From 3c010f8db1d3cd2efea33e0804f5bf40b7d7891b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Thu, 2 Aug 2012 15:21:58 +0300 Subject: main/openssl: security upgrade to 0.9.8x and backport padlock fixes * fix padlock sha1/256 to fallback to software with very large streams * fix padlock sha1/256 oneshot finalizing update --- ...-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch | 17 +++++----- ...fix-digest-speed-measurement-and-add-hmac.patch | 29 ++++++++-------- ...ock-implement-sha1-sha224-sha256-accelera.patch | 39 ++++++++++++---------- main/openssl/APKBUILD | 10 +++--- 4 files changed, 50 insertions(+), 45 deletions(-) diff --git a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch index 6033afc4ed..963d2962fb 100644 --- a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch +++ b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch @@ -1,7 +1,8 @@ -From 8290b2ced17ee3d0e52345180ef4fc6d79bc0751 Mon Sep 17 00:00:00 2001 +From ba6e7dcf33277954cb3adc7767555a346906f33c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Fri, 4 Jun 2010 09:48:39 +0300 -Subject: [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly +Subject: [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it + properly Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT is set before final update. This is because some crypto accelerators cannot @@ -12,11 +13,11 @@ differently here. It is set before the final EVP_DigestUpdate call, not necessarily before EVP_DigestInit call. This will not cause any problems though. --- - crypto/hmac/hmac.c | 14 +++++++++++--- - 1 files changed, 11 insertions(+), 3 deletions(-) + crypto/hmac/hmac.c | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c -index cbc1c76..a75a35d 100644 +index 6899be6..b157c32 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -68,6 +68,7 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, @@ -54,7 +55,7 @@ index cbc1c76..a75a35d 100644 } EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); } -@@ -166,7 +173,8 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, +@@ -163,7 +170,8 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, if (md == NULL) md=m; HMAC_CTX_init(&c); @@ -64,7 +65,7 @@ index cbc1c76..a75a35d 100644 HMAC_Update(&c,d,n); HMAC_Final(&c,md,md_len); HMAC_CTX_cleanup(&c); -@@ -176,8 +184,8 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, +@@ -173,8 +181,8 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) { EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); @@ -76,5 +77,5 @@ index cbc1c76..a75a35d 100644 #endif -- -1.7.0.4 +1.7.11.3 diff --git a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch index a74c116267..1f6d9c3f90 100644 --- a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch +++ b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch @@ -1,7 +1,8 @@ -From 711ae63d2c715a34b15262b4dd4a48b09f02a400 Mon Sep 17 00:00:00 2001 +From 942f1af93b1cafbb4439aec0018da099af09a934 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Thu, 3 Jun 2010 09:02:13 +0300 -Subject: [PATCH 2/3] apps/speed: fix digest speed measurement and add hmac-sha1 test +Subject: [PATCH 2/3] apps/speed: fix digest speed measurement and add + hmac-sha1 test Merge the common code of testing digest speed, and make it reuse existing context. Context creation can be heavy operation, and it's @@ -11,11 +12,11 @@ like hmac tests do. This also adds test for hmac-sha1 speed. --- - apps/speed.c | 232 ++++++++++++++++++++++------------------------------------ - 1 files changed, 87 insertions(+), 145 deletions(-) + apps/speed.c | 232 ++++++++++++++++++++++------------------------------------- + 1 file changed, 87 insertions(+), 145 deletions(-) diff --git a/apps/speed.c b/apps/speed.c -index 393a7ba..6e375c6 100644 +index 84ce35d..116cf82 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -285,7 +285,7 @@ static void print_result(int alg,int run_no,int count,double time_used); @@ -107,7 +108,7 @@ index 393a7ba..6e375c6 100644 #ifndef OPENSSL_NO_ECDH static const int KDF1_SHA1_len = 20; -@@ -503,7 +565,6 @@ int MAIN(int argc, char **argv) +@@ -500,7 +562,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { @@ -115,7 +116,7 @@ index 393a7ba..6e375c6 100644 int mret=1; long count=0,save_count=0; int i,j,k; -@@ -514,31 +575,6 @@ int MAIN(int argc, char **argv) +@@ -511,31 +572,6 @@ int MAIN(int argc, char **argv) unsigned rsa_num; #endif unsigned char md[EVP_MAX_MD_SIZE]; @@ -147,7 +148,7 @@ index 393a7ba..6e375c6 100644 #ifndef OPENSSL_NO_RC4 RC4_KEY rc4_ks; #endif -@@ -635,8 +671,8 @@ int MAIN(int argc, char **argv) +@@ -631,8 +667,8 @@ int MAIN(int argc, char **argv) #define D_IGE_128_AES 25 #define D_IGE_192_AES 26 #define D_IGE_256_AES 27 @@ -157,7 +158,7 @@ index 393a7ba..6e375c6 100644 #define R_DSA_512 0 #define R_DSA_1024 1 #define R_DSA_2048 2 -@@ -945,6 +981,8 @@ int MAIN(int argc, char **argv) +@@ -938,6 +974,8 @@ int MAIN(int argc, char **argv) doit[D_SHA256]=1, doit[D_SHA512]=1; else @@ -166,7 +167,7 @@ index 393a7ba..6e375c6 100644 #ifndef OPENSSL_NO_SHA256 if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1; else -@@ -1158,6 +1196,9 @@ int MAIN(int argc, char **argv) +@@ -1151,6 +1189,9 @@ int MAIN(int argc, char **argv) #endif #ifndef OPENSSL_NO_SHA1 BIO_printf(bio_err,"sha1 "); @@ -176,7 +177,7 @@ index 393a7ba..6e375c6 100644 #endif #ifndef OPENSSL_NO_SHA256 BIO_printf(bio_err,"sha256 "); -@@ -1420,6 +1461,7 @@ int MAIN(int argc, char **argv) +@@ -1414,6 +1455,7 @@ int MAIN(int argc, char **argv) c[D_IGE_128_AES][0]=count; c[D_IGE_192_AES][0]=count; c[D_IGE_256_AES][0]=count; @@ -184,7 +185,7 @@ index 393a7ba..6e375c6 100644 for (i=1; i Date: Fri, 4 Jun 2010 10:00:15 +0300 -Subject: [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration +Subject: [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 + acceleration Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT is used appropriately (as done by EVP_Digest, and my previous HMAC patch). @@ -24,11 +25,11 @@ sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k hmac(sha1) 8424.70k 31475.11k 104036.10k 245559.30k 406667.26k --- - crypto/engine/eng_padlock.c | 597 +++++++++++++++++++++++++++++++++++++++--- - 1 files changed, 554 insertions(+), 43 deletions(-) + crypto/engine/eng_padlock.c | 599 ++++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 556 insertions(+), 43 deletions(-) diff --git a/crypto/engine/eng_padlock.c b/crypto/engine/eng_padlock.c -index 743558a..28ec0f7 100644 +index 743558a..c82d0f3 100644 --- a/crypto/engine/eng_padlock.c +++ b/crypto/engine/eng_padlock.c @@ -3,6 +3,9 @@ @@ -41,7 +42,7 @@ index 743558a..28ec0f7 100644 * Big thanks to Andy Polyakov for a help with optimization, * assembler fixes, port to MS Windows and a lot of other * valuable work on this engine! -@@ -74,12 +77,23 @@ +@@ -74,12 +77,25 @@ #ifndef OPENSSL_NO_AES #include #endif @@ -61,11 +62,13 @@ index 743558a..28ec0f7 100644 +#ifdef _MSC_VER +#define OPENSSL_NO_SHA +#endif ++ ++#define PADLOCK_MAX_FINALIZING_LENGTH 0x1FFFFFFE + /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */ #if (OPENSSL_VERSION_NUMBER >= 0x00908000L) # ifndef OPENSSL_NO_DYNAMIC_ENGINE -@@ -138,58 +152,40 @@ static int padlock_available(void); +@@ -138,58 +154,40 @@ static int padlock_available(void); static int padlock_init(ENGINE *e); /* RNG Stuff */ @@ -87,10 +90,10 @@ index 743558a..28ec0f7 100644 -#ifndef OPENSSL_NO_AES -static int padlock_aes_align_required = 1; -#endif -- --/* ===== Engine "management" functions ===== */ +static int padlock_bind_helper(ENGINE *e); +-/* ===== Engine "management" functions ===== */ +- -/* Prepare the ENGINE structure for registration */ -static int -padlock_bind_helper(ENGINE *e) @@ -145,7 +148,7 @@ index 743558a..28ec0f7 100644 /* Constructor */ static ENGINE * -@@ -213,7 +209,7 @@ ENGINE_padlock(void) +@@ -213,7 +211,7 @@ ENGINE_padlock(void) static int padlock_init(ENGINE *e) { @@ -154,7 +157,7 @@ index 743558a..28ec0f7 100644 } /* This stuff is needed if this ENGINE is being compiled into a self-contained -@@ -365,10 +361,20 @@ padlock_available(void) +@@ -365,10 +363,20 @@ padlock_available(void) : "+a"(eax), "=d"(edx) : : "ecx"); /* Fill up some flags */ @@ -178,7 +181,7 @@ index 743558a..28ec0f7 100644 } #ifndef OPENSSL_NO_AES -@@ -1157,6 +1163,454 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, +@@ -1157,6 +1165,454 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, #endif /* OPENSSL_NO_AES */ @@ -239,9 +242,9 @@ index 743558a..28ec0f7 100644 + total += len; + + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + if (c->num != 0) { -+ l = (len < SHA_CBLOCK) ? len : SHA_CBLOCK; ++ l = (len < SHA_CBLOCK - c->num) ? len : SHA_CBLOCK - c->num; + if (!SHA1_Update(c, data, l)) + return 0; + p += l; @@ -417,9 +420,9 @@ index 743558a..28ec0f7 100644 + total += len; + + if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) && -+ (total <= 0xfffffffe)) { ++ (total <= PADLOCK_MAX_FINALIZING_LENGTH)) { + if (c->num != 0) { -+ l = (len < SHA256_CBLOCK) ? len : SHA256_CBLOCK; ++ l = (len < SHA256_CBLOCK - c->num) ? len : SHA256_CBLOCK - c->num; + if (!SHA256_Update(c, data, l)) + return 0; + p += l; @@ -633,7 +636,7 @@ index 743558a..28ec0f7 100644 /* ===== Random Number Generator ===== */ /* * This code is not engaged. The reason is that it does not comply -@@ -1213,7 +1667,64 @@ static RAND_METHOD padlock_rand = { +@@ -1213,7 +1669,64 @@ static RAND_METHOD padlock_rand = { padlock_rand_status, /* rand status */ }; @@ -699,5 +702,5 @@ index 743558a..28ec0f7 100644 #endif /* !OPENSSL_NO_HW_PADLOCK */ #endif /* !OPENSSL_NO_HW */ -- -1.7.0.4 +1.7.11.3 diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index f166da2956..a9179f59fc 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Natanael Copa pkgname=openssl -pkgver=0.9.8r +pkgver=0.9.8x pkgrel=0 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url=http://openssl.org @@ -50,9 +50,9 @@ libcrypto() { mv "$pkgdir"/usr/lib/engines "$subpkgdir"/usr/lib/ } -md5sums="0352932ea863bc02b056cda7c9ac5b79 openssl-0.9.8r.tar.gz +md5sums="ee17e9bc805c8cc7d0afac3b0ef78eda openssl-0.9.8x.tar.gz 19615785a671129bae790478f073da2c openssl-0.9.8o-fix-manpages.patch c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch -2f370b846d8f27ac45dd6e5341366e16 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -9ba0ecf53f8b60ff8703a1ffe5b3e701 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch -e262418b20a05c2af12d464ac194ea21 0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch" +5e5366fbc7c60c110dbcc603d2fb3a94 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch +d193bee38f342b1eeb24bd0f444d15fa 0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch +f920a35ac705a9ce0f44547f96441d77 0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch" -- cgit v1.2.3