main/openssl: fix rpath and turn off ssl compression by default

System wide mitigation for CVE-2012-4929. While most affected
programs turn off compression themselves, this is safer default.

1 files changed, 782 insertions, 0 deletions

diff --git a/main/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/main/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
new file mode 100644
index 0000000000..5a2cdd633a
--- /dev/null
+++ b/main/openssl/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -0,0 +1,782 @@
+From 728af0306505f1ff91364ac2175fb6bf5da90ec3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Thu, 5 Feb 2015 09:41:12 +0200
+Subject: [PATCH] engines/e_padlock: implement sha1/sha224/sha256 acceleration
+
+Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT
+is used appropriately (as done by EVP_Digest, and my previous HMAC patch).
+
+Full support for VIA Nano including partial transformation and 64-bit mode.
+
+Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and
+apps/speed patches done. From single run, error margin of about 100-200k.
+
+No padlock
+
+type         16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+sha1         20057.60k    51514.05k    99721.39k   130167.81k   142811.14k
+sha256        7757.72k    16907.18k    28937.05k    35181.23k    37568.51k
+hmac(sha1)    8582.53k    27644.69k    70402.30k   114602.67k   140167.85k
+
+With the patch
+
+sha1         37713.77k   114562.71k   259637.33k   379907.41k   438818.13k
+sha256       34262.86k   103233.75k   232476.07k   338386.60k   389860.01k
+hmac(sha1)    8424.70k    31475.11k   104036.10k   245559.30k   406667.26k
+---
+ engines/e_padlock.c | 663 ++++++++++++++++++++++++++++++++++++++++++++++++----
+ 1 file changed, 614 insertions(+), 49 deletions(-)
+
+diff --git a/engines/e_padlock.c b/engines/e_padlock.c
+index 94406cb..5e99114 100644
+--- a/engines/e_padlock.c
++++ b/engines/e_padlock.c
+@@ -3,6 +3,9 @@
+  * Written by Michal Ludvig <michal@logix.cz>
+  *            http://www.logix.cz/michal
+  *
++ * SHA support by Timo Teras <timo.teras@iki.fi>. Portions based on
++ * code originally written by Michal Ludvig.
++ *
+  * Big thanks to Andy Polyakov for a help with optimization,
+  * assembler fixes, port to MS Windows and a lot of other
+  * valuable work on this engine!
+@@ -63,7 +66,9 @@
+  */
+ 
+ #include <stdio.h>
++#include <stdint.h>
+ #include <string.h>
++#include <netinet/in.h>
+ 
+ #include <openssl/opensslconf.h>
+ #include <openssl/crypto.h>
+@@ -73,11 +78,32 @@
+ #ifndef OPENSSL_NO_AES
+ # include <openssl/aes.h>
+ #endif
++#ifndef OPENSSL_NO_SHA
++# include <openssl/sha.h>
++#endif
+ #include <openssl/rand.h>
+ #include <openssl/err.h>
+ 
+ #ifndef OPENSSL_NO_HW
+-# ifndef OPENSSL_NO_HW_PADLOCK
++#  ifndef OPENSSL_NO_HW_PADLOCK
++
++/* PadLock RNG is disabled by default */
++#    define PADLOCK_NO_RNG	1
++
++/* No ASM routines for SHA in MSC yet */
++#    ifdef _MSC_VER
++#      define OPENSSL_NO_SHA
++#    endif
++
++/* 64-bit mode does not need software SHA1 as fallback, we can
++ * do all operations with padlock */
++#    if defined(__x86_64__) || defined(__x86_64)
++#      define PADLOCK_NEED_FALLBACK_SHA 0
++#    else
++#      define PADLOCK_NEED_FALLBACK_SHA 1
++#    endif
++
++#    define PADLOCK_MAX_FINALIZING_LENGTH	0x1FFFFFFE
+ 
+ /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
+ #  if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+@@ -151,60 +177,42 @@ void ENGINE_load_padlock(void)
+ static int padlock_available(void);
+ static int padlock_init(ENGINE *e);
+ 
++#  ifndef PADLOCK_NO_RNG
+ /* RNG Stuff */
+ static RAND_METHOD padlock_rand;
+-
+-/* Cipher Stuff */
+-#   ifndef OPENSSL_NO_AES
+-static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+-                           const int **nids, int nid);
+ #   endif
+ 
+ /* Engine names */
+ static const char *padlock_id = "padlock";
+ static char padlock_name[100];
+ 
++static int padlock_bind_helper(ENGINE *e);
++
+ /* Available features */
+-static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
+-static int padlock_use_rng = 0; /* Random Number Generator */
++enum padlock_flags {
++    PADLOCK_RNG  = 0x01,
++    PADLOCK_ACE  = 0x02,
++    PADLOCK_ACE2 = 0x04,
++    PADLOCK_PHE  = 0x08,
++    PADLOCK_PMM  = 0x10,
++    PADLOCK_NANO = 0x20,
++};
++enum padlock_flags padlock_flags;
++ 
++#define PADLOCK_HAVE_RNG  (padlock_flags & PADLOCK_RNG)
++#define PADLOCK_HAVE_ACE  (padlock_flags & (PADLOCK_ACE|PADLOCK_ACE2))
++#define PADLOCK_HAVE_ACE1 (padlock_flags & PADLOCK_ACE)
++#define PADLOCK_HAVE_ACE2 (padlock_flags & PADLOCK_ACE2)
++#define PADLOCK_HAVE_PHE  (padlock_flags & PADLOCK_PHE)
++#define PADLOCK_HAVE_PMM  (padlock_flags & PADLOCK_PMM)
++#define PADLOCK_HAVE_NANO (padlock_flags & PADLOCK_NANO)
++
+ #   ifndef OPENSSL_NO_AES
+ static int padlock_aes_align_required = 1;
+ #   endif
+ 
+ /* ===== Engine "management" functions ===== */
+ 
+-/* Prepare the ENGINE structure for registration */
+-static int padlock_bind_helper(ENGINE *e)
+-{
+-    /* Check available features */
+-    padlock_available();
+-
+-#   if 1                        /* disable RNG for now, see commentary in
+-                                 * vicinity of RNG code */
+-    padlock_use_rng = 0;
+-#   endif
+-
+-    /* Generate a nice engine name with available features */
+-    BIO_snprintf(padlock_name, sizeof(padlock_name),
+-                 "VIA PadLock (%s, %s)",
+-                 padlock_use_rng ? "RNG" : "no-RNG",
+-                 padlock_use_ace ? "ACE" : "no-ACE");
+-
+-    /* Register everything or return with an error */
+-    if (!ENGINE_set_id(e, padlock_id) ||
+-        !ENGINE_set_name(e, padlock_name) ||
+-        !ENGINE_set_init_function(e, padlock_init) ||
+-#   ifndef OPENSSL_NO_AES
+-        (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
+-#   endif
+-        (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
+-        return 0;
+-    }
+-
+-    /* Everything looks good */
+-    return 1;
+-}
+-
+ #   ifdef OPENSSL_NO_DYNAMIC_ENGINE
+ 
+ /* Constructor */
+@@ -229,7 +237,7 @@ static ENGINE *ENGINE_padlock(void)
+ /* Check availability of the engine */
+ static int padlock_init(ENGINE *e)
+ {
+-    return (padlock_use_rng || padlock_use_ace);
++    return padlock_flags;
+ }
+ 
+ /*
+@@ -377,10 +385,20 @@ static int padlock_available(void)
+                   "=d"(edx)::"ecx");
+ 
+     /* Fill up some flags */
+-    padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
+-    padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
+-
+-    return padlock_use_ace + padlock_use_rng;
++    padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
++    padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
++    padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
++    padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
++    padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
++
++    /* Check for VIA Nano CPU */
++    eax = 0x00000001;
++    asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
++                  : "+a"(eax) : : "ecx", "edx");
++    if ((eax | 0x000F) == 0x06FF)
++        padlock_flags |= PADLOCK_NANO;
++
++    return padlock_flags;
+ }
+ 
+ /*
+@@ -473,10 +491,14 @@ padlock_available(void)
+ 		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
+ 
+ 	/* Fill up some flags */
+-	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
+-	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
+-
+-	return padlock_use_ace + padlock_use_rng;
++	padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
++	padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
++	padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
++	padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
++	padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
++	padlock_flags |= PADLOCK_NANO;
++
++	return padlock_flags;
+ }
+ 
+ /* Force key reload from memory to the CPU microcode.
+@@ -1293,6 +1315,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ 
+ #   endif                       /* OPENSSL_NO_AES */
+ 
++#ifndef OPENSSL_NO_SHA
++
++static inline void
++padlock_copy_bswap(void *dst, void *src, size_t count)
++{
++	uint32_t *udst = dst, *usrc = src;
++	int i = 0;
++
++	for (i = 0; i < count; i++)
++		udst[i] = htonl(usrc[i]);
++}
++
++static unsigned long padlock_sha_prepare_padding(
++		EVP_MD_CTX *ctx,
++		unsigned char *padding,
++		unsigned char *data, size_t data_len,
++		uint64_t total)
++{
++	unsigned int padding_len;
++
++	padding_len = data_len < 56 ? SHA_CBLOCK : 2 * SHA_CBLOCK;
++	if (data_len)
++		memcpy(padding, data, data_len);
++
++	memset(padding + data_len, 0, padding_len - data_len);
++	padding[data_len] = 0x80;
++	*(uint32_t *)(padding + padding_len - 8) = htonl(total >> 32);
++	*(uint32_t *)(padding + padding_len - 4) = htonl(total & 0xffffffff);
++
++	return data_len < 56 ? 1 : 2;
++}
++
++#define PADLOCK_SHA_ALIGN(dd)	(uint32_t*)(((uintptr_t)(dd) + 15) & ~15)
++#define PADLOCK_SHA_HWCTX	(128+16)
++
++static void
++padlock_sha1(void *hwctx, const void *buf, unsigned long total, unsigned long now)
++{
++	unsigned long pos = total - now;
++
++	asm volatile ("xsha1"
++			: "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
++			: : "memory");
++}
++
++static void
++padlock_sha1_partial(void *hwctx, const void *buf, unsigned long blocks)
++{
++	asm volatile ("xsha1"
++			: "+S"(buf), "+D"(hwctx), "+c"(blocks)
++			: "a"(-1L) : "memory");
++}
++
++static int padlock_sha1_init(EVP_MD_CTX *ctx)
++{
++	return SHA1_Init(ctx->md_data);
++}
++
++#if PADLOCK_NEED_FALLBACK_SHA
++
++static int padlock_sha1_update_eden(EVP_MD_CTX *ctx, const void *data,
++				    size_t len)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	SHA_CTX *c = ctx->md_data;
++	uint_fast64_t total;
++	const unsigned char *p = data;
++	unsigned long l = 0;
++
++	/* Calculate total length (Nl,Nh) is length in bits */
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++	total += len;
++
++	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
++		if (c->num != 0) {
++			l = (len < SHA_CBLOCK - c->num) ? len : (SHA_CBLOCK - c->num);
++			if (!SHA1_Update(c, data, l))
++				return 0;
++			p += l;
++			if (c->num != 0) {
++				p = (unsigned char *) c->data;
++				len = c->num;
++				l = 0;
++			}
++		}
++		memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
++		padlock_sha1(aligned, p, total, len - l);
++		memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
++		c->num = -1;
++		return 1;
++	}
++
++	return SHA1_Update(c, data, len);
++}
++#endif
++
++static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data,
++			       size_t len)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	SHA_CTX *c = ctx->md_data;
++	uint_fast64_t total;
++	unsigned char *p;
++	unsigned long n;
++
++	/* Calculate total length (Nl,Nh) is length in bits */
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++	total += len;
++	c->Nh = total >> 29;
++	c->Nl = (total << 3) & 0xffffffffUL;
++
++	memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
++
++	/* Check partial data */
++	n = c->num;
++	if (n) {
++		p = (unsigned char *) c->data;
++		if (len >= SHA_CBLOCK || len+n >= SHA_CBLOCK) {
++			memcpy(p+n, data, SHA_CBLOCK-n);
++			padlock_sha1_partial(aligned, p, 1);
++			n      = SHA_CBLOCK - n;
++			data  += n;
++			len   -= n;
++			c->num = 0;
++			memset(p, 0, SHA_CBLOCK);
++		} else {
++			memcpy(p+n, data, len);
++			c->num += (unsigned int)len;
++			return 1;
++		}
++	}
++
++	/* Can we finalize straight away? */
++	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
++		padlock_sha1(aligned, data, total, len);
++		memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
++		c->num = -1;
++		return 1;
++	}
++
++	/* Use nonfinalizing update */
++	n = len / SHA_CBLOCK;
++	if (n != 0) {
++		padlock_sha1_partial(aligned, data, n);
++		data += n * SHA_CBLOCK;
++		len  -= n * SHA_CBLOCK;
++	}
++	memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
++
++	/* Buffer remaining bytes */
++	if (len) {
++		memcpy(c->data, data, len);
++		c->num = len;
++	}
++
++	return 1;
++}
++
++static int padlock_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	uint64_t total;
++	SHA_CTX *c = ctx->md_data;
++
++	if (c->num == -1) {
++		padlock_copy_bswap(md, &c->h0, 5);
++		c->num = 0;
++		return 1;
++	}
++
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++#if PADLOCK_NEED_FALLBACK_SHA
++	if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
++		return SHA1_Final(md, c);
++#endif
++
++	memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
++	if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
++		unsigned char padding[2 * SHA_CBLOCK];
++		unsigned long n;
++
++		n = padlock_sha_prepare_padding(ctx, padding,
++			(unsigned char *) c->data, c->num, total << 3);
++		padlock_sha1_partial(aligned, padding, n);
++	} else {
++		padlock_sha1(aligned, c->data, total, c->num);
++	}
++	padlock_copy_bswap(md, aligned, 5);
++	c->num = 0;
++
++	return 1;
++}
++
++static EVP_MD padlock_sha1_md = {
++	NID_sha1,
++	NID_sha1WithRSAEncryption,
++	SHA_DIGEST_LENGTH,
++	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
++	padlock_sha1_init,
++	padlock_sha1_update,
++	padlock_sha1_final,
++	NULL,
++	NULL,
++	EVP_PKEY_RSA_method,
++	SHA_CBLOCK,
++	sizeof(SHA_CTX),
++};
++
++static EVP_MD padlock_dss1_md = {
++	NID_dsa,
++	NID_dsaWithSHA1,
++	SHA_DIGEST_LENGTH,
++	0,
++	padlock_sha1_init,
++	padlock_sha1_update,
++	padlock_sha1_final,
++	NULL,
++	NULL,
++	EVP_PKEY_DSA_method,
++	SHA_CBLOCK,
++	sizeof(SHA_CTX),
++};
++
++
++#if !defined(OPENSSL_NO_SHA256)
++
++static void
++padlock_sha256(void *hwctx, const void *buf, unsigned long total, unsigned long now)
++{
++	unsigned long pos = total - now;
++
++	asm volatile ("xsha256"
++			: "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
++			: : "memory");
++}
++
++static void
++padlock_sha256_partial(void *hwctx, const void *buf, unsigned long blocks)
++{
++	asm volatile ("xsha256"
++			: "+S"(buf), "+D"(hwctx), "+c"(blocks)
++			: "a"(-1L) : "memory");
++}
++
++#if PADLOCK_NEED_FALLBACK_SHA
++
++static int padlock_sha256_update_eden(EVP_MD_CTX *ctx, const void *data,
++				      size_t len)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	SHA256_CTX *c = ctx->md_data;
++	uint_fast64_t total;
++	const unsigned char *p = data;
++	unsigned int l = 0;
++
++	/* Calculate total length (Nl,Nh) is length in bits */
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++	total += len;
++
++	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
++		if (c->num != 0) {
++			l = (len < SHA256_CBLOCK - c->num) ? len : (SHA256_CBLOCK - c->num);
++			if (!SHA256_Update(c, data, l))
++				return 0;
++			p += l;
++			if (c->num != 0) {
++				p = (unsigned char *) c->data;
++				len = c->num;
++				l = 0;
++			}
++		}
++		memcpy(aligned, c->h, sizeof(c->h));
++		padlock_sha256(aligned, p, total, len - l);
++		memcpy(c->h, aligned, sizeof(c->h));
++		c->num = -1;
++		return 1;
++	}
++
++	return SHA256_Update(c, data, len);
++}
++
++#endif
++
++static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data,
++				 size_t len)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	SHA256_CTX *c = ctx->md_data;
++	uint_fast64_t total;
++	unsigned char *p;
++	unsigned long n;
++
++	/* Calculate total length (Nl,Nh) is length in bits */
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++	total += len;
++	c->Nh = total >> 29;
++	c->Nl = (total << 3) & 0xffffffffUL;
++
++	memcpy(aligned, c->h, sizeof(c->h));
++
++	/* Check partial data */
++	n = c->num;
++	if (n) {
++		p = (unsigned char *) c->data;
++		if (len >= SHA256_CBLOCK || len+n >= SHA256_CBLOCK) {
++			memcpy(p+n, data, SHA256_CBLOCK-n);
++			padlock_sha256_partial(aligned, p, 1);
++			n      = SHA256_CBLOCK - n;
++			data  += n;
++			len   -= n;
++			c->num = 0;
++			memset(p, 0, SHA256_CBLOCK);
++		} else {
++			memcpy(p+n, data, len);
++			c->num += (unsigned int)len;
++			return 1;
++		}
++	}
++
++	/* Can we finalize straight away? */
++	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
++		padlock_sha256(aligned, data, total, len);
++		memcpy(c->h, aligned, sizeof(c->h));
++		c->num = -1;
++		return 1;
++	}
++
++	/* Use nonfinalizing update */
++	n = len / SHA256_CBLOCK;
++	if (n != 0) {
++		padlock_sha256_partial(aligned, data, n);
++		data += n * SHA256_CBLOCK;
++		len  -= n * SHA256_CBLOCK;
++	}
++	memcpy(c->h, aligned, sizeof(c->h));
++
++	/* Buffer remaining bytes */
++	if (len) {
++		memcpy(c->data, data, len);
++		c->num = len;
++	}
++
++	return 1;
++}
++
++static int padlock_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
++{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	uint64_t total;
++	SHA256_CTX *c = ctx->md_data;
++
++	if (c->num == -1) {
++		padlock_copy_bswap(md, c->h, sizeof(c->h)/sizeof(c->h[0]));
++		c->num = 0;
++		return 1;
++	}
++
++	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
++#if PADLOCK_NEED_FALLBACK_SHA
++	if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
++		return SHA256_Final(md, c);
++#endif
++
++	memcpy(aligned, c->h, sizeof(c->h));
++	if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
++		unsigned char padding[2 * SHA_CBLOCK];
++		unsigned long n;
++
++		n = padlock_sha_prepare_padding(ctx, padding,
++			(unsigned char *) c->data, c->num, total << 3);
++		padlock_sha256_partial(aligned, padding, n);
++	} else {
++		padlock_sha256(aligned, c->data, total, c->num);
++	}
++	padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0]));
++	c->num = 0;
++	return 1;
++}
++
++#if !defined(OPENSSL_NO_SHA224)
++
++static int padlock_sha224_init(EVP_MD_CTX *ctx)
++{
++	return SHA224_Init(ctx->md_data);
++}
++
++static EVP_MD padlock_sha224_md = {
++	NID_sha224,
++	NID_sha224WithRSAEncryption,
++	SHA224_DIGEST_LENGTH,
++	0,
++	padlock_sha224_init,
++	padlock_sha256_update,
++	padlock_sha256_final,
++	NULL,
++	NULL,
++	EVP_PKEY_RSA_method,
++	SHA_CBLOCK,
++	sizeof(SHA256_CTX),
++};
++#endif /* !OPENSSL_NO_SHA224 */
++
++static int padlock_sha256_init(EVP_MD_CTX *ctx)
++{
++	return SHA256_Init(ctx->md_data);
++}
++
++static EVP_MD padlock_sha256_md = {
++	NID_sha256,
++	NID_sha256WithRSAEncryption,
++	SHA256_DIGEST_LENGTH,
++	0,
++	padlock_sha256_init,
++	padlock_sha256_update,
++	padlock_sha256_final,
++	NULL,
++	NULL,
++	EVP_PKEY_RSA_method,
++	SHA_CBLOCK,
++	sizeof(SHA256_CTX),
++};
++#endif /* !OPENSSL_NO_SHA256 */
++
++static int padlock_digest_nids[] = {
++#if !defined(OPENSSL_NO_SHA)
++	NID_sha1,
++	NID_dsa,
++#endif
++#if !defined(OPENSSL_NO_SHA256)
++#if !defined(OPENSSL_NO_SHA224)
++	NID_sha224,
++#endif
++	NID_sha256,
++#endif
++};
++
++static int padlock_digest_nids_num = sizeof(padlock_digest_nids)/sizeof(padlock_digest_nids[0]);
++
++static int
++padlock_digests (ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
++{
++	/* No specific digest => return a list of supported nids ... */
++	if (!digest) {
++		*nids = padlock_digest_nids;
++		return padlock_digest_nids_num;
++	}
++
++	/* ... or the requested "digest" otherwise */
++	switch (nid) {
++#if !defined(OPENSSL_NO_SHA)
++	  case NID_sha1:
++	    *digest = &padlock_sha1_md;
++	    break;
++	  case NID_dsa:
++	    *digest = &padlock_dss1_md;
++	    break;
++#endif
++#if !defined(OPENSSL_NO_SHA256)
++#if !defined(OPENSSL_NO_SHA224)
++	  case NID_sha224:
++	    *digest = &padlock_sha224_md;
++	    break;
++#endif	/* OPENSSL_NO_SHA224 */
++	  case NID_sha256:
++	    *digest = &padlock_sha256_md;
++	    break;
++#endif	/* OPENSSL_NO_SHA256 */
++	  default:
++	    /* Sorry, we don't support this NID */
++	    *digest = NULL;
++	    return 0;
++	}
++
++	return 1;
++}
++
++#endif /* OPENSSL_NO_SHA */
++
++#ifndef PADLOCK_NO_RNG
++
+ /* ===== Random Number Generator ===== */
+ /*
+  * This code is not engaged. The reason is that it does not comply
+@@ -1356,6 +1868,59 @@ static RAND_METHOD padlock_rand = {
+     padlock_rand_bytes,         /* pseudorand */
+     padlock_rand_status,        /* rand status */
+ };
++#endif /* PADLOCK_NO_RNG */
++
++/* Prepare the ENGINE structure for registration */
++static int
++padlock_bind_helper(ENGINE *e)
++{
++	/* Check available features */
++	padlock_available();
++
++	/* Generate a nice engine name with available features */
++	BIO_snprintf(padlock_name, sizeof(padlock_name),
++		"VIA PadLock: %s%s%s%s%s%s",
++		padlock_flags ? "" : "not supported",
++		PADLOCK_HAVE_RNG ? "RNG " : "",
++		PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "",
++		PADLOCK_HAVE_PHE ? "PHE " : "",
++		PADLOCK_HAVE_PMM ? "PMM " : "",
++		PADLOCK_HAVE_NANO ? "NANO " : ""
++		);
++
++#if PADLOCK_NEED_FALLBACK_SHA && !defined(OPENSSL_NO_SHA)
++	if (!PADLOCK_HAVE_NANO) {
++		padlock_sha1_md.update = padlock_sha1_update_eden;
++		padlock_dss1_md.update = padlock_sha1_update_eden;
++#if !defined(OPENSSL_NO_SHA256)
++#if !defined(OPENSSL_NO_SHA224)
++		padlock_sha224_md.update = padlock_sha256_update_eden;
++#endif
++		padlock_sha256_md.update = padlock_sha256_update_eden;
++#endif
++	}
++#endif  
++
++	/* Register everything or return with an error */
++	if (!ENGINE_set_id(e, padlock_id) ||
++	    !ENGINE_set_name(e, padlock_name) ||
++	    !ENGINE_set_init_function(e, padlock_init)
++#ifndef OPENSSL_NO_AES
++	    || (PADLOCK_HAVE_ACE && !ENGINE_set_ciphers (e, padlock_ciphers))
++#endif
++#ifndef OPENSSL_NO_SHA
++	    || (PADLOCK_HAVE_PHE && !ENGINE_set_digests (e, padlock_digests))
++#endif
++#ifndef PADLOCK_NO_RNG
++	    || (PADLOCK_HAVE_RNG && !ENGINE_set_RAND (e, &padlock_rand))
++#endif
++	    ) {
++		return 0;
++	}
++
++	/* Everything looks good */
++	return 1;
++}
+ 
+ #  else                         /* !COMPILE_HW_PADLOCK */
+ #   ifndef OPENSSL_NO_DYNAMIC_ENGINE
+-- 
+2.2.2
+