl_ctx_st
void *arg);
void *next_proto_select_cb_arg;
# endif
+ /* SRTP profiles we are willing to do from RFC 5764 */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
#endif
+ };
-#ifndef OPENSSL_NO_PSK
- char *psk_identity_hint;
- unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
- unsigned int max_identity_len, unsigned char *psk,
- unsigned int max_psk_len);
- unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
- unsigned char *psk, unsigned int max_psk_len);
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
- unsigned int freelist_max_len;
- struct ssl3_buf_freelist_st *wbuf_freelist;
- struct ssl3_buf_freelist_st *rbuf_freelist;
#endif
- };
#define SSL_SESS_CACHE_OFF 0x0000
#define SSL_SESS_CACHE_CLIENT 0x0001
@@ -952,24 +1039,26 @@ void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
int (*cb) (SSL *ssl,
const unsigned char **out,
unsigned int *outlen,
- void *arg), void *arg);
+ void *arg),
+ void *arg);
void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl, unsigned char **out,
+ int (*cb) (SSL *ssl,
+ unsigned char **out,
unsigned char *outlen,
const unsigned char *in,
- unsigned int inlen, void *arg),
+ unsigned int inlen,
+ void *arg),
void *arg);
int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
const unsigned char *in, unsigned int inlen,
const unsigned char *client, unsigned int client_len);
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
- unsigned *len);
+void SSL_get0_next_proto_negotiated(const SSL *s,
+ const unsigned char **data, unsigned *len);
#define OPENSSL_NPN_UNSUPPORTED 0
#define OPENSSL_NPN_NEGOTIATED 1
#define OPENSSL_NPN_NO_OVERLAP 2
-
#endif
#ifndef OPENSSL_NO_PSK
@@ -1011,6 +1100,8 @@ const char *SSL_get_psk_identity(const SSL *s);
#define SSL_MAC_FLAG_READ_MAC_STREAM 1
#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+#ifndef OPENSSL_NO_SSL_INTERN
+
struct ssl_st
{
/* protocol version
@@ -1055,9 +1146,7 @@ struct ssl_st
int server; /* are we the server side? - mostly used by SSL_clear*/
- int new_session;/* 1 if we are to use a new session.
- * 2 if we are a server and are inside a handshake
- * (i.e. not just sending a HelloRequest)
+ int new_session;/* Generate a new session or reuse an old one.
* NB: For servers, the 'new' session may actually be a previously
* cached session or even the previous session unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
@@ -1133,9 +1222,6 @@ struct ssl_st
/* This can also be in the session once a session is established */
SSL_SESSION *session;
- /* This can be disabled to prevent the use of uncached sessions */
- int session_creation_enabled;
-
/* Default generate session ID callback. */
GEN_SESSION_CB generate_session_id;
@@ -1244,11 +1330,32 @@ struct ssl_st
#endif
#define session_ctx initial_ctx
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
+ SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
+
+ unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
+ 0: disabled
+ 1: enabled
+ 2: enabled, but not allowed to send Requests
+ */
+ unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
+ unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
#else
#define session_ctx ctx
#endif /* OPENSSL_NO_TLSEXT */
+
+ int renegotiate;/* 1 if we are renegotiating.
+ * 2 if we are a server and are inside a handshake
+ * (i.e. not just sending a HelloRequest) */
+
+#ifndef OPENSSL_NO_SRP
+ SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
};
+#endif
+
#ifdef __cplusplus
}
#endif
@@ -1258,6 +1365,7 @@ struct ssl_st
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
#include <openssl/dtls1.h> /* Datagram TLS */
#include <openssl/ssl23.h>
+#include <openssl/srtp.h> /* Support for the use_srtp extension */
#ifdef __cplusplus
extern "C" {
@@ -1303,12 +1411,10 @@ extern "C" {
/* Is the SSL_connection established? */
#define SSL_get_state(a) SSL_state(a)
#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
-#define SSL_in_init(a) ((SSL_state(a)&SSL_ST_INIT) && \
- !SSL_cutthrough_complete(a))
+#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
-int SSL_cutthrough_complete(const SSL *s);
/* The following 2 states are kept in ssl->rstate when reads fail,
* you should not need these */
@@ -1476,6 +1582,20 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+
+#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+
+#define SSL_CTRL_SET_SRP_ARG 78
+#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
+#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
+#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
+#ifndef OPENSSL_NO_HEARTBEATS
+#define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
+#define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
+#define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
+#endif
#endif
#define DTLS_CTRL_GET_TIMEOUT 73
@@ -1486,6 +1606,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_CLEAR_OPTIONS 77
#define SSL_CTRL_CLEAR_MODE 78
+#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
+#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
+
#define DTLSv1_get_timeout(ssl, arg) \
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
#define DTLSv1_handle_timeout(ssl) \
@@ -1522,6 +1645,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+#define SSL_CTX_clear_extra_chain_certs(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
#ifndef OPENSSL_NO_BIO
BIO_METHOD *BIO_f_ssl(void);
@@ -1549,7 +1676,7 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
-const char * SSL_CIPHER_authentication_method(const SSL_CIPHER *c);
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
int SSL_get_fd(const SSL *s);
int SSL_get_rfd(const SSL *s);
@@ -1558,7 +1685,6 @@ const char * SSL_get_cipher_list(const SSL *s,int n);
char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
int SSL_get_read_ahead(const SSL * s);
int SSL_pending(const SSL *s);
-const char * SSL_authentication_method(const SSL *c);
#ifndef OPENSSL_NO_SOCK
int SSL_set_fd(SSL *s, int fd);
int SSL_set_rfd(SSL *s, int fd);
@@ -1570,7 +1696,6 @@ BIO * SSL_get_rbio(const SSL *s);
BIO * SSL_get_wbio(const SSL *s);
#endif
int SSL_set_cipher_list(SSL *s, const char *str);
-int SSL_set_cipher_lists(SSL *s, STACK_OF(SSL_CIPHER) *sk);
void SSL_set_read_ahead(SSL *s, int yes);
int SSL_get_verify_mode(const SSL *s);
int SSL_get_verify_depth(const SSL *s);
@@ -1586,8 +1711,6 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, const unsigned char *d, long len);
int SSL_use_certificate(SSL *ssl, X509 *x);
int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-int SSL_use_certificate_chain(SSL *ssl, STACK_OF(X509) *cert_chain);
-STACK_OF(X509) * SSL_get_certificate_chain(SSL *ssl, X509 *x);
#ifndef OPENSSL_NO_STDIO
int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
@@ -1619,11 +1742,14 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t);
long SSL_SESSION_get_timeout(const SSL_SESSION *s);
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
void SSL_copy_session_id(SSL *to,const SSL *from);
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
SSL_SESSION *SSL_SESSION_new(void);
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
unsigned int *len);
-const char * SSL_SESSION_get_version(const SSL_SESSION *s);
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
#ifndef OPENSSL_NO_FP_API
int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
#endif
@@ -1633,7 +1759,6 @@ int SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses);
void SSL_SESSION_free(SSL_SESSION *ses);
int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
int SSL_set_session(SSL *to, SSL_SESSION *session);
-void SSL_set_session_creation_enabled(SSL *, int);
int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
@@ -1687,6 +1812,30 @@ int SSL_set_trust(SSL *s, int trust);
int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+#ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb)(SSL *,void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb)(SSL *,void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb)(SSL *,int *,void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp);
+
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+#endif
+
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
@@ -1722,6 +1871,15 @@ const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+
+const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+
+
const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
@@ -1730,6 +1888,7 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
int SSL_do_handshake(SSL *s);
int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
int SSL_renegotiate_pending(SSL *s);
int SSL_shutdown(SSL *s);
@@ -1781,6 +1940,7 @@ void SSL_set_info_callback(SSL *ssl,
void (*cb)(const SSL *ssl,int type,int val));
void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
int SSL_state(const SSL *ssl);
+void SSL_set_state(SSL *ssl, int state);
void SSL_set_verify_result(SSL *ssl,long v);
long SSL_get_verify_result(const SSL *ssl);
@@ -1881,6 +2041,9 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
/* Pre-shared secret session resumption functions */
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
+void SSL_set_debug(SSL *s, int debug);
+int SSL_cache_hit(SSL *s);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -1900,6 +2063,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_DTLS1_ACCEPT 246
#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
#define SSL_F_DTLS1_BUFFER_RECORD 247
+#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
#define SSL_F_DTLS1_CLIENT_HELLO 248
#define SSL_F_DTLS1_CONNECT 249
#define SSL_F_DTLS1_ENC 250
@@ -1908,6 +2072,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
#define SSL_F_DTLS1_GET_RECORD 254
#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
+#define SSL_F_DTLS1_HEARTBEAT 305
#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
@@ -1976,7 +2141,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
#define SSL_F_SSL3_GET_MESSAGE 142
#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
-#define SSL_F_SSL3_GET_NEXT_PROTO 304
+#define SSL_F_SSL3_GET_NEXT_PROTO 306
#define SSL_F_SSL3_GET_RECORD 143
#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
#define SSL_F_SSL3_GET_SERVER_DONE 145
@@ -2001,10 +2166,12 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_WRITE_PENDING 159
#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
+#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
+#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
#define SSL_F_SSL_BAD_METHOD 160
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
#define SSL_F_SSL_CERT_DUP 221
@@ -2021,6 +2188,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
#define SSL_F_SSL_CTRL 232
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
+#define SSL_F_SSL_CTX_MAKE_PROFILES 309
#define SSL_F_SSL_CTX_NEW 169
#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
@@ -2043,16 +2211,18 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_GET_NEW_SESSION 181
#define SSL_F_SSL_GET_PREV_SESSION 217
#define SSL_F_SSL_GET_SERVER_SEND_CERT 182
+#define SSL_F_SSL_GET_SERVER_SEND_PKEY 317
#define SSL_F_SSL_GET_SIGN_PKEY 183
#define SSL_F_SSL_INIT_WBIO_BUFFER 184
#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
#define SSL_F_SSL_NEW 186
#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
+#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
#define SSL_F_SSL_PEEK 270
-#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 312
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
#define SSL_F_SSL_READ 223
@@ -2060,6 +2230,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
#define SSL_F_SSL_SESSION_NEW 189
#define SSL_F_SSL_SESSION_PRINT_FP 190
+#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
#define SSL_F_SSL_SESS_CERT_NEW 225
#define SSL_F_SSL_SET_CERT 191
#define SSL_F_SSL_SET_CIPHER_LIST 271
@@ -2073,12 +2244,12 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_SET_TRUST 228
#define SSL_F_SSL_SET_WFD 196
#define SSL_F_SSL_SHUTDOWN 224
+#define SSL_F_SSL_SRP_CTX_INIT 313
#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
#define SSL_F_SSL_USE_CERTIFICATE 198
#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
-#define SSL_F_SSL_USE_CERTIFICATE_CHAIN 2000
#define SSL_F_SSL_USE_CERTIFICATE_FILE 200
#define SSL_F_SSL_USE_PRIVATEKEY 201
#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
@@ -2093,6 +2264,8 @@ void ERR_load_SSL_strings(void);
#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
#define SSL_F_TLS1_ENC 210
+#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+#define SSL_F_TLS1_HEARTBEAT 315
#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
#define SSL_F_TLS1_PRF 284
@@ -2132,6 +2305,13 @@ void ERR_load_SSL_strings(void);
#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
#define SSL_R_BAD_RSA_SIGNATURE 122
#define SSL_R_BAD_SIGNATURE 123
+#define SSL_R_BAD_SRP_A_LENGTH 347
+#define SSL_R_BAD_SRP_B_LENGTH 348
+#define SSL_R_BAD_SRP_G_LENGTH 349
+#define SSL_R_BAD_SRP_N_LENGTH 350
+#define SSL_R_BAD_SRP_S_LENGTH 351
+#define SSL_R_BAD_SRTP_MKI_VALUE 352
+#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
#define SSL_R_BAD_SSL_FILETYPE 124
#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
#define SSL_R_BAD_STATE 126
@@ -2170,14 +2350,15 @@ void ERR_load_SSL_strings(void);
#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
+#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 346
-#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 347
+#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
+#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
#define SSL_R_HTTPS_PROXY_REQUEST 155
#define SSL_R_HTTP_REQUEST 156
#define SSL_R_ILLEGAL_PADDING 283
@@ -2186,6 +2367,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
#define SSL_R_INVALID_PURPOSE 278
+#define SSL_R_INVALID_SRP_USERNAME 357
#define SSL_R_INVALID_STATUS_RESPONSE 328
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
#define SSL_R_INVALID_TRUST 279
@@ -2215,6 +2397,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_MISSING_RSA_CERTIFICATE 168
#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
#define SSL_R_MISSING_RSA_SIGNING_CERT 170
+#define SSL_R_MISSING_SRP_PARAM 358
#define SSL_R_MISSING_TMP_DH_KEY 171
#define SSL_R_MISSING_TMP_ECDH_KEY 311
#define SSL_R_MISSING_TMP_RSA_KEY 172
@@ -2244,6 +2427,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_NO_RENEGOTIATION 339
#define SSL_R_NO_REQUIRED_DIGEST 324
#define SSL_R_NO_SHARED_CIPHER 193
+#define SSL_R_NO_SRTP_PROFILES 359
#define SSL_R_NO_VERIFY_CALLBACK 194
#define SSL_R_NULL_SSL_CTX 195
#define SSL_R_NULL_SSL_METHOD_PASSED 196
@@ -2286,9 +2470,13 @@ void ERR_load_SSL_strings(void);
#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
#define SSL_R_SERVERHELLO_TLSEXT 275
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
-#define SSL_R_SESSION_MAY_NOT_BE_CREATED 2000
#define SSL_R_SHORT_READ 219
+#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+#define SSL_R_SRP_A_CALC 361
+#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
@@ -2333,6 +2521,8 @@ void ERR_load_SSL_strings(void);
#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
+#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+#define SSL_R_TLS_HEARTBEAT_PENDING 366
#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
@@ -2355,6 +2545,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
#define SSL_R_UNKNOWN_CIPHER_TYPE 249
+#define SSL_R_UNKNOWN_DIGEST 368
#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
#define SSL_R_UNKNOWN_PKEY_TYPE 251
#define SSL_R_UNKNOWN_PROTOCOL 252
@@ -2369,12 +2560,14 @@ void ERR_load_SSL_strings(void);
#define SSL_R_UNSUPPORTED_PROTOCOL 258
#define SSL_R_UNSUPPORTED_SSL_VERSION 259
#define SSL_R_UNSUPPORTED_STATUS_TYPE 329
+#define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
#define SSL_R_WRITE_BIO_NOT_SET 260
#define SSL_R_WRONG_CIPHER_RETURNED 261
#define SSL_R_WRONG_MESSAGE_TYPE 262
#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
#define SSL_R_WRONG_SIGNATURE_LENGTH 264
#define SSL_R_WRONG_SIGNATURE_SIZE 265
+#define SSL_R_WRONG_SIGNATURE_TYPE 370
#define SSL_R_WRONG_SSL_VERSION 266
#define SSL_R_WRONG_VERSION_NUMBER 267
#define SSL_R_X509_LIB 268
diff --git a/deps/openssl/openssl/ssl/ssl2.h b/deps/openssl/openssl/ssl/ssl2.h
index 99a52ea0d..eb25dcb0b 100644
--- a/deps/openssl/openssl/ssl/ssl2.h
+++ b/deps/openssl/openssl/ssl/ssl2.h
@@ -155,6 +155,8 @@ extern "C" {
#define CERT char
#endif
+#ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl2_state_st
{
int three_byte_header;
@@ -219,6 +221,8 @@ typedef struct ssl2_state_st
} tmp;
} SSL2_STATE;
+#endif
+
/* SSLv2 */
/* client */
#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
diff --git a/deps/openssl/openssl/ssl/ssl3.h b/deps/openssl/openssl/ssl/ssl3.h
index d6425e5a5..247e88c2d 100644
--- a/deps/openssl/openssl/ssl/ssl3.h
+++ b/deps/openssl/openssl/ssl/ssl3.h
@@ -280,9 +280,6 @@ extern "C" {
#define SSL3_RT_MAX_EXTRA (16384)
-/* Default buffer length used for writen records. Thus a generated record
- * will contain plaintext no larger than this value. */
-#define SSL3_RT_DEFAULT_PLAIN_LENGTH 2048
/* Maximum plaintext length: defined by SSL/TLS standards */
#define SSL3_RT_MAX_PLAIN_LENGTH 16384
/* Maximum compression overhead: defined by SSL/TLS standards */
@@ -314,13 +311,6 @@ extern "C" {
#define SSL3_RT_MAX_PACKET_SIZE \
(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-/* Extra space for empty fragment, headers, MAC, and padding. */
-#define SSL3_RT_DEFAULT_WRITE_OVERHEAD 256
-#define SSL3_RT_DEFAULT_PACKET_SIZE 4096 - SSL3_RT_DEFAULT_WRITE_OVERHEAD
-#if SSL3_RT_DEFAULT_PLAIN_LENGTH + SSL3_RT_DEFAULT_WRITE_OVERHEAD > SSL3_RT_DEFAULT_PACKET_SIZE
-#error "Insufficient space allocated for write buffers."
-#endif
-
#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
@@ -332,6 +322,7 @@ extern "C" {
#define SSL3_RT_ALERT 21
#define SSL3_RT_HANDSHAKE 22
#define SSL3_RT_APPLICATION_DATA 23
+#define TLS1_RT_HEARTBEAT 24
#define SSL3_AL_WARNING 1
#define SSL3_AL_FATAL 2
@@ -349,6 +340,11 @@ extern "C" {
#define SSL3_AD_CERTIFICATE_UNKNOWN 46
#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
+#define TLS1_HB_REQUEST 1
+#define TLS1_HB_RESPONSE 2
+
+#ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl3_record_st
{
/*r */ int type; /* type of record */
@@ -370,6 +366,8 @@ typedef struct ssl3_buffer_st
int left; /* how many bytes left */
} SSL3_BUFFER;
+#endif
+
#define SSL3_CT_RSA_SIGN 1
#define SSL3_CT_DSS_SIGN 2
#define SSL3_CT_RSA_FIXED_DH 3
@@ -389,6 +387,7 @@ typedef struct ssl3_buffer_st
#define SSL3_FLAGS_POP_BUFFER 0x0004
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
+#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
* restart a handshake because of MS SGC and so prevents us
@@ -401,6 +400,8 @@ typedef struct ssl3_buffer_st
*/
#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
+#ifndef OPENSSL_NO_SSL_INTERN
+
typedef struct ssl3_state_st
{
long flags;
@@ -476,12 +477,6 @@ typedef struct ssl3_state_st
void *server_opaque_prf_input;
size_t server_opaque_prf_input_len;
-#ifndef OPENSSL_NO_NEXTPROTONEG
- /* Set if we saw the Next Protocol Negotiation extension from
- our peer. */
- int next_proto_neg_seen;
-#endif
-
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
@@ -491,7 +486,7 @@ typedef struct ssl3_state_st
int finish_md_len;
unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
int peer_finish_md_len;
-
+
unsigned long message_size;
int message_type;
@@ -539,14 +534,23 @@ typedef struct ssl3_state_st
unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
unsigned char previous_server_finished_len;
int send_connection_binding; /* TODOEKR */
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ /* Set if we saw the Next Protocol Negotiation extension from our peer. */
+ int next_proto_neg_seen;
+#endif
} SSL3_STATE;
+#endif
/* SSLv3 */
/*client */
/* extra state */
#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
-#define SSL3_ST_CUTTHROUGH_COMPLETE (0x101|SSL_ST_CONNECT)
+#ifndef OPENSSL_NO_SCTP
+#define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
+#define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
+#endif
/* write to server */
#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
@@ -593,6 +597,10 @@ typedef struct ssl3_state_st
/* server */
/* extra state */
#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
+#ifndef OPENSSL_NO_SCTP
+#define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
+#define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
+#endif
/* read from client */
/* Do not change the number values, they do matter */
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
@@ -673,3 +681,4 @@ typedef struct ssl3_state_st
}
#endif
#endif
+
diff --git a/deps/openssl/openssl/ssl/ssl_algs.c b/deps/openssl/openssl/ssl/ssl_algs.c
index 0967b2dfe..9c34d1972 100644
--- a/deps/openssl/openssl/ssl/ssl_algs.c
+++ b/deps/openssl/openssl/ssl/ssl_algs.c
@@ -73,6 +73,9 @@ int SSL_library_init(void)
#endif
#ifndef OPENSSL_NO_RC4
EVP_add_cipher(EVP_rc4());
+#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
+ EVP_add_cipher(EVP_rc4_hmac_md5());
+#endif
#endif
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_cbc());
@@ -85,6 +88,13 @@ int SSL_library_init(void)
EVP_add_cipher(EVP_aes_128_cbc());
EVP_add_cipher(EVP_aes_192_cbc());
EVP_add_cipher(EVP_aes_256_cbc());
+ EVP_add_cipher(EVP_aes_128_gcm());
+ EVP_add_cipher(EVP_aes_256_gcm());
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+ EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+ EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+#endif
+
#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
diff --git a/deps/openssl/openssl/ssl/ssl_asn1.c b/deps/openssl/openssl/ssl/ssl_asn1.c
index d7f4c6087..38540be1e 100644
--- a/deps/openssl/openssl/ssl/ssl_asn1.c
+++ b/deps/openssl/openssl/ssl/ssl_asn1.c
@@ -114,6 +114,9 @@ typedef struct ssl_session_asn1_st
ASN1_OCTET_STRING psk_identity_hint;
ASN1_OCTET_STRING psk_identity;
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ ASN1_OCTET_STRING srp_username;
+#endif /* OPENSSL_NO_SRP */
} SSL_SESSION_ASN1;
int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
@@ -130,6 +133,9 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
unsigned char cbuf;
int v11=0;
#endif
+#ifndef OPENSSL_NO_SRP
+ int v12=0;
+#endif
long l;
SSL_SESSION_ASN1 a;
M_ASN1_I2D_vars(in);
@@ -267,6 +273,14 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
a.psk_identity.data=(unsigned char *)(in->psk_identity);
}
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ {
+ a.srp_username.length=strlen(in->srp_username);
+ a.srp_username.type=V_ASN1_OCTET_STRING;
+ a.srp_username.data=(unsigned char *)(in->srp_username);
+ }
+#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
@@ -307,6 +321,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
if (in->psk_identity)
M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
+#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_seq_total();
@@ -351,6 +369,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
if (in->compress_meth)
M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING,11,v11);
#endif
+#ifndef OPENSSL_NO_SRP
+ if (in->srp_username)
+ M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
+#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_finish();
}
@@ -549,6 +571,19 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
}
else
ret->psk_identity_hint=NULL;
+
+ os.length=0;
+ os.data=NULL;
+ M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8);
+ if (os.data)
+ {
+ ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ }
+ else
+ ret->psk_identity=NULL;
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_TLSEXT
@@ -588,5 +623,20 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
}
#endif
+#ifndef OPENSSL_NO_SRP
+ os.length=0;
+ os.data=NULL;
+ M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,12);
+ if (os.data)
+ {
+ ret->srp_username = BUF_strndup((char *)os.data, os.length);
+ OPENSSL_free(os.data);
+ os.data = NULL;
+ os.length = 0;
+ }
+ else
+ ret->srp_username=NULL;
+#endif /* OPENSSL_NO_SRP */
+
M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
}
diff --git a/deps/openssl/openssl/ssl/ssl_cert.c b/deps/openssl/openssl/ssl/ssl_cert.c
index 27256eea8..5123a8918 100644
--- a/deps/openssl/openssl/ssl/ssl_cert.c
+++ b/deps/openssl/openssl/ssl/ssl_cert.c
@@ -160,6 +160,21 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void)
return ssl_x509_store_ctx_idx;
}
+static void ssl_cert_set_default_md(CERT *cert)
+ {
+ /* Set digest values to defaults */
+#ifndef OPENSSL_NO_DSA
+ cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_RSA
+ cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+ cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+#endif
+ }
+
CERT *ssl_cert_new(void)
{
CERT *ret;
@@ -174,7 +189,7 @@ CERT *ssl_cert_new(void)
ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
ret->references=1;
-
+ ssl_cert_set_default_md(ret);
return(ret);
}
@@ -307,6 +322,10 @@ CERT *ssl_cert_dup(CERT *cert)
* chain is held inside SSL_CTX */
ret->references=1;
+ /* Set digests to defaults. NB: we don't copy existing values as they
+ * will be set during handshake.
+ */
+ ssl_cert_set_default_md(ret);
return(ret);
diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c
index 462c45a3d..0aba8e048 100644
--- a/deps/openssl/openssl/ssl/ssl_ciph.c
+++ b/deps/openssl/openssl/ssl/ssl_ciph.c
@@ -162,11 +162,13 @@
#define SSL_ENC_CAMELLIA256_IDX 9
#define SSL_ENC_GOST89_IDX 10
#define SSL_ENC_SEED_IDX 11
-#define SSL_ENC_NUM_IDX 12
+#define SSL_ENC_AES128GCM_IDX 12
+#define SSL_ENC_AES256GCM_IDX 13
+#define SSL_ENC_NUM_IDX 14
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
- NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,
+ NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
};
#define SSL_COMP_NULL_IDX 0
@@ -179,28 +181,32 @@ static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
#define SSL_MD_SHA1_IDX 1
#define SSL_MD_GOST94_IDX 2
#define SSL_MD_GOST89MAC_IDX 3
+#define SSL_MD_SHA256_IDX 4
+#define SSL_MD_SHA384_IDX 5
/*Constant SSL_MAX_DIGEST equal to size of digests array should be
* defined in the
* ssl_locl.h */
#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
- NULL,NULL,NULL,NULL
+ NULL,NULL,NULL,NULL,NULL,NULL
};
/* PKEY_TYPE for GOST89MAC is known in advance, but, because
* implementation is engine-provided, we'll fill it only if
* corresponding EVP_PKEY_METHOD is found
*/
static int ssl_mac_pkey_id[SSL_MD_NUM_IDX]={
- EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef
+ EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef,
+ EVP_PKEY_HMAC,EVP_PKEY_HMAC
};
static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={
- 0,0,0,0
+ 0,0,0,0,0,0
};
static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={
SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA,
- SSL_HANDSHAKE_MAC_GOST94,0
+ SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
+ SSL_HANDSHAKE_MAC_SHA384
};
#define CIPHER_ADD 1
@@ -247,6 +253,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},
/* server authentication aliases */
@@ -273,6 +280,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
+ {0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0},
/* symmetric encryption aliases */
@@ -283,9 +291,10 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0},
{0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0},
{0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
- {0,SSL_TXT_AES128,0, 0,0,SSL_AES128,0,0,0,0,0,0},
- {0,SSL_TXT_AES256,0, 0,0,SSL_AES256,0,0,0,0,0,0},
- {0,SSL_TXT_AES,0, 0,0,SSL_AES128|SSL_AES256,0,0,0,0,0,0},
+ {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0},
+ {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0},
+ {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0},
+ {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0},
{0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0},
{0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0},
{0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0},
@@ -296,11 +305,14 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0},
{0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0},
{0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0},
+ {0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0},
+ {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0},
/* protocol version aliases */
{0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0},
{0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0},
{0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0},
+ {0,SSL_TXT_TLSV1_2,0, 0,0,0,0,SSL_TLSV1_2, 0,0,0,0},
/* export flag */
{0,SSL_TXT_EXP,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
@@ -379,6 +391,11 @@ void ssl_load_ciphers(void)
ssl_cipher_methods[SSL_ENC_SEED_IDX]=
EVP_get_cipherbyname(SN_seed_cbc);
+ ssl_cipher_methods[SSL_ENC_AES128GCM_IDX]=
+ EVP_get_cipherbyname(SN_aes_128_gcm);
+ ssl_cipher_methods[SSL_ENC_AES256GCM_IDX]=
+ EVP_get_cipherbyname(SN_aes_256_gcm);
+
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
ssl_mac_secret_size[SSL_MD_MD5_IDX]=
@@ -404,6 +421,14 @@ void ssl_load_ciphers(void)
ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX]=32;
}
+ ssl_digest_methods[SSL_MD_SHA256_IDX]=
+ EVP_get_digestbyname(SN_sha256);
+ ssl_mac_secret_size[SSL_MD_SHA256_IDX]=
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
+ ssl_digest_methods[SSL_MD_SHA384_IDX]=
+ EVP_get_digestbyname(SN_sha384);
+ ssl_mac_secret_size[SSL_MD_SHA384_IDX]=
+ EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
}
#ifndef OPENSSL_NO_COMP
@@ -526,6 +551,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_SEED:
i=SSL_ENC_SEED_IDX;
break;
+ case SSL_AES128GCM:
+ i=SSL_ENC_AES128GCM_IDX;
+ break;
+ case SSL_AES256GCM:
+ i=SSL_ENC_AES256GCM_IDX;
+ break;
default:
i= -1;
break;
@@ -549,6 +580,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_SHA1:
i=SSL_MD_SHA1_IDX;
break;
+ case SSL_SHA256:
+ i=SSL_MD_SHA256_IDX;
+ break;
+ case SSL_SHA384:
+ i=SSL_MD_SHA384_IDX;
+ break;
case SSL_GOST94:
i = SSL_MD_GOST94_IDX;
break;
@@ -564,17 +601,45 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
*md=NULL;
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
if (mac_secret_size!=NULL) *mac_secret_size = 0;
-
+ if (c->algorithm_mac == SSL_AEAD)
+ mac_pkey_type = NULL;
}
else
{
*md=ssl_digest_methods[i];
if (mac_pkey_type!=NULL) *mac_pkey_type = ssl_mac_pkey_id[i];
if (mac_secret_size!=NULL) *mac_secret_size = ssl_mac_secret_size[i];
- }
+ }
+
+ if ((*enc != NULL) &&
+ (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) &&
+ (!mac_pkey_type||*mac_pkey_type != NID_undef))
+ {
+ const EVP_CIPHER *evp;
+
+ if (s->ssl_version>>8 != TLS1_VERSION_MAJOR ||
+ s->ssl_version < TLS1_VERSION)
+ return 1;
- if ((*enc != NULL) && (*md != NULL) && (!mac_pkey_type||*mac_pkey_type != NID_undef))
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return 1;
+#endif
+
+ if (c->algorithm_enc == SSL_RC4 &&
+ c->algorithm_mac == SSL_MD5 &&
+ (evp=EVP_get_cipherbyname("RC4-HMAC-MD5")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES128 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES256 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
return(1);
+ }
else
return(0);
}
@@ -585,9 +650,11 @@ int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
{
return 0;
}
- if (ssl_handshake_digest_flag[idx]==0) return 0;
*mask = ssl_handshake_digest_flag[idx];
- *md = ssl_digest_methods[idx];
+ if (*mask)
+ *md = ssl_digest_methods[idx];
+ else
+ *md = NULL;
return 1;
}
@@ -662,6 +729,9 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
*mkey |= SSL_kPSK;
*auth |= SSL_aPSK;
#endif
+#ifdef OPENSSL_NO_SRP
+ *mkey |= SSL_kSRP;
+#endif
/* Check for presence of GOST 34.10 algorithms, and if they
* do not present, disable appropriate auth and key exchange */
if (!get_optional_pkey_id("gost94")) {
@@ -687,6 +757,8 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
*enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM:0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0;
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0;
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0;
*enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0;
@@ -694,6 +766,8 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
*mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
*mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256:0;
+ *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384:0;
*mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94:0;
*mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]==NID_undef)? SSL_GOST89MAC:0;
@@ -724,6 +798,9 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
c = ssl_method->get_cipher(i);
/* drop those that use any of that is not available */
if ((c != NULL) && c->valid &&
+#ifdef OPENSSL_FIPS
+ (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
+#endif
!(c->algorithm_mkey & disabled_mkey) &&
!(c->algorithm_auth & disabled_auth) &&
!(c->algorithm_enc & disabled_enc) &&
@@ -1074,9 +1151,9 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
while ( ((ch >= 'A') && (ch <= 'Z')) ||
((ch >= '0') && (ch <= '9')) ||
((ch >= 'a') && (ch <= 'z')) ||
- (ch == '-'))
+ (ch == '-') || (ch == '.'))
#else
- while ( isalnum(ch) || (ch == '-'))
+ while ( isalnum(ch) || (ch == '-') || (ch == '.'))
#endif
{
ch = *(++l);
@@ -1423,7 +1500,11 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
*/
for (curr = head; curr != NULL; curr = curr->next)
{
+#ifdef OPENSSL_FIPS
+ if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
+#else
if (curr->active)
+#endif
{
sk_SSL_CIPHER_push(cipherstack, curr->cipher);
#ifdef CIPHER_DEBUG
@@ -1480,6 +1561,8 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
ver="SSLv2";
else if (alg_ssl & SSL_SSLV3)
ver="SSLv3";
+ else if (alg_ssl & SSL_TLSV1_2)
+ ver="TLSv1.2";
else
ver="unknown";
@@ -1512,6 +1595,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_kPSK:
kx="PSK";
break;
+ case SSL_kSRP:
+ kx="SRP";
+ break;
default:
kx="unknown";
}
@@ -1574,6 +1660,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_AES256:
enc="AES(256)";
break;
+ case SSL_AES128GCM:
+ enc="AESGCM(128)";
+ break;
+ case SSL_AES256GCM:
+ enc="AESGCM(256)";
+ break;
case SSL_CAMELLIA128:
enc="Camellia(128)";
break;
@@ -1596,6 +1688,15 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_SHA1:
mac="SHA1";
break;
+ case SSL_SHA256:
+ mac="SHA256";
+ break;
+ case SSL_SHA384:
+ mac="SHA384";
+ break;
+ case SSL_AEAD:
+ mac="AEAD";
+ break;
default:
mac="unknown";
break;
@@ -1653,50 +1754,9 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
return(ret);
}
-/* return string version of key exchange algorithm */
-const char* SSL_CIPHER_authentication_method(const SSL_CIPHER* cipher)
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
{
- switch (cipher->algorithm_mkey)
- {
- case SSL_kRSA:
- return SSL_TXT_RSA;
- case SSL_kDHr:
- return SSL_TXT_DH "_" SSL_TXT_RSA;
- case SSL_kDHd:
- return SSL_TXT_DH "_" SSL_TXT_DSS;
- case SSL_kEDH:
- switch (cipher->algorithm_auth)
- {
- case SSL_aDSS:
- return "DHE_" SSL_TXT_DSS;
- case SSL_aRSA:
- return "DHE_" SSL_TXT_RSA;
- case SSL_aNULL:
- return SSL_TXT_DH "_anon";
- default:
- return "UNKNOWN";
- }
- case SSL_kKRB5:
- return SSL_TXT_KRB5;
- case SSL_kECDHr:
- return SSL_TXT_ECDH "_" SSL_TXT_RSA;
- case SSL_kECDHe:
- return SSL_TXT_ECDH "_" SSL_TXT_ECDSA;
- case SSL_kEECDH:
- switch (cipher->algorithm_auth)
- {
- case SSL_aECDSA:
- return "ECDHE_" SSL_TXT_ECDSA;
- case SSL_aRSA:
- return "ECDHE_" SSL_TXT_RSA;
- case SSL_aNULL:
- return SSL_TXT_ECDH "_anon";
- default:
- return "UNKNOWN";
- }
- default:
- return "UNKNOWN";
- }
+ return c->id;
}
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
diff --git a/deps/openssl/openssl/ssl/ssl_err.c b/deps/openssl/openssl/ssl/ssl_err.c
index 4fcd5c007..370fb57e3 100644
--- a/deps/openssl/openssl/ssl/ssl_err.c
+++ b/deps/openssl/openssl/ssl/ssl_err.c
@@ -80,6 +80,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
{ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
{ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
+{ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
{ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
{ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
{ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
@@ -88,6 +89,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
{ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "DTLS1_HANDLE_TIMEOUT"},
+{ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "DTLS1_HEARTBEAT"},
{ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
{ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE), "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
@@ -181,10 +183,12 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "SSL_ADD_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT), "SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"},
{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"},
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT), "SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "SSL_ADD_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT), "SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
{ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},
@@ -201,6 +205,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "SSL_CREATE_CIPHER_LIST"},
{ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
+{ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
{ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
{ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE), "SSL_CTX_set_client_cert_engine"},
@@ -223,14 +228,17 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "SSL_GET_NEW_SESSION"},
{ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "SSL_GET_PREV_SESSION"},
{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
+{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "SSL_GET_SERVER_SEND_PKEY"},
{ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "SSL_GET_SIGN_PKEY"},
{ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "SSL_INIT_WBIO_BUFFER"},
{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
{ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT), "SSL_PARSE_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT), "SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT), "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT), "SSL_PARSE_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT), "SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
{ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"},
@@ -239,6 +247,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
{ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
+{ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT), "SSL_SESSION_set1_id_context"},
{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "SSL_SESS_CERT_NEW"},
{ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
@@ -252,6 +261,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+{ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION), "SSL_UNDEFINED_VOID_FUNCTION"},
@@ -271,6 +281,8 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
{ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT), "TLS1_CHECK_SERVERHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"},
+{ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL), "TLS1_EXPORT_KEYING_MATERIAL"},
+{ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "SSL_F_TLS1_HEARTBEAT"},
{ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT), "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT), "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
@@ -313,6 +325,13 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) ,"bad rsa signature"},
{ERR_REASON(SSL_R_BAD_SIGNATURE) ,"bad signature"},
+{ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) ,"bad srp a length"},
+{ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"},
+{ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"},
+{ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"},
+{ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"},
+{ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE) ,"bad srtp mki value"},
+{ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),"bad srtp protection profile list"},
{ERR_REASON(SSL_R_BAD_SSL_FILETYPE) ,"bad ssl filetype"},
{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
{ERR_REASON(SSL_R_BAD_STATE) ,"bad state"},
@@ -351,6 +370,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),"ecc cert should have rsa signature"},
{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),"ecc cert should have sha1 signature"},
{ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),"ecgroup too large for cipher"},
+{ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),"empty srtp protection profile list"},
{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),"encrypted length too long"},
{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),"error generating tmp rsa key"},
{ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),"error in received cipher list"},
@@ -367,6 +387,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"},
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
+{ERR_REASON(SSL_R_INVALID_SRP_USERNAME) ,"invalid srp username"},
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
{ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid trust"},
@@ -396,6 +417,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
+{ERR_REASON(SSL_R_MISSING_SRP_PARAM) ,"can't find SRP server param"},
{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) ,"missing tmp dh key"},
{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) ,"missing tmp ecdh key"},
{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) ,"missing tmp rsa key"},
@@ -425,6 +447,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_NO_RENEGOTIATION) ,"no renegotiation"},
{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) ,"digest requred for handshake isn't computed"},
{ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"},
+{ERR_REASON(SSL_R_NO_SRTP_PROFILES) ,"no srtp profiles"},
{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) ,"no verify callback"},
{ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"},
{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
@@ -467,9 +490,13 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
{ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) ,"serverhello tlsext"},
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
-{ERR_REASON(SSL_R_SESSION_MAY_NOT_BE_CREATED),"session may not be created"},
{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
+{ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),"signature algorithms error"},
{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
+{ERR_REASON(SSL_R_SRP_A_CALC) ,"error with the srp params"},
+{ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),"srtp could not allocate profiles"},
+{ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),"srtp protection profile list too long"},
+{ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),"srtp unknown protection profile"},
{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),"ssl3 ext invalid ecpointformat"},
@@ -514,6 +541,9 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME),"tlsv1 unrecognized name"},
{ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),"tlsv1 unsupported extension"},
{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"},
+{ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),"peer does not accept heartbearts"},
+{ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) ,"heartbeat request already pending"},
+{ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),"tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"},
{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
@@ -535,6 +565,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE),"unknown certificate type"},
{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED),"unknown cipher returned"},
{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE) ,"unknown cipher type"},
+{ERR_REASON(SSL_R_UNKNOWN_DIGEST) ,"unknown digest"},
{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),"unknown key exchange type"},
{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE) ,"unknown pkey type"},
{ERR_REASON(SSL_R_UNKNOWN_PROTOCOL) ,"unknown protocol"},
@@ -549,12 +580,14 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL) ,"unsupported protocol"},
{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION),"unsupported ssl version"},
{ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE),"unsupported status type"},
+{ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED),"use srtp not negotiated"},
{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET) ,"write bio not set"},
{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) ,"wrong cipher returned"},
{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE) ,"wrong message type"},
{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS),"wrong number of key bits"},
{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE) ,"wrong signature size"},
+{ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE) ,"wrong signature type"},
{ERR_REASON(SSL_R_WRONG_SSL_VERSION) ,"wrong ssl version"},
{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) ,"wrong version number"},
{ERR_REASON(SSL_R_X509_LIB) ,"x509 lib"},
diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c
index add3058fc..14d143da0 100644
--- a/deps/openssl/openssl/ssl/ssl_lib.c
+++ b/deps/openssl/openssl/ssl/ssl_lib.c
@@ -176,7 +176,10 @@ SSL3_ENC_METHOD ssl3_undef_enc_method={
0, /* client_finished_label_len */
NULL, /* server_finished_label */
0, /* server_finished_label_len */
- (int (*)(int))ssl_undefined_function
+ (int (*)(int))ssl_undefined_function,
+ (int (*)(SSL *, unsigned char *, size_t, const char *,
+ size_t, const unsigned char *, size_t,
+ int use_context)) ssl_undefined_function,
};
int SSL_clear(SSL *s)
@@ -202,9 +205,9 @@ int SSL_clear(SSL *s)
* needed because SSL_clear is not called when doing renegotiation) */
/* This is set if we are doing dynamic renegotiation so keep
* the old cipher. It is sort of a SSL_clear_lite :-) */
- if (s->new_session) return(1);
+ if (s->renegotiate) return(1);
#else
- if (s->new_session)
+ if (s->renegotiate)
{
SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
return 0;
@@ -326,7 +329,6 @@ SSL *SSL_new(SSL_CTX *ctx)
OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
s->verify_callback=ctx->default_verify_callback;
- s->session_creation_enabled=1;
s->generate_session_id=ctx->generate_session_id;
s->param = X509_VERIFY_PARAM_new();
@@ -595,6 +597,11 @@ void SSL_free(SSL *s)
OPENSSL_free(s->next_proto_negotiated);
#endif
+#ifndef OPENSSL_NO_SRTP
+ if (s->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+#endif
+
OPENSSL_free(s);
}
@@ -1017,10 +1024,21 @@ int SSL_shutdown(SSL *s)
int SSL_renegotiate(SSL *s)
{
- if (s->new_session == 0)
- {
- s->new_session=1;
- }
+ if (s->renegotiate == 0)
+ s->renegotiate=1;
+
+ s->new_session=1;
+
+ return(s->method->ssl_renegotiate(s));
+ }
+
+int SSL_renegotiate_abbreviated(SSL *s)
+ {
+ if (s->renegotiate == 0)
+ s->renegotiate=1;
+
+ s->new_session=0;
+
return(s->method->ssl_renegotiate(s));
}
@@ -1028,7 +1046,7 @@ int SSL_renegotiate_pending(SSL *s)
{
/* becomes true when negotiation is requested;
* false again once a handshake has finished */
- return (s->new_session != 0);
+ return (s->renegotiate != 0);
}
long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
@@ -1317,32 +1335,6 @@ int SSL_set_cipher_list(SSL *s,const char *str)
return 1;
}
-/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_lists(SSL *s,STACK_OF(SSL_CIPHER) *sk)
- {
- STACK_OF(SSL_CIPHER) *tmp_cipher_list;
-
- if (sk == NULL)
- return 0;
-
- /* Based on end of ssl_create_cipher_list */
- tmp_cipher_list = sk_SSL_CIPHER_dup(sk);
- if (tmp_cipher_list == NULL)
- {
- return 0;
- }
- if (s->cipher_list != NULL)
- sk_SSL_CIPHER_free(s->cipher_list);
- s->cipher_list = sk;
- if (s->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(s->cipher_list_by_id);
- s->cipher_list_by_id = tmp_cipher_list;
- (void)sk_SSL_CIPHER_set_cmp_func(s->cipher_list_by_id,ssl_cipher_ptr_id_cmp);
-
- sk_SSL_CIPHER_sort(s->cipher_list_by_id);
- return 1;
- }
-
/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
{
@@ -1395,6 +1387,10 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
c=sk_SSL_CIPHER_value(sk,i);
+ /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
+ if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+ (TLS1_get_client_version(s) < TLS1_2_VERSION))
+ continue;
#ifndef OPENSSL_NO_KRB5
if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
nokrb5)
@@ -1412,7 +1408,7 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
/* If p == q, no ciphers and caller indicates an error. Otherwise
* add SCSV if not renegotiating.
*/
- if (p != q && !s->new_session)
+ if (p != q && !s->renegotiate)
{
static SSL_CIPHER scsv =
{
@@ -1459,7 +1455,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
(p[n-1] == (SSL3_CK_SCSV & 0xff)))
{
/* SCSV fatal if renegotiating */
- if (s->new_session)
+ if (s->renegotiate)
{
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
@@ -1632,10 +1628,21 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
ctx->next_proto_select_cb = cb;
ctx->next_proto_select_cb_arg = arg;
}
-
# endif
#endif
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen, const unsigned char *p, size_t plen,
+ int use_context)
+ {
+ if (s->version < TLS1_VERSION)
+ return -1;
+
+ return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
+ llen, p, plen,
+ use_context);
+ }
+
static unsigned long ssl_session_hash(const SSL_SESSION *a)
{
unsigned long l;
@@ -1679,6 +1686,14 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
return(NULL);
}
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && (meth->version < TLS1_VERSION))
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+ return NULL;
+ }
+#endif
+
if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
{
SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
@@ -1808,6 +1823,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->psk_client_callback=NULL;
ret->psk_server_callback=NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_init(ret);
+#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
@@ -1936,10 +1954,18 @@ void SSL_CTX_free(SSL_CTX *a)
a->comp_methods = NULL;
#endif
+#ifndef OPENSSL_NO_SRTP
+ if (a->srtp_profiles)
+ sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+#endif
+
#ifndef OPENSSL_NO_PSK
if (a->psk_identity_hint)
OPENSSL_free(a->psk_identity_hint);
#endif
+#ifndef OPENSSL_NO_SRP
+ SSL_CTX_SRP_CTX_free(a);
+#endif
#ifndef OPENSSL_NO_ENGINE
if (a->client_cert_engine)
ENGINE_finish(a->client_cert_engine);
@@ -2193,12 +2219,13 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
#ifndef OPENSSL_NO_EC
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
unsigned long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
int keysize = 0;
int signature_nid = 0, md_nid = 0, pk_nid = 0;
+ const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
alg_k = cs->algorithm_mkey;
alg_a = cs->algorithm_auth;
@@ -2228,7 +2255,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
return 0;
}
- if (alg_k & SSL_kECDHe)
+ if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION)
{
/* signature alg must be ECDSA */
if (pk_nid != NID_X9_62_id_ecPublicKey)
@@ -2237,7 +2264,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
return 0;
}
}
- if (alg_k & SSL_kECDHr)
+ if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION)
{
/* signature alg must be RSA */
@@ -2264,7 +2291,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
#endif
/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
unsigned long alg_k,alg_a;
CERT *c;
@@ -2319,42 +2346,52 @@ X509 *ssl_get_server_send_cert(SSL *s)
i=SSL_PKEY_GOST01;
else /* if (alg_a & SSL_aNULL) */
{
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
return(NULL);
}
- if (c->pkeys[i].x509 == NULL) return(NULL);
- return(c->pkeys[i].x509);
+ return c->pkeys + i;
+ }
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+ {
+ CERT_PKEY *cpk;
+ cpk = ssl_get_server_send_pkey(s);
+ if (!cpk)
+ return NULL;
+ return cpk->x509;
}
-EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher)
+EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
{
unsigned long alg_a;
CERT *c;
+ int idx = -1;
alg_a = cipher->algorithm_auth;
c=s->cert;
if ((alg_a & SSL_aDSS) &&
(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
- return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
+ idx = SSL_PKEY_DSA_SIGN;
else if (alg_a & SSL_aRSA)
{
if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
- return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
+ idx = SSL_PKEY_RSA_SIGN;
else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
- return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
- else
- return(NULL);
+ idx = SSL_PKEY_RSA_ENC;
}
else if ((alg_a & SSL_aECDSA) &&
(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
- return(c->pkeys[SSL_PKEY_ECC].privatekey);
- else /* if (alg_a & SSL_aNULL) */
+ idx = SSL_PKEY_ECC;
+ if (idx == -1)
{
SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
return(NULL);
}
+ if (pmd)
+ *pmd = c->pkeys[idx].digest;
+ return c->pkeys[idx].privatekey;
}
void ssl_update_cache(SSL *s,int mode)
@@ -2577,45 +2614,22 @@ SSL_METHOD *ssl_bad_method(int ver)
return(NULL);
}
-static const char *ssl_get_version(int version)
+const char *SSL_get_version(const SSL *s)
{
- if (version == TLS1_VERSION)
+ if (s->version == TLS1_2_VERSION)
+ return("TLSv1.2");
+ else if (s->version == TLS1_1_VERSION)
+ return("TLSv1.1");
+ else if (s->version == TLS1_VERSION)
return("TLSv1");
- else if (version == SSL3_VERSION)
+ else if (s->version == SSL3_VERSION)
return("SSLv3");
- else if (version == SSL2_VERSION)
+ else if (s->version == SSL2_VERSION)
return("SSLv2");
else
return("unknown");
}
-const char *SSL_get_version(const SSL *s)
- {
- return ssl_get_version(s->version);
- }
-
-const char *SSL_SESSION_get_version(const SSL_SESSION *s)
- {
- return ssl_get_version(s->ssl_version);
- }
-
-const char* SSL_authentication_method(const SSL* ssl)
- {
- if (ssl->cert != NULL && ssl->cert->rsa_tmp != NULL)
- return SSL_TXT_RSA "_" SSL_TXT_EXPORT;
- switch (ssl->version)
- {
- case SSL2_VERSION:
- return SSL_TXT_RSA;
- case SSL3_VERSION:
- case TLS1_VERSION:
- case DTLS1_VERSION:
- return SSL_CIPHER_authentication_method(ssl->s3->tmp.new_cipher);
- default:
- return "UNKNOWN";
- }
- }
-
SSL *SSL_dup(SSL *s)
{
STACK_OF(X509_NAME) *sk;
@@ -2700,6 +2714,7 @@ SSL *SSL_dup(SSL *s)
ret->in_handshake = s->in_handshake;
ret->handshake_func = s->handshake_func;
ret->server = s->server;
+ ret->renegotiate = s->renegotiate;
ret->new_session = s->new_session;
ret->quiet_shutdown = s->quiet_shutdown;
ret->shutdown=s->shutdown;
@@ -2777,7 +2792,9 @@ void ssl_clear_cipher_ctx(SSL *s)
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
- if (s->cert != NULL)
+ if (s->server)
+ return(ssl_get_server_send_cert(s));
+ else if (s->cert != NULL)
return(s->cert->key->x509);
else
return(NULL);
@@ -2965,6 +2982,11 @@ int SSL_state(const SSL *ssl)
return(ssl->state);
}
+void SSL_set_state(SSL *ssl, int state)
+ {
+ ssl->state = state;
+ }
+
void SSL_set_verify_result(SSL *ssl,long arg)
{
ssl->verify_result=arg;
@@ -3203,31 +3225,6 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
-int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen, const unsigned char *p, size_t plen,
- int use_context)
- {
- if (s->version < TLS1_VERSION)
- return -1;
-
- return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
- llen, p, plen,
- use_context);
- }
-
-int SSL_cutthrough_complete(const SSL *s)
- {
- return (!s->server && /* cutthrough only applies to clients */
- !s->hit && /* full-handshake */
- s->version >= SSL3_VERSION &&
- s->s3->in_read_app_data == 0 && /* cutthrough only applies to write() */
- (SSL_get_mode((SSL*)s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && /* cutthrough enabled */
- SSL_get_cipher_bits(s, NULL) >= 128 && /* strong cipher choosen */
- s->s3->previous_server_finished_len == 0 && /* not a renegotiation handshake */
- (s->state == SSL3_ST_CR_SESSION_TICKET_A || /* ready to write app-data*/
- s->state == SSL3_ST_CR_FINISHED_A));
- }
-
/* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
* vairable, freeing EVP_MD_CTX previously stored in that variable, if
* any. If EVP_MD pointer is passed, initializes ctx with this md
@@ -3248,6 +3245,16 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
*hash=NULL;
}
+void SSL_set_debug(SSL *s, int debug)
+ {
+ s->debug = debug;
+ }
+
+int SSL_cache_hit(SSL *s)
+ {
+ return s->hit;
+ }
+
#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
#include "../crypto/bio/bss_file.c"
#endif
@@ -3256,4 +3263,3 @@ IMPLEMENT_STACK_OF(SSL_CIPHER)
IMPLEMENT_STACK_OF(SSL_COMP)
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
ssl_cipher_id);
-
diff --git a/deps/openssl/openssl/ssl/ssl_locl.h b/deps/openssl/openssl/ssl/ssl_locl.h
index af607e662..1b98947e6 100644
--- a/deps/openssl/openssl/ssl/ssl_locl.h
+++ b/deps/openssl/openssl/ssl/ssl_locl.h
@@ -170,7 +170,7 @@
# define OPENSSL_EXTERN OPENSSL_EXPORT
#endif
-#define PKCS1_CHECK
+#undef PKCS1_CHECK
#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
l|=(((unsigned long)(*((c)++)))<< 8), \
@@ -215,6 +215,15 @@
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
+#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>48)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>40)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
#define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
l|=((BN_ULLONG)(*((c)++)))<<32, \
l|=((BN_ULLONG)(*((c)++)))<<24, \
@@ -289,6 +298,7 @@
#define SSL_kEECDH 0x00000080L /* ephemeral ECDH */
#define SSL_kPSK 0x00000100L /* PSK */
#define SSL_kGOST 0x00000200L /* GOST key exchange */
+#define SSL_kSRP 0x00000400L /* SRP */
/* Bits for algorithm_auth (server authentication) */
#define SSL_aRSA 0x00000001L /* RSA auth */
@@ -316,21 +326,29 @@
#define SSL_CAMELLIA256 0x00000200L
#define SSL_eGOST2814789CNT 0x00000400L
#define SSL_SEED 0x00000800L
+#define SSL_AES128GCM 0x00001000L
+#define SSL_AES256GCM 0x00002000L
-#define SSL_AES (SSL_AES128|SSL_AES256)
+#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
/* Bits for algorithm_mac (symmetric authentication) */
+
#define SSL_MD5 0x00000001L
#define SSL_SHA1 0x00000002L
#define SSL_GOST94 0x00000004L
#define SSL_GOST89MAC 0x00000008L
+#define SSL_SHA256 0x00000010L
+#define SSL_SHA384 0x00000020L
+/* Not a real MAC, just an indication it is part of cipher */
+#define SSL_AEAD 0x00000040L
/* Bits for algorithm_ssl (protocol version) */
#define SSL_SSLV2 0x00000001L
#define SSL_SSLV3 0x00000002L
#define SSL_TLSV1 SSL_SSLV3 /* for now */
+#define SSL_TLSV1_2 0x00000004L
/* Bits for algorithm2 (handshake digests and other extra flags) */
@@ -338,15 +356,21 @@
#define SSL_HANDSHAKE_MAC_MD5 0x10
#define SSL_HANDSHAKE_MAC_SHA 0x20
#define SSL_HANDSHAKE_MAC_GOST94 0x40
+#define SSL_HANDSHAKE_MAC_SHA256 0x80
+#define SSL_HANDSHAKE_MAC_SHA384 0x100
#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX
* make sure to update this constant too */
-#define SSL_MAX_DIGEST 4
+#define SSL_MAX_DIGEST 6
-#define TLS1_PRF_DGST_SHIFT 8
+#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
+
+#define TLS1_PRF_DGST_SHIFT 10
#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
@@ -456,8 +480,9 @@
typedef struct cert_pkey_st
{
X509 *x509;
- STACK_OF(X509) *cert_chain;
EVP_PKEY *privatekey;
+ /* Digest to use when signing */
+ const EVP_MD *digest;
} CERT_PKEY;
typedef struct cert_st
@@ -596,11 +621,12 @@ extern SSL3_ENC_METHOD TLSv1_enc_data;
extern SSL3_ENC_METHOD SSLv3_enc_data;
extern SSL3_ENC_METHOD DTLSv1_enc_data;
-#define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+#define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
+ s_get_meth) \
const SSL_METHOD *func_name(void) \
{ \
static const SSL_METHOD func_name##_data= { \
- TLS1_VERSION, \
+ version, \
tls1_new, \
tls1_clear, \
tls1_free, \
@@ -674,7 +700,7 @@ const SSL_METHOD *func_name(void) \
const SSL_METHOD *func_name(void) \
{ \
static const SSL_METHOD func_name##_data= { \
- TLS1_VERSION, \
+ TLS1_2_VERSION, \
tls1_new, \
tls1_clear, \
tls1_free, \
@@ -757,7 +783,7 @@ const SSL_METHOD *func_name(void) \
ssl3_read, \
ssl3_peek, \
ssl3_write, \
- ssl3_shutdown, \
+ dtls1_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
dtls1_get_message, \
@@ -813,8 +839,9 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
int ssl_undefined_function(SSL *s);
int ssl_undefined_void_function(void);
int ssl_undefined_const_function(const SSL *s);
-X509 *ssl_get_server_send_cert(SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *,const SSL_CIPHER *);
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
+X509 *ssl_get_server_send_cert(const SSL *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd);
int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
@@ -948,6 +975,7 @@ void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
void dtls1_reset_seq_numbers(SSL *s, int rw);
long dtls1_default_timeout(void);
struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
+int dtls1_check_timeout_num(SSL *s);
int dtls1_handle_timeout(SSL *s);
const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
void dtls1_start_timer(SSL *s);
@@ -1024,6 +1052,7 @@ int dtls1_connect(SSL *s);
void dtls1_free(SSL *s);
void dtls1_clear(SSL *s);
long dtls1_ctrl(SSL *s,int cmd, long larg, void *parg);
+int dtls1_shutdown(SSL *s);
long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
int dtls1_get_record(SSL *s);
@@ -1045,14 +1074,14 @@ int tls1_mac(SSL *ssl, unsigned char *md, int snd);
int tls1_generate_master_secret(SSL *s, unsigned char *out,
unsigned char *p, int len);
int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
- const char *label, size_t llen, const unsigned char *p,
- size_t plen, int use_context);
+ const char *label, size_t llen,
+ const unsigned char *p, size_t plen, int use_context);
int tls1_alert_code(int code);
int ssl3_alert_code(int code);
int ssl_ok(SSL *s);
#ifndef OPENSSL_NO_ECDH
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs);
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
#endif
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
@@ -1069,9 +1098,17 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d,
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
int ssl_prepare_clienthello_tlsext(SSL *s);
int ssl_prepare_serverhello_tlsext(SSL *s);
-int ssl_check_clienthello_tlsext(SSL *s);
+int ssl_check_clienthello_tlsext_early(SSL *s);
+int ssl_check_clienthello_tlsext_late(SSL *s);
int ssl_check_serverhello_tlsext(SSL *s);
+#ifndef OPENSSL_NO_HEARTBEATS
+int tls1_heartbeat(SSL *s);
+int dtls1_heartbeat(SSL *s);
+int tls1_process_heartbeat(SSL *s);
+int dtls1_process_heartbeat(SSL *s);
+#endif
+
#ifdef OPENSSL_NO_SHA256
#define tlsext_tick_md EVP_sha1
#else
@@ -1079,6 +1116,12 @@ int ssl_check_serverhello_tlsext(SSL *s);
#endif
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit, SSL_SESSION **ret);
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+ const EVP_MD *md);
+int tls12_get_sigid(const EVP_PKEY *pk);
+const EVP_MD *tls12_get_hash(unsigned char hash_alg);
+
#endif
EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ;
void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
@@ -1090,4 +1133,42 @@ int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
int maxlen);
int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
int *al);
+long ssl_get_algorithm2(SSL *s);
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
+
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen);
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al);
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen);
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al);
+
+/* s3_cbc.c */
+void ssl3_cbc_copy_mac(unsigned char* out,
+ const SSL3_RECORD *rec,
+ unsigned md_size,unsigned orig_len);
+int ssl3_cbc_remove_padding(const SSL* s,
+ SSL3_RECORD *rec,
+ unsigned block_size,
+ unsigned mac_size);
+int tls1_cbc_remove_padding(const SSL* s,
+ SSL3_RECORD *rec,
+ unsigned block_size,
+ unsigned mac_size);
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+void ssl3_cbc_digest_record(
+ const EVP_MD_CTX *ctx,
+ unsigned char* md_out,
+ size_t* md_out_size,
+ const unsigned char header[13],
+ const unsigned char *data,
+ size_t data_plus_mac_size,
+ size_t data_plus_mac_plus_padding_size,
+ const unsigned char *mac_secret,
+ unsigned mac_secret_length,
+ char is_sslv3);
+
+void tls_fips_digest_extra(
+ const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx,
+ const unsigned char *data, size_t data_len, size_t orig_len);
+
#endif
diff --git a/deps/openssl/openssl/ssl/ssl_rsa.c b/deps/openssl/openssl/ssl/ssl_rsa.c
index c43f3e2a3..60e7b6685 100644
--- a/deps/openssl/openssl/ssl/ssl_rsa.c
+++ b/deps/openssl/openssl/ssl/ssl_rsa.c
@@ -697,42 +697,6 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
}
-int SSL_use_certificate_chain(SSL *ssl, STACK_OF(X509) *cert_chain)
- {
- if (ssl == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,ERR_R_PASSED_NULL_PARAMETER);
- return(0);
- }
- if (ssl->cert == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,SSL_R_NO_CERTIFICATE_ASSIGNED);
- return(0);
- }
- if (ssl->cert->key == NULL)
- {
- SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,SSL_R_NO_CERTIFICATE_ASSIGNED);
- return(0);
- }
- ssl->cert->key->cert_chain = cert_chain;
- return(1);
- }
-
-STACK_OF(X509) *SSL_get_certificate_chain(SSL *ssl, X509 *x)
- {
- int i;
- if (x == NULL)
- return NULL;
- if (ssl == NULL)
- return NULL;
- if (ssl->cert == NULL)
- return NULL;
- for (i = 0; i < SSL_PKEY_NUM; i++)
- if (ssl->cert->pkeys[i].x509 == x)
- return ssl->cert->pkeys[i].cert_chain;
- return NULL;
- }
-
#ifndef OPENSSL_NO_STDIO
/* Read a file that contains our certificate in "PEM" format,
* possibly followed by a sequence of CA certificates that should be
@@ -746,7 +710,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
- in=BIO_new(BIO_s_file_internal());
+ in = BIO_new(BIO_s_file_internal());
if (in == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
@@ -759,14 +723,16 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
goto end;
}
- x=PEM_read_bio_X509_AUX(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+ x=PEM_read_bio_X509_AUX(in,NULL,ctx->default_passwd_callback,
+ ctx->default_passwd_callback_userdata);
if (x == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
goto end;
}
- ret=SSL_CTX_use_certificate(ctx,x);
+ ret = SSL_CTX_use_certificate(ctx, x);
+
if (ERR_peek_error() != 0)
ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
if (ret)
@@ -778,13 +744,15 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
int r;
unsigned long err;
- if (ctx->extra_certs != NULL)
+ if (ctx->extra_certs != NULL)
{
sk_X509_pop_free(ctx->extra_certs, X509_free);
ctx->extra_certs = NULL;
}
- while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
+ while ((ca = PEM_read_bio_X509(in, NULL,
+ ctx->default_passwd_callback,
+ ctx->default_passwd_callback_userdata))
!= NULL)
{
r = SSL_CTX_add_extra_chain_cert(ctx, ca);
diff --git a/deps/openssl/openssl/ssl/ssl_sess.c b/deps/openssl/openssl/ssl/ssl_sess.c
index 93954e489..ad40fadd0 100644
--- a/deps/openssl/openssl/ssl/ssl_sess.c
+++ b/deps/openssl/openssl/ssl/ssl_sess.c
@@ -218,6 +218,9 @@ SSL_SESSION *SSL_SESSION_new(void)
ss->psk_identity_hint=NULL;
ss->psk_identity=NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ ss->srp_username=NULL;
+#endif
return(ss);
}
@@ -228,6 +231,11 @@ const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
return s->session_id;
}
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
+ {
+ return s->compress_meth;
+ }
+
/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
* has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
* until we have no conflict is going to complete in one iteration pretty much
@@ -261,11 +269,6 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
return 0;
}
-void SSL_set_session_creation_enabled (SSL *s, int creation_enabled)
- {
- s->session_creation_enabled = creation_enabled;
- }
-
int ssl_get_new_session(SSL *s, int session)
{
/* This gets used by clients and servers. */
@@ -274,8 +277,6 @@ int ssl_get_new_session(SSL *s, int session)
SSL_SESSION *ss=NULL;
GEN_SESSION_CB cb = def_generate_session_id;
- /* caller should check this if they can do better error handling */
- if (!s->session_creation_enabled) return(0);
if ((ss=SSL_SESSION_new()) == NULL) return(0);
/* If the context has a default timeout, use it */
@@ -307,6 +308,16 @@ int ssl_get_new_session(SSL *s, int session)
ss->ssl_version=TLS1_VERSION;
ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
}
+ else if (s->version == TLS1_1_VERSION)
+ {
+ ss->ssl_version=TLS1_1_VERSION;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
+ else if (s->version == TLS1_2_VERSION)
+ {
+ ss->ssl_version=TLS1_2_VERSION;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
else if (s->version == DTLS1_BAD_VER)
{
ss->ssl_version=DTLS1_BAD_VER;
@@ -430,6 +441,25 @@ int ssl_get_new_session(SSL *s, int session)
return(1);
}
+/* ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+ * connection. It is only called by servers.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ *
+ * Returns:
+ * -1: error
+ * 0: a session may have been found.
+ *
+ * Side effects:
+ * - If a session is found then s->session is pointed at it (after freeing an
+ * existing session if need be) and s->verify_result is set from the session.
+ * - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
+ * if the server should issue a new session ticket (to 0 otherwise).
+ */
int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
const unsigned char *limit)
{
@@ -437,27 +467,39 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
SSL_SESSION *ret=NULL;
int fatal = 0;
+ int try_session_cache = 1;
#ifndef OPENSSL_NO_TLSEXT
int r;
#endif
if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
goto err;
+
+ if (len == 0)
+ try_session_cache = 0;
+
#ifndef OPENSSL_NO_TLSEXT
- r = tls1_process_ticket(s, session_id, len, limit, &ret);
- if (r == -1)
+ r = tls1_process_ticket(s, session_id, len, limit, &ret); /* sets s->tlsext_ticket_expected */
+ switch (r)
{
+ case -1: /* Error during processing */
fatal = 1;
goto err;
+ case 0: /* No ticket found */
+ case 1: /* Zero length ticket found */
+ break; /* Ok to carry on processing session id. */
+ case 2: /* Ticket found but not decrypted. */
+ case 3: /* Ticket decrypted, *ret has been set. */
+ try_session_cache = 0;
+ break;
+ default:
+ abort();
}
- else if (r == 0 || (!ret && !len))
- goto err;
- else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
-#else
- if (len == 0)
- goto err;
- if (!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
#endif
+
+ if (try_session_cache &&
+ ret == NULL &&
+ !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
{
SSL_SESSION data;
data.ssl_version=s->version;
@@ -468,20 +510,22 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
if (ret != NULL)
- /* don't allow other threads to steal it: */
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+ {
+ /* don't allow other threads to steal it: */
+ CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+ }
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (ret == NULL)
+ s->session_ctx->stats.sess_miss++;
}
- if (ret == NULL)
+ if (try_session_cache &&
+ ret == NULL &&
+ s->session_ctx->get_session_cb != NULL)
{
int copy=1;
- s->session_ctx->stats.sess_miss++;
- ret=NULL;
- if (s->session_ctx->get_session_cb != NULL
- && (ret=s->session_ctx->get_session_cb(s,session_id,len,&copy))
- != NULL)
+ if ((ret=s->session_ctx->get_session_cb(s,session_id,len,&copy)))
{
s->session_ctx->stats.sess_cb_hit++;
@@ -500,23 +544,18 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
* things are very strange */
SSL_CTX_add_session(s->session_ctx,ret);
}
- if (ret == NULL)
- goto err;
}
- /* Now ret is non-NULL, and we own one of its reference counts. */
+ if (ret == NULL)
+ goto err;
+
+ /* Now ret is non-NULL and we own one of its reference counts. */
if (ret->sid_ctx_length != s->sid_ctx_length
|| memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))
{
- /* We've found the session named by the client, but we don't
+ /* We have the session requested by the client, but we don't
* want to use it in this context. */
-
-#if 0 /* The client cannot always know when a session is not appropriate,
- * so we shouldn't generate an error message. */
-
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-#endif
goto err; /* treat like cache miss */
}
@@ -553,39 +592,38 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
goto err;
}
-
-#if 0 /* This is way too late. */
-
- /* If a thread got the session, then 'swaped', and another got
- * it and then due to a time-out decided to 'OPENSSL_free' it we could
- * be in trouble. So I'll increment it now, then double decrement
- * later - am I speaking rubbish?. */
- CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-#endif
-
if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
{
s->session_ctx->stats.sess_timeout++;
- /* remove it from the cache */
- SSL_CTX_remove_session(s->session_ctx,ret);
+ if (try_session_cache)
+ {
+ /* session was from the cache, so remove it */
+ SSL_CTX_remove_session(s->session_ctx,ret);
+ }
goto err;
}
s->session_ctx->stats.sess_hit++;
- /* ret->time=time(NULL); */ /* rezero timeout? */
- /* again, just leave the session
- * if it is the same session, we have just incremented and
- * then decremented the reference count :-) */
if (s->session != NULL)
SSL_SESSION_free(s->session);
s->session=ret;
s->verify_result = s->session->verify_result;
- return(1);
+ return 1;
err:
if (ret != NULL)
+ {
SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
+ if (!try_session_cache)
+ {
+ /* The session was from a ticket, so we should
+ * issue a ticket for the new session */
+ s->tlsext_ticket_expected = 1;
+ }
+#endif
+ }
if (fatal)
return -1;
else
@@ -736,6 +774,10 @@ void SSL_SESSION_free(SSL_SESSION *ss)
if (ss->psk_identity != NULL)
OPENSSL_free(ss->psk_identity);
#endif
+#ifndef OPENSSL_NO_SRP
+ if (ss->srp_username != NULL)
+ OPENSSL_free(ss->srp_username);
+#endif
OPENSSL_cleanse(ss,sizeof(*ss));
OPENSSL_free(ss);
}
@@ -760,10 +802,6 @@ int SSL_set_session(SSL *s, SSL_SESSION *session)
{
if (!SSL_set_ssl_method(s,meth))
return(0);
- if (s->ctx->session_timeout == 0)
- session->timeout=SSL_get_default_timeout(s);
- else
- session->timeout=s->ctx->session_timeout;
}
#ifndef OPENSSL_NO_KRB5
@@ -831,6 +869,25 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t)
return(t);
}
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
+ {
+ return s->peer;
+ }
+
+int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len)
+ {
+ if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
+ {
+ SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+ return 0;
+ }
+ s->sid_ctx_length=sid_ctx_len;
+ memcpy(s->sid_ctx,sid_ctx,sid_ctx_len);
+
+ return 1;
+ }
+
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
{
long l;
diff --git a/deps/openssl/openssl/ssl/ssl_txt.c b/deps/openssl/openssl/ssl/ssl_txt.c
index 3122440e2..6479d52c0 100644
--- a/deps/openssl/openssl/ssl/ssl_txt.c
+++ b/deps/openssl/openssl/ssl/ssl_txt.c
@@ -115,6 +115,10 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
s="SSLv2";
else if (x->ssl_version == SSL3_VERSION)
s="SSLv3";
+ else if (x->ssl_version == TLS1_2_VERSION)
+ s="TLSv1.2";
+ else if (x->ssl_version == TLS1_1_VERSION)
+ s="TLSv1.1";
else if (x->ssl_version == TLS1_VERSION)
s="TLSv1";
else if (x->ssl_version == DTLS1_VERSION)
@@ -187,6 +191,10 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
if (BIO_puts(bp,"\n PSK identity hint: ") <= 0) goto err;
if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
#endif
+#ifndef OPENSSL_NO_SRP
+ if (BIO_puts(bp,"\n SRP username: ") <= 0) goto err;
+ if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) goto err;
+#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint)
{
diff --git a/deps/openssl/openssl/ssl/ssltest.c b/deps/openssl/openssl/ssl/ssltest.c
index f6a2c79db..316bbb0c9 100644
--- a/deps/openssl/openssl/ssl/ssltest.c
+++ b/deps/openssl/openssl/ssl/ssltest.c
@@ -181,6 +181,9 @@
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
+#ifndef OPENSSL_NO_SRP
+#include <openssl/srp.h>
+#endif
#include <openssl/bn.h>
#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
@@ -246,6 +249,49 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned
unsigned int max_psk_len);
#endif
+#ifndef OPENSSL_NO_SRP
+/* SRP client */
+/* This is a context that we pass to all callbacks */
+typedef struct srp_client_arg_st
+ {
+ char *srppassin;
+ char *srplogin;
+ } SRP_CLIENT_ARG;
+
+#define PWD_STRLEN 1024
+
+static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+ {
+ SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+ return BUF_strdup((char *)srp_client_arg->srppassin);
+ }
+
+/* SRP server */
+/* This is a context that we pass to SRP server callbacks */
+typedef struct srp_server_arg_st
+ {
+ char *expected_user;
+ char *pass;
+ } SRP_SERVER_ARG;
+
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+ {
+ SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
+
+ if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
+ {
+ fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
+ return SSL3_AL_FATAL;
+ }
+ if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
+ {
+ *ad = SSL_AD_INTERNAL_ERROR;
+ return SSL3_AL_FATAL;
+ }
+ return SSL_ERROR_NONE;
+ }
+#endif
+
static BIO *bio_err=NULL;
static BIO *bio_stdout=NULL;
@@ -268,6 +314,9 @@ static void sv_usage(void)
{
fprintf(stderr,"usage: ssltest [args ...]\n");
fprintf(stderr,"\n");
+#ifdef OPENSSL_FIPS
+ fprintf(stderr,"-F - run test in FIPS mode\n");
+#endif
fprintf(stderr," -server_auth - check server certificate\n");
fprintf(stderr," -client_auth - do client authentication\n");
fprintf(stderr," -proxy - allow proxy certificates\n");
@@ -289,6 +338,10 @@ static void sv_usage(void)
#ifndef OPENSSL_NO_PSK
fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
#endif
+#ifndef OPENSSL_NO_SRP
+ fprintf(stderr," -srpuser user - SRP username to use\n");
+ fprintf(stderr," -srppass arg - password for 'user'\n");
+#endif
#ifndef OPENSSL_NO_SSL2
fprintf(stderr," -ssl2 - use SSLv2\n");
#endif
@@ -316,9 +369,6 @@ static void sv_usage(void)
" (default is sect163r2).\n");
#endif
fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
- fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n");
- fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n");
- fprintf(stderr," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
}
static void print_details(SSL *c_ssl, const char *prefix)
@@ -447,10 +497,6 @@ int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
return arg->ret;
}
#endif
- int ssl_mode = 0;
- int c_small_records=0;
- int s_small_records=0;
- int cutthrough = 0;
int main(int argc, char *argv[])
{
@@ -483,6 +529,12 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh = NULL;
#endif
+#ifndef OPENSSL_NO_SRP
+ /* client */
+ SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
+ /* server */
+ SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
+#endif
int no_dhe = 0;
int no_ecdhe = 0;
int no_psk = 0;
@@ -491,9 +543,12 @@ int main(int argc, char *argv[])
int comp = 0;
#ifndef OPENSSL_NO_COMP
COMP_METHOD *cm = NULL;
-#endif
STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+#endif
int test_cipherlist = 0;
+#ifdef OPENSSL_FIPS
+ int fips_mode=0;
+#endif
verbose = 0;
debug = 0;
@@ -525,7 +580,16 @@ int main(int argc, char *argv[])
while (argc >= 1)
{
- if (strcmp(*argv,"-server_auth") == 0)
+ if(!strcmp(*argv,"-F"))
+ {
+#ifdef OPENSSL_FIPS
+ fips_mode=1;
+#else
+ fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
+ EXIT(0);
+#endif
+ }
+ else if (strcmp(*argv,"-server_auth") == 0)
server_auth=1;
else if (strcmp(*argv,"-client_auth") == 0)
client_auth=1;
@@ -579,6 +643,20 @@ int main(int argc, char *argv[])
no_psk=1;
#endif
}
+#ifndef OPENSSL_NO_SRP
+ else if (strcmp(*argv,"-srpuser") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
+ tls1=1;
+ }
+ else if (strcmp(*argv,"-srppass") == 0)
+ {
+ if (--argc < 1) goto bad;
+ srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
+ tls1=1;
+ }
+#endif
else if (strcmp(*argv,"-ssl2") == 0)
ssl2=1;
else if (strcmp(*argv,"-tls1") == 0)
@@ -687,18 +765,6 @@ int main(int argc, char *argv[])
{
test_cipherlist = 1;
}
- else if (strcmp(*argv, "-c_small_records") == 0)
- {
- c_small_records = 1;
- }
- else if (strcmp(*argv, "-s_small_records") == 0)
- {
- s_small_records = 1;
- }
- else if (strcmp(*argv, "-cutthrough") == 0)
- {
- cutthrough = 1;
- }
else
{
fprintf(stderr,"unknown option %s\n",*argv);
@@ -733,6 +799,20 @@ bad:
EXIT(1);
}
+#ifdef OPENSSL_FIPS
+ if(fips_mode)
+ {
+ if(!FIPS_mode_set(1))
+ {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+ EXIT(1);
+ }
+ else
+ fprintf(stderr,"*** IN FIPS MODE ***\n");
+ }
+#endif
+
if (print_time)
{
if (!bio_pair)
@@ -821,28 +901,6 @@ bad:
SSL_CTX_set_cipher_list(s_ctx,cipher);
}
- ssl_mode = 0;
- if (c_small_records)
- {
- ssl_mode = SSL_CTX_get_mode(c_ctx);
- ssl_mode |= SSL_MODE_SMALL_BUFFERS;
- SSL_CTX_set_mode(c_ctx, ssl_mode);
- }
- ssl_mode = 0;
- if (s_small_records)
- {
- ssl_mode = SSL_CTX_get_mode(s_ctx);
- ssl_mode |= SSL_MODE_SMALL_BUFFERS;
- SSL_CTX_set_mode(s_ctx, ssl_mode);
- }
- ssl_mode = 0;
- if (cutthrough)
- {
- ssl_mode = SSL_CTX_get_mode(c_ctx);
- ssl_mode = SSL_MODE_HANDSHAKE_CUTTHROUGH;
- SSL_CTX_set_mode(c_ctx, ssl_mode);
- }
-
#ifndef OPENSSL_NO_DH
if (!no_dhe)
{
@@ -878,7 +936,11 @@ bad:
}
}
else
+#ifdef OPENSSL_NO_EC2M
+ nid = NID_X9_62_prime256v1;
+#else
nid = NID_sect163r2;
+#endif
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL)
@@ -981,6 +1043,26 @@ bad:
}
#endif
}
+#ifndef OPENSSL_NO_SRP
+ if (srp_client_arg.srplogin)
+ {
+ if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
+ {
+ BIO_printf(bio_err,"Unable to set SRP username\n");
+ goto end;
+ }
+ SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
+ SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
+ /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
+ }
+
+ if (srp_server_arg.expected_user != NULL)
+ {
+ SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
+ SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+ SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+ }
+#endif
c_ssl=SSL_new(c_ctx);
s_ssl=SSL_new(s_ctx);
@@ -2205,15 +2287,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
}
#ifndef OPENSSL_NO_X509_VERIFY
-# ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION)
- FIPS_allow_md5(1);
-# endif
ok = X509_verify_cert(ctx);
-# ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION)
- FIPS_allow_md5(0);
-# endif
#endif
if (cb_arg->proxy_auth)
diff --git a/deps/openssl/openssl/ssl/t1_clnt.c b/deps/openssl/openssl/ssl/t1_clnt.c
index c87af1771..578617ed8 100644
--- a/deps/openssl/openssl/ssl/t1_clnt.c
+++ b/deps/openssl/openssl/ssl/t1_clnt.c
@@ -66,13 +66,26 @@
static const SSL_METHOD *tls1_get_client_method(int ver);
static const SSL_METHOD *tls1_get_client_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_client_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_client_method();
if (ver == TLS1_VERSION)
- return(TLSv1_client_method());
- else
- return(NULL);
+ return TLSv1_client_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_client_method,
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
+ ssl_undefined_function,
+ ssl3_connect,
+ tls1_get_client_method)
+
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
+ ssl_undefined_function,
+ ssl3_connect,
+ tls1_get_client_method)
+
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
ssl_undefined_function,
ssl3_connect,
tls1_get_client_method)
diff --git a/deps/openssl/openssl/ssl/t1_enc.c b/deps/openssl/openssl/ssl/t1_enc.c
index b1d5b2808..809ad2ee1 100644
--- a/deps/openssl/openssl/ssl/t1_enc.c
+++ b/deps/openssl/openssl/ssl/t1_enc.c
@@ -143,6 +143,7 @@
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/md5.h>
+#include <openssl/rand.h>
#ifdef KSSL_DEBUG
#include <openssl/des.h>
#endif
@@ -158,68 +159,75 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
unsigned char *out, int olen)
{
int chunk;
- unsigned int j;
- HMAC_CTX ctx;
- HMAC_CTX ctx_tmp;
+ size_t j;
+ EVP_MD_CTX ctx, ctx_tmp;
+ EVP_PKEY *mac_key;
unsigned char A1[EVP_MAX_MD_SIZE];
- unsigned int A1_len;
+ size_t A1_len;
int ret = 0;
chunk=EVP_MD_size(md);
OPENSSL_assert(chunk >= 0);
- HMAC_CTX_init(&ctx);
- HMAC_CTX_init(&ctx_tmp);
- if (!HMAC_Init_ex(&ctx,sec,sec_len,md, NULL))
+ EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_init(&ctx_tmp);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ EVP_MD_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
+ if (!mac_key)
+ goto err;
+ if (!EVP_DigestSignInit(&ctx,NULL,md, NULL, mac_key))
goto err;
- if (!HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL))
+ if (!EVP_DigestSignInit(&ctx_tmp,NULL,md, NULL, mac_key))
goto err;
- if (seed1 != NULL && !HMAC_Update(&ctx,seed1,seed1_len))
+ if (seed1 && !EVP_DigestSignUpdate(&ctx,seed1,seed1_len))
goto err;
- if (seed2 != NULL && !HMAC_Update(&ctx,seed2,seed2_len))
+ if (seed2 && !EVP_DigestSignUpdate(&ctx,seed2,seed2_len))
goto err;
- if (seed3 != NULL && !HMAC_Update(&ctx,seed3,seed3_len))
+ if (seed3 && !EVP_DigestSignUpdate(&ctx,seed3,seed3_len))
goto err;
- if (seed4 != NULL && !HMAC_Update(&ctx,seed4,seed4_len))
+ if (seed4 && !EVP_DigestSignUpdate(&ctx,seed4,seed4_len))
goto err;
- if (seed5 != NULL && !HMAC_Update(&ctx,seed5,seed5_len))
+ if (seed5 && !EVP_DigestSignUpdate(&ctx,seed5,seed5_len))
goto err;
- if (!HMAC_Final(&ctx,A1,&A1_len))
+ if (!EVP_DigestSignFinal(&ctx,A1,&A1_len))
goto err;
for (;;)
{
- if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */
+ /* Reinit mac contexts */
+ if (!EVP_DigestSignInit(&ctx,NULL,md, NULL, mac_key))
goto err;
- if (!HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL)) /* re-init */
+ if (!EVP_DigestSignInit(&ctx_tmp,NULL,md, NULL, mac_key))
goto err;
- if (!HMAC_Update(&ctx,A1,A1_len))
+ if (!EVP_DigestSignUpdate(&ctx,A1,A1_len))
goto err;
- if (!HMAC_Update(&ctx_tmp,A1,A1_len))
+ if (!EVP_DigestSignUpdate(&ctx_tmp,A1,A1_len))
goto err;
- if (seed1 != NULL && !HMAC_Update(&ctx,seed1,seed1_len))
+ if (seed1 && !EVP_DigestSignUpdate(&ctx,seed1,seed1_len))
goto err;
- if (seed2 != NULL && !HMAC_Update(&ctx,seed2,seed2_len))
+ if (seed2 && !EVP_DigestSignUpdate(&ctx,seed2,seed2_len))
goto err;
- if (seed3 != NULL && !HMAC_Update(&ctx,seed3,seed3_len))
+ if (seed3 && !EVP_DigestSignUpdate(&ctx,seed3,seed3_len))
goto err;
- if (seed4 != NULL && !HMAC_Update(&ctx,seed4,seed4_len))
+ if (seed4 && !EVP_DigestSignUpdate(&ctx,seed4,seed4_len))
goto err;
- if (seed5 != NULL && !HMAC_Update(&ctx,seed5,seed5_len))
+ if (seed5 && !EVP_DigestSignUpdate(&ctx,seed5,seed5_len))
goto err;
if (olen > chunk)
{
- if (!HMAC_Final(&ctx,out,&j))
+ if (!EVP_DigestSignFinal(&ctx,out,&j))
goto err;
out+=j;
olen-=j;
- if (!HMAC_Final(&ctx_tmp,A1,&A1_len)) /* calc the next A1 value */
+ /* calc the next A1 value */
+ if (!EVP_DigestSignFinal(&ctx_tmp,A1,&A1_len))
goto err;
}
else /* last one */
{
- if (!HMAC_Final(&ctx,A1,&A1_len))
+ if (!EVP_DigestSignFinal(&ctx,A1,&A1_len))
goto err;
memcpy(out,A1,olen);
break;
@@ -227,8 +235,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
}
ret = 1;
err:
- HMAC_CTX_cleanup(&ctx);
- HMAC_CTX_cleanup(&ctx_tmp);
+ EVP_PKEY_free(mac_key);
+ EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(&ctx_tmp);
OPENSSL_cleanse(A1,sizeof(A1));
return ret;
}
@@ -256,6 +265,8 @@ static int tls1_PRF(long digest_mask,
if ((m<<TLS1_PRF_DGST_SHIFT) & digest_mask) count++;
}
len=slen/count;
+ if (count == 1)
+ slen = 0;
S1=sec;
memset(out1,0,olen);
for (idx=0;ssl_get_handshake_digest(idx,&m,&md);idx++) {
@@ -284,7 +295,7 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km,
unsigned char *tmp, int num)
{
int ret;
- ret = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ ret = tls1_PRF(ssl_get_algorithm2(s),
TLS_MD_KEY_EXPANSION_CONST,TLS_MD_KEY_EXPANSION_CONST_SIZE,
s->s3->server_random,SSL3_RANDOM_SIZE,
s->s3->client_random,SSL3_RANDOM_SIZE,
@@ -350,7 +361,7 @@ int tls1_change_cipher_state(SSL *s, int which)
{
int i;
for (i=0; i<s->s3->tmp.key_block_length; i++)
- printf("%02x", key_block[i]); printf("\n");
+ printf("%02x", s->s3->tmp.key_block[i]); printf("\n");
}
#endif /* KSSL_DEBUG */
@@ -358,7 +369,7 @@ int tls1_change_cipher_state(SSL *s, int which)
{
if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
+ else
s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
if (s->enc_read_ctx != NULL)
@@ -445,7 +456,11 @@ int tls1_change_cipher_state(SSL *s, int which)
j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
- k=EVP_CIPHER_iv_length(c);
+ /* If GCM mode only part of IV comes from PRF */
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ k = EVP_GCM_TLS_FIXED_IV_LEN;
+ else
+ k=EVP_CIPHER_iv_length(c);
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
{
@@ -474,10 +489,14 @@ int tls1_change_cipher_state(SSL *s, int which)
}
memcpy(mac_secret,ms,i);
- mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
- mac_secret,*mac_secret_size);
- EVP_DigestSignInit(mac_ctx,NULL,m,NULL,mac_key);
- EVP_PKEY_free(mac_key);
+
+ if (!(EVP_CIPHER_flags(c)&EVP_CIPH_FLAG_AEAD_CIPHER))
+ {
+ mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
+ mac_secret,*mac_secret_size);
+ EVP_DigestSignInit(mac_ctx,NULL,m,NULL,mac_key);
+ EVP_PKEY_free(mac_key);
+ }
#ifdef TLS_DEBUG
printf("which = %04X\nmac key=",which);
{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
@@ -487,7 +506,7 @@ printf("which = %04X\nmac key=",which);
/* In here I set both the read and write key/iv to the
* same value since only the correct one will be used :-).
*/
- if (!tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ if (!tls1_PRF(ssl_get_algorithm2(s),
exp_label,exp_label_len,
s->s3->client_random,SSL3_RANDOM_SIZE,
s->s3->server_random,SSL3_RANDOM_SIZE,
@@ -498,7 +517,7 @@ printf("which = %04X\nmac key=",which);
if (k > 0)
{
- if (!tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ if (!tls1_PRF(ssl_get_algorithm2(s),
TLS_MD_IV_BLOCK_CONST,TLS_MD_IV_BLOCK_CONST_SIZE,
s->s3->client_random,SSL3_RANDOM_SIZE,
s->s3->server_random,SSL3_RANDOM_SIZE,
@@ -524,7 +543,19 @@ printf("which = %04X\nmac key=",which);
}
#endif /* KSSL_DEBUG */
- EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+ {
+ EVP_CipherInit_ex(dd,c,NULL,key,NULL,(which & SSL3_CC_WRITE));
+ EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv);
+ }
+ else
+ EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
+
+ /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
+ if ((EVP_CIPHER_flags(c)&EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size)
+ EVP_CIPHER_CTX_ctrl(dd,EVP_CTRL_AEAD_SET_MAC_KEY,
+ *mac_secret_size,mac_secret);
+
#ifdef TLS_DEBUG
printf("which = %04X\nkey=",which);
{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
@@ -606,7 +637,8 @@ printf("\nkey block\n");
{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
#endif
- if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+ if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+ && s->method->version <= TLS1_VERSION)
{
/* enable vulnerability countermeasure for CBC ciphers with
* known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
@@ -635,19 +667,28 @@ err:
return(ret);
}
+/* tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ * 0: (in non-constant time) if the record is publically invalid (i.e. too
+ * short etc).
+ * 1: if the record's padding is valid / the encryption was successful.
+ * -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
+ * an internal error occured.
+ */
int tls1_enc(SSL *s, int send)
{
SSL3_RECORD *rec;
EVP_CIPHER_CTX *ds;
unsigned long l;
- int bs,i,ii,j,k,n=0;
+ int bs,i,j,k,pad=0,ret,mac_size=0;
const EVP_CIPHER *enc;
if (send)
{
if (EVP_MD_CTX_md(s->write_hash))
{
- n=EVP_MD_CTX_size(s->write_hash);
+ int n=EVP_MD_CTX_size(s->write_hash);
OPENSSL_assert(n >= 0);
}
ds=s->enc_write_ctx;
@@ -655,13 +696,34 @@ int tls1_enc(SSL *s, int send)
if (s->enc_write_ctx == NULL)
enc=NULL;
else
+ {
+ int ivlen;
enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ /* For TLSv1.1 and later explicit IV */
+ if (s->version >= TLS1_1_VERSION
+ && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
+ ivlen = EVP_CIPHER_iv_length(enc);
+ else
+ ivlen = 0;
+ if (ivlen > 1)
+ {
+ if ( rec->data != rec->input)
+ /* we can't write into the input stream:
+ * Can this ever happen?? (steve)
+ */
+ fprintf(stderr,
+ "%s:%d: rec->data != rec->input\n",
+ __FILE__, __LINE__);
+ else if (RAND_bytes(rec->input, ivlen) <= 0)
+ return -1;
+ }
+ }
}
else
{
if (EVP_MD_CTX_md(s->read_hash))
{
- n=EVP_MD_CTX_size(s->read_hash);
+ int n=EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(n >= 0);
}
ds=s->enc_read_ctx;
@@ -676,18 +738,54 @@ int tls1_enc(SSL *s, int send)
printf("tls1_enc(%d)\n", send);
#endif /* KSSL_DEBUG */
- if ((s->session == NULL) || (ds == NULL) ||
- (enc == NULL))
+ if ((s->session == NULL) || (ds == NULL) || (enc == NULL))
{
memmove(rec->data,rec->input,rec->length);
rec->input=rec->data;
+ ret = 1;
}
else
{
l=rec->length;
bs=EVP_CIPHER_block_size(ds->cipher);
- if ((bs != 1) && send)
+ if (EVP_CIPHER_flags(ds->cipher)&EVP_CIPH_FLAG_AEAD_CIPHER)
+ {
+ unsigned char buf[13],*seq;
+
+ seq = send?s->s3->write_sequence:s->s3->read_sequence;
+
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+ {
+ unsigned char dtlsseq[9],*p=dtlsseq;
+
+ s2n(send?s->d1->w_epoch:s->d1->r_epoch,p);
+ memcpy(p,&seq[2],6);
+ memcpy(buf,dtlsseq,8);
+ }
+ else
+ {
+ memcpy(buf,seq,8);
+ for (i=7; i>=0; i--) /* increment */
+ {
+ ++seq[i];
+ if (seq[i] != 0) break;
+ }
+ }
+
+ buf[8]=rec->type;
+ buf[9]=(unsigned char)(s->version>>8);
+ buf[10]=(unsigned char)(s->version);
+ buf[11]=rec->length>>8;
+ buf[12]=rec->length&0xff;
+ pad=EVP_CIPHER_CTX_ctrl(ds,EVP_CTRL_AEAD_TLS1_AAD,13,buf);
+ if (send)
+ {
+ l+=pad;
+ rec->length+=pad;
+ }
+ }
+ else if ((bs != 1) && send)
{
i=bs-((int)l%bs);
@@ -708,13 +806,13 @@ int tls1_enc(SSL *s, int send)
#ifdef KSSL_DEBUG
{
- unsigned long ui;
+ unsigned long ui;
printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
- ds,rec->data,rec->input,l);
+ ds,rec->data,rec->input,l);
printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
- ds->buf_len, ds->cipher->key_len,
- DES_KEY_SZ, DES_SCHEDULE_SZ,
- ds->cipher->iv_len);
+ ds->buf_len, ds->cipher->key_len,
+ DES_KEY_SZ, DES_SCHEDULE_SZ,
+ ds->cipher->iv_len);
printf("\t\tIV: ");
for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
printf("\n");
@@ -727,68 +825,41 @@ int tls1_enc(SSL *s, int send)
if (!send)
{
if (l == 0 || l%bs != 0)
- {
- SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
return 0;
- }
}
- EVP_Cipher(ds,rec->data,rec->input,l);
+ i = EVP_Cipher(ds,rec->data,rec->input,l);
+ if ((EVP_CIPHER_flags(ds->cipher)&EVP_CIPH_FLAG_CUSTOM_CIPHER)
+ ?(i<0)
+ :(i==0))
+ return -1; /* AEAD can fail to verify MAC */
+ if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send)
+ {
+ rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ }
#ifdef KSSL_DEBUG
{
- unsigned long i;
- printf("\trec->data=");
+ unsigned long i;
+ printf("\trec->data=");
for (i=0; i<l; i++)
- printf(" %02x", rec->data[i]); printf("\n");
- }
+ printf(" %02x", rec->data[i]); printf("\n");
+ }
#endif /* KSSL_DEBUG */
+ ret = 1;
+ if (EVP_MD_CTX_md(s->read_hash) != NULL)
+ mac_size = EVP_MD_CTX_size(s->read_hash);
if ((bs != 1) && !send)
- {
- ii=i=rec->data[l-1]; /* padding_length */
- i++;
- /* NB: if compression is in operation the first packet
- * may not be of even length so the padding bug check
- * cannot be performed. This bug workaround has been
- * around since SSLeay so hopefully it is either fixed
- * now or no buggy implementation supports compression
- * [steve]
- */
- if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
- && !s->expand)
- {
- /* First packet is even in size, so check */
- if ((memcmp(s->s3->read_sequence,
- "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
- s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
- if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
- i--;
- }
- /* TLS 1.0 does not bound the number of padding bytes by the block size.
- * All of them must have value 'padding_length'. */
- if (i > (int)rec->length)
- {
- /* Incorrect padding. SSLerr() and ssl3_alert are done
- * by caller: we don't want to reveal whether this is
- * a decryption error or a MAC verification failure
- * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
- return -1;
- }
- for (j=(int)(l-i); j<(int)l; j++)
- {
- if (rec->data[j] != ii)
- {
- /* Incorrect padding */
- return -1;
- }
- }
- rec->length-=i;
- }
+ ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
+ if (pad && !send)
+ rec->length -= pad;
}
- return(1);
+ return ret;
}
+
int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
{
unsigned int ret;
@@ -841,7 +912,7 @@ int tls1_final_finish_mac(SSL *s,
for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
{
- if (mask & s->s3->tmp.new_cipher->algorithm2)
+ if (mask & ssl_get_algorithm2(s))
{
int hashsize = EVP_MD_size(md);
if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
@@ -860,7 +931,7 @@ int tls1_final_finish_mac(SSL *s,
}
}
- if (!tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ if (!tls1_PRF(ssl_get_algorithm2(s),
str,slen, buf,(int)(q-buf), NULL,0, NULL,0, NULL,0,
s->session->master_key,s->session->master_key_length,
out,buf2,sizeof buf2))
@@ -878,10 +949,10 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
SSL3_RECORD *rec;
unsigned char *seq;
EVP_MD_CTX *hash;
- size_t md_size;
+ size_t md_size, orig_len;
int i;
EVP_MD_CTX hmac, *mac_ctx;
- unsigned char buf[5];
+ unsigned char header[13];
int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
int t;
@@ -902,12 +973,6 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
OPENSSL_assert(t >= 0);
md_size=t;
- buf[0]=rec->type;
- buf[1]=(unsigned char)(ssl->version>>8);
- buf[2]=(unsigned char)(ssl->version);
- buf[3]=rec->length>>8;
- buf[4]=rec->length&0xff;
-
/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
if (stream_mac)
{
@@ -926,17 +991,55 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
memcpy (p,&seq[2],6);
- EVP_DigestSignUpdate(mac_ctx,dtlsseq,8);
+ memcpy(header, dtlsseq, 8);
}
else
- EVP_DigestSignUpdate(mac_ctx,seq,8);
+ memcpy(header, seq, 8);
+
+ /* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
+ orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+ rec->type &= 0xff;
+
+ header[8]=rec->type;
+ header[9]=(unsigned char)(ssl->version>>8);
+ header[10]=(unsigned char)(ssl->version);
+ header[11]=(rec->length)>>8;
+ header[12]=(rec->length)&0xff;
- EVP_DigestSignUpdate(mac_ctx,buf,5);
- EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
- t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
- OPENSSL_assert(t > 0);
+ if (!send &&
+ EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+ ssl3_cbc_record_digest_supported(mac_ctx))
+ {
+ /* This is a CBC-encrypted record. We must avoid leaking any
+ * timing-side channel information about how many blocks of
+ * data we are hashing because that gives an attacker a
+ * timing-oracle. */
+ ssl3_cbc_digest_record(
+ mac_ctx,
+ md, &md_size,
+ header, rec->input,
+ rec->length + md_size, orig_len,
+ ssl->s3->read_mac_secret,
+ ssl->s3->read_mac_secret_size,
+ 0 /* not SSLv3 */);
+ }
+ else
+ {
+ EVP_DigestSignUpdate(mac_ctx,header,sizeof(header));
+ EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
+ t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
+ OPENSSL_assert(t > 0);
+#ifdef OPENSSL_FIPS
+ if (!send && FIPS_mode())
+ tls_fips_digest_extra(
+ ssl->enc_read_ctx,
+ mac_ctx, rec->input,
+ rec->length, orig_len);
+#endif
+ }
- if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
+ if (!stream_mac)
+ EVP_MD_CTX_cleanup(&hmac);
#ifdef TLS_DEBUG
printf("sec=");
{unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
@@ -970,6 +1073,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
const void *co = NULL, *so = NULL;
int col = 0, sol = 0;
+
#ifdef KSSL_DEBUG
printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
#endif /* KSSL_DEBUG */
@@ -986,7 +1090,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
}
#endif
- tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ tls1_PRF(ssl_get_algorithm2(s),
TLS_MD_MASTER_SECRET_CONST,TLS_MD_MASTER_SECRET_CONST_SIZE,
s->s3->client_random,SSL3_RANDOM_SIZE,
co, col,
@@ -994,6 +1098,16 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
so, sol,
p,len,
s->session->master_key,buff,sizeof buff);
+#ifdef SSL_DEBUG
+ fprintf(stderr, "Premaster Secret:\n");
+ BIO_dump_fp(stderr, (char *)p, len);
+ fprintf(stderr, "Client Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Server Random:\n");
+ BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
+ fprintf(stderr, "Master Secret:\n");
+ BIO_dump_fp(stderr, (char *)s->session->master_key, SSL3_MASTER_SECRET_SIZE);
+#endif
#ifdef KSSL_DEBUG
printf ("tls1_generate_master_secret() complete\n");
@@ -1131,4 +1245,3 @@ int tls1_alert_code(int code)
default: return(-1);
}
}
-
diff --git a/deps/openssl/openssl/ssl/t1_lib.c b/deps/openssl/openssl/ssl/t1_lib.c
index 03becbc10..e08088c57 100644
--- a/deps/openssl/openssl/ssl/t1_lib.c
+++ b/deps/openssl/openssl/ssl/t1_lib.c
@@ -114,6 +114,7 @@
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/ocsp.h>
+#include <openssl/rand.h>
#include "ssl_locl.h"
const char tls1_version_str[]="TLSv1" OPENSSL_VERSION_PTEXT;
@@ -167,10 +168,11 @@ void tls1_free(SSL *s)
void tls1_clear(SSL *s)
{
ssl3_clear(s);
- s->version=TLS1_VERSION;
+ s->version = s->method->version;
}
#ifndef OPENSSL_NO_EC
+
static int nid_list[] =
{
NID_sect163k1, /* sect163k1 (1) */
@@ -199,7 +201,36 @@ static int nid_list[] =
NID_secp384r1, /* secp384r1 (24) */
NID_secp521r1 /* secp521r1 (25) */
};
-
+
+static int pref_list[] =
+ {
+ NID_sect571r1, /* sect571r1 (14) */
+ NID_sect571k1, /* sect571k1 (13) */
+ NID_secp521r1, /* secp521r1 (25) */
+ NID_sect409k1, /* sect409k1 (11) */
+ NID_sect409r1, /* sect409r1 (12) */
+ NID_secp384r1, /* secp384r1 (24) */
+ NID_sect283k1, /* sect283k1 (9) */
+ NID_sect283r1, /* sect283r1 (10) */
+ NID_secp256k1, /* secp256k1 (22) */
+ NID_X9_62_prime256v1, /* secp256r1 (23) */
+ NID_sect239k1, /* sect239k1 (8) */
+ NID_sect233k1, /* sect233k1 (6) */
+ NID_sect233r1, /* sect233r1 (7) */
+ NID_secp224k1, /* secp224k1 (20) */
+ NID_secp224r1, /* secp224r1 (21) */
+ NID_sect193r1, /* sect193r1 (4) */
+ NID_sect193r2, /* sect193r2 (5) */
+ NID_secp192k1, /* secp192k1 (18) */
+ NID_X9_62_prime192v1, /* secp192r1 (19) */
+ NID_sect163k1, /* sect163k1 (1) */
+ NID_sect163r1, /* sect163r1 (2) */
+ NID_sect163r2, /* sect163r2 (3) */
+ NID_secp160k1, /* secp160k1 (15) */
+ NID_secp160r1, /* secp160r1 (16) */
+ NID_secp160r2, /* secp160r2 (17) */
+ };
+
int tls1_ec_curve_id2nid(int curve_id)
{
/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
@@ -271,6 +302,64 @@ int tls1_ec_nid2curve_id(int nid)
#endif /* OPENSSL_NO_EC */
#ifndef OPENSSL_NO_TLSEXT
+
+/* List of supported signature algorithms and hashes. Should make this
+ * customisable at some point, for now include everything we support.
+ */
+
+#ifdef OPENSSL_NO_RSA
+#define tlsext_sigalg_rsa(md) /* */
+#else
+#define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
+#endif
+
+#ifdef OPENSSL_NO_DSA
+#define tlsext_sigalg_dsa(md) /* */
+#else
+#define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
+#endif
+
+#ifdef OPENSSL_NO_ECDSA
+#define tlsext_sigalg_ecdsa(md) /* */
+#else
+#define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
+#endif
+
+#define tlsext_sigalg(md) \
+ tlsext_sigalg_rsa(md) \
+ tlsext_sigalg_dsa(md) \
+ tlsext_sigalg_ecdsa(md)
+
+static unsigned char tls12_sigalgs[] = {
+#ifndef OPENSSL_NO_SHA512
+ tlsext_sigalg(TLSEXT_hash_sha512)
+ tlsext_sigalg(TLSEXT_hash_sha384)
+#endif
+#ifndef OPENSSL_NO_SHA256
+ tlsext_sigalg(TLSEXT_hash_sha256)
+ tlsext_sigalg(TLSEXT_hash_sha224)
+#endif
+#ifndef OPENSSL_NO_SHA
+ tlsext_sigalg(TLSEXT_hash_sha1)
+#endif
+#ifndef OPENSSL_NO_MD5
+ tlsext_sigalg_rsa(TLSEXT_hash_md5)
+#endif
+};
+
+int tls12_get_req_sig_algs(SSL *s, unsigned char *p)
+ {
+ size_t slen = sizeof(tls12_sigalgs);
+#ifdef OPENSSL_FIPS
+ /* If FIPS mode don't include MD5 which is last */
+ if (FIPS_mode())
+ slen -= 2;
+#endif
+ if (p)
+ memcpy(p, tls12_sigalgs, slen);
+ return (int)slen;
+ }
+
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
{
int extdatalen=0;
@@ -318,7 +407,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
/* Add RI if renegotiating */
- if (s->new_session)
+ if (s->renegotiate)
{
int el;
@@ -342,6 +431,34 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
ret += el;
}
+#ifndef OPENSSL_NO_SRP
+ /* Add SRP username if there is one */
+ if (s->srp_ctx.login != NULL)
+ { /* Add TLS extension SRP username to the Client Hello message */
+
+ int login_len = strlen(s->srp_ctx.login);
+ if (login_len > 255 || login_len == 0)
+ {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+
+ /* check for enough space.
+ 4 for the srp type type and entension length
+ 1 for the srp user identity
+ + srp user identity length
+ */
+ if ((limit - ret - 5 - login_len) < 0) return NULL;
+
+ /* fill in the extension */
+ s2n(TLSEXT_TYPE_srp,ret);
+ s2n(login_len+1,ret);
+ (*ret++) = (unsigned char) login_len;
+ memcpy(ret, s->srp_ctx.login, login_len);
+ ret+=login_len;
+ }
+#endif
+
#ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist != NULL &&
s->version != DTLS1_VERSION)
@@ -427,6 +544,17 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
skip_ext:
+ if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
+ {
+ if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
+ return NULL;
+ s2n(TLSEXT_TYPE_signature_algorithms,ret);
+ s2n(sizeof(tls12_sigalgs) + 2, ret);
+ s2n(sizeof(tls12_sigalgs), ret);
+ memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
+ ret += sizeof(tls12_sigalgs);
+ }
+
#ifdef TLSEXT_TYPE_opaque_prf_input
if (s->s3->client_opaque_prf_input != NULL &&
s->version != DTLS1_VERSION)
@@ -495,6 +623,20 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension */
+ s2n(TLSEXT_TYPE_heartbeat,ret);
+ s2n(1,ret);
+ /* Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+#endif
+
#ifndef OPENSSL_NO_NEXTPROTONEG
if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len)
{
@@ -507,6 +649,27 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
#endif
+#ifndef OPENSSL_NO_SRTP
+ if(SSL_get_srtp_profiles(s))
+ {
+ int el;
+
+ ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
+
+ if((limit - p - 4 - el) < 0) return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp,ret);
+ s2n(el,ret);
+
+ if(ssl_add_clienthello_use_srtp_ext(s, ret, &el, el))
+ {
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret += el;
+ }
+#endif
+
if ((extdatalen = ret-p-2)== 0)
return p;
@@ -619,6 +782,28 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
ret += sol;
}
#endif
+
+#ifndef OPENSSL_NO_SRTP
+ if(s->srtp_profile)
+ {
+ int el;
+
+ ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
+
+ if((limit - p - 4 - el) < 0) return NULL;
+
+ s2n(TLSEXT_TYPE_use_srtp,ret);
+ s2n(el,ret);
+
+ if(ssl_add_serverhello_use_srtp_ext(s, ret, &el, el))
+ {
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+ return NULL;
+ }
+ ret+=el;
+ }
+#endif
+
if (((s->s3->tmp.new_cipher->id & 0xFFFF)==0x80 || (s->s3->tmp.new_cipher->id & 0xFFFF)==0x81)
&& (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG))
{ const unsigned char cryptopro_ext[36] = {
@@ -634,6 +819,24 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ /* Add Heartbeat extension if we've received one */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED)
+ {
+ s2n(TLSEXT_TYPE_heartbeat,ret);
+ s2n(1,ret);
+ /* Set mode:
+ * 1: peer may send requests
+ * 2: peer not allowed to send requests
+ */
+ if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+ *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ else
+ *(ret++) = SSL_TLSEXT_HB_ENABLED;
+
+ }
+#endif
+
#ifndef OPENSSL_NO_NEXTPROTONEG
next_proto_neg_seen = s->s3->next_proto_neg_seen;
s->s3->next_proto_neg_seen = 0;
@@ -670,9 +873,18 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
unsigned short len;
unsigned char *data = *p;
int renegotiate_seen = 0;
+ int sigalg_seen = 0;
s->servername_done = 0;
s->tlsext_status_type = -1;
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+#endif
if (data >= (d+n-2))
goto ri_check;
@@ -800,6 +1012,31 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
}
}
+#ifndef OPENSSL_NO_SRP
+ else if (type == TLSEXT_TYPE_srp)
+ {
+ if (size <= 0 || ((len = data[0])) != (size -1))
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (s->srp_ctx.login != NULL)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ if ((s->srp_ctx.login = OPENSSL_malloc(len+1)) == NULL)
+ return -1;
+ memcpy(s->srp_ctx.login, &data[1], len);
+ s->srp_ctx.login[len]='\0';
+
+ if (strlen(s->srp_ctx.login) != len)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ }
+#endif
#ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats &&
@@ -844,7 +1081,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
int ellipticcurvelist_length = (*(sdata++) << 8);
ellipticcurvelist_length += (*(sdata++));
- if (ellipticcurvelist_length != size - 2)
+ if (ellipticcurvelist_length != size - 2 ||
+ ellipticcurvelist_length < 1)
{
*al = TLS1_AD_DECODE_ERROR;
return 0;
@@ -920,6 +1158,28 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
return 0;
renegotiate_seen = 1;
}
+ else if (type == TLSEXT_TYPE_signature_algorithms)
+ {
+ int dsize;
+ if (sigalg_seen || size < 2)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ sigalg_seen = 1;
+ n2s(data,dsize);
+ size -= 2;
+ if (dsize != size || dsize & 1)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (!tls1_process_sigalgs(s, data, dsize))
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ }
else if (type == TLSEXT_TYPE_status_request &&
s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb)
{
@@ -1032,9 +1292,26 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
else
s->tlsext_status_type = -1;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat)
+ {
+ switch(data[0])
+ {
+ case 0x01: /* Client allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Client doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default: *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+#endif
#ifndef OPENSSL_NO_NEXTPROTONEG
else if (type == TLSEXT_TYPE_next_proto_neg &&
- s->s3->tmp.finish_md_len == 0)
+ s->s3->tmp.finish_md_len == 0)
{
/* We shouldn't accept this extension on a
* renegotiation.
@@ -1056,6 +1333,15 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
#endif
/* session ticket processed earlier */
+#ifndef OPENSSL_NO_SRTP
+ else if (type == TLSEXT_TYPE_use_srtp)
+ {
+ if(ssl_parse_clienthello_use_srtp_ext(s, data, size,
+ al))
+ return 0;
+ }
+#endif
+
data+=size;
}
@@ -1065,7 +1351,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
/* Need RI if renegotiating */
- if (!renegotiate_seen && s->new_session &&
+ if (!renegotiate_seen && s->renegotiate &&
!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
{
*al = SSL_AD_HANDSHAKE_FAILURE;
@@ -1081,7 +1367,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No
* elements of zero length are allowed and the set of elements must exactly fill
* the length of the block. */
-static int ssl_next_proto_validate(unsigned char *d, unsigned len)
+static char ssl_next_proto_validate(unsigned char *d, unsigned len)
{
unsigned int off = 0;
@@ -1106,6 +1392,15 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
int tlsext_servername = 0;
int renegotiate_seen = 0;
+#ifndef OPENSSL_NO_NEXTPROTONEG
+ s->s3->next_proto_neg_seen = 0;
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+ s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+#endif
+
if (data >= (d+n-2))
goto ri_check;
@@ -1145,7 +1440,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
- if (ecpointformatlist_length != size - 1)
+ if (ecpointformatlist_length != size - 1 ||
+ ecpointformatlist_length < 1)
{
*al = TLS1_AD_DECODE_ERROR;
return 0;
@@ -1232,13 +1528,14 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
s->tlsext_status_expected = 1;
}
#ifndef OPENSSL_NO_NEXTPROTONEG
- else if (type == TLSEXT_TYPE_next_proto_neg)
+ else if (type == TLSEXT_TYPE_next_proto_neg &&
+ s->s3->tmp.finish_md_len == 0)
{
unsigned char *selected;
unsigned char selected_len;
/* We must have requested it. */
- if ((s->ctx->next_proto_select_cb == NULL))
+ if (s->ctx->next_proto_select_cb == NULL)
{
*al = TLS1_AD_UNSUPPORTED_EXTENSION;
return 0;
@@ -1262,6 +1559,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
}
memcpy(s->next_proto_negotiated, selected, selected_len);
s->next_proto_negotiated_len = selected_len;
+ s->s3->next_proto_neg_seen = 1;
}
#endif
else if (type == TLSEXT_TYPE_renegotiate)
@@ -1270,6 +1568,32 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
return 0;
renegotiate_seen = 1;
}
+#ifndef OPENSSL_NO_HEARTBEATS
+ else if (type == TLSEXT_TYPE_heartbeat)
+ {
+ switch(data[0])
+ {
+ case 0x01: /* Server allows us to send HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ break;
+ case 0x02: /* Server doesn't accept HB requests */
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+ s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+ break;
+ default: *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_SRTP
+ else if (type == TLSEXT_TYPE_use_srtp)
+ {
+ if(ssl_parse_serverhello_use_srtp_ext(s, data, size,
+ al))
+ return 0;
+ }
+#endif
+
data+=size;
}
@@ -1349,7 +1673,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
break;
}
}
- using_ecc = using_ecc && (s->version == TLS1_VERSION);
+ using_ecc = using_ecc && (s->version >= TLS1_VERSION);
if (using_ecc)
{
if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist);
@@ -1365,16 +1689,19 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
/* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist);
- s->tlsext_ellipticcurvelist_length = sizeof(nid_list)/sizeof(nid_list[0]) * 2;
+ s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2;
if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
{
s->tlsext_ellipticcurvelist_length = 0;
SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
return -1;
}
- for (i = 1, j = s->tlsext_ellipticcurvelist; (unsigned int)i <=
- sizeof(nid_list)/sizeof(nid_list[0]); i++)
- s2n(i,j);
+ for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i <
+ sizeof(pref_list)/sizeof(pref_list[0]); i++)
+ {
+ int id = tls1_ec_nid2curve_id(pref_list[i]);
+ s2n(id,j);
+ }
}
#endif /* OPENSSL_NO_EC */
@@ -1446,7 +1773,7 @@ int ssl_prepare_serverhello_tlsext(SSL *s)
return 1;
}
-int ssl_check_clienthello_tlsext(SSL *s)
+int ssl_check_clienthello_tlsext_early(SSL *s)
{
int ret=SSL_TLSEXT_ERR_NOACK;
int al = SSL_AD_UNRECOGNIZED_NAME;
@@ -1465,42 +1792,12 @@ int ssl_check_clienthello_tlsext(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
- /* If status request then ask callback what to do.
- * Note: this must be called after servername callbacks in case
- * the certificate has changed.
- */
- if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb)
- {
- int r;
- r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
- switch (r)
- {
- /* We don't want to send a status request response */
- case SSL_TLSEXT_ERR_NOACK:
- s->tlsext_status_expected = 0;
- break;
- /* status request response should be sent */
- case SSL_TLSEXT_ERR_OK:
- if (s->tlsext_ocsp_resp)
- s->tlsext_status_expected = 1;
- else
- s->tlsext_status_expected = 0;
- break;
- /* something bad happened */
- case SSL_TLSEXT_ERR_ALERT_FATAL:
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
- else
- s->tlsext_status_expected = 0;
-
#ifdef TLSEXT_TYPE_opaque_prf_input
{
/* This sort of belongs into ssl_prepare_serverhello_tlsext(),
* but we might be sending an alert in response to the client hello,
- * so this has to happen here in ssl_check_clienthello_tlsext(). */
+ * so this has to happen here in
+ * ssl_check_clienthello_tlsext_early(). */
int r = 1;
@@ -1552,8 +1849,8 @@ int ssl_check_clienthello_tlsext(SSL *s)
}
}
-#endif
err:
+#endif
switch (ret)
{
case SSL_TLSEXT_ERR_ALERT_FATAL:
@@ -1571,6 +1868,71 @@ int ssl_check_clienthello_tlsext(SSL *s)
}
}
+int ssl_check_clienthello_tlsext_late(SSL *s)
+ {
+ int ret = SSL_TLSEXT_ERR_OK;
+ int al;
+
+ /* If status request then ask callback what to do.
+ * Note: this must be called after servername callbacks in case
+ * the certificate has changed, and must be called after the cipher
+ * has been chosen because this may influence which certificate is sent
+ */
+ if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb)
+ {
+ int r;
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ /* If no certificate can't return certificate status */
+ if (certpkey == NULL)
+ {
+ s->tlsext_status_expected = 0;
+ return 1;
+ }
+ /* Set current certificate to one we will use so
+ * SSL_get_certificate et al can pick it up.
+ */
+ s->cert->key = certpkey;
+ r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ switch (r)
+ {
+ /* We don't want to send a status request response */
+ case SSL_TLSEXT_ERR_NOACK:
+ s->tlsext_status_expected = 0;
+ break;
+ /* status request response should be sent */
+ case SSL_TLSEXT_ERR_OK:
+ if (s->tlsext_ocsp_resp)
+ s->tlsext_status_expected = 1;
+ else
+ s->tlsext_status_expected = 0;
+ break;
+ /* something bad happened */
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ al = SSL_AD_INTERNAL_ERROR;
+ goto err;
+ }
+ }
+ else
+ s->tlsext_status_expected = 0;
+
+ err:
+ switch (ret)
+ {
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ return -1;
+
+ case SSL_TLSEXT_ERR_ALERT_WARNING:
+ ssl3_send_alert(s,SSL3_AL_WARNING,al);
+ return 1;
+
+ default:
+ return 1;
+ }
+ }
+
int ssl_check_serverhello_tlsext(SSL *s)
{
int ret=SSL_TLSEXT_ERR_NOACK;
@@ -1683,26 +2045,56 @@ int ssl_check_serverhello_tlsext(SSL *s)
}
}
-/* Since the server cache lookup is done early on in the processing of client
- * hello and other operations depend on the result we need to handle any TLS
- * session ticket extension at the same time.
+/* Since the server cache lookup is done early on in the processing of the
+ * ClientHello, and other operations depend on the result, we need to handle
+ * any TLS session ticket extension at the same time.
+ *
+ * session_id: points at the session ID in the ClientHello. This code will
+ * read past the end of this in order to parse out the session ticket
+ * extension, if any.
+ * len: the length of the session ID.
+ * limit: a pointer to the first byte after the ClientHello.
+ * ret: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
+ * ciphersuite, in which case we have no use for session tickets and one will
+ * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 0: no ticket was found (or was ignored, based on settings).
+ * 1: a zero length extension was found, indicating that the client supports
+ * session tickets but doesn't currently have one to offer.
+ * 2: either s->tls_session_secret_cb was set, or a ticket was offered but
+ * couldn't be decrypted because of a non-fatal error.
+ * 3: a ticket was successfully decrypted and *ret was set.
+ *
+ * Side effects:
+ * Sets s->tlsext_ticket_expected to 1 if the server will have to issue
+ * a new session ticket to the client because the client indicated support
+ * (and s->tls_session_secret_cb is NULL) but the client either doesn't have
+ * a session ticket or we couldn't use the one it gave us, or if
+ * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
+ * Otherwise, s->tlsext_ticket_expected is set to 0.
*/
-
int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
- const unsigned char *limit, SSL_SESSION **ret)
+ const unsigned char *limit, SSL_SESSION **ret)
{
/* Point after session ID in client hello */
const unsigned char *p = session_id + len;
unsigned short i;
+ *ret = NULL;
+ s->tlsext_ticket_expected = 0;
+
/* If tickets disabled behave as if no ticket present
- * to permit stateful resumption.
- */
+ * to permit stateful resumption.
+ */
if (SSL_get_options(s) & SSL_OP_NO_TICKET)
- return 1;
-
+ return 0;
if ((s->version <= SSL3_VERSION) || !limit)
- return 1;
+ return 0;
if (p >= limit)
return -1;
/* Skip past DTLS cookie */
@@ -1725,7 +2117,7 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
return -1;
/* Now at start of extensions */
if ((p + 2) >= limit)
- return 1;
+ return 0;
n2s(p, i);
while ((p + 4) <= limit)
{
@@ -1733,39 +2125,61 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
n2s(p, type);
n2s(p, size);
if (p + size > limit)
- return 1;
+ return 0;
if (type == TLSEXT_TYPE_session_ticket)
{
- /* If tickets disabled indicate cache miss which will
- * trigger a full handshake
- */
- if (SSL_get_options(s) & SSL_OP_NO_TICKET)
- return 1;
- /* If zero length note client will accept a ticket
- * and indicate cache miss to trigger full handshake
- */
+ int r;
if (size == 0)
{
+ /* The client will accept a ticket but doesn't
+ * currently have one. */
s->tlsext_ticket_expected = 1;
- return 0; /* Cache miss */
+ return 1;
}
if (s->tls_session_secret_cb)
{
- /* Indicate cache miss here and instead of
- * generating the session from ticket now,
- * trigger abbreviated handshake based on
- * external mechanism to calculate the master
- * secret later. */
- return 0;
+ /* Indicate that the ticket couldn't be
+ * decrypted rather than generating the session
+ * from ticket now, trigger abbreviated
+ * handshake based on external mechanism to
+ * calculate the master secret later. */
+ return 2;
+ }
+ r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
+ switch (r)
+ {
+ case 2: /* ticket couldn't be decrypted */
+ s->tlsext_ticket_expected = 1;
+ return 2;
+ case 3: /* ticket was decrypted */
+ return r;
+ case 4: /* ticket decrypted but need to renew */
+ s->tlsext_ticket_expected = 1;
+ return 3;
+ default: /* fatal error */
+ return -1;
}
- return tls_decrypt_ticket(s, p, size, session_id, len,
- ret);
}
p += size;
}
- return 1;
+ return 0;
}
+/* tls_decrypt_ticket attempts to decrypt a session ticket.
+ *
+ * etick: points to the body of the session ticket extension.
+ * eticklen: the length of the session tickets extenion.
+ * sess_id: points at the session ID.
+ * sesslen: the length of the session ID.
+ * psess: (output) on return, if a ticket was decrypted, then this is set to
+ * point to the resulting session.
+ *
+ * Returns:
+ * -1: fatal error, either from parsing or decrypting the ticket.
+ * 2: the ticket couldn't be decrypted.
+ * 3: a ticket was successfully decrypted and *psess was set.
+ * 4: same as 3, but the ticket needs to be renewed.
+ */
static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
const unsigned char *sess_id, int sesslen,
SSL_SESSION **psess)
@@ -1780,7 +2194,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
SSL_CTX *tctx = s->initial_ctx;
/* Need at least keyname + iv + some encrypted data */
if (eticklen < 48)
- goto tickerr;
+ return 2;
/* Initialize session ticket encryption and HMAC contexts */
HMAC_CTX_init(&hctx);
EVP_CIPHER_CTX_init(&ctx);
@@ -1792,7 +2206,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
if (rv < 0)
return -1;
if (rv == 0)
- goto tickerr;
+ return 2;
if (rv == 2)
renew_ticket = 1;
}
@@ -1800,15 +2214,15 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
{
/* Check key name matches */
if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
- goto tickerr;
+ return 2;
HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
tlsext_tick_md(), NULL);
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
tctx->tlsext_tick_aes_key, etick + 16);
}
/* Attempt to process session ticket, first conduct sanity and
- * integrity checks on ticket.
- */
+ * integrity checks on ticket.
+ */
mlen = HMAC_size(&hctx);
if (mlen < 0)
{
@@ -1820,8 +2234,8 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
HMAC_Update(&hctx, etick, eticklen);
HMAC_Final(&hctx, tick_hmac, NULL);
HMAC_CTX_cleanup(&hctx);
- if (memcmp(tick_hmac, etick + eticklen, mlen))
- goto tickerr;
+ if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen))
+ return 2;
/* Attempt to decrypt session data */
/* Move p after IV to start of encrypted ticket, update length */
p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
@@ -1834,33 +2248,376 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
}
EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
- goto tickerr;
+ return 2;
slen += mlen;
EVP_CIPHER_CTX_cleanup(&ctx);
p = sdec;
-
+
sess = d2i_SSL_SESSION(NULL, &p, slen);
OPENSSL_free(sdec);
if (sess)
{
- /* The session ID if non-empty is used by some clients to
- * detect that the ticket has been accepted. So we copy it to
- * the session structure. If it is empty set length to zero
- * as required by standard.
- */
+ /* The session ID, if non-empty, is used by some clients to
+ * detect that the ticket has been accepted. So we copy it to
+ * the session structure. If it is empty set length to zero
+ * as required by standard.
+ */
if (sesslen)
memcpy(sess->session_id, sess_id, sesslen);
sess->session_id_length = sesslen;
*psess = sess;
- s->tlsext_ticket_expected = renew_ticket;
+ if (renew_ticket)
+ return 4;
+ else
+ return 3;
+ }
+ ERR_clear_error();
+ /* For session parse failure, indicate that we need to send a new
+ * ticket. */
+ return 2;
+ }
+
+/* Tables to translate from NIDs to TLS v1.2 ids */
+
+typedef struct
+ {
+ int nid;
+ int id;
+ } tls12_lookup;
+
+static tls12_lookup tls12_md[] = {
+#ifndef OPENSSL_NO_MD5
+ {NID_md5, TLSEXT_hash_md5},
+#endif
+#ifndef OPENSSL_NO_SHA
+ {NID_sha1, TLSEXT_hash_sha1},
+#endif
+#ifndef OPENSSL_NO_SHA256
+ {NID_sha224, TLSEXT_hash_sha224},
+ {NID_sha256, TLSEXT_hash_sha256},
+#endif
+#ifndef OPENSSL_NO_SHA512
+ {NID_sha384, TLSEXT_hash_sha384},
+ {NID_sha512, TLSEXT_hash_sha512}
+#endif
+};
+
+static tls12_lookup tls12_sig[] = {
+#ifndef OPENSSL_NO_RSA
+ {EVP_PKEY_RSA, TLSEXT_signature_rsa},
+#endif
+#ifndef OPENSSL_NO_DSA
+ {EVP_PKEY_DSA, TLSEXT_signature_dsa},
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
+#endif
+};
+
+static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
+ {
+ size_t i;
+ for (i = 0; i < tlen; i++)
+ {
+ if (table[i].nid == nid)
+ return table[i].id;
+ }
+ return -1;
+ }
+#if 0
+static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
+ {
+ size_t i;
+ for (i = 0; i < tlen; i++)
+ {
+ if (table[i].id == id)
+ return table[i].nid;
+ }
+ return -1;
+ }
+#endif
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md)
+ {
+ int sig_id, md_id;
+ if (!md)
+ return 0;
+ md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
+ sizeof(tls12_md)/sizeof(tls12_lookup));
+ if (md_id == -1)
+ return 0;
+ sig_id = tls12_get_sigid(pk);
+ if (sig_id == -1)
+ return 0;
+ p[0] = (unsigned char)md_id;
+ p[1] = (unsigned char)sig_id;
+ return 1;
+ }
+
+int tls12_get_sigid(const EVP_PKEY *pk)
+ {
+ return tls12_find_id(pk->type, tls12_sig,
+ sizeof(tls12_sig)/sizeof(tls12_lookup));
+ }
+
+const EVP_MD *tls12_get_hash(unsigned char hash_alg)
+ {
+ switch(hash_alg)
+ {
+#ifndef OPENSSL_NO_MD5
+ case TLSEXT_hash_md5:
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return NULL;
+#endif
+ return EVP_md5();
+#endif
+#ifndef OPENSSL_NO_SHA
+ case TLSEXT_hash_sha1:
+ return EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_SHA256
+ case TLSEXT_hash_sha224:
+ return EVP_sha224();
+
+ case TLSEXT_hash_sha256:
+ return EVP_sha256();
+#endif
+#ifndef OPENSSL_NO_SHA512
+ case TLSEXT_hash_sha384:
+ return EVP_sha384();
+
+ case TLSEXT_hash_sha512:
+ return EVP_sha512();
+#endif
+ default:
+ return NULL;
+
+ }
+ }
+
+/* Set preferred digest for each key type */
+
+int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
+ {
+ int i, idx;
+ const EVP_MD *md;
+ CERT *c = s->cert;
+ /* Extension ignored for TLS versions below 1.2 */
+ if (TLS1_get_version(s) < TLS1_2_VERSION)
return 1;
+ /* Should never happen */
+ if (!c)
+ return 0;
+
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL;
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL;
+ c->pkeys[SSL_PKEY_ECC].digest = NULL;
+
+ for (i = 0; i < dsize; i += 2)
+ {
+ unsigned char hash_alg = data[i], sig_alg = data[i+1];
+
+ switch(sig_alg)
+ {
+#ifndef OPENSSL_NO_RSA
+ case TLSEXT_signature_rsa:
+ idx = SSL_PKEY_RSA_SIGN;
+ break;
+#endif
+#ifndef OPENSSL_NO_DSA
+ case TLSEXT_signature_dsa:
+ idx = SSL_PKEY_DSA_SIGN;
+ break;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ case TLSEXT_signature_ecdsa:
+ idx = SSL_PKEY_ECC;
+ break;
+#endif
+ default:
+ continue;
+ }
+
+ if (c->pkeys[idx].digest == NULL)
+ {
+ md = tls12_get_hash(hash_alg);
+ if (md)
+ {
+ c->pkeys[idx].digest = md;
+ if (idx == SSL_PKEY_RSA_SIGN)
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
+ }
+ }
+
}
- /* If session decrypt failure indicate a cache miss and set state to
- * send a new ticket
- */
- tickerr:
- s->tlsext_ticket_expected = 1;
+
+
+ /* Set any remaining keys to default values. NOTE: if alg is not
+ * supported it stays as NULL.
+ */
+#ifndef OPENSSL_NO_DSA
+ if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
+ c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_RSA
+ if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest)
+ {
+ c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+ c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+ }
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (!c->pkeys[SSL_PKEY_ECC].digest)
+ c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+#endif
+ return 1;
+ }
+
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int
+tls1_process_heartbeat(SSL *s)
+ {
+ unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned short hbtype;
+ unsigned int payload;
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Read type and payload length first */
+ hbtype = *p++;
+ n2s(p, payload);
+ pl = p;
+
+ if (s->msg_callback)
+ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
+
+ if (hbtype == TLS1_HB_REQUEST)
+ {
+ unsigned char *buffer, *bp;
+ int r;
+
+ /* Allocate memory for the response, size is 1 bytes
+ * message type, plus 2 bytes payload length, plus
+ * payload, plus padding
+ */
+ buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+ bp = buffer;
+
+ /* Enter response type, length and copy payload */
+ *bp++ = TLS1_HB_RESPONSE;
+ s2n(payload, bp);
+ memcpy(bp, pl, payload);
+ bp += payload;
+ /* Random padding */
+ RAND_pseudo_bytes(bp, padding);
+
+ r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
+
+ if (r >= 0 && s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buffer, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ OPENSSL_free(buffer);
+
+ if (r < 0)
+ return r;
+ }
+ else if (hbtype == TLS1_HB_RESPONSE)
+ {
+ unsigned int seq;
+
+ /* We only send sequence numbers (2 bytes unsigned int),
+ * and 16 random bytes, so we just try to read the
+ * sequence number */
+ n2s(pl, seq);
+
+ if (payload == 18 && seq == s->tlsext_hb_seq)
+ {
+ s->tlsext_hb_seq++;
+ s->tlsext_hb_pending = 0;
+ }
+ }
+
return 0;
}
+int
+tls1_heartbeat(SSL *s)
+ {
+ unsigned char *buf, *p;
+ int ret;
+ unsigned int payload = 18; /* Sequence number + random bytes */
+ unsigned int padding = 16; /* Use minimum padding */
+
+ /* Only send if peer supports and accepts HB requests... */
+ if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS)
+ {
+ SSLerr(SSL_F_TLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ return -1;
+ }
+
+ /* ...and there is none in flight yet... */
+ if (s->tlsext_hb_pending)
+ {
+ SSLerr(SSL_F_TLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PENDING);
+ return -1;
+ }
+
+ /* ...and no handshake in progress. */
+ if (SSL_in_init(s) || s->in_handshake)
+ {
+ SSLerr(SSL_F_TLS1_HEARTBEAT,SSL_R_UNEXPECTED_MESSAGE);
+ return -1;
+ }
+
+ /* Check if padding is too long, payload and padding
+ * must not exceed 2^14 - 3 = 16381 bytes in total.
+ */
+ OPENSSL_assert(payload + padding <= 16381);
+
+ /* Create HeartBeat message, we just use a sequence number
+ * as payload to distuingish different messages and add
+ * some random stuff.
+ * - Message Type, 1 byte
+ * - Payload Length, 2 bytes (unsigned int)
+ * - Payload, the sequence number (2 bytes uint)
+ * - Payload, random bytes (16 bytes uint)
+ * - Padding
+ */
+ buf = OPENSSL_malloc(1 + 2 + payload + padding);
+ p = buf;
+ /* Message Type */
+ *p++ = TLS1_HB_REQUEST;
+ /* Payload length (18 bytes here) */
+ s2n(payload, p);
+ /* Sequence number */
+ s2n(s->tlsext_hb_seq, p);
+ /* 16 random bytes */
+ RAND_pseudo_bytes(p, 16);
+ p += 16;
+ /* Random padding */
+ RAND_pseudo_bytes(p, padding);
+
+ ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+ if (ret >= 0)
+ {
+ if (s->msg_callback)
+ s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
+
+ s->tlsext_hb_pending = 1;
+ }
+
+ OPENSSL_free(buf);
+
+ return ret;
+ }
#endif
diff --git a/deps/openssl/openssl/ssl/t1_meth.c b/deps/openssl/openssl/ssl/t1_meth.c
index 6ce7c0bbf..53c807de2 100644
--- a/deps/openssl/openssl/ssl/t1_meth.c
+++ b/deps/openssl/openssl/ssl/t1_meth.c
@@ -60,16 +60,28 @@
#include <openssl/objects.h>
#include "ssl_locl.h"
-static const SSL_METHOD *tls1_get_method(int ver);
static const SSL_METHOD *tls1_get_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_method();
if (ver == TLS1_VERSION)
- return(TLSv1_method());
- else
- return(NULL);
+ return TLSv1_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_method,
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method,
+ ssl3_accept,
+ ssl3_connect,
+ tls1_get_method)
+
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
+ ssl3_accept,
+ ssl3_connect,
+ tls1_get_method)
+
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
ssl3_accept,
ssl3_connect,
tls1_get_method)
diff --git a/deps/openssl/openssl/ssl/t1_srvr.c b/deps/openssl/openssl/ssl/t1_srvr.c
index 42525e9e8..f1d156576 100644
--- a/deps/openssl/openssl/ssl/t1_srvr.c
+++ b/deps/openssl/openssl/ssl/t1_srvr.c
@@ -67,13 +67,26 @@
static const SSL_METHOD *tls1_get_server_method(int ver);
static const SSL_METHOD *tls1_get_server_method(int ver)
{
+ if (ver == TLS1_2_VERSION)
+ return TLSv1_2_server_method();
+ if (ver == TLS1_1_VERSION)
+ return TLSv1_1_server_method();
if (ver == TLS1_VERSION)
- return(TLSv1_server_method());
- else
- return(NULL);
+ return TLSv1_server_method();
+ return NULL;
}
-IMPLEMENT_tls1_meth_func(TLSv1_server_method,
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
+ ssl3_accept,
+ ssl_undefined_function,
+ tls1_get_server_method)
+
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
+ ssl3_accept,
+ ssl_undefined_function,
+ tls1_get_server_method)
+
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
ssl3_accept,
ssl_undefined_function,
tls1_get_server_method)
diff --git a/deps/openssl/openssl/ssl/tls1.h b/deps/openssl/openssl/ssl/tls1.h
index 71f97227e..c39c267f0 100644
--- a/deps/openssl/openssl/ssl/tls1.h
+++ b/deps/openssl/openssl/ssl/tls1.h
@@ -159,10 +159,24 @@ extern "C" {
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
+#define TLS1_2_VERSION 0x0303
+#define TLS1_2_VERSION_MAJOR 0x03
+#define TLS1_2_VERSION_MINOR 0x03
+
+#define TLS1_1_VERSION 0x0302
+#define TLS1_1_VERSION_MAJOR 0x03
+#define TLS1_1_VERSION_MINOR 0x02
+
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
#define TLS1_VERSION_MINOR 0x01
+#define TLS1_get_version(s) \
+ ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
+
+#define TLS1_get_client_version(s) \
+ ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
+
#define TLS1_AD_DECRYPTION_FAILED 21
#define TLS1_AD_RECORD_OVERFLOW 22
#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
@@ -183,17 +197,42 @@ extern "C" {
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
-/* ExtensionType values from RFC3546 / RFC4366 */
+/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
#define TLSEXT_TYPE_server_name 0
#define TLSEXT_TYPE_max_fragment_length 1
#define TLSEXT_TYPE_client_certificate_url 2
#define TLSEXT_TYPE_trusted_ca_keys 3
#define TLSEXT_TYPE_truncated_hmac 4
#define TLSEXT_TYPE_status_request 5
+/* ExtensionType values from RFC4681 */
+#define TLSEXT_TYPE_user_mapping 6
+
+/* ExtensionType values from RFC5878 */
+#define TLSEXT_TYPE_client_authz 7
+#define TLSEXT_TYPE_server_authz 8
+
+/* ExtensionType values from RFC6091 */
+#define TLSEXT_TYPE_cert_type 9
+
/* ExtensionType values from RFC4492 */
#define TLSEXT_TYPE_elliptic_curves 10
#define TLSEXT_TYPE_ec_point_formats 11
+
+/* ExtensionType value from RFC5054 */
+#define TLSEXT_TYPE_srp 12
+
+/* ExtensionType values from RFC5246 */
+#define TLSEXT_TYPE_signature_algorithms 13
+
+/* ExtensionType value from RFC5764 */
+#define TLSEXT_TYPE_use_srtp 14
+
+/* ExtensionType value from RFC5620 */
+#define TLSEXT_TYPE_heartbeat 15
+
+/* ExtensionType value from RFC4507 */
#define TLSEXT_TYPE_session_ticket 35
+
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
#if 0 /* will have to be provided externally for now ,
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
@@ -221,12 +260,34 @@ extern "C" {
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
#define TLSEXT_ECPOINTFORMAT_last 2
+/* Signature and hash algorithms from RFC 5246 */
+
+#define TLSEXT_signature_anonymous 0
+#define TLSEXT_signature_rsa 1
+#define TLSEXT_signature_dsa 2
+#define TLSEXT_signature_ecdsa 3
+
+#define TLSEXT_hash_none 0
+#define TLSEXT_hash_md5 1
+#define TLSEXT_hash_sha1 2
+#define TLSEXT_hash_sha224 3
+#define TLSEXT_hash_sha256 4
+#define TLSEXT_hash_sha384 5
+#define TLSEXT_hash_sha512 6
+
#ifndef OPENSSL_NO_TLSEXT
#define TLSEXT_MAXLEN_host_name 255
-const char *SSL_get_servername(const SSL *s, const int type) ;
-int SSL_get_servername_type(const SSL *s) ;
+const char *SSL_get_servername(const SSL *s, const int type);
+int SSL_get_servername_type(const SSL *s);
+/* SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.)
+ *
+ * It returns 1 on success and zero otherwise.
+ */
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen, const unsigned char *p, size_t plen,
int use_context);
@@ -293,6 +354,16 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+#ifndef OPENSSL_NO_HEARTBEATS
+#define SSL_TLSEXT_HB_ENABLED 0x01
+#define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
+#define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
+
+#define SSL_get_tlsext_heartbeat_pending(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
+#define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
+#endif
#endif
/* PSK ciphersuites from 4279 */
@@ -330,6 +401,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
+/* TLS v1.2 ciphersuites */
+#define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
+#define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
+#define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
+#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
+#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
+#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
+
/* Camellia ciphersuites from RFC4132 */
#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
@@ -338,6 +417,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
+/* TLS v1.2 ciphersuites */
+#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
+#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
+#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
+#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
+#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
+#define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
+#define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
+
+/* Camellia ciphersuites from RFC4132 */
#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
@@ -353,6 +442,20 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
+#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
+#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
+#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
+#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
+#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
+#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
+#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
+#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
+#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
+#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
+#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@@ -384,6 +487,38 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
+/* SRP ciphersuites from RFC 5054 */
+#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
+#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
+#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
+#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
+#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
+#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
+#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
+#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
+#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
+#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
+#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
+#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
+#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
+#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
+#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
+#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
+#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
+
/* XXX
* Inconsistency alert:
* The OpenSSL names of ciphers with ephemeral DH here include the string
@@ -451,6 +586,17 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
+/* SRP ciphersuite from RFC 5054 */
+#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
+#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
+
/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
@@ -474,6 +620,55 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
+/* TLS v1.2 ciphersuites */
+#define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
+#define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
+#define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
+#define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
+#define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
+#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
+#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
+#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
+#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
+#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
+#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
+#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
+#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
+#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
+#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
+#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
+#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
+#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
+#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
+#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
diff --git a/deps/openssl/openssl/util/copy.pl b/deps/openssl/openssl/util/copy.pl
index e20b45530..eba6d5815 100644
--- a/deps/openssl/openssl/util/copy.pl
+++ b/deps/openssl/openssl/util/copy.pl
@@ -8,9 +8,16 @@ use Fcntl;
# Perl script 'copy' comment. On Windows the built in "copy" command also
# copies timestamps: this messes up Makefile dependencies.
+my $stripcr = 0;
+
my $arg;
foreach $arg (@ARGV) {
+ if ($arg eq "-stripcr")
+ {
+ $stripcr = 1;
+ next;
+ }
$arg =~ s|\\|/|g; # compensate for bug/feature in cygwin glob...
foreach (glob $arg)
{
@@ -49,6 +56,10 @@ foreach (@filelist)
|| die "Can't Open $dfile";
while (sysread IN, $buf, 10240)
{
+ if ($stripcr)
+ {
+ $buf =~ tr/\015//d;
+ }
syswrite(OUT, $buf, length($buf));
}
close(IN);
diff --git a/deps/openssl/openssl/util/cygwin.sh b/deps/openssl/openssl/util/cygwin.sh
index d6228521e..cfdb04d2a 100755
--- a/deps/openssl/openssl/util/cygwin.sh
+++ b/deps/openssl/openssl/util/cygwin.sh
@@ -11,6 +11,7 @@ CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5"
INSTALL_PREFIX=/tmp/install/INSTALL
VERSION=
+SHLIB_VERSION_NUMBER=
SUBVERSION=$1
function cleanup()
@@ -28,6 +29,13 @@ function get_openssl_version()
echo " Check value of variable VERSION in Makefile."
exit 1
fi
+ eval `grep '^SHLIB_VERSION_NUMBER=' Makefile`
+ if [ -z "${SHLIB_VERSION_NUMBER}" ]
+ then
+ echo "Error: Couldn't retrieve OpenSSL shared lib version from Makefile."
+ echo " Check value of variable SHLIB_VERSION_NUMBER in Makefile."
+ exit 1
+ fi
}
function base_install()
@@ -124,7 +132,7 @@ strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so
chmod u-w usr/lib/engines/*.so
# Runtime package
-tar cjf libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
+tar cjf libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
usr/bin/cyg*dll
# Base package
find etc usr/bin/openssl.exe usr/bin/c_rehash usr/lib/engines usr/share/doc \
@@ -139,7 +147,7 @@ tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -
ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2
-ls -l libopenssl${VERSION//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
cleanup
diff --git a/deps/openssl/openssl/util/libeay.num b/deps/openssl/openssl/util/libeay.num
index b23619f20..6debdb60a 100755
--- a/deps/openssl/openssl/util/libeay.num
+++ b/deps/openssl/openssl/util/libeay.num
@@ -1050,7 +1050,7 @@ ASN1_TYPE_get_octetstring 1077 EXIST::FUNCTION:
ASN1_TYPE_set_int_octetstring 1078 EXIST::FUNCTION:
ASN1_TYPE_set_octetstring 1079 EXIST::FUNCTION:
ASN1_UTCTIME_set_string 1080 EXIST::FUNCTION:
-ERR_add_error_data 1081 EXIST::FUNCTION:BIO
+ERR_add_error_data 1081 EXIST::FUNCTION:
ERR_set_error_data 1082 EXIST::FUNCTION:
EVP_CIPHER_asn1_to_param 1083 EXIST::FUNCTION:
EVP_CIPHER_param_to_asn1 1084 EXIST::FUNCTION:
@@ -2808,7 +2808,7 @@ FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
FIPS_selftest_des 3250 NOEXIST::FUNCTION:
EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES
EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES
-FIPS_mode_set 3253 NOEXIST::FUNCTION:
+FIPS_mode_set 3253 EXIST::FUNCTION:
FIPS_selftest_dsa 3254 NOEXIST::FUNCTION:
EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES
FIPS_allow_md5 3256 NOEXIST::FUNCTION:
@@ -2838,23 +2838,23 @@ AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES
EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES
FIPS_rand_check 3281 NOEXIST::FUNCTION:
FIPS_md5_allowed 3282 NOEXIST::FUNCTION:
-FIPS_mode 3283 NOEXIST::FUNCTION:
+FIPS_mode 3283 EXIST::FUNCTION:
FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
sk_is_sorted 3285 EXIST::FUNCTION:
X509_check_ca 3286 EXIST::FUNCTION:
-private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION:
+private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA
HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC
-private_SHA_Init 3289 NOEXIST::FUNCTION:
-private_CAST_set_key 3290 NOEXIST::FUNCTION:
-private_RIPEMD160_Init 3291 NOEXIST::FUNCTION:
+private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
+private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST
+private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
private_RC5_32_set_key 3292 NOEXIST::FUNCTION:
-private_MD5_Init 3293 NOEXIST::FUNCTION:
-private_RC4_set_key 3294 NOEXIST::FUNCTION:
-private_MDC2_Init 3295 NOEXIST::FUNCTION:
-private_RC2_set_key 3296 NOEXIST::FUNCTION:
-private_MD4_Init 3297 NOEXIST::FUNCTION:
-private_BF_set_key 3298 NOEXIST::FUNCTION:
-private_MD2_Init 3299 NOEXIST::FUNCTION:
+private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5
+private_RC4_set_key 3294 EXIST::FUNCTION:RC4
+private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2
+private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2
+private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4
+private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF
+private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2
d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION:
PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA
RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA
RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA
PKCS1_MGF1 3324 EXIST::FUNCTION:RSA
-BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION:
+BN_X931_generate_Xpq 3325 EXIST::FUNCTION:
RSA_X931_generate_key 3326 NOEXIST::FUNCTION:
BN_X931_derive_prime 3327 NOEXIST::FUNCTION:
BN_X931_generate_prime 3328 NOEXIST::FUNCTION:
@@ -2906,7 +2906,7 @@ STORE_parse_attrs_start 3343 NOEXIST::FUNCTION:
POLICY_CONSTRAINTS_free 3344 EXIST::FUNCTION:
EVP_PKEY_add1_attr_by_NID 3345 EXIST::FUNCTION:
BN_nist_mod_192 3346 EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC
+EC_GROUP_get_trinomial_basis 3347 EXIST::FUNCTION:EC,EC2M
STORE_set_method 3348 NOEXIST::FUNCTION:
GENERAL_SUBTREE_free 3349 EXIST::FUNCTION:
NAME_CONSTRAINTS_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -2921,14 +2921,14 @@ SHA512_Update 3356 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
i2d_ECPrivateKey 3357 EXIST::FUNCTION:EC
BN_get0_nist_prime_192 3358 EXIST::FUNCTION:
STORE_modify_certificate 3359 NOEXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC
-BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m 3360 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_affine_coords_GF2m 3360 EXIST:VMS:FUNCTION:EC,EC2M
+BN_GF2m_mod_exp_arr 3361 EXIST::FUNCTION:EC2M
STORE_ATTR_INFO_modify_number 3362 NOEXIST::FUNCTION:
X509_keyid_get0 3363 EXIST::FUNCTION:
ENGINE_load_gmp 3364 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
pitem_new 3365 EXIST::FUNCTION:
-BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr 3366 EXIST::FUNCTION:EC2M
STORE_list_public_key_endp 3367 NOEXIST::FUNCTION:
o2i_ECPublicKey 3368 EXIST::FUNCTION:EC
EC_KEY_copy 3369 EXIST::FUNCTION:EC
@@ -2945,7 +2945,7 @@ X509_VERIFY_PARAM_inherit 3378 EXIST::FUNCTION:
EC_POINT_point2bn 3379 EXIST::FUNCTION:EC
STORE_ATTR_INFO_set_dn 3380 NOEXIST::FUNCTION:
X509_policy_tree_get0_policies 3381 EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC
+EC_GROUP_new_curve_GF2m 3382 EXIST::FUNCTION:EC,EC2M
STORE_destroy_method 3383 NOEXIST::FUNCTION:
ENGINE_unregister_STORE 3384 EXIST::FUNCTION:ENGINE
EVP_PKEY_get1_EC_KEY 3385 EXIST::FUNCTION:EC
@@ -2961,7 +2961,7 @@ ENGINE_get_static_state 3393 EXIST::FUNCTION:ENGINE
pqueue_iterator 3394 EXIST::FUNCTION:
ECDSA_SIG_new 3395 EXIST::FUNCTION:ECDSA
OPENSSL_DIR_end 3396 EXIST::FUNCTION:
-BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:
+BN_GF2m_mod_sqr 3397 EXIST::FUNCTION:EC2M
EC_POINT_bn2point 3398 EXIST::FUNCTION:EC
X509_VERIFY_PARAM_set_depth 3399 EXIST::FUNCTION:
EC_KEY_set_asn1_flag 3400 EXIST::FUNCTION:EC
@@ -2974,7 +2974,7 @@ EC_GROUP_get_point_conv_form 3405 EXIST:VMS:FUNCTION:EC
STORE_method_set_store_function 3406 NOEXIST::FUNCTION:
STORE_ATTR_INFO_in 3407 NOEXIST::FUNCTION:
PEM_read_bio_ECPKParameters 3408 EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis 3409 EXIST::FUNCTION:EC,EC2M
EVP_PKEY_add1_attr_by_txt 3410 EXIST::FUNCTION:
BN_BLINDING_set_flags 3411 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1_policies 3412 EXIST::FUNCTION:
@@ -2982,10 +2982,10 @@ X509_VERIFY_PARAM_set1_name 3413 EXIST::FUNCTION:
X509_VERIFY_PARAM_set_purpose 3414 EXIST::FUNCTION:
STORE_get_number 3415 NOEXIST::FUNCTION:
ECDSA_sign_setup 3416 EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad_arr 3417 EXIST::FUNCTION:EC2M
EC_KEY_up_ref 3418 EXIST::FUNCTION:EC
POLICY_MAPPING_free 3419 EXIST::FUNCTION:
-BN_GF2m_mod_div 3420 EXIST::FUNCTION:
+BN_GF2m_mod_div 3420 EXIST::FUNCTION:EC2M
X509_VERIFY_PARAM_set_flags 3421 EXIST::FUNCTION:
EC_KEY_free 3422 EXIST::FUNCTION:EC
STORE_meth_set_list_next_fn 3423 NOEXIST::FUNCTION:
@@ -2999,7 +2999,7 @@ STORE_method_set_list_end_function 3427 NOEXIST::FUNCTION:
pqueue_print 3428 EXIST::FUNCTION:
EC_GROUP_have_precompute_mult 3429 EXIST::FUNCTION:EC
EC_KEY_print_fp 3430 EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr 3431 EXIST::FUNCTION:
+BN_GF2m_mod_arr 3431 EXIST::FUNCTION:EC2M
PEM_write_bio_X509_CERT_PAIR 3432 EXIST::FUNCTION:
EVP_PKEY_cmp 3433 EXIST::FUNCTION:
X509_policy_level_node_count 3434 EXIST::FUNCTION:
@@ -3020,7 +3020,7 @@ X509_policy_node_get0_qualifiers 3448 EXIST:!VMS:FUNCTION:
X509_pcy_node_get0_qualifiers 3448 EXIST:VMS:FUNCTION:
STORE_list_crl_end 3449 NOEXIST::FUNCTION:
EVP_PKEY_set1_EC_KEY 3450 EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt_arr 3451 EXIST::FUNCTION:EC2M
i2d_ECPrivateKey_bio 3452 EXIST::FUNCTION:BIO,EC
ECPKParameters_print_fp 3453 EXIST::FUNCTION:EC,FP_API
pqueue_find 3454 EXIST::FUNCTION:
@@ -3037,7 +3037,7 @@ PKCS12_add_safes 3464 EXIST::FUNCTION:
BN_BLINDING_convert_ex 3465 EXIST::FUNCTION:
X509_policy_tree_free 3466 EXIST::FUNCTION:
OPENSSL_ia32cap_loc 3467 EXIST::FUNCTION:
-BN_GF2m_poly2arr 3468 EXIST::FUNCTION:
+BN_GF2m_poly2arr 3468 EXIST::FUNCTION:EC2M
STORE_ctrl 3469 NOEXIST::FUNCTION:
STORE_ATTR_INFO_compare 3470 NOEXIST::FUNCTION:
BN_get0_nist_prime_224 3471 EXIST::FUNCTION:
@@ -3061,7 +3061,7 @@ STORE_method_set_delete_function 3486 NOEXIST::FUNCTION:
STORE_list_certificate_next 3487 NOEXIST::FUNCTION:
ASN1_generate_nconf 3488 EXIST::FUNCTION:
BUF_memdup 3489 EXIST::FUNCTION:
-BN_GF2m_mod_mul 3490 EXIST::FUNCTION:
+BN_GF2m_mod_mul 3490 EXIST::FUNCTION:EC2M
STORE_meth_get_list_next_fn 3491 NOEXIST::FUNCTION:
STORE_method_get_list_next_function 3491 NOEXIST::FUNCTION:
STORE_ATTR_INFO_get0_dn 3492 NOEXIST::FUNCTION:
@@ -3072,7 +3072,7 @@ STORE_ATTR_INFO_free 3496 NOEXIST::FUNCTION:
STORE_get_private_key 3497 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_count 3498 EXIST::FUNCTION:
STORE_ATTR_INFO_new 3499 NOEXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC
+EC_GROUP_get_curve_GF2m 3500 EXIST::FUNCTION:EC,EC2M
STORE_meth_set_revoke_fn 3501 NOEXIST::FUNCTION:
STORE_method_set_revoke_function 3501 NOEXIST::FUNCTION:
STORE_store_number 3502 NOEXIST::FUNCTION:
@@ -3088,7 +3088,7 @@ BIO_dump_indent_fp 3511 EXIST::FUNCTION:FP_API
EC_KEY_set_group 3512 EXIST::FUNCTION:EC
BUF_strndup 3513 EXIST::FUNCTION:
STORE_list_certificate_start 3514 NOEXIST::FUNCTION:
-BN_GF2m_mod 3515 EXIST::FUNCTION:
+BN_GF2m_mod 3515 EXIST::FUNCTION:EC2M
X509_REQ_check_private_key 3516 EXIST::FUNCTION:
EC_GROUP_get_seed_len 3517 EXIST::FUNCTION:EC
ERR_load_STORE_strings 3518 NOEXIST::FUNCTION:
@@ -3117,19 +3117,19 @@ STORE_method_set_get_function 3536 NOEXIST::FUNCTION:
STORE_modify_number 3537 NOEXIST::FUNCTION:
STORE_method_get_store_function 3538 NOEXIST::FUNCTION:
STORE_store_private_key 3539 NOEXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr 3540 EXIST::FUNCTION:EC2M
RSA_setup_blinding 3541 EXIST::FUNCTION:RSA
BIO_s_datagram 3542 EXIST::FUNCTION:DGRAM
STORE_Memory 3543 NOEXIST::FUNCTION:
sk_find_ex 3544 EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC
+EC_GROUP_set_curve_GF2m 3545 EXIST::FUNCTION:EC,EC2M
ENGINE_set_default_ECDSA 3546 EXIST::FUNCTION:ENGINE
POLICY_CONSTRAINTS_new 3547 EXIST::FUNCTION:
-BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:
+BN_GF2m_mod_sqrt 3548 EXIST::FUNCTION:EC2M
ECDH_set_default_method 3549 EXIST::FUNCTION:ECDH
EC_KEY_generate_key 3550 EXIST::FUNCTION:EC
SHA384_Update 3551 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly 3552 EXIST::FUNCTION:
+BN_GF2m_arr2poly 3552 EXIST::FUNCTION:EC2M
STORE_method_get_get_function 3553 NOEXIST::FUNCTION:
STORE_meth_set_cleanup_fn 3554 NOEXIST::FUNCTION:
STORE_method_set_cleanup_function 3554 NOEXIST::FUNCTION:
@@ -3154,7 +3154,7 @@ EC_GROUP_get_degree 3570 EXIST::FUNCTION:EC
ASN1_generate_v3 3571 EXIST::FUNCTION:
STORE_ATTR_INFO_modify_cstr 3572 NOEXIST::FUNCTION:
X509_policy_tree_level_count 3573 EXIST::FUNCTION:
-BN_GF2m_add 3574 EXIST::FUNCTION:
+BN_GF2m_add 3574 EXIST::FUNCTION:EC2M
EC_KEY_get0_group 3575 EXIST::FUNCTION:EC
STORE_generate_crl 3576 NOEXIST::FUNCTION:
STORE_store_public_key 3577 NOEXIST::FUNCTION:
@@ -3179,8 +3179,8 @@ STORE_store_certificate 3593 NOEXIST::FUNCTION:
OBJ_bsearch_ex 3594 NOEXIST::FUNCTION:
X509_STORE_CTX_set_default 3595 EXIST::FUNCTION:
STORE_ATTR_INFO_set_sha1str 3596 NOEXIST::FUNCTION:
-BN_GF2m_mod_inv 3597 EXIST::FUNCTION:
-BN_GF2m_mod_exp 3598 EXIST::FUNCTION:
+BN_GF2m_mod_inv 3597 EXIST::FUNCTION:EC2M
+BN_GF2m_mod_exp 3598 EXIST::FUNCTION:EC2M
STORE_modify_public_key 3599 NOEXIST::FUNCTION:
STORE_meth_get_list_start_fn 3600 NOEXIST::FUNCTION:
STORE_method_get_list_start_function 3600 NOEXIST::FUNCTION:
@@ -3188,7 +3188,7 @@ EC_GROUP_get0_seed 3601 EXIST::FUNCTION:EC
STORE_store_arbitrary 3602 NOEXIST::FUNCTION:
STORE_meth_set_unlock_store_fn 3603 NOEXIST::FUNCTION:
STORE_method_set_unlock_store_function 3603 NOEXIST::FUNCTION:
-BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:
+BN_GF2m_mod_div_arr 3604 EXIST::FUNCTION:EC2M
ENGINE_set_ECDSA 3605 EXIST::FUNCTION:ENGINE
STORE_create_method 3606 NOEXIST::FUNCTION:
ECPKParameters_print 3607 EXIST::FUNCTION:BIO,EC
@@ -3211,8 +3211,8 @@ EC_KEY_get_enc_flags 3622 EXIST::FUNCTION:EC
ASN1_const_check_infinite_end 3623 EXIST::FUNCTION:
EVP_PKEY_delete_attr 3624 EXIST::FUNCTION:
ECDSA_set_default_method 3625 EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC
+EC_POINT_set_compressed_coordinates_GF2m 3626 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_compr_coords_GF2m 3626 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_cmp 3627 EXIST::FUNCTION:EC
STORE_revoke_certificate 3628 NOEXIST::FUNCTION:
BN_get0_nist_prime_256 3629 EXIST::FUNCTION:
@@ -3241,7 +3241,7 @@ POLICY_CONSTRAINTS_it 3649 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI
STORE_get_ex_new_index 3650 NOEXIST::FUNCTION:
EVP_PKEY_get_attr_by_OBJ 3651 EXIST::FUNCTION:
X509_VERIFY_PARAM_add0_policy 3652 EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad 3653 EXIST::FUNCTION:EC2M
SHA256 3654 EXIST::FUNCTION:SHA,SHA256
i2d_ECPrivateKey_fp 3655 EXIST::FUNCTION:EC,FP_API
X509_policy_tree_get0_user_policies 3656 EXIST:!VMS:FUNCTION:
@@ -3249,8 +3249,8 @@ X509_pcy_tree_get0_usr_policies 3656 EXIST:VMS:FUNCTION:
OPENSSL_DIR_read 3657 EXIST::FUNCTION:
ENGINE_register_all_ECDSA 3658 EXIST::FUNCTION:ENGINE
X509_VERIFY_PARAM_lookup 3659 EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC
+EC_POINT_get_affine_coordinates_GF2m 3660 EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_get_affine_coords_GF2m 3660 EXIST:VMS:FUNCTION:EC,EC2M
EC_GROUP_dup 3661 EXIST::FUNCTION:EC
ENGINE_get_default_ECDSA 3662 EXIST::FUNCTION:ENGINE
EC_KEY_new 3663 EXIST::FUNCTION:EC
@@ -3332,7 +3332,7 @@ STORE_list_certificate_end 3734 NOEXIST::FUNCTION:
STORE_get_crl 3735 NOEXIST::FUNCTION:
X509_POLICY_NODE_print 3736 EXIST::FUNCTION:
SHA384_Init 3737 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
-EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC
+EC_GF2m_simple_method 3738 EXIST::FUNCTION:EC,EC2M
ECDSA_set_ex_data 3739 EXIST::FUNCTION:ECDSA
SHA384_Final 3740 EXIST:!VMSVAX:FUNCTION:SHA,SHA512
PKCS7_set_digest 3741 EXIST::FUNCTION:
@@ -3364,7 +3364,7 @@ BIO_dump_cb 3764 EXIST::FUNCTION:
SHA256_Update 3765 EXIST::FUNCTION:SHA,SHA256
pqueue_insert 3766 EXIST::FUNCTION:
pitem_free 3767 EXIST::FUNCTION:
-BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION:EC2M
ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE
BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION:DEPRECATED
get_rfc3526_prime_8192 3771 EXIST::FUNCTION:
@@ -3510,6 +3510,7 @@ BIO_get_callback_arg 3902 EXIST::FUNCTION:
BIO_set_callback 3903 EXIST::FUNCTION:
d2i_ASIdOrRange 3904 EXIST::FUNCTION:RFC3779
i2d_ASIdentifiers 3905 EXIST::FUNCTION:RFC3779
+CRYPTO_memcmp 3906 EXIST::FUNCTION:
SEED_decrypt 3908 EXIST::FUNCTION:SEED
SEED_encrypt 3909 EXIST::FUNCTION:SEED
SEED_cbc_encrypt 3910 EXIST::FUNCTION:SEED
@@ -3670,7 +3671,7 @@ int_EVP_MD_set_engine_callbacks 4056 NOEXIST::FUNCTION:
int_CRYPTO_set_do_dynlock_callback 4057 NOEXIST::FUNCTION:
FIPS_rng_stick 4058 NOEXIST::FUNCTION:
EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION:
-BN_X931_generate_prime_ex 4060 NOEXIST::FUNCTION:
+BN_X931_generate_prime_ex 4060 EXIST::FUNCTION:
FIPS_selftest_check 4061 NOEXIST::FUNCTION:
FIPS_rand_set_dt 4062 NOEXIST::FUNCTION:
CRYPTO_dbg_pop_info 4063 NOEXIST::FUNCTION:
@@ -3687,7 +3688,7 @@ FIPS_dh_new 4073 NOEXIST::FUNCTION:
FIPS_corrupt_dsa_keygen 4074 NOEXIST::FUNCTION:
FIPS_dh_free 4075 NOEXIST::FUNCTION:
fips_pkey_signature_test 4076 NOEXIST::FUNCTION:
-EVP_add_alg_module 4077 NOEXIST::FUNCTION:
+EVP_add_alg_module 4077 EXIST::FUNCTION:
int_RAND_init_engine_callbacks 4078 NOEXIST::FUNCTION:
int_EVP_CIPHER_set_engine_callbacks 4079 NOEXIST::FUNCTION:
int_EVP_MD_init_engine_callbacks 4080 NOEXIST::FUNCTION:
@@ -3695,14 +3696,14 @@ FIPS_rand_test_mode 4081 NOEXIST::FUNCTION:
FIPS_rand_reset 4082 NOEXIST::FUNCTION:
FIPS_dsa_new 4083 NOEXIST::FUNCTION:
int_RAND_set_callbacks 4084 NOEXIST::FUNCTION:
-BN_X931_derive_prime_ex 4085 NOEXIST::FUNCTION:
+BN_X931_derive_prime_ex 4085 EXIST::FUNCTION:
int_ERR_lib_init 4086 NOEXIST::FUNCTION:
int_EVP_CIPHER_init_engine_callbacks 4087 NOEXIST::FUNCTION:
FIPS_rsa_free 4088 NOEXIST::FUNCTION:
FIPS_dsa_sig_encode 4089 NOEXIST::FUNCTION:
CRYPTO_dbg_remove_all_info 4090 NOEXIST::FUNCTION:
-OPENSSL_init 4091 NOEXIST::FUNCTION:
-private_Camellia_set_key 4092 NOEXIST::FUNCTION:
+OPENSSL_init 4091 EXIST::FUNCTION:
+private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
CRYPTO_strdup 4093 EXIST::FUNCTION:
JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE
JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE
@@ -4194,3 +4195,119 @@ OPENSSL_memcmp 4565 EXIST::FUNCTION:
OPENSSL_strncasecmp 4566 EXIST::FUNCTION:
OPENSSL_gmtime 4567 EXIST::FUNCTION:
OPENSSL_gmtime_adj 4568 EXIST::FUNCTION:
+SRP_VBASE_get_by_user 4569 EXIST::FUNCTION:SRP
+SRP_Calc_server_key 4570 EXIST::FUNCTION:SRP
+SRP_create_verifier 4571 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN 4572 EXIST::FUNCTION:SRP
+SRP_Calc_u 4573 EXIST::FUNCTION:SRP
+SRP_VBASE_free 4574 EXIST::FUNCTION:SRP
+SRP_Calc_client_key 4575 EXIST::FUNCTION:SRP
+SRP_get_default_gN 4576 EXIST::FUNCTION:SRP
+SRP_Calc_x 4577 EXIST::FUNCTION:SRP
+SRP_Calc_B 4578 EXIST::FUNCTION:SRP
+SRP_VBASE_new 4579 EXIST::FUNCTION:SRP
+SRP_check_known_gN_param 4580 EXIST::FUNCTION:SRP
+SRP_Calc_A 4581 EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N 4582 EXIST::FUNCTION:SRP
+SRP_VBASE_init 4583 EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N 4584 EXIST::FUNCTION:SRP
+EC_KEY_set_public_key_affine_coordinates 4585 EXIST:!VMS:FUNCTION:EC
+EC_KEY_set_pub_key_aff_coords 4585 EXIST:VMS:FUNCTION:EC
+EVP_aes_192_ctr 4586 EXIST::FUNCTION:AES
+EVP_PKEY_meth_get0_info 4587 EXIST::FUNCTION:
+EVP_PKEY_meth_copy 4588 EXIST::FUNCTION:
+ERR_add_error_vdata 4589 EXIST::FUNCTION:
+EVP_aes_128_ctr 4590 EXIST::FUNCTION:AES
+EVP_aes_256_ctr 4591 EXIST::FUNCTION:AES
+EC_GFp_nistp224_method 4592 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_KEY_get_flags 4593 EXIST::FUNCTION:EC
+RSA_padding_add_PKCS1_PSS_mgf1 4594 EXIST::FUNCTION:RSA
+EVP_aes_128_xts 4595 EXIST::FUNCTION:AES
+private_SHA224_Init 4596 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+private_AES_set_decrypt_key 4597 EXIST::FUNCTION:AES
+private_WHIRLPOOL_Init 4598 EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
+EVP_aes_256_xts 4599 EXIST::FUNCTION:AES
+private_SHA512_Init 4600 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_128_gcm 4601 EXIST::FUNCTION:AES
+EC_KEY_clear_flags 4602 EXIST::FUNCTION:EC
+EC_KEY_set_flags 4603 EXIST::FUNCTION:EC
+private_DES_set_key_unchecked 4604 EXIST:OPENSSL_FIPS:FUNCTION:DES
+EVP_aes_256_ccm 4605 EXIST::FUNCTION:AES
+private_AES_set_encrypt_key 4606 EXIST::FUNCTION:AES
+RSA_verify_PKCS1_PSS_mgf1 4607 EXIST::FUNCTION:RSA
+private_SHA1_Init 4608 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
+EVP_aes_128_ccm 4609 EXIST::FUNCTION:AES
+private_SEED_set_key 4610 EXIST:OPENSSL_FIPS:FUNCTION:SEED
+EVP_aes_192_gcm 4611 EXIST::FUNCTION:AES
+X509_ALGOR_set_md 4612 EXIST::FUNCTION:
+private_SHA256_Init 4613 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+RAND_init_fips 4614 EXIST:OPENSSL_FIPS:FUNCTION:
+EVP_aes_256_gcm 4615 EXIST::FUNCTION:AES
+private_SHA384_Init 4616 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_192_ccm 4617 EXIST::FUNCTION:AES
+CMAC_CTX_copy 4618 EXIST::FUNCTION:
+CMAC_CTX_free 4619 EXIST::FUNCTION:
+CMAC_CTX_get0_cipher_ctx 4620 EXIST::FUNCTION:
+CMAC_CTX_cleanup 4621 EXIST::FUNCTION:
+CMAC_Init 4622 EXIST::FUNCTION:
+CMAC_Update 4623 EXIST::FUNCTION:
+CMAC_resume 4624 EXIST::FUNCTION:
+CMAC_CTX_new 4625 EXIST::FUNCTION:
+CMAC_Final 4626 EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt_ctr32 4627 EXIST::FUNCTION:
+CRYPTO_gcm128_release 4628 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt_ccm64 4629 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt 4630 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt 4631 EXIST::FUNCTION:
+CRYPTO_xts128_encrypt 4632 EXIST::FUNCTION:
+EVP_rc4_hmac_md5 4633 EXIST::FUNCTION:MD5,RC4
+CRYPTO_nistcts128_decrypt_block 4634 EXIST::FUNCTION:
+CRYPTO_gcm128_setiv 4635 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt 4636 EXIST::FUNCTION:
+EVP_aes_128_cbc_hmac_sha1 4637 EXIST::FUNCTION:AES,SHA,SHA1
+CRYPTO_gcm128_tag 4638 EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt_ccm64 4639 EXIST::FUNCTION:
+ENGINE_load_rdrand 4640 EXIST::FUNCTION:ENGINE
+CRYPTO_ccm128_setiv 4641 EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt_block 4642 EXIST::FUNCTION:
+CRYPTO_gcm128_aad 4643 EXIST::FUNCTION:
+CRYPTO_ccm128_init 4644 EXIST::FUNCTION:
+CRYPTO_nistcts128_decrypt 4645 EXIST::FUNCTION:
+CRYPTO_gcm128_new 4646 EXIST::FUNCTION:
+CRYPTO_ccm128_tag 4647 EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt 4648 EXIST::FUNCTION:
+CRYPTO_ccm128_aad 4649 EXIST::FUNCTION:
+CRYPTO_gcm128_init 4650 EXIST::FUNCTION:
+CRYPTO_gcm128_decrypt 4651 EXIST::FUNCTION:
+ENGINE_load_rsax 4652 EXIST::FUNCTION:ENGINE
+CRYPTO_gcm128_decrypt_ctr32 4653 EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt_ctr32 4654 EXIST::FUNCTION:
+CRYPTO_gcm128_finish 4655 EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha1 4656 EXIST::FUNCTION:AES,SHA,SHA1
+PKCS5_pbkdf2_set 4657 EXIST::FUNCTION:
+CMS_add0_recipient_password 4658 EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password 4659 EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password 4660 EXIST::FUNCTION:CMS
+RAND_set_fips_drbg_type 4661 EXIST:OPENSSL_FIPS:FUNCTION:
+X509_REQ_sign_ctx 4662 EXIST::FUNCTION:EVP
+RSA_PSS_PARAMS_new 4663 EXIST::FUNCTION:RSA
+X509_CRL_sign_ctx 4664 EXIST::FUNCTION:EVP
+X509_signature_dump 4665 EXIST::FUNCTION:EVP
+d2i_RSA_PSS_PARAMS 4666 EXIST::FUNCTION:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_PSS_PARAMS_it 4667 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+RSA_PSS_PARAMS_free 4668 EXIST::FUNCTION:RSA
+X509_sign_ctx 4669 EXIST::FUNCTION:EVP
+i2d_RSA_PSS_PARAMS 4670 EXIST::FUNCTION:RSA
+ASN1_item_sign_ctx 4671 EXIST::FUNCTION:EVP
+EC_GFp_nistp521_method 4672 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_GFp_nistp256_method 4673 EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+OPENSSL_stderr 4674 EXIST::FUNCTION:
+OPENSSL_cpuid_setup 4675 EXIST::FUNCTION:
+OPENSSL_showfatal 4676 EXIST::FUNCTION:
+BIO_new_dgram_sctp 4677 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_msg_waiting 4678 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_wait_for_dry 4679 EXIST::FUNCTION:SCTP
+BIO_s_datagram_sctp 4680 EXIST::FUNCTION:DGRAM,SCTP
+BIO_dgram_is_sctp 4681 EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_notification_cb 4682 EXIST::FUNCTION:SCTP
diff --git a/deps/openssl/openssl/util/mk1mf.pl b/deps/openssl/openssl/util/mk1mf.pl
index afe8c7326..72fa089f6 100755
--- a/deps/openssl/openssl/util/mk1mf.pl
+++ b/deps/openssl/openssl/util/mk1mf.pl
@@ -18,6 +18,8 @@ local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
local $zlib_lib = "";
local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
+my $ex_l_libs = "";
+
# Options to import from top level Makefile
my %mf_import = (
@@ -40,7 +42,9 @@ my %mf_import = (
SHA1_ASM_OBJ => \$mf_sha_asm,
RMD160_ASM_OBJ => \$mf_rmd_asm,
WP_ASM_OBJ => \$mf_wp_asm,
- CMLL_ENC => \$mf_cm_asm
+ CMLL_ENC => \$mf_cm_asm,
+ BASEADDR => \$baseaddr,
+ FIPSDIR => \$fipsdir,
);
@@ -104,6 +108,7 @@ and [options] can be one of
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
+ no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
@@ -228,6 +233,8 @@ else
$cflags.=' -DTERMIO';
}
+$fipsdir =~ s/\//${o}/g;
+
$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
@@ -261,6 +268,7 @@ $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
@@ -270,7 +278,9 @@ $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
+$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
@@ -404,6 +414,11 @@ else
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+ if ($fips)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ }
}
$defs= <<"EOF";
@@ -465,6 +480,18 @@ MKLIB=$bin_dir$mklib
MLFLAGS=$mlflags
ASM=$bin_dir$asm
+# FIPS validated module and support file locations
+
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
+E_PREMAIN_DSO=fips_premain_dso
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
+
######################################################
# You should not need to touch anything below this point
######################################################
@@ -497,7 +524,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
######################################################
# Don't touch anything below this point
@@ -513,7 +540,7 @@ LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
banner:
$banner
@@ -629,6 +656,16 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+# Special case rule for fips_premain_dso
+
+if ($fips)
+ {
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+ "\$(FIPS_PREMAIN_SRC)",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)", "");
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+ }
+
foreach (values %lib_nam)
{
$lib_obj=$lib_obj{$_};
@@ -677,7 +714,28 @@ foreach (split(/\s+/,$engines))
$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+if ($fips)
+ {
+ if ($shlib)
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(O_CRYPTO)", "$crypto",
+ $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+ "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ }
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+ "\$(SO_CRYPTO)");
+ }
foreach (split(" ",$otherlibs))
{
@@ -687,7 +745,7 @@ foreach (split(" ",$otherlibs))
}
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
print $defs;
@@ -781,6 +839,8 @@ sub var_add
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+ @a=grep(!/(srp)/,@a) if $no_srp;
+
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@@ -939,14 +999,15 @@ sub Sasm_compile_target
sub cc_compile_target
{
- local($target,$source,$ex_flags)=@_;
+ local($target,$source,$ex_flags, $srcd)=@_;
local($ret);
$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
- $ret ="$target: \$(SRC_D)$o$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $srcd = "\$(SRC_D)$o" unless defined $srcd;
+ $ret ="$target: $srcd$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c $srcd$source\n\n";
return($ret);
}
@@ -1056,8 +1117,11 @@ sub read_options
"no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
+ "no-srp" => \$no_srp,
"no-cms" => \$no_cms,
+ "no-ec2m" => \$no_ec2m,
"no-jpake" => \$no_jpake,
+ "no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
@@ -1067,11 +1131,12 @@ sub read_options
"no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
+ "no-rsax" => 0,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed],
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
@@ -1079,6 +1144,7 @@ sub read_options
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
+ "no-sctp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
@@ -1086,6 +1152,7 @@ sub read_options
"no-store" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
+ "fips" => \$fips
);
if (exists $valid_options{$_})
diff --git a/deps/openssl/openssl/util/mkdef.pl b/deps/openssl/openssl/util/mkdef.pl
index ab4732909..9a8c7b87d 100755
--- a/deps/openssl/openssl/util/mkdef.pl
+++ b/deps/openssl/openssl/util/mkdef.pl
@@ -79,13 +79,15 @@ my $OS2=0;
my $safe_stack_def = 0;
my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
- "EXPORT_VAR_AS_FUNCTION", "ZLIB" );
+ "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
- "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA",
+ "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
"HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+ # EC_NISTP_64_GCC_128
+ "EC_NISTP_64_GCC_128",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
@@ -98,7 +100,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# RFC3779
"RFC3779",
# TLS
- "TLSEXT", "PSK",
+ "TLSEXT", "PSK", "SRP", "HEARTBEATS",
# CMS
"CMS",
# CryptoAPI Engine
@@ -107,8 +109,14 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"SSL2",
# JPAKE
"JPAKE",
+ # NEXTPROTONEG
+ "NEXTPROTONEG",
# Deprecated functions
- "DEPRECATED" );
+ "DEPRECATED",
+ # Hide SSL internals
+ "SSL_INTERN",
+ # SCTP
+ "SCTP");
my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -127,7 +135,10 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
-my $no_jpake; my $no_ssl2;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
+my $no_nextprotoneg; my $no_sctp;
+
+my $fips;
my $zlib;
@@ -151,6 +162,7 @@ foreach (@ARGV, split(/ /, $options))
}
$VMS=1 if $_ eq "VMS";
$OS2=1 if $_ eq "OS2";
+ $fips=1 if /^fips/;
if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
|| $_ eq "enable-zlib-dynamic") {
$zlib = 1;
@@ -215,9 +227,14 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-rfc3779$/) { $no_rfc3779=1; }
elsif (/^no-tlsext$/) { $no_tlsext=1; }
elsif (/^no-cms$/) { $no_cms=1; }
+ elsif (/^no-ec2m$/) { $no_ec2m=1; }
+ elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
+ elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
elsif (/^no-ssl2$/) { $no_ssl2=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
+ elsif (/^no-srp$/) { $no_srp=1; }
+ elsif (/^no-sctp$/) { $no_sctp=1; }
}
@@ -254,8 +271,10 @@ $max_crypto = $max_num;
my $ssl="ssl/ssl.h";
$ssl.=" ssl/kssl.h";
$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
$crypto.=" crypto/o_dir.h";
$crypto.=" crypto/o_str.h";
$crypto.=" crypto/o_time.h";
@@ -285,6 +304,7 @@ $crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
@@ -319,6 +339,7 @@ $crypto.=" crypto/pqueue/pqueue.h";
$crypto.=" crypto/cms/cms.h";
$crypto.=" crypto/jpake/jpake.h";
$crypto.=" crypto/modes/modes.h";
+$crypto.=" crypto/srp/srp.h";
my $symhacks="crypto/symhacks.h";
@@ -1126,6 +1147,9 @@ sub is_valid
if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
return 1;
}
+ if ($keyword eq "OPENSSL_FIPS" && $fips) {
+ return 1;
+ }
if ($keyword eq "ZLIB" && $zlib) { return 1; }
return 0;
} else {
@@ -1172,9 +1196,15 @@ sub is_valid
if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
if ($keyword eq "PSK" && $no_psk) { return 0; }
if ($keyword eq "CMS" && $no_cms) { return 0; }
+ if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+ if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+ if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+ { return 0; }
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+ if ($keyword eq "SRP" && $no_srp) { return 0; }
+ if ($keyword eq "SCTP" && $no_sctp) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true
diff --git a/deps/openssl/openssl/util/mkfiles.pl b/deps/openssl/openssl/util/mkfiles.pl
index 6d1583145..7d9a9d5e5 100755
--- a/deps/openssl/openssl/util/mkfiles.pl
+++ b/deps/openssl/openssl/util/mkfiles.pl
@@ -15,6 +15,7 @@ my @dirs = (
"crypto/sha",
"crypto/mdc2",
"crypto/hmac",
+"crypto/cmac",
"crypto/ripemd",
"crypto/des",
"crypto/rc2",
@@ -62,6 +63,7 @@ my @dirs = (
"crypto/pqueue",
"crypto/whrlpool",
"crypto/ts",
+"crypto/srp",
"ssl",
"apps",
"engines",
diff --git a/deps/openssl/openssl/util/mkrc.pl b/deps/openssl/openssl/util/mkrc.pl
index 0ceadcf8d..0ceadcf8d 100644..100755
--- a/deps/openssl/openssl/util/mkrc.pl
+++ b/deps/openssl/openssl/util/mkrc.pl
diff --git a/deps/openssl/openssl/util/pl/VC-32.pl b/deps/openssl/openssl/util/pl/VC-32.pl
index 5f25fc41b..6c550f54a 100644
--- a/deps/openssl/openssl/util/pl/VC-32.pl
+++ b/deps/openssl/openssl/util/pl/VC-32.pl
@@ -6,6 +6,16 @@
$ssl= "ssleay32";
$crypto="libeay32";
+if ($fips && !$shlib)
+ {
+ $crypto="libeayfips32";
+ $crypto_compat = "libeaycompat32.lib";
+ }
+else
+ {
+ $crypto="libeay32";
+ }
+
$o='\\';
$cp='$(PERL) util/copy.pl';
$mkdir='$(PERL) util/mkdir-p.pl';
@@ -33,7 +43,7 @@ if ($FLAVOR =~ /WIN64/)
# considered safe to ignore.
#
$base_cflags= " $mf_cflag";
- my $f = $shlib?' /MD':' /MT';
+ my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
$opt_cflags=$f.' /Ox';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
@@ -108,13 +118,13 @@ elsif ($FLAVOR =~ /CE/)
$base_cflags.=' -I$(WCECOMPAT)/include' if (defined($ENV{'WCECOMPAT'}));
$base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include' if (defined($ENV{'PORTSDK_LIBPATH'}));
$opt_cflags=' /MC /O1i'; # optimize for space, but with intrinsics...
- $dbg_clfags=' /MC /Od -DDEBUG -D_DEBUG';
+ $dbg_cflags=' /MC /Od -DDEBUG -D_DEBUG';
$lflags="/nologo /opt:ref $wcelflag";
}
else # Win32
{
$base_cflags= " $mf_cflag";
- my $f = $shlib?' /MD':' /MT';
+ my $f = $shlib || $fips ?' /MD':' /MT';
$lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib
$opt_cflags=$f.' /Ox /O2 /Ob2';
$dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
@@ -266,10 +276,19 @@ elsif ($shlib && $FLAVOR =~ /CE/)
sub do_lib_rule
{
- local($objs,$target,$name,$shlib)=@_;
+ my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
local($ret);
$taget =~ s/\//$o/g if $o ne '/';
+ my $base_arg;
+ if ($base_addr ne "")
+ {
+ $base_arg= " /base:$base_addr";
+ }
+ else
+ {
+ $base_arg = "";
+ }
if ($name ne "")
{
$name =~ tr/a-z/A-Z/;
@@ -277,17 +296,37 @@ sub do_lib_rule
}
# $target="\$(LIB_D)$o$target";
- $ret.="$target: $objs\n";
+# $ret.="$target: $objs\n";
if (!$shlib)
{
# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="$target: $objs\n";
$ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
}
else
{
local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
- $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+
+ if ($fips && $target =~ /O_CRYPTO/)
+ {
+ $ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
+ $ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target ";
+ $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
+ $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
+ }
+ else
+ {
+ $ret.="$target: $objs";
+ $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+ }
$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
}
$ret.="\n";
@@ -296,15 +335,35 @@ sub do_lib_rule
sub do_link_rule
{
- local($target,$files,$dep_libs,$libs)=@_;
+ my($target,$files,$dep_libs,$libs,$standalone)=@_;
local($ret,$_);
-
$file =~ s/\//$o/g if $o ne '/';
$n=&bname($targer);
$ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
- $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n";
- $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
+ if ($standalone == 1)
+ {
+ $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
+ $ret.= "\$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild);
+ $ret.="$files $libs\n<<\n";
+ }
+ elsif ($standalone == 2)
+ {
+ $ret.="\tSET FIPS_LINK=\$(LINK)\n";
+ $ret.="\tSET FIPS_CC=\$(CC)\n";
+ $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\n";
+ $ret.="\tSET FIPS_TARGET=$target\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+ $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
+ }
+ else
+ {
+ $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
+ $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
+ }
+ $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
return($ret);
}
diff --git a/deps/openssl/openssl/util/ssleay.num b/deps/openssl/openssl/util/ssleay.num
index 15a58e7b1..37655bc40 100755
--- a/deps/openssl/openssl/util/ssleay.num
+++ b/deps/openssl/openssl/util/ssleay.num
@@ -259,3 +259,64 @@ SSL_set_session_secret_cb 307 EXIST::FUNCTION:
SSL_set_session_ticket_ext_cb 308 EXIST::FUNCTION:
SSL_set1_param 309 EXIST::FUNCTION:
SSL_CTX_set1_param 310 EXIST::FUNCTION:
+SSL_tls1_key_exporter 311 NOEXIST::FUNCTION:
+SSL_renegotiate_abbreviated 312 EXIST::FUNCTION:
+TLSv1_1_method 313 EXIST::FUNCTION:
+TLSv1_1_client_method 314 EXIST::FUNCTION:
+TLSv1_1_server_method 315 EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback 316 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_client_pwd_cb 316 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_g 317 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username_callback 318 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_un_cb 318 EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_userinfo 319 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param 320 EXIST::FUNCTION:SRP
+SSL_set_srp_server_param_pw 321 EXIST::FUNCTION:SRP
+SSL_get_srp_N 322 EXIST::FUNCTION:SRP
+SSL_get_srp_username 323 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_password 324 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_strength 325 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_verify_param_callback 326 EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_vfy_param_cb 326 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_set_srp_miss_srp_un_cb 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_missing_srp_username_callback 327 NOEXIST::FUNCTION:
+SSL_CTX_set_srp_cb_arg 328 EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username 329 EXIST::FUNCTION:SRP
+SSL_CTX_SRP_CTX_init 330 EXIST::FUNCTION:SRP
+SSL_SRP_CTX_init 331 EXIST::FUNCTION:SRP
+SRP_Calc_A_param 332 EXIST::FUNCTION:SRP
+SRP_generate_server_master_secret 333 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_server_master_secret 333 EXIST:VMS:FUNCTION:SRP
+SSL_CTX_SRP_CTX_free 334 EXIST::FUNCTION:SRP
+SRP_generate_client_master_secret 335 EXIST:!VMS:FUNCTION:SRP
+SRP_gen_client_master_secret 335 EXIST:VMS:FUNCTION:SRP
+SSL_srp_server_param_with_username 336 EXIST:!VMS:FUNCTION:SRP
+SSL_srp_server_param_with_un 336 EXIST:VMS:FUNCTION:SRP
+SRP_have_to_put_srp_username 337 NOEXIST::FUNCTION:
+SSL_SRP_CTX_free 338 EXIST::FUNCTION:SRP
+SSL_set_debug 339 EXIST::FUNCTION:
+SSL_SESSION_get0_peer 340 EXIST::FUNCTION:
+TLSv1_2_client_method 341 EXIST::FUNCTION:
+SSL_SESSION_set1_id_context 342 EXIST::FUNCTION:
+TLSv1_2_server_method 343 EXIST::FUNCTION:
+SSL_cache_hit 344 EXIST::FUNCTION:
+SSL_get0_kssl_ctx 345 EXIST::FUNCTION:KRB5
+SSL_set0_kssl_ctx 346 EXIST::FUNCTION:KRB5
+SSL_SESSION_get0_id 347 NOEXIST::FUNCTION:
+SSL_set_state 348 EXIST::FUNCTION:
+SSL_CIPHER_get_id 349 EXIST::FUNCTION:
+TLSv1_2_method 350 EXIST::FUNCTION:
+SSL_SESSION_get_id_len 351 NOEXIST::FUNCTION:
+kssl_ctx_get0_client_princ 352 EXIST::FUNCTION:KRB5
+SSL_export_keying_material 353 EXIST::FUNCTION:TLSEXT
+SSL_set_tlsext_use_srtp 354 EXIST::FUNCTION:
+SSL_CTX_set_next_protos_advertised_cb 355 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_protos_adv_cb 355 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_get0_next_proto_negotiated 356 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_selected_srtp_profile 357 EXIST::FUNCTION:
+SSL_CTX_set_tlsext_use_srtp 358 EXIST::FUNCTION:
+SSL_select_next_proto 359 EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_srtp_profiles 360 EXIST::FUNCTION:
+SSL_CTX_set_next_proto_select_cb 361 EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_proto_sel_cb 361 EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_SESSION_get_compress_id 362 EXIST::FUNCTION:
diff --git a/deps/openssl/patches/handshake_cutthrough.patch b/deps/openssl/patches/handshake_cutthrough.patch
deleted file mode 100644
index 4f298399c..000000000
--- a/deps/openssl/patches/handshake_cutthrough.patch
+++ /dev/null
@@ -1,275 +0,0 @@
-diff -uarp openssl-1.0.0.orig/apps/s_client.c openssl-1.0.0/apps/s_client.c
---- openssl-1.0.0.orig/apps/s_client.c 2009-12-16 15:28:28.000000000 -0500
-+++ openssl-1.0.0/apps/s_client.c 2010-04-21 14:39:49.000000000 -0400
-@@ -248,6 +248,7 @@ static void sc_usage(void)
- BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
- BIO_printf(bio_err," -status - request certificate status from server\n");
- BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
-+ BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
- #endif
- }
-
-@@ -304,6 +305,7 @@ int MAIN(int argc, char **argv)
- EVP_PKEY *key = NULL;
- char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
- int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-+ int cutthrough=0;
- int crlf=0;
- int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
- SSL_CTX *ctx=NULL;
-@@ -533,6 +535,8 @@ int MAIN(int argc, char **argv)
- else if (strcmp(*argv,"-no_ticket") == 0)
- { off|=SSL_OP_NO_TICKET; }
- #endif
-+ else if (strcmp(*argv,"-cutthrough") == 0)
-+ cutthrough=1;
- else if (strcmp(*argv,"-serverpref") == 0)
- off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
- else if (strcmp(*argv,"-cipher") == 0)
-@@ -714,6 +718,15 @@ bad:
- */
- if (sock_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
-
-+ /* Enable handshake cutthrough for client connections using
-+ * strong ciphers. */
-+ if (cutthrough)
-+ {
-+ int ssl_mode = SSL_CTX_get_mode(ctx);
-+ ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH;
-+ SSL_CTX_set_mode(ctx, ssl_mode);
-+ }
-+
- if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
- if (cipher != NULL)
- if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-diff -uarp openssl-1.0.0.orig/ssl/s3_clnt.c openssl-1.0.0/ssl/s3_clnt.c
---- openssl-1.0.0.orig/ssl/s3_clnt.c 2010-02-27 19:24:24.000000000 -0500
-+++ openssl-1.0.0/ssl/s3_clnt.c 2010-04-21 14:39:49.000000000 -0400
-@@ -186,6 +186,18 @@ int ssl3_connect(SSL *s)
-
- s->in_handshake++;
- if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
-+#if 0 /* Send app data in separate packet, otherwise, some particular site
-+ * (only one site so far) closes the socket.
-+ * Note: there is a very small chance that two TCP packets
-+ * could be arriving at server combined into a single TCP packet,
-+ * then trigger that site to break. We haven't encounter that though.
-+ */
-+ if (SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH)
-+ {
-+ /* Send app data along with CCS/Finished */
-+ s->s3->flags |= SSL3_FLAGS_DELAY_CLIENT_FINISHED;
-+ }
-+#endif
-
- for (;;)
- {
-@@ -454,14 +468,31 @@ int ssl3_connect(SSL *s)
- }
- else
- {
--#ifndef OPENSSL_NO_TLSEXT
-- /* Allow NewSessionTicket if ticket expected */
-- if (s->tlsext_ticket_expected)
-- s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
-+ if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && SSL_get_cipher_bits(s, NULL) >= 128
-+ && s->s3->previous_server_finished_len == 0 /* no cutthrough on renegotiation (would complicate the state machine) */
-+ )
-+ {
-+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
-+ {
-+ s->state=SSL3_ST_CUTTHROUGH_COMPLETE;
-+ s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
-+ s->s3->delay_buf_pop_ret=0;
-+ }
-+ else
-+ {
-+ s->s3->tmp.next_state=SSL3_ST_CUTTHROUGH_COMPLETE;
-+ }
-+ }
- else
-+ {
-+#ifndef OPENSSL_NO_TLSEXT
-+ /* Allow NewSessionTicket if ticket expected */
-+ if (s->tlsext_ticket_expected)
-+ s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
-+ else
- #endif
--
-- s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
-+ s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
-+ }
- }
- s->init_num=0;
- break;
-@@ -512,6 +541,24 @@ int ssl3_connect(SSL *s)
- s->state=s->s3->tmp.next_state;
- break;
-
-+ case SSL3_ST_CUTTHROUGH_COMPLETE:
-+#ifndef OPENSSL_NO_TLSEXT
-+ /* Allow NewSessionTicket if ticket expected */
-+ if (s->tlsext_ticket_expected)
-+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
-+ else
-+#endif
-+ s->state=SSL3_ST_CR_FINISHED_A;
-+
-+ /* SSL_write() will take care of flushing buffered data if
-+ * DELAY_CLIENT_FINISHED is set.
-+ */
-+ if (!(s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED))
-+ ssl_free_wbio_buffer(s);
-+ ret = 1;
-+ goto end;
-+ /* break; */
-+
- case SSL_ST_OK:
- /* clean a few things up */
- ssl3_cleanup_key_block(s);
-diff -uarp openssl-1.0.0.orig/ssl/s3_lib.c openssl-1.0.0/ssl/s3_lib.c
--- openssl-1.0.0.orig/ssl/s3_lib.c 2009-10-16 11:24:19.000000000 -0400
-+++ openssl-1.0.0/ssl/s3_lib.c 2010-04-21 14:39:49.000000000 -0400
-@@ -2551,9 +2551,22 @@ int ssl3_write(SSL *s, const void *buf,
-
- static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
- {
-- int ret;
-+ int n,ret;
-
- clear_sys_error();
-+ if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
-+ {
-+ /* Deal with an application that calls SSL_read() when handshake data
-+ * is yet to be written.
-+ */
-+ if (BIO_wpending(s->wbio) > 0)
-+ {
-+ s->rwstate=SSL_WRITING;
-+ n=BIO_flush(s->wbio);
-+ if (n <= 0) return(n);
-+ s->rwstate=SSL_NOTHING;
-+ }
-+ }
- if (s->s3->renegotiate) ssl3_renegotiate_check(s);
- s->s3->in_read_app_data=1;
- ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-diff -uarp openssl-1.0.0.orig/ssl/ssl.h openssl-1.0.0/ssl/ssl.h
---- openssl-1.0.0.orig/ssl/ssl.h 2010-01-06 12:37:38.000000000 -0500
-+++ openssl-1.0.0/ssl/ssl.h 2010-04-21 16:57:49.000000000 -0400
-@@ -605,6 +605,10 @@ typedef struct ssl_session_st
- /* Use small read and write buffers: (a) lazy allocate read buffers for
- * large incoming records, and (b) limit the size of outgoing records. */
- #define SSL_MODE_SMALL_BUFFERS 0x00000020L
-+/* When set, clients may send application data before receipt of CCS
-+ * and Finished. This mode enables full-handshakes to 'complete' in
-+ * one RTT. */
-+#define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000040L
-
- /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
- * they cannot be used to clear bits. */
-@@ -1097,10 +1101,12 @@ extern "C" {
- /* Is the SSL_connection established? */
- #define SSL_get_state(a) SSL_state(a)
- #define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
--#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
-+#define SSL_in_init(a) ((SSL_state(a)&SSL_ST_INIT) && \
-+ !SSL_cutthrough_complete(a))
- #define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
- #define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
- #define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
-+int SSL_cutthrough_complete(const SSL *s);
-
- /* The following 2 states are kept in ssl->rstate when reads fail,
- * you should not need these */
-Only in openssl-1.0.0/ssl: ssl.h.orig
-diff -uarp openssl-1.0.0.orig/ssl/ssl3.h openssl-1.0.0/ssl/ssl3.h
--- openssl-1.0.0.orig/ssl/ssl3.h 2010-01-06 12:37:38.000000000 -0500
-+++ openssl-1.0.0/ssl/ssl3.h 2010-04-21 14:39:49.000000000 -0400
-@@ -456,6 +456,7 @@ typedef struct ssl3_state_st
- /*client */
- /* extra state */
- #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
-+#define SSL3_ST_CUTTHROUGH_COMPLETE (0x101|SSL_ST_CONNECT)
- /* write to server */
- #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
- #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
-diff -uarp openssl-1.0.0.orig/ssl/ssl_lib.c openssl-1.0.0/ssl/ssl_lib.c
---- openssl-1.0.0.orig/ssl/ssl_lib.c 2010-02-17 14:43:46.000000000 -0500
-+++ openssl-1.0.0/ssl/ssl_lib.c 2010-04-21 17:02:45.000000000 -0400
-@@ -3031,6 +3031,19 @@ void SSL_set_msg_callback(SSL *ssl, void
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
- }
-
-+int SSL_cutthrough_complete(const SSL *s)
-+ {
-+ return (!s->server && /* cutthrough only applies to clients */
-+ !s->hit && /* full-handshake */
-+ s->version >= SSL3_VERSION &&
-+ s->s3->in_read_app_data == 0 && /* cutthrough only applies to write() */
-+ (SSL_get_mode((SSL*)s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && /* cutthrough enabled */
-+ SSL_get_cipher_bits(s, NULL) >= 128 && /* strong cipher choosen */
-+ s->s3->previous_server_finished_len == 0 && /* not a renegotiation handshake */
-+ (s->state == SSL3_ST_CR_SESSION_TICKET_A || /* ready to write app-data*/
-+ s->state == SSL3_ST_CR_FINISHED_A));
-+ }
-+
- /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
- * vairable, freeing EVP_MD_CTX previously stored in that variable, if
- * any. If EVP_MD pointer is passed, initializes ctx with this md
-diff -uarp openssl-1.0.0.orig/ssl/ssltest.c openssl-1.0.0/ssl/ssltest.c
---- openssl-1.0.0.orig/ssl/ssltest.c 2010-01-24 11:57:38.000000000 -0500
-+++ openssl-1.0.0/ssl/ssltest.c 2010-04-21 17:06:35.000000000 -0400
-@@ -279,6 +279,7 @@ static void sv_usage(void)
- fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
- fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n");
- fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n");
-+ fprintf(stderr," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
- }
-
- static void print_details(SSL *c_ssl, const char *prefix)
-@@ -436,6 +437,7 @@ int main(int argc, char *argv[])
- int ssl_mode = 0;
- int c_small_records=0;
- int s_small_records=0;
-+ int cutthrough = 0;
-
- verbose = 0;
- debug = 0;
-@@ -632,6 +634,10 @@ int main(int argc, char *argv[])
- {
- s_small_records = 1;
- }
-+ else if (strcmp(*argv, "-cutthrough") == 0)
-+ {
-+ cutthrough = 1;
-+ }
- else
- {
- fprintf(stderr,"unknown option %s\n",*argv);
-@@ -782,6 +788,13 @@ bad:
- ssl_mode |= SSL_MODE_SMALL_BUFFERS;
- SSL_CTX_set_mode(s_ctx, ssl_mode);
- }
-+ ssl_mode = 0;
-+ if (cutthrough)
-+ {
-+ ssl_mode = SSL_CTX_get_mode(c_ctx);
-+ ssl_mode = SSL_MODE_HANDSHAKE_CUTTHROUGH;
-+ SSL_CTX_set_mode(c_ctx, ssl_mode);
-+ }
-
- #ifndef OPENSSL_NO_DH
- if (!no_dhe)
-diff -uarp openssl-1.0.0.orig/test/testssl openssl-1.0.0/test/testssl
---- openssl-1.0.0.orig/test/testssl 2006-03-10 18:06:27.000000000 -0500
-+++ openssl-1.0.0/test/testssl 2010-04-21 16:50:13.000000000 -0400
-@@ -79,6 +79,8 @@ $ssltest -server_auth -client_auth -s_sm
- echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
- $ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
-
-+echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough
-+$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1
-
- echo test sslv2 via BIO pair
- $ssltest -bio_pair -ssl2 $extra || exit 1
diff --git a/deps/openssl/patches/jsse.patch b/deps/openssl/patches/jsse.patch
deleted file mode 100644
index 249fb5b2b..000000000
--- a/deps/openssl/patches/jsse.patch
+++ /dev/null
@@ -1,426 +0,0 @@
---- openssl-1.0.0b.orig/ssl/ssl.h 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl.h 2010-11-30 00:03:47.000000000 +0000
-@@ -1133,6 +1133,9 @@ struct ssl_st
- /* This can also be in the session once a session is established */
- SSL_SESSION *session;
-
-+ /* This can be disabled to prevent the use of uncached sessions */
-+ int session_creation_enabled;
-+
- /* Default generate session ID callback. */
- GEN_SESSION_CB generate_session_id;
-
-@@ -1546,6 +1549,7 @@ const SSL_CIPHER *SSL_get_current_cipher
- int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
- char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
- const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
-+const char * SSL_CIPHER_authentication_method(const SSL_CIPHER *c);
-
- int SSL_get_fd(const SSL *s);
- int SSL_get_rfd(const SSL *s);
-@@ -1554,6 +1558,7 @@ const char * SSL_get_cipher_list(const
- char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
- int SSL_get_read_ahead(const SSL * s);
- int SSL_pending(const SSL *s);
-+const char * SSL_authentication_method(const SSL *c);
- #ifndef OPENSSL_NO_SOCK
- int SSL_set_fd(SSL *s, int fd);
- int SSL_set_rfd(SSL *s, int fd);
-@@ -1565,6 +1570,7 @@ BIO * SSL_get_rbio(const SSL *s);
- BIO * SSL_get_wbio(const SSL *s);
- #endif
- int SSL_set_cipher_list(SSL *s, const char *str);
-+int SSL_set_cipher_lists(SSL *s, STACK_OF(SSL_CIPHER) *sk);
- void SSL_set_read_ahead(SSL *s, int yes);
- int SSL_get_verify_mode(const SSL *s);
- int SSL_get_verify_depth(const SSL *s);
-@@ -1580,6 +1586,8 @@ int SSL_use_PrivateKey(SSL *ssl, EVP_PKE
- int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, const unsigned char *d, long len);
- int SSL_use_certificate(SSL *ssl, X509 *x);
- int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-+int SSL_use_certificate_chain(SSL *ssl, STACK_OF(X509) *cert_chain);
-+STACK_OF(X509) * SSL_get_certificate_chain(SSL *ssl, X509 *x);
-
- #ifndef OPENSSL_NO_STDIO
- int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-@@ -1615,6 +1623,7 @@ void SSL_copy_session_id(SSL *to,const S
- SSL_SESSION *SSL_SESSION_new(void);
- const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
- unsigned int *len);
-+const char * SSL_SESSION_get_version(const SSL_SESSION *s);
- #ifndef OPENSSL_NO_FP_API
- int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
- #endif
-@@ -1624,6 +1633,7 @@ int SSL_SESSION_print(BIO *fp,const SSL_
- void SSL_SESSION_free(SSL_SESSION *ses);
- int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
- int SSL_set_session(SSL *to, SSL_SESSION *session);
-+void SSL_set_session_creation_enabled(SSL *, int);
- int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
- int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
- int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-@@ -2066,6 +2076,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
- #define SSL_F_SSL_USE_CERTIFICATE 198
- #define SSL_F_SSL_USE_CERTIFICATE_ASN1 199
-+#define SSL_F_SSL_USE_CERTIFICATE_CHAIN 2000
- #define SSL_F_SSL_USE_CERTIFICATE_FILE 200
- #define SSL_F_SSL_USE_PRIVATEKEY 201
- #define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
-@@ -2272,6 +2283,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
- #define SSL_R_SERVERHELLO_TLSEXT 275
- #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
-+#define SSL_R_SESSION_MAY_NOT_BE_CREATED 2000
- #define SSL_R_SHORT_READ 219
- #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
- #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
---- openssl-1.0.0b.orig/ssl/d1_clnt.c 2010-01-26 19:46:29.000000000 +0000
-+++ openssl-1.0.0b/ssl/d1_clnt.c 2010-11-30 00:03:47.000000000 +0000
-@@ -613,6 +613,12 @@ int dtls1_client_hello(SSL *s)
- #endif
- (s->session->not_resumable))
- {
-+ if (!s->session_creation_enabled)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,0))
- goto err;
- }
---- openssl-1.0.0b.orig/ssl/s23_clnt.c 2010-02-16 14:20:40.000000000 +0000
-+++ openssl-1.0.0b/ssl/s23_clnt.c 2010-11-30 00:03:47.000000000 +0000
-@@ -687,6 +687,13 @@ static int ssl23_get_server_hello(SSL *s
-
- /* Since, if we are sending a ssl23 client hello, we are not
- * reusing a session-id */
-+ if (!s->session_creation_enabled)
-+ {
-+ if (!(s->client_version == SSL2_VERSION))
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,0))
- goto err;
-
---- openssl-1.0.0b.orig/ssl/s3_both.c 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/s3_both.c 2010-11-30 00:03:47.000000000 +0000
-@@ -347,8 +347,11 @@ unsigned long ssl3_output_cert_chain(SSL
- unsigned long l=7;
- BUF_MEM *buf;
- int no_chain;
-+ STACK_OF(X509) *cert_chain;
-
-- if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
-+ cert_chain = SSL_get_certificate_chain(s, x);
-+
-+ if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs || cert_chain)
- no_chain = 1;
- else
- no_chain = 0;
-@@ -400,6 +403,10 @@ unsigned long ssl3_output_cert_chain(SSL
- return(0);
- }
-
-+ for (i=0; i<sk_X509_num(cert_chain); i++)
-+ if (ssl3_add_cert_to_buf(buf, &l, sk_X509_value(cert_chain,i)))
-+ return(0);
-+
- l-=7;
- p=(unsigned char *)&(buf->data[4]);
- l2n3(l,p);
---- openssl-1.0.0b.orig/ssl/s3_clnt.c 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/s3_clnt.c 2010-11-30 00:03:47.000000000 +0000
-@@ -686,6 +686,12 @@ int ssl3_client_hello(SSL *s)
- #endif
- (sess->not_resumable))
- {
-+ if (!s->session_creation_enabled)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,0))
- goto err;
- }
-@@ -894,6 +900,12 @@ int ssl3_get_server_hello(SSL *s)
- s->hit=0;
- if (s->session->session_id_length > 0)
- {
-+ if (!s->session_creation_enabled)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,0))
- {
- al=SSL_AD_INTERNAL_ERROR;
---- openssl-1.0.0b.orig/ssl/s3_srvr.c 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/s3_srvr.c 2010-11-30 00:03:47.000000000 +0000
-@@ -902,6 +902,12 @@ int ssl3_get_client_hello(SSL *s)
- */
- if ((s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
- {
-+ if (!s->session_creation_enabled)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,1))
- goto err;
- }
-@@ -916,6 +922,12 @@ int ssl3_get_client_hello(SSL *s)
- goto err;
- else /* i == 0 */
- {
-+ if (!s->session_creation_enabled)
-+ {
-+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_SESSION_MAY_NOT_BE_CREATED);
-+ goto err;
-+ }
- if (!ssl_get_new_session(s,1))
- goto err;
- }
---- openssl-1.0.0b.orig/ssl/ssl_ciph.c 2010-06-15 17:25:14.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_ciph.c 2010-11-30 00:03:47.000000000 +0000
-@@ -1652,6 +1652,52 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER
- return(ret);
- }
-
-+/* return string version of key exchange algorithm */
-+const char* SSL_CIPHER_authentication_method(const SSL_CIPHER* cipher)
-+ {
-+ switch (cipher->algorithm_mkey)
-+ {
-+ case SSL_kRSA:
-+ return SSL_TXT_RSA;
-+ case SSL_kDHr:
-+ return SSL_TXT_DH "_" SSL_TXT_RSA;
-+ case SSL_kDHd:
-+ return SSL_TXT_DH "_" SSL_TXT_DSS;
-+ case SSL_kEDH:
-+ switch (cipher->algorithm_auth)
-+ {
-+ case SSL_aDSS:
-+ return "DHE_" SSL_TXT_DSS;
-+ case SSL_aRSA:
-+ return "DHE_" SSL_TXT_RSA;
-+ case SSL_aNULL:
-+ return SSL_TXT_DH "_anon";
-+ default:
-+ return "UNKNOWN";
-+ }
-+ case SSL_kKRB5:
-+ return SSL_TXT_KRB5;
-+ case SSL_kECDHr:
-+ return SSL_TXT_ECDH "_" SSL_TXT_RSA;
-+ case SSL_kECDHe:
-+ return SSL_TXT_ECDH "_" SSL_TXT_ECDSA;
-+ case SSL_kEECDH:
-+ switch (cipher->algorithm_auth)
-+ {
-+ case SSL_aECDSA:
-+ return "ECDHE_" SSL_TXT_ECDSA;
-+ case SSL_aRSA:
-+ return "ECDHE_" SSL_TXT_RSA;
-+ case SSL_aNULL:
-+ return SSL_TXT_ECDH "_anon";
-+ default:
-+ return "UNKNOWN";
-+ }
-+ default:
-+ return "UNKNOWN";
-+ }
-+ }
-+
- SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
- {
- SSL_COMP *ctmp;
---- openssl-1.0.0b.orig/ssl/ssl_err.c 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_err.c 2010-11-30 00:03:47.000000000 +0000
-@@ -465,6 +465,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
- {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
- {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) ,"serverhello tlsext"},
- {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
-+{ERR_REASON(SSL_R_SESSION_MAY_NOT_BE_CREATED),"session may not be created"},
- {ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
- {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
- {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
---- openssl-1.0.0b.orig/ssl/ssl_lib.c 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_lib.c 2010-11-30 00:03:47.000000000 +0000
-@@ -326,6 +326,7 @@ SSL *SSL_new(SSL_CTX *ctx)
- OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
- memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
- s->verify_callback=ctx->default_verify_callback;
-+ s->session_creation_enabled=1;
- s->generate_session_id=ctx->generate_session_id;
-
- s->param = X509_VERIFY_PARAM_new();
-@@ -1311,6 +1312,32 @@ int SSL_set_cipher_list(SSL *s,const cha
- return 1;
- }
-
-+/** specify the ciphers to be used by the SSL */
-+int SSL_set_cipher_lists(SSL *s,STACK_OF(SSL_CIPHER) *sk)
-+ {
-+ STACK_OF(SSL_CIPHER) *tmp_cipher_list;
-+
-+ if (sk == NULL)
-+ return 0;
-+
-+ /* Based on end of ssl_create_cipher_list */
-+ tmp_cipher_list = sk_SSL_CIPHER_dup(sk);
-+ if (tmp_cipher_list == NULL)
-+ {
-+ return 0;
-+ }
-+ if (s->cipher_list != NULL)
-+ sk_SSL_CIPHER_free(s->cipher_list);
-+ s->cipher_list = sk;
-+ if (s->cipher_list_by_id != NULL)
-+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
-+ s->cipher_list_by_id = tmp_cipher_list;
-+ (void)sk_SSL_CIPHER_set_cmp_func(s->cipher_list_by_id,ssl_cipher_ptr_id_cmp);
-+
-+ sk_SSL_CIPHER_sort(s->cipher_list_by_id);
-+ return 1;
-+ }
-+
- /* works well for SSLv2, not so good for SSLv3 */
- char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
- {
-@@ -2551,18 +2578,45 @@ SSL_METHOD *ssl_bad_method(int ver)
- return(NULL);
- }
-
--const char *SSL_get_version(const SSL *s)
-+static const char *ssl_get_version(int version)
- {
-- if (s->version == TLS1_VERSION)
-+ if (version == TLS1_VERSION)
- return("TLSv1");
-- else if (s->version == SSL3_VERSION)
-+ else if (version == SSL3_VERSION)
- return("SSLv3");
-- else if (s->version == SSL2_VERSION)
-+ else if (version == SSL2_VERSION)
- return("SSLv2");
- else
- return("unknown");
- }
-
-+const char *SSL_get_version(const SSL *s)
-+ {
-+ return ssl_get_version(s->version);
-+ }
-+
-+const char *SSL_SESSION_get_version(const SSL_SESSION *s)
-+ {
-+ return ssl_get_version(s->ssl_version);
-+ }
-+
-+const char* SSL_authentication_method(const SSL* ssl)
-+ {
-+ if (ssl->cert != NULL && ssl->cert->rsa_tmp != NULL)
-+ return SSL_TXT_RSA "_" SSL_TXT_EXPORT;
-+ switch (ssl->version)
-+ {
-+ case SSL2_VERSION:
-+ return SSL_TXT_RSA;
-+ case SSL3_VERSION:
-+ case TLS1_VERSION:
-+ case DTLS1_VERSION:
-+ return SSL_CIPHER_authentication_method(ssl->s3->tmp.new_cipher);
-+ default:
-+ return "UNKNOWN";
-+ }
-+ }
-+
- SSL *SSL_dup(SSL *s)
- {
- STACK_OF(X509_NAME) *sk;
---- openssl-1.0.0b.orig/ssl/ssl_locl.h 2010-11-30 00:03:46.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_locl.h 2010-11-30 00:03:47.000000000 +0000
-@@ -456,6 +456,7 @@
- typedef struct cert_pkey_st
- {
- X509 *x509;
-+ STACK_OF(X509) *cert_chain;
- EVP_PKEY *privatekey;
- } CERT_PKEY;
-
---- openssl-1.0.0b.orig/ssl/ssl_rsa.c 2009-09-12 23:09:26.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_rsa.c 2010-11-30 00:03:47.000000000 +0000
-@@ -697,6 +697,42 @@ int SSL_CTX_use_PrivateKey_ASN1(int type
- }
-
-
-+int SSL_use_certificate_chain(SSL *ssl, STACK_OF(X509) *cert_chain)
-+ {
-+ if (ssl == NULL)
-+ {
-+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,ERR_R_PASSED_NULL_PARAMETER);
-+ return(0);
-+ }
-+ if (ssl->cert == NULL)
-+ {
-+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,SSL_R_NO_CERTIFICATE_ASSIGNED);
-+ return(0);
-+ }
-+ if (ssl->cert->key == NULL)
-+ {
-+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_CHAIN,SSL_R_NO_CERTIFICATE_ASSIGNED);
-+ return(0);
-+ }
-+ ssl->cert->key->cert_chain = cert_chain;
-+ return(1);
-+ }
-+
-+STACK_OF(X509) *SSL_get_certificate_chain(SSL *ssl, X509 *x)
-+ {
-+ int i;
-+ if (x == NULL)
-+ return NULL;
-+ if (ssl == NULL)
-+ return NULL;
-+ if (ssl->cert == NULL)
-+ return NULL;
-+ for (i = 0; i < SSL_PKEY_NUM; i++)
-+ if (ssl->cert->pkeys[i].x509 == x)
-+ return ssl->cert->pkeys[i].cert_chain;
-+ return NULL;
-+ }
-+
- #ifndef OPENSSL_NO_STDIO
- /* Read a file that contains our certificate in "PEM" format,
- * possibly followed by a sequence of CA certificates that should be
---- openssl-1.0.0b.orig/ssl/ssl_sess.c 2010-02-01 16:49:42.000000000 +0000
-+++ openssl-1.0.0b/ssl/ssl_sess.c 2010-11-30 00:03:47.000000000 +0000
-@@ -261,6 +261,11 @@ static int def_generate_session_id(const
- return 0;
- }
-
-+void SSL_set_session_creation_enabled (SSL *s, int creation_enabled)
-+ {
-+ s->session_creation_enabled = creation_enabled;
-+ }
-+
- int ssl_get_new_session(SSL *s, int session)
- {
- /* This gets used by clients and servers. */
-@@ -269,6 +274,8 @@ int ssl_get_new_session(SSL *s, int sess
- SSL_SESSION *ss=NULL;
- GEN_SESSION_CB cb = def_generate_session_id;
-
-+ /* caller should check this if they can do better error handling */
-+ if (!s->session_creation_enabled) return(0);
- if ((ss=SSL_SESSION_new()) == NULL) return(0);
-
- /* If the context has a default timeout, use it */
diff --git a/deps/openssl/patches/npn.patch b/deps/openssl/patches/npn.patch
deleted file mode 100644
index 46b7a7df3..000000000
--- a/deps/openssl/patches/npn.patch
+++ /dev/null
@@ -1,1293 +0,0 @@
---- openssl-1.0.0b.orig/apps/apps.c 2010-11-11 14:42:19.000000000 +0000
-+++ openssl-1.0.0b/apps/apps.c 2010-11-29 19:56:04.902465346 +0000
-@@ -3012,3 +3012,46 @@ int raw_write_stdout(const void *buf,int
- int raw_write_stdout(const void *buf,int siz)
- { return write(fileno(stdout),buf,siz); }
- #endif
-+
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+/* next_protos_parse parses a comma separated list of strings into a string
-+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
-+ * outlen: (output) set to the length of the resulting buffer on success.
-+ * in: a NUL termianted string like "abc,def,ghi"
-+ *
-+ * returns: a malloced buffer or NULL on failure.
-+ */
-+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
-+ {
-+ size_t len;
-+ unsigned char *out;
-+ size_t i, start = 0;
-+
-+ len = strlen(in);
-+ if (len >= 65535)
-+ return NULL;
-+
-+ out = OPENSSL_malloc(strlen(in) + 1);
-+ if (!out)
-+ return NULL;
-+
-+ for (i = 0; i <= len; ++i)
-+ {
-+ if (i == len || in[i] == ',')
-+ {
-+ if (i - start > 255)
-+ {
-+ OPENSSL_free(out);
-+ return NULL;
-+ }
-+ out[start] = i - start;
-+ start = i + 1;
-+ }
-+ else
-+ out[i+1] = in[i];
-+ }
-+
-+ *outlen = len + 1;
-+ return out;
-+ }
-+#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
---- openssl-1.0.0b.orig/apps/apps.h 2009-10-31 13:34:19.000000000 +0000
-+++ openssl-1.0.0b/apps/apps.h 2010-11-29 19:56:04.902465346 +0000
-@@ -358,3 +358,7 @@ int raw_write_stdout(const void *,int);
- #define TM_STOP 1
- double app_tminterval (int stop,int usertime);
- #endif
-+
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
-+#endif
---- openssl-1.0.0b.orig/apps/s_client.c 2010-11-29 19:56:04.832465351 +0000
-+++ openssl-1.0.0b/apps/s_client.c 2010-11-29 19:56:04.902465346 +0000
-@@ -342,6 +342,9 @@ static void sc_usage(void)
- BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
- BIO_printf(bio_err," -status - request certificate status from server\n");
- BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
-+# endif
- BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
- #endif
- BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
-@@ -367,6 +370,40 @@ static int MS_CALLBACK ssl_servername_cb
-
- return SSL_TLSEXT_ERR_OK;
- }
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+/* This the context that we pass to next_proto_cb */
-+typedef struct tlsextnextprotoctx_st {
-+ unsigned char *data;
-+ unsigned short len;
-+ int status;
-+} tlsextnextprotoctx;
-+
-+static tlsextnextprotoctx next_proto;
-+
-+static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
-+ {
-+ tlsextnextprotoctx *ctx = arg;
-+
-+ if (!c_quiet)
-+ {
-+ /* We can assume that |in| is syntactically valid. */
-+ unsigned i;
-+ BIO_printf(bio_c_out, "Protocols advertised by server: ");
-+ for (i = 0; i < inlen; )
-+ {
-+ if (i)
-+ BIO_write(bio_c_out, ", ", 2);
-+ BIO_write(bio_c_out, &in[i + 1], in[i]);
-+ i += in[i] + 1;
-+ }
-+ BIO_write(bio_c_out, "\n", 1);
-+ }
-+
-+ ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
-+ return SSL_TLSEXT_ERR_OK;
-+ }
-+# endif /* ndef OPENSSL_NO_NEXTPROTONEG */
- #endif
-
- enum
-@@ -431,6 +468,9 @@ int MAIN(int argc, char **argv)
- char *servername = NULL;
- tlsextctx tlsextcbp =
- {NULL,0};
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ const char *next_proto_neg_in = NULL;
-+# endif
- #endif
- char *sess_in = NULL;
- char *sess_out = NULL;
-@@ -658,6 +698,13 @@ int MAIN(int argc, char **argv)
- #ifndef OPENSSL_NO_TLSEXT
- else if (strcmp(*argv,"-no_ticket") == 0)
- { off|=SSL_OP_NO_TICKET; }
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ else if (strcmp(*argv,"-nextprotoneg") == 0)
-+ {
-+ if (--argc < 1) goto bad;
-+ next_proto_neg_in = *(++argv);
-+ }
-+# endif
- #endif
- else if (strcmp(*argv,"-cutthrough") == 0)
- cutthrough=1;
-@@ -766,6 +813,21 @@ bad:
- OpenSSL_add_ssl_algorithms();
- SSL_load_error_strings();
-
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ next_proto.status = -1;
-+ if (next_proto_neg_in)
-+ {
-+ next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
-+ if (next_proto.data == NULL)
-+ {
-+ BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
-+ goto end;
-+ }
-+ }
-+ else
-+ next_proto.data = NULL;
-+#endif
-+
- #ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine_id, 1);
- if (ssl_client_engine_id)
-@@ -896,6 +958,11 @@ bad:
- SSL_CTX_set_mode(ctx, ssl_mode);
- }
-
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ if (next_proto.data)
-+ SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
-+#endif
-+
- if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
- if (cipher != NULL)
- if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-@@ -1755,6 +1822,18 @@ static void print_stuff(BIO *bio, SSL *s
- BIO_printf(bio,"Expansion: %s\n",
- expansion ? SSL_COMP_get_name(expansion) : "NONE");
- #endif
-+
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ if (next_proto.status != -1) {
-+ const unsigned char *proto;
-+ unsigned int proto_len;
-+ SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
-+ BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
-+ BIO_write(bio, proto, proto_len);
-+ BIO_write(bio, "\n", 1);
-+ }
-+#endif
-+
- SSL_SESSION_print(bio,SSL_get_session(s));
- BIO_printf(bio,"---\n");
- if (peer != NULL)
---- openssl-1.0.0b.orig/apps/s_server.c 2010-06-15 17:25:02.000000000 +0000
-+++ openssl-1.0.0b/apps/s_server.c 2010-11-29 19:56:04.902465346 +0000
-@@ -492,6 +492,9 @@ static void sv_usage(void)
- BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
- BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
- BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
-+# endif
- #endif
- }
-
-@@ -826,6 +829,24 @@ BIO_printf(err, "cert_status: received %
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- goto done;
- }
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+/* This is the context that we pass to next_proto_cb */
-+typedef struct tlsextnextprotoctx_st {
-+ unsigned char *data;
-+ unsigned int len;
-+} tlsextnextprotoctx;
-+
-+static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
-+ {
-+ tlsextnextprotoctx *next_proto = arg;
-+
-+ *data = next_proto->data;
-+ *len = next_proto->len;
-+
-+ return SSL_TLSEXT_ERR_OK;
-+ }
-+# endif /* ndef OPENSSL_NO_NPN */
- #endif
-
- int MAIN(int, char **);
-@@ -867,6 +888,10 @@ int MAIN(int argc, char *argv[])
- #endif
- #ifndef OPENSSL_NO_TLSEXT
- tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ const char *next_proto_neg_in = NULL;
-+ tlsextnextprotoctx next_proto;
-+# endif
- #endif
- #ifndef OPENSSL_NO_PSK
- /* by default do not send a PSK identity hint */
-@@ -1191,7 +1216,13 @@ int MAIN(int argc, char *argv[])
- if (--argc < 1) goto bad;
- s_key_file2= *(++argv);
- }
--
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ else if (strcmp(*argv,"-nextprotoneg") == 0)
-+ {
-+ if (--argc < 1) goto bad;
-+ next_proto_neg_in = *(++argv);
-+ }
-+# endif
- #endif
- #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
- else if (strcmp(*argv,"-jpake") == 0)
-@@ -1476,6 +1507,11 @@ bad:
- if (vpm)
- SSL_CTX_set1_param(ctx2, vpm);
- }
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ if (next_proto.data)
-+ SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto);
-+# endif
- #endif
-
- #ifndef OPENSSL_NO_DH
-@@ -1617,6 +1653,21 @@ bad:
- goto end;
- }
- }
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ if (next_proto_neg_in)
-+ {
-+ unsigned short len;
-+ next_proto.data = next_protos_parse(&len,
-+ next_proto_neg_in);
-+ if (next_proto.data == NULL)
-+ goto end;
-+ next_proto.len = len;
-+ }
-+ else
-+ {
-+ next_proto.data = NULL;
-+ }
-+# endif
- #endif
- RSA_free(rsa);
- BIO_printf(bio_s_out,"\n");
-@@ -2159,6 +2210,10 @@ static int init_ssl_connection(SSL *con)
- X509 *peer;
- long verify_error;
- MS_STATIC char buf[BUFSIZ];
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ const unsigned char *next_proto_neg;
-+ unsigned next_proto_neg_len;
-+#endif
-
- if ((i=SSL_accept(con)) <= 0)
- {
-@@ -2198,6 +2253,15 @@ static int init_ssl_connection(SSL *con)
- BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
- str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
- BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
-+ if (next_proto_neg)
-+ {
-+ BIO_printf(bio_s_out,"NEXTPROTO is ");
-+ BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
-+ BIO_printf(bio_s_out, "\n");
-+ }
-+#endif
- if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
- if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
- TLS1_FLAGS_TLS_PADDING_BUG)
---- openssl-1.0.0b.orig/include/openssl/ssl.h 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/include/openssl/ssl.h 2010-11-29 19:56:04.965928855 +0000
-@@ -857,6 +857,25 @@ struct ssl_ctx_st
- /* draft-rescorla-tls-opaque-prf-input-00.txt information */
- int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
- void *tlsext_opaque_prf_input_callback_arg;
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Next protocol negotiation information */
-+ /* (for experimental NPN extension). */
-+
-+ /* For a server, this contains a callback function by which the set of
-+ * advertised protocols can be provided. */
-+ int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
-+ unsigned int *len, void *arg);
-+ void *next_protos_advertised_cb_arg;
-+ /* For a client, this contains a callback function that selects the
-+ * next protocol from the list provided by the server. */
-+ int (*next_proto_select_cb)(SSL *s, unsigned char **out,
-+ unsigned char *outlen,
-+ const unsigned char *in,
-+ unsigned int inlen,
-+ void *arg);
-+ void *next_proto_select_cb_arg;
-+# endif
- #endif
-
- #ifndef OPENSSL_NO_PSK
-@@ -928,6 +947,30 @@ int SSL_CTX_set_client_cert_engine(SSL_C
- #endif
- void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
- void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
-+ int (*cb) (SSL *ssl,
-+ const unsigned char **out,
-+ unsigned int *outlen,
-+ void *arg), void *arg);
-+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
-+ int (*cb) (SSL *ssl, unsigned char **out,
-+ unsigned char *outlen,
-+ const unsigned char *in,
-+ unsigned int inlen, void *arg),
-+ void *arg);
-+
-+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-+ const unsigned char *in, unsigned int inlen,
-+ const unsigned char *client, unsigned int client_len);
-+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-+ unsigned *len);
-+
-+#define OPENSSL_NPN_UNSUPPORTED 0
-+#define OPENSSL_NPN_NEGOTIATED 1
-+#define OPENSSL_NPN_NO_OVERLAP 2
-+
-+#endif
-
- #ifndef OPENSSL_NO_PSK
- /* the maximum length of the buffer given to callbacks containing the
-@@ -1187,6 +1230,19 @@ struct ssl_st
- void *tls_session_secret_cb_arg;
-
- SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
-+
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Next protocol negotiation. For the client, this is the protocol that
-+ * we sent in NextProtocol and is set when handling ServerHello
-+ * extensions.
-+ *
-+ * For a server, this is the client's selected_protocol from
-+ * NextProtocol and is set when handling the NextProtocol message,
-+ * before the Finished message. */
-+ unsigned char *next_proto_negotiated;
-+ unsigned char next_proto_negotiated_len;
-+#endif
-+
- #define session_ctx initial_ctx
- #else
- #define session_ctx ctx
-@@ -1919,6 +1975,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_F_SSL3_GET_KEY_EXCHANGE 141
- #define SSL_F_SSL3_GET_MESSAGE 142
- #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
-+#define SSL_F_SSL3_GET_NEXT_PROTO 304
- #define SSL_F_SSL3_GET_RECORD 143
- #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
- #define SSL_F_SSL3_GET_SERVER_DONE 145
-@@ -2117,6 +2174,8 @@ void ERR_load_SSL_strings(void);
- #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
- #define SSL_R_EXTRA_DATA_IN_MESSAGE 153
- #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-+#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 346
-+#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 347
- #define SSL_R_HTTPS_PROXY_REQUEST 155
- #define SSL_R_HTTP_REQUEST 156
- #define SSL_R_ILLEGAL_PADDING 283
---- openssl-1.0.0b.orig/include/openssl/ssl3.h 2010-11-29 19:56:04.832465351 +0000
-+++ openssl-1.0.0b/include/openssl/ssl3.h 2010-11-29 19:56:04.965928855 +0000
-@@ -465,6 +465,12 @@ typedef struct ssl3_state_st
- void *server_opaque_prf_input;
- size_t server_opaque_prf_input_len;
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Set if we saw the Next Protocol Negotiation extension from
-+ our peer. */
-+ int next_proto_neg_seen;
-+#endif
-+
- struct {
- /* actually only needs to be 16+20 */
- unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-@@ -557,6 +563,10 @@ typedef struct ssl3_state_st
- #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
- #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
- #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
-+#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
-+#endif
- #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
- #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
- /* read from server */
-@@ -602,6 +612,10 @@ typedef struct ssl3_state_st
- #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
-+#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
-+#endif
- #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
- /* write to client */
-@@ -626,6 +640,9 @@ typedef struct ssl3_state_st
- #define SSL3_MT_CLIENT_KEY_EXCHANGE 16
- #define SSL3_MT_FINISHED 20
- #define SSL3_MT_CERTIFICATE_STATUS 22
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_MT_NEXT_PROTO 67
-+#endif
- #define DTLS1_MT_HELLO_VERIFY_REQUEST 3
-
-
---- openssl-1.0.0b.orig/include/openssl/tls1.h 2009-11-11 14:51:29.000000000 +0000
-+++ openssl-1.0.0b/include/openssl/tls1.h 2010-11-29 19:56:04.965928855 +0000
-@@ -204,6 +204,11 @@ extern "C" {
- /* Temporary extension type */
- #define TLSEXT_TYPE_renegotiate 0xff01
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+/* This is not an IANA defined extension number */
-+#define TLSEXT_TYPE_next_proto_neg 13172
-+#endif
-+
- /* NameType value from RFC 3546 */
- #define TLSEXT_NAMETYPE_host_name 0
- /* status request value from RFC 3546 */
---- openssl-1.0.0b.orig/ssl/s3_both.c 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/s3_both.c 2010-11-29 19:56:04.965928855 +0000
-@@ -202,15 +202,40 @@ int ssl3_send_finished(SSL *s, int a, in
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+/* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */
-+static void ssl3_take_mac(SSL *s)
-+ {
-+ const char *sender;
-+ int slen;
-+
-+ if (s->state & SSL_ST_CONNECT)
-+ {
-+ sender=s->method->ssl3_enc->server_finished_label;
-+ slen=s->method->ssl3_enc->server_finished_label_len;
-+ }
-+ else
-+ {
-+ sender=s->method->ssl3_enc->client_finished_label;
-+ slen=s->method->ssl3_enc->client_finished_label_len;
-+ }
-+
-+ s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
-+ sender,slen,s->s3->tmp.peer_finish_md);
-+ }
-+#endif
-+
- int ssl3_get_finished(SSL *s, int a, int b)
- {
- int al,i,ok;
- long n;
- unsigned char *p;
-
-+#ifdef OPENSSL_NO_NEXTPROTONEG
- /* the mac has already been generated when we received the
- * change cipher spec message and is in s->s3->tmp.peer_finish_md
- */
-+#endif
-
- n=s->method->ssl_get_message(s,
- a,
-@@ -521,6 +546,15 @@ long ssl3_get_message(SSL *s, int st1, i
- s->init_num += i;
- n -= i;
- }
-+
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* If receiving Finished, record MAC of prior handshake messages for
-+ * Finished verification. */
-+ if (*s->init_buf->data == SSL3_MT_FINISHED)
-+ ssl3_take_mac(s);
-+#endif
-+
-+ /* Feed this message into MAC computation. */
- ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);
---- openssl-1.0.0b.orig/ssl/s3_clnt.c 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/s3_clnt.c 2010-11-29 19:56:04.965928855 +0000
-@@ -435,7 +435,16 @@ int ssl3_connect(SSL *s)
- ret=ssl3_send_change_cipher_spec(s,
- SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
- if (ret <= 0) goto end;
-+
-+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state=SSL3_ST_CW_FINISHED_A;
-+#else
-+ if (s->next_proto_negotiated)
-+ s->state=SSL3_ST_CW_NEXT_PROTO_A;
-+ else
-+ s->state=SSL3_ST_CW_FINISHED_A;
-+#endif
-+
- s->init_num=0;
-
- s->session->cipher=s->s3->tmp.new_cipher;
-@@ -463,6 +472,15 @@ int ssl3_connect(SSL *s)
-
- break;
-
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ case SSL3_ST_CW_NEXT_PROTO_A:
-+ case SSL3_ST_CW_NEXT_PROTO_B:
-+ ret=ssl3_send_next_proto(s);
-+ if (ret <= 0) goto end;
-+ s->state=SSL3_ST_CW_FINISHED_A;
-+ break;
-+#endif
-+
- case SSL3_ST_CW_FINISHED_A:
- case SSL3_ST_CW_FINISHED_B:
- ret=ssl3_send_finished(s,
-@@ -3060,6 +3078,32 @@ err:
- */
-
- #ifndef OPENSSL_NO_TLSEXT
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+int ssl3_send_next_proto(SSL *s)
-+ {
-+ unsigned int len, padding_len;
-+ unsigned char *d;
-+
-+ if (s->state == SSL3_ST_CW_NEXT_PROTO_A)
-+ {
-+ len = s->next_proto_negotiated_len;
-+ padding_len = 32 - ((len + 2) % 32);
-+ d = (unsigned char *)s->init_buf->data;
-+ d[4] = len;
-+ memcpy(d + 5, s->next_proto_negotiated, len);
-+ d[5 + len] = padding_len;
-+ memset(d + 6 + len, 0, padding_len);
-+ *(d++)=SSL3_MT_NEXT_PROTO;
-+ l2n3(2 + len + padding_len, d);
-+ s->state = SSL3_ST_CW_NEXT_PROTO_B;
-+ s->init_num = 4 + 2 + len + padding_len;
-+ s->init_off = 0;
-+ }
-+
-+ return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-+ }
-+# endif
-+
- int ssl3_check_finished(SSL *s)
- {
- int ok;
---- openssl-1.0.0b.orig/ssl/s3_lib.c 2010-11-29 19:56:04.832465351 +0000
-+++ openssl-1.0.0b/ssl/s3_lib.c 2010-11-29 19:56:04.965928855 +0000
-@@ -2230,6 +2230,15 @@ void ssl3_clear(SSL *s)
- s->s3->num_renegotiations=0;
- s->s3->in_read_app_data=0;
- s->version=SSL3_VERSION;
-+
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ if (s->next_proto_negotiated)
-+ {
-+ OPENSSL_free(s->next_proto_negotiated);
-+ s->next_proto_negotiated = NULL;
-+ s->next_proto_negotiated_len = 0;
-+ }
-+#endif
- }
-
- long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
---- openssl-1.0.0b.orig/ssl/s3_pkt.c 2010-11-29 19:56:04.832465351 +0000
-+++ openssl-1.0.0b/ssl/s3_pkt.c 2010-11-29 19:56:04.965928855 +0000
-@@ -1394,8 +1394,10 @@ err:
- int ssl3_do_change_cipher_spec(SSL *s)
- {
- int i;
-+#ifdef OPENSSL_NO_NEXTPROTONEG
- const char *sender;
- int slen;
-+#endif
-
- if (s->state & SSL_ST_ACCEPT)
- i=SSL3_CHANGE_CIPHER_SERVER_READ;
-@@ -1418,6 +1420,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
- if (!s->method->ssl3_enc->change_cipher_state(s,i))
- return(0);
-
-+#ifdef OPENSSL_NO_NEXTPROTONEG
- /* we have to record the message digest at
- * this point so we can get it before we read
- * the finished message */
-@@ -1434,6 +1437,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
-
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender,slen,s->s3->tmp.peer_finish_md);
-+#endif
-
- return(1);
- }
---- openssl-1.0.0b.orig/ssl/s3_srvr.c 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/s3_srvr.c 2010-11-29 19:56:04.965928855 +0000
-@@ -538,7 +538,14 @@ int ssl3_accept(SSL *s)
- * the client uses its key from the certificate
- * for key exchange.
- */
-+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state=SSL3_ST_SR_FINISHED_A;
-+#else
-+ if (s->s3->next_proto_neg_seen)
-+ s->state=SSL3_ST_SR_NEXT_PROTO_A;
-+ else
-+ s->state=SSL3_ST_SR_FINISHED_A;
-+#endif
- s->init_num = 0;
- }
- else
-@@ -581,10 +588,27 @@ int ssl3_accept(SSL *s)
- ret=ssl3_get_cert_verify(s);
- if (ret <= 0) goto end;
-
-+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->state=SSL3_ST_SR_FINISHED_A;
-+#else
-+ if (s->s3->next_proto_neg_seen)
-+ s->state=SSL3_ST_SR_NEXT_PROTO_A;
-+ else
-+ s->state=SSL3_ST_SR_FINISHED_A;
-+#endif
- s->init_num=0;
- break;
-
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ case SSL3_ST_SR_NEXT_PROTO_A:
-+ case SSL3_ST_SR_NEXT_PROTO_B:
-+ ret=ssl3_get_next_proto(s);
-+ if (ret <= 0) goto end;
-+ s->init_num = 0;
-+ s->state=SSL3_ST_SR_FINISHED_A;
-+ break;
-+#endif
-+
- case SSL3_ST_SR_FINISHED_A:
- case SSL3_ST_SR_FINISHED_B:
- ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
-@@ -655,7 +679,16 @@ int ssl3_accept(SSL *s)
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SW_FLUSH;
- if (s->hit)
-+ {
-+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
- s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
-+#else
-+ if (s->s3->next_proto_neg_seen)
-+ s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
-+ else
-+ s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
-+#endif
-+ }
- else
- s->s3->tmp.next_state=SSL_ST_OK;
- s->init_num=0;
-@@ -3196,4 +3229,72 @@ int ssl3_send_cert_status(SSL *s)
- /* SSL3_ST_SW_CERT_STATUS_B */
- return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
- }
-+
-+# ifndef OPENSSL_NO_NPN
-+/* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It
-+ * sets the next_proto member in s if found */
-+int ssl3_get_next_proto(SSL *s)
-+ {
-+ int ok;
-+ unsigned proto_len, padding_len;
-+ long n;
-+ const unsigned char *p;
-+
-+ /* Clients cannot send a NextProtocol message if we didn't see the
-+ * extension in their ClientHello */
-+ if (!s->s3->next_proto_neg_seen)
-+ {
-+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
-+ return -1;
-+ }
-+
-+ n=s->method->ssl_get_message(s,
-+ SSL3_ST_SR_NEXT_PROTO_A,
-+ SSL3_ST_SR_NEXT_PROTO_B,
-+ SSL3_MT_NEXT_PROTO,
-+ 514, /* See the payload format below */
-+ &ok);
-+
-+ if (!ok)
-+ return((int)n);
-+
-+ /* s->state doesn't reflect whether ChangeCipherSpec has been received
-+ * in this handshake, but s->s3->change_cipher_spec does (will be reset
-+ * by ssl3_get_finished). */
-+ if (!s->s3->change_cipher_spec)
-+ {
-+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
-+ return -1;
-+ }
-+
-+ if (n < 2)
-+ return 0; /* The body must be > 1 bytes long */
-+
-+ p=(unsigned char *)s->init_msg;
-+
-+ /* The payload looks like:
-+ * uint8 proto_len;
-+ * uint8 proto[proto_len];
-+ * uint8 padding_len;
-+ * uint8 padding[padding_len];
-+ */
-+ proto_len = p[0];
-+ if (proto_len + 2 > s->init_num)
-+ return 0;
-+ padding_len = p[proto_len + 1];
-+ if (proto_len + padding_len + 2 != s->init_num)
-+ return 0;
-+
-+ s->next_proto_negotiated = OPENSSL_malloc(proto_len);
-+ if (!s->next_proto_negotiated)
-+ {
-+ SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,ERR_R_MALLOC_FAILURE);
-+ return 0;
-+ }
-+ memcpy(s->next_proto_negotiated, p + 1, proto_len);
-+ s->next_proto_negotiated_len = proto_len;
-+
-+ return 1;
-+ }
-+# endif
- #endif
---- openssl-1.0.0b.orig/ssl/ssl.h 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/ssl.h 2010-11-29 19:56:04.965928855 +0000
-@@ -857,6 +857,25 @@ struct ssl_ctx_st
- /* draft-rescorla-tls-opaque-prf-input-00.txt information */
- int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
- void *tlsext_opaque_prf_input_callback_arg;
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Next protocol negotiation information */
-+ /* (for experimental NPN extension). */
-+
-+ /* For a server, this contains a callback function by which the set of
-+ * advertised protocols can be provided. */
-+ int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
-+ unsigned int *len, void *arg);
-+ void *next_protos_advertised_cb_arg;
-+ /* For a client, this contains a callback function that selects the
-+ * next protocol from the list provided by the server. */
-+ int (*next_proto_select_cb)(SSL *s, unsigned char **out,
-+ unsigned char *outlen,
-+ const unsigned char *in,
-+ unsigned int inlen,
-+ void *arg);
-+ void *next_proto_select_cb_arg;
-+# endif
- #endif
-
- #ifndef OPENSSL_NO_PSK
-@@ -928,6 +947,30 @@ int SSL_CTX_set_client_cert_engine(SSL_C
- #endif
- void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
- void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
-+ int (*cb) (SSL *ssl,
-+ const unsigned char **out,
-+ unsigned int *outlen,
-+ void *arg), void *arg);
-+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
-+ int (*cb) (SSL *ssl, unsigned char **out,
-+ unsigned char *outlen,
-+ const unsigned char *in,
-+ unsigned int inlen, void *arg),
-+ void *arg);
-+
-+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-+ const unsigned char *in, unsigned int inlen,
-+ const unsigned char *client, unsigned int client_len);
-+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-+ unsigned *len);
-+
-+#define OPENSSL_NPN_UNSUPPORTED 0
-+#define OPENSSL_NPN_NEGOTIATED 1
-+#define OPENSSL_NPN_NO_OVERLAP 2
-+
-+#endif
-
- #ifndef OPENSSL_NO_PSK
- /* the maximum length of the buffer given to callbacks containing the
-@@ -1187,6 +1230,19 @@ struct ssl_st
- void *tls_session_secret_cb_arg;
-
- SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
-+
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Next protocol negotiation. For the client, this is the protocol that
-+ * we sent in NextProtocol and is set when handling ServerHello
-+ * extensions.
-+ *
-+ * For a server, this is the client's selected_protocol from
-+ * NextProtocol and is set when handling the NextProtocol message,
-+ * before the Finished message. */
-+ unsigned char *next_proto_negotiated;
-+ unsigned char next_proto_negotiated_len;
-+#endif
-+
- #define session_ctx initial_ctx
- #else
- #define session_ctx ctx
-@@ -1919,6 +1975,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_F_SSL3_GET_KEY_EXCHANGE 141
- #define SSL_F_SSL3_GET_MESSAGE 142
- #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
-+#define SSL_F_SSL3_GET_NEXT_PROTO 304
- #define SSL_F_SSL3_GET_RECORD 143
- #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
- #define SSL_F_SSL3_GET_SERVER_DONE 145
-@@ -2117,6 +2174,8 @@ void ERR_load_SSL_strings(void);
- #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
- #define SSL_R_EXTRA_DATA_IN_MESSAGE 153
- #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
-+#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 346
-+#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 347
- #define SSL_R_HTTPS_PROXY_REQUEST 155
- #define SSL_R_HTTP_REQUEST 156
- #define SSL_R_ILLEGAL_PADDING 283
---- openssl-1.0.0b.orig/ssl/ssl3.h 2010-11-29 19:56:04.832465351 +0000
-+++ openssl-1.0.0b/ssl/ssl3.h 2010-11-29 19:56:04.965928855 +0000
-@@ -465,6 +465,12 @@ typedef struct ssl3_state_st
- void *server_opaque_prf_input;
- size_t server_opaque_prf_input_len;
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ /* Set if we saw the Next Protocol Negotiation extension from
-+ our peer. */
-+ int next_proto_neg_seen;
-+#endif
-+
- struct {
- /* actually only needs to be 16+20 */
- unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-@@ -557,6 +563,10 @@ typedef struct ssl3_state_st
- #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
- #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
- #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
-+#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
-+#endif
- #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
- #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
- /* read from server */
-@@ -602,6 +612,10 @@ typedef struct ssl3_state_st
- #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
-+#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
-+#endif
- #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
- #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
- /* write to client */
-@@ -626,6 +640,9 @@ typedef struct ssl3_state_st
- #define SSL3_MT_CLIENT_KEY_EXCHANGE 16
- #define SSL3_MT_FINISHED 20
- #define SSL3_MT_CERTIFICATE_STATUS 22
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+#define SSL3_MT_NEXT_PROTO 67
-+#endif
- #define DTLS1_MT_HELLO_VERIFY_REQUEST 3
-
-
---- openssl-1.0.0b.orig/ssl/ssl_err.c 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/ssl_err.c 2010-11-29 19:56:04.965928855 +0000
-@@ -155,6 +155,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
- {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "SSL3_GET_KEY_EXCHANGE"},
- {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "SSL3_GET_MESSAGE"},
- {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET), "SSL3_GET_NEW_SESSION_TICKET"},
-+{ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "SSL3_GET_NEXT_PROTO"},
- {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
- {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE), "SSL3_GET_SERVER_CERTIFICATE"},
- {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "SSL3_GET_SERVER_DONE"},
-@@ -355,6 +356,8 @@ static ERR_STRING_DATA SSL_str_reasons[]
- {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE),"excessive message size"},
- {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) ,"extra data in message"},
- {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS),"got a fin before a ccs"},
-+{ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),"got next proto before a ccs"},
-+{ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),"got next proto without seeing extension"},
- {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"},
- {ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"},
- {ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"},
---- openssl-1.0.0b.orig/ssl/ssl_lib.c 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/ssl_lib.c 2010-11-29 19:56:04.965928855 +0000
-@@ -354,6 +354,9 @@ SSL *SSL_new(SSL_CTX *ctx)
- s->tlsext_ocsp_resplen = -1;
- CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
- s->initial_ctx=ctx;
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ s->next_proto_negotiated = NULL;
-+# endif
- #endif
-
- s->verify_result=X509_V_OK;
-@@ -587,6 +590,11 @@ void SSL_free(SSL *s)
- kssl_ctx_free(s->kssl_ctx);
- #endif /* OPENSSL_NO_KRB5 */
-
-+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-+ if (s->next_proto_negotiated)
-+ OPENSSL_free(s->next_proto_negotiated);
-+#endif
-+
- OPENSSL_free(s);
- }
-
-@@ -1503,6 +1511,124 @@ int SSL_get_servername_type(const SSL *s
- return TLSEXT_NAMETYPE_host_name;
- return -1;
- }
-+
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+/* SSL_select_next_proto implements the standard protocol selection. It is
-+ * expected that this function is called from the callback set by
-+ * SSL_CTX_set_next_proto_select_cb.
-+ *
-+ * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
-+ * strings. The length byte itself is not included in the length. A byte
-+ * string of length 0 is invalid. No byte string may be truncated.
-+ *
-+ * The current, but experimental algorithm for selecting the protocol is:
-+ *
-+ * 1) If the server doesn't support NPN then this is indicated to the
-+ * callback. In this case, the client application has to abort the connection
-+ * or have a default application level protocol.
-+ *
-+ * 2) If the server supports NPN, but advertises an empty list then the
-+ * client selects the first protcol in its list, but indicates via the
-+ * API that this fallback case was enacted.
-+ *
-+ * 3) Otherwise, the client finds the first protocol in the server's list
-+ * that it supports and selects this protocol. This is because it's
-+ * assumed that the server has better information about which protocol
-+ * a client should use.
-+ *
-+ * 4) If the client doesn't support any of the server's advertised
-+ * protocols, then this is treated the same as case 2.
-+ *
-+ * It returns either
-+ * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
-+ * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
-+ */
-+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *server, unsigned int server_len, const unsigned char *client, unsigned int client_len)
-+ {
-+ unsigned int i, j;
-+ const unsigned char *result;
-+ int status = OPENSSL_NPN_UNSUPPORTED;
-+
-+ /* For each protocol in server preference order, see if we support it. */
-+ for (i = 0; i < server_len; )
-+ {
-+ for (j = 0; j < client_len; )
-+ {
-+ if (server[i] == client[j] &&
-+ memcmp(&server[i+1], &client[j+1], server[i]) == 0)
-+ {
-+ /* We found a match */
-+ result = &server[i];
-+ status = OPENSSL_NPN_NEGOTIATED;
-+ goto found;
-+ }
-+ j += client[j];
-+ j++;
-+ }
-+ i += server[i];
-+ i++;
-+ }
-+
-+ /* There's no overlap between our protocols and the server's list. */
-+ result = client;
-+ status = OPENSSL_NPN_NO_OVERLAP;
-+
-+ found:
-+ *out = (unsigned char *) result + 1;
-+ *outlen = result[0];
-+ return status;
-+ }
-+
-+/* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
-+ * requested protocol for this connection and returns 0. If the client didn't
-+ * request any protocol, then *data is set to NULL.
-+ *
-+ * Note that the client can request any protocol it chooses. The value returned
-+ * from this function need not be a member of the list of supported protocols
-+ * provided by the callback.
-+ */
-+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len)
-+ {
-+ *data = s->next_proto_negotiated;
-+ if (!*data) {
-+ *len = 0;
-+ } else {
-+ *len = s->next_proto_negotiated_len;
-+ }
-+}
-+
-+/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
-+ * TLS server needs a list of supported protocols for Next Protocol
-+ * Negotiation. The returned list must be in wire format. The list is returned
-+ * by setting |out| to point to it and |outlen| to its length. This memory will
-+ * not be modified, but one should assume that the SSL* keeps a reference to
-+ * it.
-+ *
-+ * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise. Otherwise, no
-+ * such extension will be included in the ServerHello. */
-+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
-+ {
-+ ctx->next_protos_advertised_cb = cb;
-+ ctx->next_protos_advertised_cb_arg = arg;
-+ }
-+
-+/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
-+ * client needs to select a protocol from the server's provided list. |out|
-+ * must be set to point to the selected protocol (which may be within |in|).
-+ * The length of the protocol name must be written into |outlen|. The server's
-+ * advertised protocols are provided in |in| and |inlen|. The callback can
-+ * assume that |in| is syntactically valid.
-+ *
-+ * The client must select a protocol. It is fatal to the connection if this
-+ * callback returns a value other than SSL_TLSEXT_ERR_OK.
-+ */
-+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg), void *arg)
-+ {
-+ ctx->next_proto_select_cb = cb;
-+ ctx->next_proto_select_cb_arg = arg;
-+ }
-+
-+# endif
- #endif
-
- static unsigned long ssl_session_hash(const SSL_SESSION *a)
-@@ -1667,6 +1793,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
- ret->tlsext_status_cb = 0;
- ret->tlsext_status_arg = NULL;
-
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+ ret->next_protos_advertised_cb = 0;
-+ ret->next_proto_select_cb = 0;
-+# endif
- #endif
- #ifndef OPENSSL_NO_PSK
- ret->psk_identity_hint=NULL;
---- openssl-1.0.0b.orig/ssl/ssl_locl.h 2010-11-29 19:56:04.846517045 +0000
-+++ openssl-1.0.0b/ssl/ssl_locl.h 2010-11-29 19:56:04.965928855 +0000
-@@ -968,6 +968,9 @@ int ssl3_get_server_certificate(SSL *s);
- int ssl3_check_cert_and_algorithm(SSL *s);
- #ifndef OPENSSL_NO_TLSEXT
- int ssl3_check_finished(SSL *s);
-+# ifndef OPENSSL_NO_NEXTPROTONEG
-+int ssl3_send_next_proto(SSL *s);
-+# endif
- #endif
-
- int dtls1_client_hello(SSL *s);
-@@ -986,6 +989,9 @@ int ssl3_check_client_hello(SSL *s);
- int ssl3_get_client_certificate(SSL *s);
- int ssl3_get_client_key_exchange(SSL *s);
- int ssl3_get_cert_verify(SSL *s);
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+int ssl3_get_next_proto(SSL *s);
-+#endif
-
- int dtls1_send_hello_request(SSL *s);
- int dtls1_send_server_hello(SSL *s);
---- openssl-1.0.0b.orig/ssl/t1_lib.c 2010-11-16 13:26:24.000000000 +0000
-+++ openssl-1.0.0b/ssl/t1_lib.c 2010-11-29 19:56:04.965928855 +0000
-@@ -494,6 +494,18 @@ unsigned char *ssl_add_clienthello_tlsex
- i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
- }
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len)
-+ {
-+ /* The client advertises an emtpy extension to indicate its
-+ * support for Next Protocol Negotiation */
-+ if (limit - ret - 4 < 0)
-+ return NULL;
-+ s2n(TLSEXT_TYPE_next_proto_neg,ret);
-+ s2n(0,ret);
-+ }
-+#endif
-+
- if ((extdatalen = ret-p-2)== 0)
- return p;
-
-@@ -505,6 +517,9 @@ unsigned char *ssl_add_serverhello_tlsex
- {
- int extdatalen=0;
- unsigned char *ret = p;
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ int next_proto_neg_seen;
-+#endif
-
- /* don't add extensions for SSLv3, unless doing secure renegotiation */
- if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
-@@ -618,6 +633,28 @@ unsigned char *ssl_add_serverhello_tlsex
-
- }
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ next_proto_neg_seen = s->s3->next_proto_neg_seen;
-+ s->s3->next_proto_neg_seen = 0;
-+ if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb)
-+ {
-+ const unsigned char *npa;
-+ unsigned int npalen;
-+ int r;
-+
-+ r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen, s->ctx->next_protos_advertised_cb_arg);
-+ if (r == SSL_TLSEXT_ERR_OK)
-+ {
-+ if ((long)(limit - ret - 4 - npalen) < 0) return NULL;
-+ s2n(TLSEXT_TYPE_next_proto_neg,ret);
-+ s2n(npalen,ret);
-+ memcpy(ret, npa, npalen);
-+ ret += npalen;
-+ s->s3->next_proto_neg_seen = 1;
-+ }
-+ }
-+#endif
-+
- if ((extdatalen = ret-p-2)== 0)
- return p;
-
-@@ -982,6 +1019,28 @@ int ssl_parse_clienthello_tlsext(SSL *s,
- else
- s->tlsext_status_type = -1;
- }
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ else if (type == TLSEXT_TYPE_next_proto_neg &&
-+ s->s3->tmp.finish_md_len == 0)
-+ {
-+ /* We shouldn't accept this extension on a
-+ * renegotiation.
-+ *
-+ * s->new_session will be set on renegotiation, but we
-+ * probably shouldn't rely that it couldn't be set on
-+ * the initial renegotation too in certain cases (when
-+ * there's some other reason to disallow resuming an
-+ * earlier session -- the current code won't be doing
-+ * anything like that, but this might change).
-+
-+ * A valid sign that there's been a previous handshake
-+ * in this connection is if s->s3->tmp.finish_md_len >
-+ * 0. (We are talking about a check that will happen
-+ * in the Hello protocol round, well before a new
-+ * Finished message could have been computed.) */
-+ s->s3->next_proto_neg_seen = 1;
-+ }
-+#endif
-
- /* session ticket processed earlier */
- data+=size;
-@@ -1005,6 +1064,26 @@ int ssl_parse_clienthello_tlsext(SSL *s,
- return 1;
- }
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No
-+ * elements of zero length are allowed and the set of elements must exactly fill
-+ * the length of the block. */
-+static int ssl_next_proto_validate(unsigned char *d, unsigned len)
-+ {
-+ unsigned int off = 0;
-+
-+ while (off < len)
-+ {
-+ if (d[off] == 0)
-+ return 0;
-+ off += d[off];
-+ off++;
-+ }
-+
-+ return off == len;
-+ }
-+#endif
-+
- int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
- {
- unsigned short length;
-@@ -1139,6 +1218,39 @@ int ssl_parse_serverhello_tlsext(SSL *s,
- /* Set flag to expect CertificateStatus message */
- s->tlsext_status_expected = 1;
- }
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+ else if (type == TLSEXT_TYPE_next_proto_neg)
-+ {
-+ unsigned char *selected;
-+ unsigned char selected_len;
-+
-+ /* We must have requested it. */
-+ if ((s->ctx->next_proto_select_cb == NULL))
-+ {
-+ *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-+ return 0;
-+ }
-+ /* The data must be valid */
-+ if (!ssl_next_proto_validate(data, size))
-+ {
-+ *al = TLS1_AD_DECODE_ERROR;
-+ return 0;
-+ }
-+ if (s->ctx->next_proto_select_cb(s, &selected, &selected_len, data, size, s->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK)
-+ {
-+ *al = TLS1_AD_INTERNAL_ERROR;
-+ return 0;
-+ }
-+ s->next_proto_negotiated = OPENSSL_malloc(selected_len);
-+ if (!s->next_proto_negotiated)
-+ {
-+ *al = TLS1_AD_INTERNAL_ERROR;
-+ return 0;
-+ }
-+ memcpy(s->next_proto_negotiated, selected, selected_len);
-+ s->next_proto_negotiated_len = selected_len;
-+ }
-+#endif
- else if (type == TLSEXT_TYPE_renegotiate)
- {
- if(!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
---- openssl-1.0.0b.orig/ssl/tls1.h 2009-11-11 14:51:29.000000000 +0000
-+++ openssl-1.0.0b/ssl/tls1.h 2010-11-29 19:56:04.965928855 +0000
-@@ -204,6 +204,11 @@ extern "C" {
- /* Temporary extension type */
- #define TLSEXT_TYPE_renegotiate 0xff01
-
-+#ifndef OPENSSL_NO_NEXTPROTONEG
-+/* This is not an IANA defined extension number */
-+#define TLSEXT_TYPE_next_proto_neg 13172
-+#endif
-+
- /* NameType value from RFC 3546 */
- #define TLSEXT_NAMETYPE_host_name 0
- /* status request value from RFC 3546 */
diff --git a/deps/openssl/patches/openssl_no_dtls1.patch b/deps/openssl/patches/openssl_no_dtls1.patch
deleted file mode 100644
index 8b61cd3f6..000000000
--- a/deps/openssl/patches/openssl_no_dtls1.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- openssl-1.0.0f.orig/ssl/ssl_lib.c 2012-01-04 22:13:21.000000000 +0000
-+++ openssl-1.0.0f/ssl/ssl_lib.c 2012-01-04 22:13:21.000000000 +0000
-@@ -1063,8 +1063,10 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
- s->max_cert_list=larg;
- return(l);
- case SSL_CTRL_SET_MTU:
-+#ifndef OPENSSL_NO_DTLS1
- if (larg < (long)dtls1_min_mtu())
- return 0;
-+#endif
-
- if (SSL_version(s) == DTLS1_VERSION ||
- SSL_version(s) == DTLS1_BAD_VER)
diff --git a/deps/openssl/patches/progs.patch b/deps/openssl/patches/progs.patch
deleted file mode 100644
index 16fd9b0b3..000000000
--- a/deps/openssl/patches/progs.patch
+++ /dev/null
@@ -1,54 +0,0 @@
---- openssl-1.0.0.orig/apps/openssl.c 2009-10-04 09:43:21.000000000 -0700
-+++ openssl-1.0.0/apps/openssl.c 2010-05-18 14:05:14.000000000 -0700
-@@ -275,8 +275,10 @@ int main(int Argc, char *Argv[])
- if (ERR_GET_REASON(ERR_peek_last_error())
- == CONF_R_NO_SUCH_FILE)
- {
-+#if 0 /* ANDROID */
- BIO_printf(bio_err,
- "WARNING: can't open config file: %s\n",p);
-+#endif
- ERR_clear_error();
- NCONF_free(config);
- config = NULL;
---- openssl-1.0.0.orig/apps/progs.h 2009-06-30 08:08:38.000000000 -0700
-+++ openssl-1.0.0/apps/progs.h 2010-05-18 14:05:38.000000000 -0700
-@@ -146,7 +152,9 @@ FUNCTION functions[] = {
- {FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
- #endif
- {FUNC_TYPE_GENERAL,"prime",prime_main},
-+#if 0 /* ANDROID */
- {FUNC_TYPE_GENERAL,"ts",ts_main},
-+#endif
- #ifndef OPENSSL_NO_MD2
- {FUNC_TYPE_MD,"md2",dgst_main},
- #endif
---- openssl-1.0.0.orig/apps/speed.c 2010-03-03 11:56:17.000000000 -0800
-+++ openssl-1.0.0/apps/speed.c 2010-05-18 14:05:57.000000000 -0700
-@@ -1718,6 +1718,7 @@ int MAIN(int argc, char **argv)
- }
- }
-
-+#if 0 /* ANDROID */
- if (doit[D_IGE_128_AES])
- {
- for (j=0; j<SIZE_NUM; j++)
-@@ -1763,6 +1764,7 @@ int MAIN(int argc, char **argv)
-
-
- #endif
-+#endif
- #ifndef OPENSSL_NO_CAMELLIA
- if (doit[D_CBC_128_CML])
- {
---- openssl-1.0.0.orig/crypto/ui/ui_openssl.c 2009-10-04 09:43:21.000000000 -0700
-+++ openssl-1.0.0/crypto/ui/ui_openssl.c 2010-05-18 13:36:26.000000000 -0700
-@@ -184,7 +184,7 @@
- # undef SGTTY
- #endif
-
--#if defined(linux) && !defined(TERMIO)
-+#if defined(linux) && !defined(TERMIO) && !defined(__ANDROID__)
- # undef TERMIOS
- # define TERMIO
- # undef SGTTY
diff --git a/deps/openssl/patches/sha1_armv4_large.patch b/deps/openssl/patches/sha1_armv4_large.patch
deleted file mode 100644
index 359ff94af..000000000
--- a/deps/openssl/patches/sha1_armv4_large.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/crypto/sha/asm/sha1-armv4-large.pl b/crypto/sha/asm/sha1-armv4-large.pl
-index 6e65fe3..79e3f61 100644
---- a/crypto/sha/asm/sha1-armv4-large.pl
-+++ b/crypto/sha/asm/sha1-armv4-large.pl
-@@ -161,6 +161,7 @@ for($i=0;$i<5;$i++) {
- $code.=<<___;
- teq $Xi,sp
- bne .L_00_15 @ [((11+4)*5+2)*3]
-+ sub sp,sp,#5*4
- ___
- &BODY_00_15(@V); unshift(@V,pop(@V));
- &BODY_16_19(@V); unshift(@V,pop(@V));
-@@ -170,7 +171,7 @@ ___
- $code.=<<___;
-
- ldr $K,.LK_20_39 @ [+15+16*4]
-- sub sp,sp,#25*4
-+ sub sp,sp,#20*4
- cmn sp,#0 @ [+3], clear carry to denote 20_39
- .L_20_39_or_60_79:
- ___
diff --git a/deps/openssl/patches/small_records.patch b/deps/openssl/patches/small_records.patch
deleted file mode 100644
index a2ea51ca4..000000000
--- a/deps/openssl/patches/small_records.patch
+++ /dev/null
@@ -1,337 +0,0 @@
---- openssl-1.0.0a.orig/ssl/d1_pkt.c 2010-04-14 00:09:55.000000000 +0000
-+++ openssl-1.0.0a/ssl/d1_pkt.c 2010-08-25 21:12:39.000000000 +0000
-@@ -608,6 +608,24 @@ again:
- goto again;
- }
-
-+ /* If we receive a valid record larger than the current buffer size,
-+ * allocate some memory for it.
-+ */
-+ if (rr->length > s->s3->rbuf.len - DTLS1_RT_HEADER_LENGTH)
-+ {
-+ unsigned char *pp;
-+ unsigned int newlen = rr->length + DTLS1_RT_HEADER_LENGTH;
-+ if ((pp=OPENSSL_realloc(s->s3->rbuf.buf, newlen))==NULL)
-+ {
-+ SSLerr(SSL_F_DTLS1_GET_RECORD,ERR_R_MALLOC_FAILURE);
-+ return(-1);
-+ }
-+ p = pp + (p - s->s3->rbuf.buf);
-+ s->s3->rbuf.buf=pp;
-+ s->s3->rbuf.len=newlen;
-+ s->packet= &(s->s3->rbuf.buf[0]);
-+ }
-+
- /* now s->rstate == SSL_ST_READ_BODY */
- }
-
-@@ -1342,6 +1360,7 @@ int do_dtls1_write(SSL *s, int type, con
- SSL3_BUFFER *wb;
- SSL_SESSION *sess;
- int bs;
-+ unsigned int len_with_overhead = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD;
-
- /* first check if there is a SSL3_BUFFER still being written
- * out. This will happen with non blocking IO */
-@@ -1351,6 +1370,16 @@ int do_dtls1_write(SSL *s, int type, con
- return(ssl3_write_pending(s,type,buf,len));
- }
-
-+ if (s->s3->wbuf.len < len_with_overhead)
-+ {
-+ if ((p=OPENSSL_realloc(s->s3->wbuf.buf, len_with_overhead)) == NULL) {
-+ SSLerr(SSL_F_DO_DTLS1_WRITE,ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+ s->s3->wbuf.buf = p;
-+ s->s3->wbuf.len = len_with_overhead;
-+ }
-+
- /* If we have an alert to send, lets send it */
- if (s->s3->alert_dispatch)
- {
---- openssl-1.0.0a.orig/ssl/s23_srvr.c 2010-02-16 14:20:40.000000000 +0000
-+++ openssl-1.0.0a/ssl/s23_srvr.c 2010-08-25 21:12:39.000000000 +0000
-@@ -403,8 +403,13 @@ int ssl23_get_client_hello(SSL *s)
- v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
- v[1] = p[4];
-
-+/* The SSL2 protocol allows n to be larger, just pick
-+ * a reasonable buffer size. */
-+#if SSL3_RT_DEFAULT_PACKET_SIZE < 1024*4 - SSL3_RT_DEFAULT_WRITE_OVERHEAD
-+#error "SSL3_RT_DEFAULT_PACKET_SIZE is too small."
-+#endif
- n=((p[0]&0x7f)<<8)|p[1];
-- if (n > (1024*4))
-+ if (n > SSL3_RT_DEFAULT_PACKET_SIZE - 2)
- {
- SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
- goto err;
---- openssl-1.0.0a.orig/ssl/s3_both.c 2010-03-24 23:16:49.000000000 +0000
-+++ openssl-1.0.0a/ssl/s3_both.c 2010-08-25 21:12:39.000000000 +0000
-@@ -715,13 +722,20 @@ int ssl3_setup_read_buffer(SSL *s)
-
- if (s->s3->rbuf.buf == NULL)
- {
-- len = SSL3_RT_MAX_PLAIN_LENGTH
-- + SSL3_RT_MAX_ENCRYPTED_OVERHEAD
-- + headerlen + align;
-- if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-+ if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS)
- {
-- s->s3->init_extra = 1;
-- len += SSL3_RT_MAX_EXTRA;
-+ len = SSL3_RT_DEFAULT_PACKET_SIZE;
-+ }
-+ else
-+ {
-+ len = SSL3_RT_MAX_PLAIN_LENGTH
-+ + SSL3_RT_MAX_ENCRYPTED_OVERHEAD
-+ + headerlen + align;
-+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-+ {
-+ s->s3->init_extra = 1;
-+ len += SSL3_RT_MAX_EXTRA;
-+ }
- }
- #ifndef OPENSSL_NO_COMP
- if (!(s->options & SSL_OP_NO_COMPRESSION))
-@@ -757,7 +771,15 @@ int ssl3_setup_write_buffer(SSL *s)
-
- if (s->s3->wbuf.buf == NULL)
- {
-- len = s->max_send_fragment
-+ if (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS)
-+ {
-+ len = SSL3_RT_DEFAULT_PACKET_SIZE;
-+ }
-+ else
-+ {
-+ len = s->max_send_fragment;
-+ }
-+ len += 0
- + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD
- + headerlen + align;
- #ifndef OPENSSL_NO_COMP
-@@ -767,7 +789,6 @@ int ssl3_setup_write_buffer(SSL *s)
- if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
- len += headerlen + align
- + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
--
- if ((p=freelist_extract(s->ctx, 0, len)) == NULL)
- goto err;
- s->s3->wbuf.buf = p;
-@@ -810,4 +831,3 @@ int ssl3_release_read_buffer(SSL *s)
- }
- return 1;
- }
--
---- openssl-1.0.0a.orig/ssl/s3_pkt.c 2010-03-25 11:22:42.000000000 +0000
-+++ openssl-1.0.0a/ssl/s3_pkt.c 2010-08-25 21:12:39.000000000 +0000
-@@ -293,6 +293,11 @@ static int ssl3_get_record(SSL *s)
- size_t extra;
- int decryption_failed_or_bad_record_mac = 0;
- unsigned char *mac = NULL;
-+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-+ long align=SSL3_ALIGN_PAYLOAD;
-+#else
-+ long align=0;
-+#endif
-
- rr= &(s->s3->rrec);
- sess=s->session;
-@@ -301,7 +306,8 @@ static int ssl3_get_record(SSL *s)
- extra=SSL3_RT_MAX_EXTRA;
- else
- extra=0;
-- if (extra && !s->s3->init_extra)
-+ if (!(SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS) &&
-+ extra && !s->s3->init_extra)
- {
- /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
- * set after ssl3_setup_buffers() was done */
-@@ -350,6 +356,21 @@ fprintf(stderr, "Record type=%d, Length=
- goto err;
- }
-
-+ /* If we receive a valid record larger than the current buffer size,
-+ * allocate some memory for it.
-+ */
-+ if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH - align)
-+ {
-+ if ((p=OPENSSL_realloc(s->s3->rbuf.buf, rr->length + SSL3_RT_HEADER_LENGTH + align))==NULL)
-+ {
-+ SSLerr(SSL_F_SSL3_GET_RECORD,ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+ s->s3->rbuf.buf=p;
-+ s->s3->rbuf.len=rr->length + SSL3_RT_HEADER_LENGTH + align;
-+ s->packet= &(s->s3->rbuf.buf[0]);
-+ }
-+
- if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH)
- {
- al=SSL_AD_RECORD_OVERFLOW;
-@@ -576,6 +597,7 @@ int ssl3_write_bytes(SSL *s, int type, c
- const unsigned char *buf=buf_;
- unsigned int tot,n,nw;
- int i;
-+ unsigned int max_plain_length;
-
- s->rwstate=SSL_NOTHING;
- tot=s->s3->wnum;
-@@ -595,8 +617,13 @@ int ssl3_write_bytes(SSL *s, int type, c
- n=(len-tot);
- for (;;)
- {
-- if (n > s->max_send_fragment)
-- nw=s->max_send_fragment;
-+ if (type == SSL3_RT_APPLICATION_DATA && (SSL_get_mode(s) & SSL_MODE_SMALL_BUFFERS))
-+ max_plain_length = SSL3_RT_DEFAULT_PLAIN_LENGTH;
-+ else
-+ max_plain_length = s->max_send_fragment;
-+
-+ if (n > max_plain_length)
-+ nw = max_plain_length;
- else
- nw=n;
-
-@@ -727,6 +727,18 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- s->s3->empty_fragment_done = 1;
- }
-
-+ /* resize if necessary to hold the data. */
-+ if (len + SSL3_RT_DEFAULT_WRITE_OVERHEAD > wb->len)
-+ {
-+ if ((p=OPENSSL_realloc(wb->buf, len + SSL3_RT_DEFAULT_WRITE_OVERHEAD))==NULL)
-+ {
-+ SSLerr(SSL_F_DO_SSL3_WRITE,ERR_R_MALLOC_FAILURE);
-+ goto err;
-+ }
-+ wb->buf = p;
-+ wb->len = len + SSL3_RT_DEFAULT_WRITE_OVERHEAD;
-+ }
-+
- if (create_empty_fragment)
- {
- #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
---- openssl-1.0.0a.orig/ssl/ssl.h 2010-01-06 17:37:38.000000000 +0000
-+++ openssl-1.0.0a/ssl/ssl.h 2010-08-25 21:12:39.000000000 +0000
-@@ -602,6 +602,9 @@ typedef struct ssl_session_st
- * TLS only.) "Released" buffers are put onto a free-list in the context
- * or just freed (depending on the context's setting for freelist_max_len). */
- #define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-+/* Use small read and write buffers: (a) lazy allocate read buffers for
-+ * large incoming records, and (b) limit the size of outgoing records. */
-+#define SSL_MODE_SMALL_BUFFERS 0x00000020L
-
- /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
- * they cannot be used to clear bits. */
---- openssl-1.0.0a.orig/ssl/ssl3.h 2010-01-06 17:37:38.000000000 +0000
-+++ openssl-1.0.0a/ssl/ssl3.h 2010-08-25 21:12:39.000000000 +0000
-@@ -280,6 +280,9 @@ extern "C" {
-
- #define SSL3_RT_MAX_EXTRA (16384)
-
-+/* Default buffer length used for writen records. Thus a generated record
-+ * will contain plaintext no larger than this value. */
-+#define SSL3_RT_DEFAULT_PLAIN_LENGTH 2048
- /* Maximum plaintext length: defined by SSL/TLS standards */
- #define SSL3_RT_MAX_PLAIN_LENGTH 16384
- /* Maximum compression overhead: defined by SSL/TLS standards */
-@@ -311,6 +314,13 @@ extern "C" {
- #define SSL3_RT_MAX_PACKET_SIZE \
- (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-
-+/* Extra space for empty fragment, headers, MAC, and padding. */
-+#define SSL3_RT_DEFAULT_WRITE_OVERHEAD 256
-+#define SSL3_RT_DEFAULT_PACKET_SIZE 4096 - SSL3_RT_DEFAULT_WRITE_OVERHEAD
-+#if SSL3_RT_DEFAULT_PLAIN_LENGTH + SSL3_RT_DEFAULT_WRITE_OVERHEAD > SSL3_RT_DEFAULT_PACKET_SIZE
-+#error "Insufficient space allocated for write buffers."
-+#endif
-+
- #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
- #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
-
-@@ -634,4 +645,3 @@ typedef struct ssl3_state_st
- }
- #endif
- #endif
--
---- openssl-1.0.0a.orig/ssl/ssltest.c 2010-01-24 16:57:38.000000000 +0000
-+++ openssl-1.0.0a/ssl/ssltest.c 2010-08-25 21:12:39.000000000 +0000
-@@ -316,6 +316,8 @@ static void sv_usage(void)
- " (default is sect163r2).\n");
- #endif
- fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
-+ fprintf(stderr," -c_small_records - enable client side use of small SSL record buffers\n");
-+ fprintf(stderr," -s_small_records - enable server side use of small SSL record buffers\n");
- }
-
- static void print_details(SSL *c_ssl, const char *prefix)
-@@ -444,6 +447,9 @@ int opaque_prf_input_cb(SSL *ssl, void *
- return arg->ret;
- }
- #endif
-+ int ssl_mode = 0;
-+ int c_small_records=0;
-+ int s_small_records=0;
-
- int main(int argc, char *argv[])
- {
-@@ -680,6 +687,14 @@ int main(int argc, char *argv[])
- {
- test_cipherlist = 1;
- }
-+ else if (strcmp(*argv, "-c_small_records") == 0)
-+ {
-+ c_small_records = 1;
-+ }
-+ else if (strcmp(*argv, "-s_small_records") == 0)
-+ {
-+ s_small_records = 1;
-+ }
- else
- {
- fprintf(stderr,"unknown option %s\n",*argv);
-@@ -802,6 +821,21 @@ bad:
- SSL_CTX_set_cipher_list(s_ctx,cipher);
- }
-
-+ ssl_mode = 0;
-+ if (c_small_records)
-+ {
-+ ssl_mode = SSL_CTX_get_mode(c_ctx);
-+ ssl_mode |= SSL_MODE_SMALL_BUFFERS;
-+ SSL_CTX_set_mode(c_ctx, ssl_mode);
-+ }
-+ ssl_mode = 0;
-+ if (s_small_records)
-+ {
-+ ssl_mode = SSL_CTX_get_mode(s_ctx);
-+ ssl_mode |= SSL_MODE_SMALL_BUFFERS;
-+ SSL_CTX_set_mode(s_ctx, ssl_mode);
-+ }
-+
- #ifndef OPENSSL_NO_DH
- if (!no_dhe)
- {
---- openssl-1.0.0.orig/test/testssl 2006-03-10 15:06:27.000000000 -0800
-+++ openssl-1.0.0/test/testssl 2010-04-26 10:24:55.000000000 -0700
-@@ -70,6 +70,16 @@ $ssltest -client_auth $CA $extra || exit
- echo test sslv2/sslv3 with both client and server authentication
- $ssltest -server_auth -client_auth $CA $extra || exit 1
-
-+echo test sslv2/sslv3 with both client and server authentication and small client buffers
-+$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1
-+
-+echo test sslv2/sslv3 with both client and server authentication and small server buffers
-+$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
-+
-+echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
-+$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
-+
-+
- echo test sslv2 via BIO pair
- $ssltest -bio_pair -ssl2 $extra || exit 1
-
diff --git a/deps/openssl/patches/tls_exporter.patch b/deps/openssl/patches/tls_exporter.patch
deleted file mode 100755
index a9e64a3c7..000000000
--- a/deps/openssl/patches/tls_exporter.patch
+++ /dev/null
@@ -1,220 +0,0 @@
-diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
-index c3b77c8..a94290a 100644
---- a/ssl/d1_lib.c
-+++ b/ssl/d1_lib.c
-@@ -82,6 +82,7 @@ SSL3_ENC_METHOD DTLSv1_enc_data={
- TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
- TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
- tls1_alert_code,
-+ tls1_export_keying_material,
- };
-
- long dtls1_default_timeout(void)
-diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index c19538a..1fecbbc 100644
---- a/ssl/s3_lib.c
-+++ b/ssl/s3_lib.c
-@@ -2087,6 +2087,9 @@ SSL3_ENC_METHOD SSLv3_enc_data={
- SSL3_MD_CLIENT_FINISHED_CONST,4,
- SSL3_MD_SERVER_FINISHED_CONST,4,
- ssl3_alert_code,
-+ (int (*)(SSL *, unsigned char *, size_t, const char *,
-+ size_t, const unsigned char *, size_t,
-+ int use_context)) ssl_undefined_function,
- };
-
- long ssl3_default_timeout(void)
-diff --git a/ssl/ssl.h b/ssl/ssl.h
-index 9336af8..be4af2f 100644
---- a/ssl/ssl.h
-+++ b/ssl/ssl.h
-@@ -2116,6 +2116,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
- #define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
- #define SSL_F_SSL_PEEK 270
-+#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 312
- #define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
- #define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
- #define SSL_F_SSL_READ 223
-@@ -2394,6 +2395,7 @@ void ERR_load_SSL_strings(void);
- #define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
- #define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
- #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
-+#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
- #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
- #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
- #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
-diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
-index 17d2cde..d6ad3c1 100644
---- a/ssl/ssl_lib.c
-+++ b/ssl/ssl_lib.c
-@@ -3127,6 +3127,18 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s, unsigned
- }
- #endif
-
-+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-+ const char *label, size_t llen, const unsigned char *p, size_t plen,
-+ int use_context)
-+ {
-+ if (s->version < TLS1_VERSION)
-+ return -1;
-+
-+ return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
-+ llen, p, plen,
-+ use_context);
-+ }
-+
- int SSL_cutthrough_complete(const SSL *s)
- {
- return (!s->server && /* cutthrough only applies to clients */
-diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 146c89c..e7c6b9a 100644
---- a/ssl/ssl_locl.h
-+++ b/ssl/ssl_locl.h
-@@ -557,6 +557,10 @@ typedef struct ssl3_enc_method
- const char *server_finished_label;
- int server_finished_label_len;
- int (*alert_value)(int);
-+ int (*export_keying_material)(SSL *, unsigned char *, size_t,
-+ const char *, size_t,
-+ const unsigned char *, size_t,
-+ int use_context);
- } SSL3_ENC_METHOD;
-
- #ifndef OPENSSL_NO_COMP
-@@ -1041,6 +1045,9 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
- int tls1_mac(SSL *ssl, unsigned char *md, int snd);
- int tls1_generate_master_secret(SSL *s, unsigned char *out,
- unsigned char *p, int len);
-+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-+ const char *label, size_t llen, const unsigned char *p,
-+ size_t plen, int use_context);
- int tls1_alert_code(int code);
- int ssl3_alert_code(int code);
- int ssl_ok(SSL *s);
-diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
-index 793ea43..b1d5b28 100644
---- a/ssl/t1_enc.c
-+++ b/ssl/t1_enc.c
-@@ -1001,6 +1001,95 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
- return(SSL3_MASTER_SECRET_SIZE);
- }
-
-+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-+ const char *label, size_t llen, const unsigned char *context,
-+ size_t contextlen, int use_context)
-+ {
-+ unsigned char *buff;
-+ unsigned char *val = NULL;
-+ size_t vallen, currentvalpos;
-+ int rv;
-+
-+#ifdef KSSL_DEBUG
-+ printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen);
-+#endif /* KSSL_DEBUG */
-+
-+ buff = OPENSSL_malloc(olen);
-+ if (buff == NULL) goto err2;
-+
-+ /* construct PRF arguments
-+ * we construct the PRF argument ourself rather than passing separate
-+ * values into the TLS PRF to ensure that the concatenation of values
-+ * does not create a prohibited label.
-+ */
-+ vallen = llen + SSL3_RANDOM_SIZE * 2;
-+ if (use_context)
-+ {
-+ vallen += 2 + contextlen;
-+ }
-+
-+ val = OPENSSL_malloc(vallen);
-+ if (val == NULL) goto err2;
-+ currentvalpos = 0;
-+ memcpy(val + currentvalpos, (unsigned char *) label, llen);
-+ currentvalpos += llen;
-+ memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
-+ currentvalpos += SSL3_RANDOM_SIZE;
-+ memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
-+ currentvalpos += SSL3_RANDOM_SIZE;
-+
-+ if (use_context)
-+ {
-+ val[currentvalpos] = (contextlen >> 8) & 0xff;
-+ currentvalpos++;
-+ val[currentvalpos] = contextlen & 0xff;
-+ currentvalpos++;
-+ if ((contextlen > 0) || (context != NULL))
-+ {
-+ memcpy(val + currentvalpos, context, contextlen);
-+ }
-+ }
-+
-+ /* disallow prohibited labels
-+ * note that SSL3_RANDOM_SIZE > max(prohibited label len) =
-+ * 15, so size of val > max(prohibited label len) = 15 and the
-+ * comparisons won't have buffer overflow
-+ */
-+ if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
-+ TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0) goto err1;
-+ if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
-+ TLS_MD_SERVER_FINISH_CONST_SIZE) == 0) goto err1;
-+ if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
-+ TLS_MD_MASTER_SECRET_CONST_SIZE) == 0) goto err1;
-+ if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
-+ TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) goto err1;
-+
-+ rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
-+ val, vallen,
-+ NULL, 0,
-+ NULL, 0,
-+ NULL, 0,
-+ NULL, 0,
-+ s->session->master_key,s->session->master_key_length,
-+ out,buff,olen);
-+
-+#ifdef KSSL_DEBUG
-+ printf ("tls1_export_keying_material() complete\n");
-+#endif /* KSSL_DEBUG */
-+ goto ret;
-+err1:
-+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
-+ rv = 0;
-+ goto ret;
-+err2:
-+ SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
-+ rv = 0;
-+ret:
-+ if (buff != NULL) OPENSSL_free(buff);
-+ if (val != NULL) OPENSSL_free(val);
-+ return(rv);
-+ }
-+
- int tls1_alert_code(int code)
- {
- switch (code)
-diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
-index daa65c9..c094471 100644
---- a/ssl/t1_lib.c
-+++ b/ssl/t1_lib.c
-@@ -209,6 +209,7 @@ SSL3_ENC_METHOD TLSv1_enc_data={
- TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
- TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
- tls1_alert_code,
-+ tls1_export_keying_material,
- };
-
- long tls1_default_timeout(void)
-diff --git a/ssl/tls1.h b/ssl/tls1.h
-index 1fa96e5..7bbb875 100644
---- a/ssl/tls1.h
-+++ b/ssl/tls1.h
-@@ -231,6 +231,9 @@ extern "C" {
-
- const char *SSL_get_servername(const SSL *s, const int type) ;
- int SSL_get_servername_type(const SSL *s) ;
-+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-+ const char *label, size_t llen, const unsigned char *p, size_t plen,
-+ int use_context);
-
- #define SSL_set_tlsext_host_name(s,name) \
- SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name) \ No newline at end of file
diff --git a/deps/openssl/patches/x509_hash_name_algorithm_change.patch b/deps/openssl/patches/x509_hash_name_algorithm_change.patch
deleted file mode 100644
index d9601844d..000000000
--- a/deps/openssl/patches/x509_hash_name_algorithm_change.patch
+++ /dev/null
@@ -1,31 +0,0 @@
---- openssl-1.0.0f-origin/crypto/x509/by_dir.c 2012-01-19 02:20:24.821550944 +0800
-+++ openssl-1.0.0f/crypto/x509/by_dir.c 2012-01-19 23:36:53.597870429 +0800
-@@ -287,6 +287,8 @@
- int ok=0;
- int i,j,k;
- unsigned long h;
-+ unsigned long hash_array[2];
-+ int hash_index;
- BUF_MEM *b=NULL;
- X509_OBJECT stmp,*tmp;
- const char *postfix="";
-@@ -323,6 +325,11 @@
- ctx=(BY_DIR *)xl->method_data;
-
- h=X509_NAME_hash(name);
-+ hash_array[0]=h;
-+ hash_array[1]=X509_NAME_hash_old(name);
-+ for (hash_index=0; hash_index < 2; hash_index++)
-+ {
-+ h=hash_array[hash_index];
- for (i=0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++)
- {
- BY_DIR_ENTRY *ent;
-@@ -476,6 +483,7 @@
- goto finish;
- }
- }
-+ }
- finish:
- if (b != NULL) BUF_MEM_free(b);
- return(ok);