diff options
author | Timo Teräs <timo.teras@iki.fi> | 2010-07-28 10:50:42 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2010-07-28 10:50:42 +0300 |
commit | c27aacffd3a052ea590bcec29c488cff8cb3eb17 (patch) | |
tree | 911aa4156ec2c6d5d18821b00d44f095d543ba29 /main | |
parent | b2a88afe1a1189c5f504a3a10c5ae258ffce4af9 (diff) | |
download | aports-c27aacffd3a052ea590bcec29c488cff8cb3eb17.tar.bz2 aports-c27aacffd3a052ea590bcec29c488cff8cb3eb17.tar.xz |
main/openssl: refresh padlock patches
The new feature is support for VIA Nano Padlock in 64-bit mode.
Diffstat (limited to 'main')
-rw-r--r-- | main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch | 6 | ||||
-rw-r--r-- | main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch | 4 | ||||
-rw-r--r-- | main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch | 203 | ||||
-rw-r--r-- | main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch (renamed from main/openssl/0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch) | 237 | ||||
-rw-r--r-- | main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch (renamed from main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) | 4 | ||||
-rw-r--r-- | main/openssl/APKBUILD | 17 |
6 files changed, 377 insertions, 94 deletions
diff --git a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch index 514ed0d83a..1c837bccb8 100644 --- a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch +++ b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch @@ -1,7 +1,7 @@ -From 16a40910dd3ae5ab702ee1274f9e2f08362e4474 Mon Sep 17 00:00:00 2001 +From 74e428937523858363f26f89d86db24932447ca1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Fri, 4 Jun 2010 09:48:39 +0300 -Subject: [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly +Subject: [PATCH 1/5] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT is set before final update. This is because some crypto accelerators cannot @@ -16,7 +16,7 @@ though. 1 files changed, 11 insertions(+), 3 deletions(-) diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c -index 45015fe..7ce2a50 100644 +index 45015fe..55ad15c 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -66,6 +66,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, diff --git a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch index 8859f40601..f12d45a841 100644 --- a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch +++ b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch @@ -1,7 +1,7 @@ -From de61d5881a12b359dfb1b4fbbb53412460196553 Mon Sep 17 00:00:00 2001 +From ca1f332fbadc20d53d807d542fb37988a5508d32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Thu, 3 Jun 2010 09:02:13 +0300 -Subject: [PATCH 2/3] apps/speed: fix digest speed measurement and add hmac-sha1 test +Subject: [PATCH 2/5] apps/speed: fix digest speed measurement and add hmac-sha1 test Merge the common code of testing digest speed, and make it reuse existing context. Context creation can be heavy operation, and it's diff --git a/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch b/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch new file mode 100644 index 0000000000..a590269b99 --- /dev/null +++ b/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch @@ -0,0 +1,203 @@ +From 1d27eeb41fbc2e8f36f156d4d66d04486afee742 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Wed, 28 Jul 2010 08:29:09 +0300 +Subject: [PATCH 3/5] engines/e_padlock: backport cvs head changes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Includes support for VIA Nano 64-bit mode. + +Signed-off-by: Timo Teräs <timo.teras@iki.fi> +--- + engines/e_padlock.c | 140 ++++++++++++++++++++++++++++++++++++++++++++------- + 1 files changed, 122 insertions(+), 18 deletions(-) + +diff --git a/engines/e_padlock.c b/engines/e_padlock.c +index 381a746..4300f35 100644 +--- a/engines/e_padlock.c ++++ b/engines/e_padlock.c +@@ -101,7 +101,10 @@ + compiler choice is limited to GCC and Microsoft C. */ + #undef COMPILE_HW_PADLOCK + #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM) +-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \ ++# if (defined(__GNUC__) && __GNUC__>=2 && \ ++ (defined(__i386__) || defined(__i386) || \ ++ defined(__x86_64__) || defined(__x86_64)) \ ++ ) || \ + (defined(_MSC_VER) && defined(_M_IX86)) + # define COMPILE_HW_PADLOCK + static ENGINE *ENGINE_padlock (void); +@@ -294,6 +297,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context; + * ======================================================= + */ + #if defined(__GNUC__) && __GNUC__>=2 ++#if defined(__i386__) || defined(__i386) + /* + * As for excessive "push %ebx"/"pop %ebx" found all over. + * When generating position-independent code GCC won't let +@@ -373,21 +377,6 @@ padlock_available(void) + return padlock_use_ace + padlock_use_rng; + } + +-#ifndef OPENSSL_NO_AES +-/* Our own htonl()/ntohl() */ +-static inline void +-padlock_bswapl(AES_KEY *ks) +-{ +- size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); +- unsigned int *key = ks->rd_key; +- +- while (i--) { +- asm volatile ("bswapl %0" : "+r"(*key)); +- key++; +- } +-} +-#endif +- + /* Force key reload from memory to the CPU microcode. + Loading EFLAGS from the stack clears EFLAGS[30] + which does the trick. */ +@@ -445,12 +434,127 @@ static inline void *name(size_t cnt, \ + : "edx", "cc", "memory"); \ + return iv; \ + } ++#endif ++ ++#elif defined(__x86_64__) || defined(__x86_64) ++ ++/* Load supported features of the CPU to see if ++ the PadLock is available. */ ++static int ++padlock_available(void) ++{ ++ char vendor_string[16]; ++ unsigned int eax, edx; + ++ /* Are we running on the Centaur (VIA) CPU? */ ++ eax = 0x00000000; ++ vendor_string[12] = 0; ++ asm volatile ( ++ "cpuid\n" ++ "movl %%ebx,(%1)\n" ++ "movl %%edx,4(%1)\n" ++ "movl %%ecx,8(%1)\n" ++ : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx"); ++ if (strcmp(vendor_string, "CentaurHauls") != 0) ++ return 0; ++ ++ /* Check for Centaur Extended Feature Flags presence */ ++ eax = 0xC0000000; ++ asm volatile ("cpuid" ++ : "+a"(eax) : : "rbx", "rcx", "rdx"); ++ if (eax < 0xC0000001) ++ return 0; ++ ++ /* Read the Centaur Extended Feature Flags */ ++ eax = 0xC0000001; ++ asm volatile ("cpuid" ++ : "+a"(eax), "=d"(edx) : : "rbx", "rcx"); ++ ++ /* Fill up some flags */ ++ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); ++ padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); ++ ++ return padlock_use_ace + padlock_use_rng; ++} ++ ++/* Force key reload from memory to the CPU microcode. ++ Loading EFLAGS from the stack clears EFLAGS[30] ++ which does the trick. */ ++static inline void ++padlock_reload_key(void) ++{ ++ asm volatile ("pushfq; popfq"); ++} ++ ++#ifndef OPENSSL_NO_AES ++/* ++ * This is heuristic key context tracing. At first one ++ * believes that one should use atomic swap instructions, ++ * but it's not actually necessary. Point is that if ++ * padlock_saved_context was changed by another thread ++ * after we've read it and before we compare it with cdata, ++ * our key *shall* be reloaded upon thread context switch ++ * and we are therefore set in either case... ++ */ ++static inline void ++padlock_verify_context(struct padlock_cipher_data *cdata) ++{ ++ asm volatile ( ++ "pushfq\n" ++" btl $30,(%%rsp)\n" ++" jnc 1f\n" ++" cmpq %2,%1\n" ++" je 1f\n" ++" popfq\n" ++" subq $8,%%rsp\n" ++"1: addq $8,%%rsp\n" ++" movq %2,%0" ++ :"+m"(padlock_saved_context) ++ : "r"(padlock_saved_context), "r"(cdata) : "cc"); ++} ++ ++/* Template for padlock_xcrypt_* modes */ ++/* BIG FAT WARNING: ++ * The offsets used with 'leal' instructions ++ * describe items of the 'padlock_cipher_data' ++ * structure. ++ */ ++#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \ ++static inline void *name(size_t cnt, \ ++ struct padlock_cipher_data *cdata, \ ++ void *out, const void *inp) \ ++{ void *iv; \ ++ asm volatile ( "leaq 16(%0),%%rdx\n" \ ++ " leaq 32(%0),%%rbx\n" \ ++ rep_xcrypt "\n" \ ++ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ ++ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ ++ : "rbx", "rdx", "cc", "memory"); \ ++ return iv; \ ++} ++#endif ++ ++#endif /* cpu */ ++ ++#ifndef OPENSSL_NO_AES + /* Generate all functions with appropriate opcodes */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */ ++ ++/* Our own htonl()/ntohl() */ ++static inline void ++padlock_bswapl(AES_KEY *ks) ++{ ++ size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); ++ unsigned int *key = ks->rd_key; ++ ++ while (i--) { ++ asm volatile ("bswapl %0" : "+r"(*key)); ++ key++; ++ } ++} + #endif + + /* The RNG call itself */ +@@ -481,8 +585,8 @@ padlock_xstore(void *addr, unsigned int edx_in) + static inline unsigned char * + padlock_memcpy(void *dst,const void *src,size_t n) + { +- long *d=dst; +- const long *s=src; ++ size_t *d=dst; ++ const size_t *s=src; + + n /= sizeof(*d); + do { *d++ = *s++; } while (--n); +-- +1.7.0.4 + diff --git a/main/openssl/0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch index b25de7c16a..d1bb3704b7 100644 --- a/main/openssl/0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch +++ b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch @@ -1,12 +1,12 @@ -From 11e9d19d7c6c3461cbab5e5670d66974cd7cf819 Mon Sep 17 00:00:00 2001 +From b235a1c0686e5f4f32703c0eb0a75ee9902a7e89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> -Date: Fri, 4 Jun 2010 15:48:16 +0300 -Subject: [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration +Date: Wed, 28 Jul 2010 08:37:58 +0300 +Subject: [PATCH 4/5] engines/e_padlock: implement sha1/sha224/sha256 acceleration Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT is used appropriately (as done by EVP_Digest, and my previous HMAC patch). -Full support for VIA Nano including partial transformation. +Full support for VIA Nano including partial transformation and 64-bit mode. Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and apps/speed patches done. From single run, error margin of about 100-200k. @@ -24,11 +24,11 @@ sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k hmac(sha1) 8424.70k 31475.11k 104036.10k 245559.30k 406667.26k --- - engines/e_padlock.c | 596 +++++++++++++++++++++++++++++++++++++++++++++++---- - 1 files changed, 553 insertions(+), 43 deletions(-) + engines/e_padlock.c | 660 +++++++++++++++++++++++++++++++++++++++++++++++---- + 1 files changed, 613 insertions(+), 47 deletions(-) diff --git a/engines/e_padlock.c b/engines/e_padlock.c -index 381a746..2f8c72a 100644 +index 4300f35..3591c59 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -3,6 +3,9 @@ @@ -41,7 +41,17 @@ index 381a746..2f8c72a 100644 * Big thanks to Andy Polyakov for a help with optimization, * assembler fixes, port to MS Windows and a lot of other * valuable work on this engine! -@@ -74,12 +77,23 @@ +@@ -64,7 +67,9 @@ + + + #include <stdio.h> ++#include <stdint.h> + #include <string.h> ++#include <netinet/in.h> + + #include <openssl/opensslconf.h> + #include <openssl/crypto.h> +@@ -74,12 +79,33 @@ #ifndef OPENSSL_NO_AES #include <openssl/aes.h> #endif @@ -62,10 +72,20 @@ index 381a746..2f8c72a 100644 +#define OPENSSL_NO_SHA +#endif + ++/* 64-bit mode does not need software SHA1 as fallback, we can ++ * do all operations with padlock */ ++#if defined(__x86_64__) || defined(__x86_64) ++#define PADLOCK_NEED_FALLBACK_SHA 0 ++#else ++#define PADLOCK_NEED_FALLBACK_SHA 1 ++#endif ++ ++#define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE ++ /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */ #if (OPENSSL_VERSION_NUMBER >= 0x00908000L) # ifndef OPENSSL_NO_DYNAMIC_ENGINE -@@ -140,58 +154,40 @@ static int padlock_available(void); +@@ -143,58 +169,40 @@ static int padlock_available(void); static int padlock_init(ENGINE *e); /* RNG Stuff */ @@ -145,7 +165,7 @@ index 381a746..2f8c72a 100644 /* Constructor */ static ENGINE * -@@ -215,7 +211,7 @@ ENGINE_padlock(void) +@@ -218,7 +226,7 @@ ENGINE_padlock(void) static int padlock_init(ENGINE *e) { @@ -154,7 +174,7 @@ index 381a746..2f8c72a 100644 } /* This stuff is needed if this ENGINE is being compiled into a self-contained -@@ -367,10 +363,20 @@ padlock_available(void) +@@ -371,10 +379,20 @@ padlock_available(void) : "+a"(eax), "=d"(edx) : : "ecx"); /* Fill up some flags */ @@ -177,8 +197,27 @@ index 381a746..2f8c72a 100644 + return padlock_flags; } - #ifndef OPENSSL_NO_AES -@@ -1159,6 +1165,454 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + /* Force key reload from memory to the CPU microcode. +@@ -471,10 +489,14 @@ padlock_available(void) + : "+a"(eax), "=d"(edx) : : "rbx", "rcx"); + + /* Fill up some flags */ +- padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); +- padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); +- +- return padlock_use_ace + padlock_use_rng; ++ padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0); ++ padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0); ++ padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0); ++ padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0); ++ padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0); ++ padlock_flags |= PADLOCK_NANO; ++ ++ return padlock_flags; + } + + /* Force key reload from memory to the CPU microcode. +@@ -1263,6 +1285,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, #endif /* OPENSSL_NO_AES */ @@ -188,23 +227,39 @@ index 381a746..2f8c72a 100644 +padlock_copy_bswap(void *dst, void *src, size_t count) +{ + uint32_t *udst = dst, *usrc = src; -+ unsigned int reg; + int i = 0; + -+ for (i = 0; i < count; i++) { -+ reg = usrc[i]; -+ asm volatile("bswapl %0" : "+&r"(reg)); -+ udst[i] = reg; -+ } ++ for (i = 0; i < count; i++) ++ udst[i] = htonl(usrc[i]); ++} ++ ++static unsigned long padlock_sha_prepare_padding( ++ EVP_MD_CTX *ctx, ++ unsigned char *padding, ++ unsigned char *data, size_t data_len, ++ uint64_t total) ++{ ++ unsigned int padding_len; ++ ++ padding_len = data_len < 56 ? SHA_CBLOCK : 2 * SHA_CBLOCK; ++ if (data_len) ++ memcpy(padding, data, data_len); ++ ++ memset(padding + data_len, 0, padding_len - data_len); ++ padding[data_len] = 0x80; ++ *(uint32_t *)(padding + padding_len - 8) = htonl(total >> 32); ++ *(uint32_t *)(padding + padding_len - 4) = htonl(total & 0xffffffff); ++ ++ return data_len < 56 ? 1 : 2; +} + +#define PADLOCK_SHA_ALIGN(dd) (uint32_t*)(((uintptr_t)(dd) + 15) & ~15) +#define PADLOCK_SHA_HWCTX (128+16) + +static void -+padlock_sha1(void *hwctx, const void *buf, uint32_t total, uint32_t now) ++padlock_sha1(void *hwctx, const void *buf, unsigned long total, unsigned long now) +{ -+ uint32_t pos = total - now; ++ unsigned long pos = total - now; + + asm volatile ("xsha1" + : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total) @@ -212,11 +267,11 @@ index 381a746..2f8c72a 100644 +} + +static void -+padlock_sha1_partial(void *hwctx, const void *buf, uint32_t blocks) ++padlock_sha1_partial(void *hwctx, const void *buf, unsigned long blocks) +{ + asm volatile ("xsha1" + : "+S"(buf), "+D"(hwctx), "+c"(blocks) -+ : "a"(-1) : "memory"); ++ : "a"(-1L) : "memory"); +} + +static int padlock_sha1_init(EVP_MD_CTX *ctx) @@ -224,22 +279,24 @@ index 381a746..2f8c72a 100644 + return SHA1_Init(ctx->md_data); +} + -+static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data, -+ size_t len) ++#if PADLOCK_NEED_FALLBACK_SHA ++ ++static int padlock_sha1_update_eden(EVP_MD_CTX *ctx, const void *data, ++ size_t len) +{ + unsigned char hwctx[PADLOCK_SHA_HWCTX]; + uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); + SHA_CTX *c = ctx->md_data; + uint_fast64_t total; + const unsigned char *p = data; -+ unsigned int l = 0; ++ unsigned long l = 0; + + /* Calculate total length (Nl,Nh) is length in bits */ + total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3); + total += len; + + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + if (c->num != 0) { + l = (len < SHA_CBLOCK) ? len : SHA_CBLOCK; + if (!SHA1_Update(c, data, l)) @@ -260,16 +317,17 @@ index 381a746..2f8c72a 100644 + + return SHA1_Update(c, data, len); +} ++#endif + -+static int padlock_nano_sha1_update(EVP_MD_CTX *ctx, const void *data, -+ size_t len) ++static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data, ++ size_t len) +{ + unsigned char hwctx[PADLOCK_SHA_HWCTX]; + uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); + SHA_CTX *c = ctx->md_data; + uint_fast64_t total; + unsigned char *p; -+ unsigned int n; ++ unsigned long n; + + /* Calculate total length (Nl,Nh) is length in bits */ + total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3); @@ -300,7 +358,7 @@ index 381a746..2f8c72a 100644 + + /* Can we finalize straight away? */ + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + padlock_sha1(aligned, data, total, len); + memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG)); + c->num = -1; @@ -327,8 +385,10 @@ index 381a746..2f8c72a 100644 + +static int padlock_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) +{ ++ unsigned char hwctx[PADLOCK_SHA_HWCTX]; ++ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); ++ uint64_t total; + SHA_CTX *c = ctx->md_data; -+ uint_fast64_t total; + + if (c->num == -1) { + padlock_copy_bswap(md, &c->h0, 5); @@ -337,18 +397,26 @@ index 381a746..2f8c72a 100644 + } + + total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3); -+ if (total <= 0xfffffffe) { -+ unsigned char hwctx[PADLOCK_SHA_HWCTX]; -+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); ++#if PADLOCK_NEED_FALLBACK_SHA ++ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH)) ++ return SHA1_Final(md, c); ++#endif + -+ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG)); ++ memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG)); ++ if (total > PADLOCK_MAX_FINALIZING_LENGTH) { ++ unsigned char padding[2 * SHA_CBLOCK]; ++ unsigned long n; ++ ++ n = padlock_sha_prepare_padding(ctx, padding, ++ (unsigned char *) c->data, c->num, total << 3); ++ padlock_sha1_partial(aligned, padding, n); ++ } else { + padlock_sha1(aligned, c->data, total, c->num); -+ padlock_copy_bswap(md, aligned, 5); -+ c->num = 0; -+ return 1; + } ++ padlock_copy_bswap(md, aligned, 5); ++ c->num = 0; + -+ return SHA1_Final(md, c); ++ return 1; +} + +static EVP_MD padlock_sha1_md = { @@ -385,9 +453,9 @@ index 381a746..2f8c72a 100644 +#if !defined(OPENSSL_NO_SHA256) + +static void -+padlock_sha256(void *hwctx, const void *buf, uint32_t total, uint32_t now) ++padlock_sha256(void *hwctx, const void *buf, unsigned long total, unsigned long now) +{ -+ uint32_t pos = total - now; ++ unsigned long pos = total - now; + + asm volatile ("xsha256" + : "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total) @@ -395,15 +463,17 @@ index 381a746..2f8c72a 100644 +} + +static void -+padlock_sha256_partial(void *hwctx, const void *buf, uint32_t blocks) ++padlock_sha256_partial(void *hwctx, const void *buf, unsigned long blocks) +{ + asm volatile ("xsha256" + : "+S"(buf), "+D"(hwctx), "+c"(blocks) -+ : "a"(-1) : "memory"); ++ : "a"(-1L) : "memory"); +} + -+static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data, -+ size_t len) ++#if PADLOCK_NEED_FALLBACK_SHA ++ ++static int padlock_sha256_update_eden(EVP_MD_CTX *ctx, const void *data, ++ size_t len) +{ + unsigned char hwctx[PADLOCK_SHA_HWCTX]; + uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); @@ -417,7 +487,7 @@ index 381a746..2f8c72a 100644 + total += len; + + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + if (c->num != 0) { + l = (len < SHA256_CBLOCK) ? len : SHA256_CBLOCK; + if (!SHA256_Update(c, data, l)) @@ -439,15 +509,17 @@ index 381a746..2f8c72a 100644 + return SHA256_Update(c, data, len); +} + -+static int padlock_nano_sha256_update(EVP_MD_CTX *ctx, const void *data, -+ size_t len) ++#endif ++ ++static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data, ++ size_t len) +{ + unsigned char hwctx[PADLOCK_SHA_HWCTX]; + uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); + SHA256_CTX *c = ctx->md_data; + uint_fast64_t total; + unsigned char *p; -+ unsigned int n; ++ unsigned long n; + + /* Calculate total length (Nl,Nh) is length in bits */ + total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3); @@ -478,7 +550,7 @@ index 381a746..2f8c72a 100644 + + /* Can we finalize straight away? */ + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + padlock_sha256(aligned, data, total, len); + memcpy(c->h, aligned, sizeof(c->h)); + c->num = -1; @@ -505,8 +577,10 @@ index 381a746..2f8c72a 100644 + +static int padlock_sha256_final(EVP_MD_CTX *ctx, unsigned char *md) +{ ++ unsigned char hwctx[PADLOCK_SHA_HWCTX]; ++ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); ++ uint64_t total; + SHA256_CTX *c = ctx->md_data; -+ uint_fast64_t total; + + if (c->num == -1) { + padlock_copy_bswap(md, c->h, sizeof(c->h)/sizeof(c->h[0])); @@ -515,18 +589,25 @@ index 381a746..2f8c72a 100644 + } + + total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3); -+ if (total <= 0xfffffffe) { -+ unsigned char hwctx[PADLOCK_SHA_HWCTX]; -+ uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx); ++#if PADLOCK_NEED_FALLBACK_SHA ++ if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH)) ++ return SHA256_Final(md, c); ++#endif + -+ memcpy(aligned, c->h, sizeof(c->h)); ++ memcpy(aligned, c->h, sizeof(c->h)); ++ if (total > PADLOCK_MAX_FINALIZING_LENGTH) { ++ unsigned char padding[2 * SHA_CBLOCK]; ++ unsigned long n; ++ ++ n = padlock_sha_prepare_padding(ctx, padding, ++ (unsigned char *) c->data, c->num, total << 3); ++ padlock_sha256_partial(aligned, padding, n); ++ } else { + padlock_sha256(aligned, c->data, total, c->num); -+ padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0])); -+ c->num = 0; -+ return 1; + } -+ -+ return SHA256_Final(md, c); ++ padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0])); ++ c->num = 0; ++ return 1; +} + +#if !defined(OPENSSL_NO_SHA224) @@ -633,7 +714,7 @@ index 381a746..2f8c72a 100644 /* ===== Random Number Generator ===== */ /* * This code is not engaged. The reason is that it does not comply -@@ -1215,6 +1669,62 @@ static RAND_METHOD padlock_rand = { +@@ -1319,6 +1831,60 @@ static RAND_METHOD padlock_rand = { padlock_rand_status, /* rand status */ }; @@ -649,32 +730,30 @@ index 381a746..2f8c72a 100644 + /* Generate a nice engine name with available features */ + BIO_snprintf(padlock_name, sizeof(padlock_name), + "VIA PadLock: %s%s%s%s%s%s", -+ padlock_flags ? "" : "not supported", -+ PADLOCK_HAVE_RNG ? "RNG " : "", -+ PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "", -+ PADLOCK_HAVE_PHE ? "PHE " : "", -+ PADLOCK_HAVE_PMM ? "PMM " : "", -+ PADLOCK_HAVE_NANO ? "NANO " : "" -+ ); -+ -+#ifndef OPENSSL_NO_SHA -+ /* Use Nano SHA acceleration? */ -+ if (PADLOCK_HAVE_NANO) { -+ padlock_sha1_md.update = padlock_nano_sha1_update; -+ padlock_dss1_md.update = padlock_nano_sha1_update; ++ padlock_flags ? "" : "not supported", ++ PADLOCK_HAVE_RNG ? "RNG " : "", ++ PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "", ++ PADLOCK_HAVE_PHE ? "PHE " : "", ++ PADLOCK_HAVE_PMM ? "PMM " : "", ++ PADLOCK_HAVE_NANO ? "NANO " : "" ++ ); ++ ++#if PADLOCK_NEED_FALLBACK_SHA && !defined(OPENSSL_NO_SHA) ++ if (!PADLOCK_HAVE_NANO) { ++ padlock_sha1_md.update = padlock_sha1_update_eden; ++ padlock_dss1_md.update = padlock_sha1_update_eden; +#if !defined(OPENSSL_NO_SHA256) +#if !defined(OPENSSL_NO_SHA224) -+ padlock_sha224_md.update = padlock_nano_sha256_update; ++ padlock_sha224_md.update = padlock_sha256_update_eden; +#endif -+ padlock_sha256_md.update = padlock_nano_sha256_update; ++ padlock_sha256_md.update = padlock_sha256_update_eden; +#endif + } -+#endif ++#endif + + /* Register everything or return with an error */ + if (!ENGINE_set_id(e, padlock_id) || + !ENGINE_set_name(e, padlock_name) || -+ + !ENGINE_set_init_function(e, padlock_init) +#ifndef OPENSSL_NO_AES + || (PADLOCK_HAVE_ACE && !ENGINE_set_ciphers (e, padlock_ciphers)) diff --git a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch index c41d860ea5..3c72ce26aa 100644 --- a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch +++ b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch @@ -1,7 +1,7 @@ -From f6a5204b8dc94d73521f962183ee302533b2a196 Mon Sep 17 00:00:00 2001 +From b96276c8f11e656e4296955bf1a8d0ac2b6094fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Fri, 4 Jun 2010 18:02:39 +0300 -Subject: [PATCH 4/4] crypto/engine: autoload padlock dynamic engine +Subject: [PATCH 5/5] crypto/engine: autoload padlock dynamic engine --- crypto/engine/eng_all.c | 10 ++++++++++ diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index eb23f31fcb..34eabb0720 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=openssl pkgver=1.0.0a -pkgrel=1 +pkgrel=2 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url="http://openssl.org" depends= @@ -15,11 +15,11 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz openssl-bb-basename.patch 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch - 0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch - 0004-crypto-engine-autoload-padlock-dynamic-engine.patch + 0003-engines-e_padlock-backport-cvs-head-changes.patch + 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch + 0005-crypto-engine-autoload-padlock-dynamic-engine.patch " -# openssl-0.9.8k-padlock-sha.patch _builddir="$srcdir"/$pkgname-$pkgver prepare() { cd "$_builddir" @@ -69,7 +69,8 @@ libssl() { md5sums="e3873edfffc783624cfbdb65e2249cbd openssl-1.0.0a.tar.gz 115c481cd59b3dba631364e8fb1778f5 fix-manpages.patch c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch -ceae7d6166a455ecc41adc8f44f1a07e 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -383c0c0305532f471bf583d6e05cbea9 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch -f687ab90b23587dc445eb0803a6eb1fb 0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch -f197ac9a2748e64b1cb15a12ddca3d61 0004-crypto-engine-autoload-padlock-dynamic-engine.patch" +1f607b8e11347e56a0906756f3d6928a 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch +5ba830cf1e828192c8c40023dc92917d 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch +53fbd01733b488717575e04a5aaf6664 0003-engines-e_padlock-backport-cvs-head-changes.patch +beea8819faeefb9ab19ef90f00c53782 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch +8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch" |