diff options
3 files changed, 4 insertions, 398 deletions
diff --git a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch deleted file mode 100644 index d292ad9bc0..0000000000 --- a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch +++ /dev/null @@ -1,392 +0,0 @@ -From ca1f332fbadc20d53d807d542fb37988a5508d32 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> -Date: Thu, 3 Jun 2010 09:02:13 +0300 -Subject: [PATCH 2/5] apps/speed: fix digest speed measurement and add hmac-sha1 test - -Merge the common code of testing digest speed, and make it reuse -existing context. Context creation can be heavy operation, and it's -speed depends on if engine is used or not. As we are measuring the -digest speed, the context creation overhead should not be included -like hmac tests do. - -This also adds test for hmac-sha1 speed. ---- - apps/speed.c | 243 +++++++++++++++++++++------------------------------------- - 1 files changed, 86 insertions(+), 157 deletions(-) - -diff --git a/apps/speed.c b/apps/speed.c -index 539bfff..f64289e 100644 ---- a/apps/speed.c -+++ b/apps/speed.c -@@ -214,7 +214,7 @@ static void print_result(int alg,int run_no,int count,double time_used); - static int do_multi(int multi); - #endif - --#define ALGOR_NUM 29 -+#define ALGOR_NUM 30 - #define SIZE_NUM 5 - #define RSA_NUM 4 - #define DSA_NUM 3 -@@ -229,9 +229,11 @@ static const char *names[ALGOR_NUM]={ - "aes-128 cbc","aes-192 cbc","aes-256 cbc", - "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc", - "evp","sha256","sha512","whirlpool", -- "aes-128 ige","aes-192 ige","aes-256 ige"}; -+ "aes-128 ige","aes-192 ige","aes-256 ige","hmac(sha1)"}; - static double results[ALGOR_NUM][SIZE_NUM]; - static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; -+static unsigned char *buf=NULL,*buf2=NULL; -+static long c[ALGOR_NUM][SIZE_NUM]; - #ifndef OPENSSL_NO_RSA - static double rsa_results[RSA_NUM][2]; - #endif -@@ -329,6 +331,66 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) - } - #endif /* OPENSSL_NO_ECDH */ - -+#ifndef SIGALRM -+#define COND(d) (count < (d)) -+#else -+#define COND(c) (run) -+#endif /* SIGALRM */ -+ -+static void Test_Digest(int digest, const EVP_MD *type) -+{ -+ unsigned char md[EVP_MAX_MD_SIZE]; -+ int j, count; -+ double d=0.0; -+ EVP_MD_CTX ctx; -+ -+ EVP_MD_CTX_init(&ctx); -+ EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); -+ -+ for (j=0; j<SIZE_NUM; j++) -+ { -+ print_message(names[digest],c[digest][j],lengths[j]); -+ Time_F(START); -+ for (count=0,run=1; COND(c[digest][j]); count++) -+ { -+ EVP_DigestInit_ex(&ctx, type, NULL); -+ EVP_DigestUpdate(&ctx, buf, (unsigned long)lengths[j]); -+ EVP_DigestFinal_ex(&ctx, md, NULL); -+ } -+ d=Time_F(STOP); -+ print_result(digest,j,count,d); -+ } -+ -+ EVP_MD_CTX_cleanup(&ctx); -+} -+ -+static void Test_HMAC(int digest, const EVP_MD *type) -+{ -+ unsigned char md[EVP_MAX_MD_SIZE]; -+ HMAC_CTX hctx; -+ int j, count; -+ double d=0.0; -+ -+ HMAC_CTX_init(&hctx); -+ HMAC_CTX_set_flags(&hctx, EVP_MD_CTX_FLAG_ONESHOT); -+ HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...", -+ 16,type, NULL); -+ -+ for (j=0; j<SIZE_NUM; j++) -+ { -+ print_message(names[digest],c[digest][j],lengths[j]); -+ Time_F(START); -+ for (count=0,run=1; COND(c[digest][j]); count++) -+ { -+ HMAC_Init_ex(&hctx,NULL,0,NULL,NULL); -+ HMAC_Update(&hctx,buf,lengths[j]); -+ HMAC_Final(&hctx,md,NULL); -+ } -+ d=Time_F(STOP); -+ print_result(digest,j,count,d); -+ } -+ HMAC_CTX_cleanup(&hctx); -+} - - int MAIN(int, char **); - -@@ -337,7 +399,6 @@ int MAIN(int argc, char **argv) - - int MAIN(int argc, char **argv) - { -- unsigned char *buf=NULL,*buf2=NULL; - int mret=1; - long count=0,save_count=0; - int i,j,k; -@@ -348,34 +409,6 @@ int MAIN(int argc, char **argv) - unsigned rsa_num; - #endif - unsigned char md[EVP_MAX_MD_SIZE]; --#ifndef OPENSSL_NO_MD2 -- unsigned char md2[MD2_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_MDC2 -- unsigned char mdc2[MDC2_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_MD4 -- unsigned char md4[MD4_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_MD5 -- unsigned char md5[MD5_DIGEST_LENGTH]; -- unsigned char hmac[MD5_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_SHA -- unsigned char sha[SHA_DIGEST_LENGTH]; --#ifndef OPENSSL_NO_SHA256 -- unsigned char sha256[SHA256_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_SHA512 -- unsigned char sha512[SHA512_DIGEST_LENGTH]; --#endif --#endif --#ifndef OPENSSL_NO_WHIRLPOOL -- unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH]; --#endif --#ifndef OPENSSL_NO_RIPEMD -- unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; --#endif - #ifndef OPENSSL_NO_RC4 - RC4_KEY rc4_ks; - #endif -@@ -473,8 +506,8 @@ int MAIN(int argc, char **argv) - #define D_IGE_128_AES 26 - #define D_IGE_192_AES 27 - #define D_IGE_256_AES 28 -+#define D_HMAC_SHA1 29 - double d=0.0; -- long c[ALGOR_NUM][SIZE_NUM]; - #define R_DSA_512 0 - #define R_DSA_1024 1 - #define R_DSA_2048 2 -@@ -783,6 +816,8 @@ int MAIN(int argc, char **argv) - doit[D_SHA256]=1, - doit[D_SHA512]=1; - else -+ if (strcmp(*argv,"hmac-sha1") == 0) doit[D_HMAC_SHA1]=1; -+ else - #ifndef OPENSSL_NO_SHA256 - if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1; - else -@@ -1000,6 +1035,9 @@ int MAIN(int argc, char **argv) - #endif - #ifndef OPENSSL_NO_SHA1 - BIO_printf(bio_err,"sha1 "); -+#ifndef OPENSSL_NO_HMAC -+ BIO_printf(bio_err,"hmac-sha1 "); -+#endif - #endif - #ifndef OPENSSL_NO_SHA256 - BIO_printf(bio_err,"sha256 "); -@@ -1270,6 +1308,7 @@ int MAIN(int argc, char **argv) - c[D_IGE_128_AES][0]=count; - c[D_IGE_192_AES][0]=count; - c[D_IGE_256_AES][0]=count; -+ c[D_HMAC_SHA1][0]=count; - - for (i=1; i<SIZE_NUM; i++) - { -@@ -1283,6 +1322,7 @@ int MAIN(int argc, char **argv) - c[D_SHA256][i]=c[D_SHA256][0]*4*lengths[0]/lengths[i]; - c[D_SHA512][i]=c[D_SHA512][0]*4*lengths[0]/lengths[i]; - c[D_WHIRLPOOL][i]=c[D_WHIRLPOOL][0]*4*lengths[0]/lengths[i]; -+ c[D_HMAC_SHA1][i]=c[D_HMAC_SHA1][0]*4*lengths[0]/lengths[i]; - } - for (i=1; i<SIZE_NUM; i++) - { -@@ -1457,15 +1497,11 @@ int MAIN(int argc, char **argv) - } - #endif - --#define COND(d) (count < (d)) --#define COUNT(d) (d) - #else - /* not worth fixing */ - # error "You cannot disable DES on systems without SIGALRM." - #endif /* OPENSSL_NO_DES */ - #else --#define COND(c) (run) --#define COUNT(d) (count) - #ifndef _WIN32 - signal(SIGALRM,sig_done); - #endif -@@ -1473,161 +1509,54 @@ int MAIN(int argc, char **argv) - - #ifndef OPENSSL_NO_MD2 - if (doit[D_MD2]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_MD2],c[D_MD2][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_MD2][j]); count++) -- EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2(),NULL); -- d=Time_F(STOP); -- print_result(D_MD2,j,count,d); -- } -- } -+ Test_Digest(D_MD2, EVP_md2()); - #endif - #ifndef OPENSSL_NO_MDC2 - if (doit[D_MDC2]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_MDC2][j]); count++) -- EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2(),NULL); -- d=Time_F(STOP); -- print_result(D_MDC2,j,count,d); -- } -- } -+ Test_Digest(D_MDC2, EVP_mdc2()); - #endif - - #ifndef OPENSSL_NO_MD4 - if (doit[D_MD4]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_MD4],c[D_MD4][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_MD4][j]); count++) -- EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4(),NULL); -- d=Time_F(STOP); -- print_result(D_MD4,j,count,d); -- } -- } -+ Test_Digest(D_MD4, EVP_md4()); - #endif - - #ifndef OPENSSL_NO_MD5 - if (doit[D_MD5]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_MD5],c[D_MD5][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_MD5][j]); count++) -- EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_get_digestbyname("md5"),NULL); -- d=Time_F(STOP); -- print_result(D_MD5,j,count,d); -- } -- } -+ Test_Digest(D_MD5, EVP_md5()); - #endif - - #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC) - if (doit[D_HMAC]) -- { -- HMAC_CTX hctx; -- -- HMAC_CTX_init(&hctx); -- HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...", -- 16,EVP_md5(), NULL); -- -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_HMAC][j]); count++) -- { -- HMAC_Init_ex(&hctx,NULL,0,NULL,NULL); -- HMAC_Update(&hctx,buf,lengths[j]); -- HMAC_Final(&hctx,&(hmac[0]),NULL); -- } -- d=Time_F(STOP); -- print_result(D_HMAC,j,count,d); -- } -- HMAC_CTX_cleanup(&hctx); -- } -+ Test_HMAC(D_HMAC, EVP_md5()); -+#endif -+#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_HMAC) -+ if (doit[D_HMAC_SHA1]) -+ Test_HMAC(D_HMAC_SHA1, EVP_sha1()); - #endif - #ifndef OPENSSL_NO_SHA - if (doit[D_SHA1]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_SHA1][j]); count++) -- EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1(),NULL); -- d=Time_F(STOP); -- print_result(D_SHA1,j,count,d); -- } -- } -+ Test_Digest(D_SHA1, EVP_sha1()); - - #ifndef OPENSSL_NO_SHA256 - if (doit[D_SHA256]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_SHA256],c[D_SHA256][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_SHA256][j]); count++) -- SHA256(buf,lengths[j],sha256); -- d=Time_F(STOP); -- print_result(D_SHA256,j,count,d); -- } -- } -+ Test_Digest(D_SHA256, EVP_sha256()); - #endif - - #ifndef OPENSSL_NO_SHA512 - if (doit[D_SHA512]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_SHA512],c[D_SHA512][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_SHA512][j]); count++) -- SHA512(buf,lengths[j],sha512); -- d=Time_F(STOP); -- print_result(D_SHA512,j,count,d); -- } -- } -+ Test_Digest(D_SHA512, EVP_sha512()); - #endif - #endif - - #ifndef OPENSSL_NO_WHIRLPOOL - if (doit[D_WHIRLPOOL]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_WHIRLPOOL],c[D_WHIRLPOOL][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_WHIRLPOOL][j]); count++) -- WHIRLPOOL(buf,lengths[j],whirlpool); -- d=Time_F(STOP); -- print_result(D_WHIRLPOOL,j,count,d); -- } -- } -+ Test_Digest(D_WHIRLPOOL, EVP_whirlpool()); - #endif - - #ifndef OPENSSL_NO_RIPEMD - if (doit[D_RMD160]) -- { -- for (j=0; j<SIZE_NUM; j++) -- { -- print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); -- Time_F(START); -- for (count=0,run=1; COND(c[D_RMD160][j]); count++) -- EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160(),NULL); -- d=Time_F(STOP); -- print_result(D_RMD160,j,count,d); -- } -- } -+ Test_Digest(D_RMD160, EVP_ripemd160()); - #endif - #ifndef OPENSSL_NO_RC4 - if (doit[D_RC4]) --- -1.7.0.4 - diff --git a/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch index 3c72ce26aa..770160ec02 100644 --- a/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch +++ b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch @@ -25,9 +25,9 @@ index 22c1204..827e447 100644 + } + } +#endif + ENGINE_register_all_complete(); } - #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) -- 1.7.0.4 diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index f6d5b6447c..e66ac0a8dd 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Timo Teras <timo.teras@iki.fi> pkgname=openssl -pkgver=1.0.0h +pkgver=1.0.1 pkgrel=0 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url="http://openssl.org" @@ -16,7 +16,6 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz fix-manpages.patch openssl-bb-basename.patch 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch - 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch 0003-engines-e_padlock-backport-cvs-head-changes.patch 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch 0005-crypto-engine-autoload-padlock-dynamic-engine.patch @@ -69,11 +68,10 @@ libssl() { done } -md5sums="a5bc483c570f2ac3758ce5c19b667fab openssl-1.0.0h.tar.gz +md5sums="134f168bc2a8333f19f81d684841710b openssl-1.0.1.tar.gz 115c481cd59b3dba631364e8fb1778f5 fix-manpages.patch c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch 1f607b8e11347e56a0906756f3d6928a 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -16424fe5fb494804559f01c7ec7e64f4 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch 53fbd01733b488717575e04a5aaf6664 0003-engines-e_padlock-backport-cvs-head-changes.patch beea8819faeefb9ab19ef90f00c53782 0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch -8bc7a427f6005158585386b9837f700c 0005-crypto-engine-autoload-padlock-dynamic-engine.patch" +7820941f69acf58f05cccb33faf4ee70 0005-crypto-engine-autoload-padlock-dynamic-engine.patch" |