main/openssl: refresh padlock patches

The new feature is support for VIA Nano Padlock in 64-bit mode.

6 files changed, 377 insertions, 94 deletions

diff --git a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
index 514ed0d83..1c837bccb 100644
--- a/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+++ b/main/openssl/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
@@ -1,7 +1,7 @@
-From 16a40910dd3ae5ab702ee1274f9e2f08362e4474 Mon Sep 17 00:00:00 2001
+From 74e428937523858363f26f89d86db24932447ca1 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
 Date: Fri, 4 Jun 2010 09:48:39 +0300
-Subject: [PATCH 1/3] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly
+Subject: [PATCH 1/5] crypto/hmac: support EVP_MD_CTX_FLAG_ONESHOT and set it properly
 
 Some engines (namely VIA C7 Padlock) work only if EVP_MD_CTX_FLAG_ONESHOT
 is set before final update. This is because some crypto accelerators cannot
@@ -16,7 +16,7 @@ though.
  1 files changed, 11 insertions(+), 3 deletions(-)
 
 diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
-index 45015fe..7ce2a50 100644
+index 45015fe..55ad15c 100644
 --- a/crypto/hmac/hmac.c
 +++ b/crypto/hmac/hmac.c
 @@ -66,6 +66,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
diff --git a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
index 8859f4060..f12d45a84 100644
--- a/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
+++ b/main/openssl/0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
@@ -1,7 +1,7 @@
-From de61d5881a12b359dfb1b4fbbb53412460196553 Mon Sep 17 00:00:00 2001
+From ca1f332fbadc20d53d807d542fb37988a5508d32 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
 Date: Thu, 3 Jun 2010 09:02:13 +0300
-Subject: [PATCH 2/3] apps/speed: fix digest speed measurement and add hmac-sha1 test
+Subject: [PATCH 2/5] apps/speed: fix digest speed measurement and add hmac-sha1 test
 
 Merge the common code of testing digest speed, and make it reuse
 existing context. Context creation can be heavy operation, and it's
diff --git a/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch b/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch
new file mode 100644
index 000000000..a590269b9
--- /dev/null
+++ b/main/openssl/0003-engines-e_padlock-backport-cvs-head-changes.patch
@@ -0,0 +1,203 @@
+From 1d27eeb41fbc2e8f36f156d4d66d04486afee742 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Wed, 28 Jul 2010 08:29:09 +0300
+Subject: [PATCH 3/5] engines/e_padlock: backport cvs head changes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Includes support for VIA Nano 64-bit mode.
+
+Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+---
+ engines/e_padlock.c |  140 ++++++++++++++++++++++++++++++++++++++++++++-------
+ 1 files changed, 122 insertions(+), 18 deletions(-)
+
+diff --git a/engines/e_padlock.c b/engines/e_padlock.c
+index 381a746..4300f35 100644
+--- a/engines/e_padlock.c
++++ b/engines/e_padlock.c
+@@ -101,7 +101,10 @@
+    compiler choice is limited to GCC and Microsoft C. */
+ #undef COMPILE_HW_PADLOCK
+ #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
+-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
++# if (defined(__GNUC__) && __GNUC__>=2 && \
++	(defined(__i386__) || defined(__i386) || \
++	 defined(__x86_64__) || defined(__x86_64)) \
++     ) || \
+      (defined(_MSC_VER) && defined(_M_IX86))
+ #  define COMPILE_HW_PADLOCK
+ static ENGINE *ENGINE_padlock (void);
+@@ -294,6 +297,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context;
+  * =======================================================
+  */
+ #if defined(__GNUC__) && __GNUC__>=2
++#if defined(__i386__) || defined(__i386)
+ /*
+  * As for excessive "push %ebx"/"pop %ebx" found all over.
+  * When generating position-independent code GCC won't let
+@@ -373,21 +377,6 @@ padlock_available(void)
+ 	return padlock_use_ace + padlock_use_rng;
+ }
+ 
+-#ifndef OPENSSL_NO_AES
+-/* Our own htonl()/ntohl() */
+-static inline void
+-padlock_bswapl(AES_KEY *ks)
+-{
+-	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
+-	unsigned int *key = ks->rd_key;
+-
+-	while (i--) {
+-		asm volatile ("bswapl %0" : "+r"(*key));
+-		key++;
+-	}
+-}
+-#endif
+-
+ /* Force key reload from memory to the CPU microcode.
+    Loading EFLAGS from the stack clears EFLAGS[30] 
+    which does the trick. */
+@@ -445,12 +434,127 @@ static inline void *name(size_t cnt,		\
+ 		: "edx", "cc", "memory");	\
+ 	return iv;				\
+ }
++#endif
++
++#elif defined(__x86_64__) || defined(__x86_64)
++
++/* Load supported features of the CPU to see if
++   the PadLock is available. */
++static int
++padlock_available(void)
++{
++	char vendor_string[16];
++	unsigned int eax, edx;
+ 
++	/* Are we running on the Centaur (VIA) CPU? */
++	eax = 0x00000000;
++	vendor_string[12] = 0;
++	asm volatile (
++		"cpuid\n"
++		"movl	%%ebx,(%1)\n"
++		"movl	%%edx,4(%1)\n"
++		"movl	%%ecx,8(%1)\n"
++		: "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
++	if (strcmp(vendor_string, "CentaurHauls") != 0)
++		return 0;
++
++	/* Check for Centaur Extended Feature Flags presence */
++	eax = 0xC0000000;
++	asm volatile ("cpuid"
++		: "+a"(eax) : : "rbx", "rcx", "rdx");
++	if (eax < 0xC0000001)
++		return 0;
++
++	/* Read the Centaur Extended Feature Flags */
++	eax = 0xC0000001;
++	asm volatile ("cpuid"
++		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
++
++	/* Fill up some flags */
++	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
++	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
++
++	return padlock_use_ace + padlock_use_rng;
++}
++
++/* Force key reload from memory to the CPU microcode.
++   Loading EFLAGS from the stack clears EFLAGS[30] 
++   which does the trick. */
++static inline void
++padlock_reload_key(void)
++{
++	asm volatile ("pushfq; popfq");
++}
++
++#ifndef OPENSSL_NO_AES
++/*
++ * This is heuristic key context tracing. At first one
++ * believes that one should use atomic swap instructions,
++ * but it's not actually necessary. Point is that if
++ * padlock_saved_context was changed by another thread
++ * after we've read it and before we compare it with cdata,
++ * our key *shall* be reloaded upon thread context switch
++ * and we are therefore set in either case...
++ */
++static inline void
++padlock_verify_context(struct padlock_cipher_data *cdata)
++{
++	asm volatile (
++	"pushfq\n"
++"	btl	$30,(%%rsp)\n"
++"	jnc	1f\n"
++"	cmpq	%2,%1\n"
++"	je	1f\n"
++"	popfq\n"
++"	subq	$8,%%rsp\n"
++"1:	addq	$8,%%rsp\n"
++"	movq	%2,%0"
++	:"+m"(padlock_saved_context)
++	: "r"(padlock_saved_context), "r"(cdata) : "cc");
++}
++
++/* Template for padlock_xcrypt_* modes */
++/* BIG FAT WARNING: 
++ * 	The offsets used with 'leal' instructions
++ * 	describe items of the 'padlock_cipher_data'
++ * 	structure.
++ */
++#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)	\
++static inline void *name(size_t cnt,		\
++	struct padlock_cipher_data *cdata,	\
++	void *out, const void *inp) 		\
++{	void *iv; 				\
++	asm volatile ( "leaq	16(%0),%%rdx\n"	\
++		"	leaq	32(%0),%%rbx\n"	\
++			rep_xcrypt "\n"		\
++		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
++		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
++		: "rbx", "rdx", "cc", "memory");	\
++	return iv;				\
++}
++#endif
++
++#endif	/* cpu */
++
++#ifndef OPENSSL_NO_AES
+ /* Generate all functions with appropriate opcodes */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")	/* rep xcryptecb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")	/* rep xcryptcbc */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")	/* rep xcryptcfb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")	/* rep xcryptofb */
++
++/* Our own htonl()/ntohl() */
++static inline void
++padlock_bswapl(AES_KEY *ks)
++{
++	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
++	unsigned int *key = ks->rd_key;
++
++	while (i--) {
++		asm volatile ("bswapl %0" : "+r"(*key));
++		key++;
++	}
++}
+ #endif
+ 
+ /* The RNG call itself */
+@@ -481,8 +585,8 @@ padlock_xstore(void *addr, unsigned int edx_in)
+ static inline unsigned char *
+ padlock_memcpy(void *dst,const void *src,size_t n)
+ {
+-	long       *d=dst;
+-	const long *s=src;
++	size_t       *d=dst;
++	const size_t *s=src;
+ 
+ 	n /= sizeof(*d);
+ 	do { *d++ = *s++; } while (--n);
+-- 
+1.7.0.4
+
diff --git a/main/openssl/0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
index b25de7c16..d1bb3704b 100644
--- a/main/openssl/0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch
+++ b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -1,12 +1,12 @@
-From 11e9d19d7c6c3461cbab5e5670d66974cd7cf819 Mon Sep 17 00:00:00 2001
+From b235a1c0686e5f4f32703c0eb0a75ee9902a7e89 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Fri, 4 Jun 2010 15:48:16 +0300
-Subject: [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration
+Date: Wed, 28 Jul 2010 08:37:58 +0300
+Subject: [PATCH 4/5] engines/e_padlock: implement sha1/sha224/sha256 acceleration
 
 Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT
 is used appropriately (as done by EVP_Digest, and my previous HMAC patch).
 
-Full support for VIA Nano including partial transformation.
+Full support for VIA Nano including partial transformation and 64-bit mode.
 
 Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and
 apps/speed patches done. From single run, error margin of about 100-200k.
@@ -24,11 +24,11 @@ sha1         37713.77k   114562.71k   259637.33k   379907.41k   438818.13k
 sha256       34262.86k   103233.75k   232476.07k   338386.60k   389860.01k
 hmac(sha1)    8424.70k    31475.11k   104036.10k   245559.30k   406667.26k
 ---
- engines/e_padlock.c |  596 +++++++++++++++++++++++++++++++++++++++++++++++----
- 1 files changed, 553 insertions(+), 43 deletions(-)
+ engines/e_padlock.c |  660 +++++++++++++++++++++++++++++++++++++++++++++++----
+ 1 files changed, 613 insertions(+), 47 deletions(-)
 
 diff --git a/engines/e_padlock.c b/engines/e_padlock.c
-index 381a746..2f8c72a 100644
+index 4300f35..3591c59 100644
 --- a/engines/e_padlock.c
 +++ b/engines/e_padlock.c
 @@ -3,6 +3,9 @@
@@ -41,7 +41,17 @@ index 381a746..2f8c72a 100644
   * Big thanks to Andy Polyakov for a help with optimization, 
   * assembler fixes, port to MS Windows and a lot of other 
   * valuable work on this engine!
-@@ -74,12 +77,23 @@
+@@ -64,7 +67,9 @@
+ 
+ 
+ #include <stdio.h>
++#include <stdint.h>
+ #include <string.h>
++#include <netinet/in.h>
+ 
+ #include <openssl/opensslconf.h>
+ #include <openssl/crypto.h>
+@@ -74,12 +79,33 @@
  #ifndef OPENSSL_NO_AES
  #include <openssl/aes.h>
  #endif
@@ -62,10 +72,20 @@ index 381a746..2f8c72a 100644
 +#define OPENSSL_NO_SHA
 +#endif
 +
++/* 64-bit mode does not need software SHA1 as fallback, we can
++ * do all operations with padlock */
++#if defined(__x86_64__) || defined(__x86_64)
++#define PADLOCK_NEED_FALLBACK_SHA	0
++#else
++#define PADLOCK_NEED_FALLBACK_SHA	1
++#endif
++
++#define PADLOCK_MAX_FINALIZING_LENGTH	0x1FFFFFFE
++
  /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
  #if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
  #  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-@@ -140,58 +154,40 @@ static int padlock_available(void);
+@@ -143,58 +169,40 @@ static int padlock_available(void);
  static int padlock_init(ENGINE *e);
  
  /* RNG Stuff */
@@ -145,7 +165,7 @@ index 381a746..2f8c72a 100644
  
  /* Constructor */
  static ENGINE *
-@@ -215,7 +211,7 @@ ENGINE_padlock(void)
+@@ -218,7 +226,7 @@ ENGINE_padlock(void)
  static int
  padlock_init(ENGINE *e)
  {
@@ -154,7 +174,7 @@ index 381a746..2f8c72a 100644
  }
  
  /* This stuff is needed if this ENGINE is being compiled into a self-contained
-@@ -367,10 +363,20 @@ padlock_available(void)
+@@ -371,10 +379,20 @@ padlock_available(void)
  		: "+a"(eax), "=d"(edx) : : "ecx");
  
  	/* Fill up some flags */
@@ -177,8 +197,27 @@ index 381a746..2f8c72a 100644
 +	return padlock_flags;
  }
  
- #ifndef OPENSSL_NO_AES
-@@ -1159,6 +1165,454 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ /* Force key reload from memory to the CPU microcode.
+@@ -471,10 +489,14 @@ padlock_available(void)
+ 		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
+ 
+ 	/* Fill up some flags */
+-	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
+-	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
+-
+-	return padlock_use_ace + padlock_use_rng;
++	padlock_flags |= ((edx & (0x3<<3)) ? PADLOCK_RNG : 0);
++	padlock_flags |= ((edx & (0x3<<7)) ? PADLOCK_ACE : 0);
++	padlock_flags |= ((edx & (0x3<<9)) ? PADLOCK_ACE2 : 0);
++	padlock_flags |= ((edx & (0x3<<11)) ? PADLOCK_PHE : 0);
++	padlock_flags |= ((edx & (0x3<<13)) ? PADLOCK_PMM : 0);
++	padlock_flags |= PADLOCK_NANO;
++
++	return padlock_flags;
+ }
+ 
+ /* Force key reload from memory to the CPU microcode.
+@@ -1263,6 +1285,496 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
  
  #endif /* OPENSSL_NO_AES */
  
@@ -188,23 +227,39 @@ index 381a746..2f8c72a 100644
 +padlock_copy_bswap(void *dst, void *src, size_t count)
 +{
 +	uint32_t *udst = dst, *usrc = src;
-+	unsigned int reg;
 +	int i = 0;
 +
-+	for (i = 0; i < count; i++) {
-+		reg = usrc[i];
-+		asm volatile("bswapl %0" : "+&r"(reg));
-+		udst[i] = reg;
-+	}
++	for (i = 0; i < count; i++)
++		udst[i] = htonl(usrc[i]);
++}
++
++static unsigned long padlock_sha_prepare_padding(
++		EVP_MD_CTX *ctx,
++		unsigned char *padding,
++		unsigned char *data, size_t data_len,
++		uint64_t total)
++{
++	unsigned int padding_len;
++
++	padding_len = data_len < 56 ? SHA_CBLOCK : 2 * SHA_CBLOCK;
++	if (data_len)
++		memcpy(padding, data, data_len);
++
++	memset(padding + data_len, 0, padding_len - data_len);
++	padding[data_len] = 0x80;
++	*(uint32_t *)(padding + padding_len - 8) = htonl(total >> 32);
++	*(uint32_t *)(padding + padding_len - 4) = htonl(total & 0xffffffff);
++
++	return data_len < 56 ? 1 : 2;
 +}
 +
 +#define PADLOCK_SHA_ALIGN(dd)	(uint32_t*)(((uintptr_t)(dd) + 15) & ~15)
 +#define PADLOCK_SHA_HWCTX	(128+16)
 +
 +static void
-+padlock_sha1(void *hwctx, const void *buf, uint32_t total, uint32_t now)
++padlock_sha1(void *hwctx, const void *buf, unsigned long total, unsigned long now)
 +{
-+	uint32_t pos = total - now;
++	unsigned long pos = total - now;
 +
 +	asm volatile ("xsha1"
 +			: "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
@@ -212,11 +267,11 @@ index 381a746..2f8c72a 100644
 +}
 +
 +static void
-+padlock_sha1_partial(void *hwctx, const void *buf, uint32_t blocks)
++padlock_sha1_partial(void *hwctx, const void *buf, unsigned long blocks)
 +{
 +	asm volatile ("xsha1"
 +			: "+S"(buf), "+D"(hwctx), "+c"(blocks)
-+			: "a"(-1) : "memory");
++			: "a"(-1L) : "memory");
 +}
 +
 +static int padlock_sha1_init(EVP_MD_CTX *ctx)
@@ -224,22 +279,24 @@ index 381a746..2f8c72a 100644
 +	return SHA1_Init(ctx->md_data);
 +}
 +
-+static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data,
-+			       size_t len)
++#if PADLOCK_NEED_FALLBACK_SHA
++
++static int padlock_sha1_update_eden(EVP_MD_CTX *ctx, const void *data,
++				    size_t len)
 +{
 +	unsigned char hwctx[PADLOCK_SHA_HWCTX];
 +	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
 +	SHA_CTX *c = ctx->md_data;
 +	uint_fast64_t total;
 +	const unsigned char *p = data;
-+	unsigned int l = 0;
++	unsigned long l = 0;
 +
 +	/* Calculate total length (Nl,Nh) is length in bits */
 +	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
 +	total += len;
 +
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+	    (total <= 0xfffffffe)) {
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
 +			l = (len < SHA_CBLOCK) ? len : SHA_CBLOCK;
 +			if (!SHA1_Update(c, data, l))
@@ -260,16 +317,17 @@ index 381a746..2f8c72a 100644
 +
 +	return SHA1_Update(c, data, len);
 +}
++#endif
 +
-+static int padlock_nano_sha1_update(EVP_MD_CTX *ctx, const void *data,
-+				    size_t len)
++static int padlock_sha1_update(EVP_MD_CTX *ctx, const void *data,
++			       size_t len)
 +{
 +	unsigned char hwctx[PADLOCK_SHA_HWCTX];
 +	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
 +	SHA_CTX *c = ctx->md_data;
 +	uint_fast64_t total;
 +	unsigned char *p;
-+	unsigned int n;
++	unsigned long n;
 +
 +	/* Calculate total length (Nl,Nh) is length in bits */
 +	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
@@ -300,7 +358,7 @@ index 381a746..2f8c72a 100644
 +
 +	/* Can we finalize straight away? */
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+	    (total <= 0xfffffffe)) {
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		padlock_sha1(aligned, data, total, len);
 +		memcpy(&c->h0, aligned, 5 * sizeof(SHA_LONG));
 +		c->num = -1;
@@ -327,8 +385,10 @@ index 381a746..2f8c72a 100644
 +
 +static int padlock_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
 +{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	uint64_t total;
 +	SHA_CTX *c = ctx->md_data;
-+	uint_fast64_t total;
 +
 +	if (c->num == -1) {
 +		padlock_copy_bswap(md, &c->h0, 5);
@@ -337,18 +397,26 @@ index 381a746..2f8c72a 100644
 +	}
 +
 +	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+	if (total <= 0xfffffffe) {
-+		unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+		uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++#if PADLOCK_NEED_FALLBACK_SHA
++	if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
++		return SHA1_Final(md, c);
++#endif
 +
-+		memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
++	memcpy(aligned, &c->h0, 5 * sizeof(SHA_LONG));
++	if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
++		unsigned char padding[2 * SHA_CBLOCK];
++		unsigned long n;
++
++		n = padlock_sha_prepare_padding(ctx, padding,
++			(unsigned char *) c->data, c->num, total << 3);
++		padlock_sha1_partial(aligned, padding, n);
++	} else {
 +		padlock_sha1(aligned, c->data, total, c->num);
-+		padlock_copy_bswap(md, aligned, 5);
-+		c->num = 0;
-+		return 1;
 +	}
++	padlock_copy_bswap(md, aligned, 5);
++	c->num = 0;
 +
-+	return SHA1_Final(md, c);
++	return 1;
 +}
 +
 +static EVP_MD padlock_sha1_md = {
@@ -385,9 +453,9 @@ index 381a746..2f8c72a 100644
 +#if !defined(OPENSSL_NO_SHA256)
 +
 +static void
-+padlock_sha256(void *hwctx, const void *buf, uint32_t total, uint32_t now)
++padlock_sha256(void *hwctx, const void *buf, unsigned long total, unsigned long now)
 +{
-+	uint32_t pos = total - now;
++	unsigned long pos = total - now;
 +
 +	asm volatile ("xsha256"
 +			: "+S"(buf), "+D"(hwctx), "+a"(pos), "+c"(total)
@@ -395,15 +463,17 @@ index 381a746..2f8c72a 100644
 +}
 +
 +static void
-+padlock_sha256_partial(void *hwctx, const void *buf, uint32_t blocks)
++padlock_sha256_partial(void *hwctx, const void *buf, unsigned long blocks)
 +{
 +	asm volatile ("xsha256"
 +			: "+S"(buf), "+D"(hwctx), "+c"(blocks)
-+			: "a"(-1) : "memory");
++			: "a"(-1L) : "memory");
 +}
 +
-+static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data,
-+				 size_t len)
++#if PADLOCK_NEED_FALLBACK_SHA
++
++static int padlock_sha256_update_eden(EVP_MD_CTX *ctx, const void *data,
++				      size_t len)
 +{
 +	unsigned char hwctx[PADLOCK_SHA_HWCTX];
 +	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
@@ -417,7 +487,7 @@ index 381a746..2f8c72a 100644
 +	total += len;
 +
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+	    (total <= 0xfffffffe)) {
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
 +			l = (len < SHA256_CBLOCK) ? len : SHA256_CBLOCK;
 +			if (!SHA256_Update(c, data, l))
@@ -439,15 +509,17 @@ index 381a746..2f8c72a 100644
 +	return SHA256_Update(c, data, len);
 +}
 +
-+static int padlock_nano_sha256_update(EVP_MD_CTX *ctx, const void *data,
-+				      size_t len)
++#endif
++
++static int padlock_sha256_update(EVP_MD_CTX *ctx, const void *data,
++				 size_t len)
 +{
 +	unsigned char hwctx[PADLOCK_SHA_HWCTX];
 +	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
 +	SHA256_CTX *c = ctx->md_data;
 +	uint_fast64_t total;
 +	unsigned char *p;
-+	unsigned int n;
++	unsigned long n;
 +
 +	/* Calculate total length (Nl,Nh) is length in bits */
 +	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
@@ -478,7 +550,7 @@ index 381a746..2f8c72a 100644
 +
 +	/* Can we finalize straight away? */
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
-+	    (total <= 0xfffffffe)) {
++	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		padlock_sha256(aligned, data, total, len);
 +		memcpy(c->h, aligned, sizeof(c->h));
 +		c->num = -1;
@@ -505,8 +577,10 @@ index 381a746..2f8c72a 100644
 +
 +static int padlock_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
 +{
++	unsigned char hwctx[PADLOCK_SHA_HWCTX];
++	uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++	uint64_t total;
 +	SHA256_CTX *c = ctx->md_data;
-+	uint_fast64_t total;
 +
 +	if (c->num == -1) {
 +		padlock_copy_bswap(md, c->h, sizeof(c->h)/sizeof(c->h[0]));
@@ -515,18 +589,25 @@ index 381a746..2f8c72a 100644
 +	}
 +
 +	total = (((uint_fast64_t) c->Nh) << 29) + (c->Nl >> 3);
-+	if (total <= 0xfffffffe) {
-+		unsigned char hwctx[PADLOCK_SHA_HWCTX];
-+		uint32_t *aligned = PADLOCK_SHA_ALIGN(hwctx);
++#if PADLOCK_NEED_FALLBACK_SHA
++	if ((!PADLOCK_HAVE_NANO) && (total > PADLOCK_MAX_FINALIZING_LENGTH))
++		return SHA256_Final(md, c);
++#endif
 +
-+		memcpy(aligned, c->h, sizeof(c->h));
++	memcpy(aligned, c->h, sizeof(c->h));
++	if (total > PADLOCK_MAX_FINALIZING_LENGTH) {
++		unsigned char padding[2 * SHA_CBLOCK];
++		unsigned long n;
++
++		n = padlock_sha_prepare_padding(ctx, padding,
++			(unsigned char *) c->data, c->num, total << 3);
++		padlock_sha256_partial(aligned, padding, n);
++	} else {
 +		padlock_sha256(aligned, c->data, total, c->num);
-+		padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0]));
-+		c->num = 0;
-+		return 1;
 +	}
-+
-+	return SHA256_Final(md, c);
++	padlock_copy_bswap(md, aligned, sizeof(c->h)/sizeof(c->h[0]));
++	c->num = 0;
++	return 1;
 +}
 +
 +#if !defined(OPENSSL_NO_SHA224)
@@ -633,7 +714,7 @@ index 381a746..2f8c72a 100644
  /* ===== Random Number Generator ===== */
  /*
   * This code is not engaged. The reason is that it does not comply
-@@ -1215,6 +1669,62 @@ static RAND_METHOD padlock_rand = {
+@@ -1319,6 +1831,60 @@ static RAND_METHOD padlock_rand = {
  	padlock_rand_status,	/* rand status */
  };
  
@@ -649,32 +730,30 @@ index 381a746..2f8c72a 100644
 +	/* Generate a nice engine name with available features */
 +	BIO_snprintf(padlock_name, sizeof(padlock_name),
 +		"VIA PadLock: %s%s%s%s%s%s",
-+		 padlock_flags ? "" : "not supported",
-+		 PADLOCK_HAVE_RNG ? "RNG " : "",
-+		 PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "",
-+		 PADLOCK_HAVE_PHE ? "PHE " : "",
-+		 PADLOCK_HAVE_PMM ? "PMM " : "",
-+		 PADLOCK_HAVE_NANO ? "NANO " : ""
-+		 );
-+
-+#ifndef OPENSSL_NO_SHA
-+	/* Use Nano SHA acceleration? */
-+	if (PADLOCK_HAVE_NANO) {
-+		padlock_sha1_md.update = padlock_nano_sha1_update;
-+		padlock_dss1_md.update = padlock_nano_sha1_update;
++		padlock_flags ? "" : "not supported",
++		PADLOCK_HAVE_RNG ? "RNG " : "",
++		PADLOCK_HAVE_ACE ? (PADLOCK_HAVE_ACE2 ? "ACE2 " : "ACE ") : "",
++		PADLOCK_HAVE_PHE ? "PHE " : "",
++		PADLOCK_HAVE_PMM ? "PMM " : "",
++		PADLOCK_HAVE_NANO ? "NANO " : ""
++		);
++
++#if PADLOCK_NEED_FALLBACK_SHA && !defined(OPENSSL_NO_SHA)
++	if (!PADLOCK_HAVE_NANO) {
++		padlock_sha1_md.update = padlock_sha1_update_eden;
++		padlock_dss1_md.update = padlock_sha1_update_eden;
 +#if !defined(OPENSSL_NO_SHA256)
 +#if !defined(OPENSSL_NO_SHA224)
-+		padlock_sha224_md.update = padlock_nano_sha256_update;
++		padlock_sha224_md.update = padlock_sha256_update_eden;
 +#endif
-+		padlock_sha256_md.update = padlock_nano_sha256_update;
++		padlock_sha256_md.update = padlock_sha256_update_eden;
 +#endif
 +	}
-+#endif
++#endif  
 +
 +	/* Register everything or return with an error */
 +	if (!ENGINE_set_id(e, padlock_id) ||
 +	    !ENGINE_set_name(e, padlock_name) ||
-+
 +	    !ENGINE_set_init_function(e, padlock_init)
 +#ifndef OPENSSL_NO_AES
 +	    || (PADLOCK_HAVE_ACE && !ENGINE_set_ciphers (e, padlock_ciphers))
diff --git a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch
index c41d860ea..3c72ce26a 100644
--- a/main/openssl/0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+++ b/main/openssl/0005-crypto-engine-autoload-padlock-dynamic-engine.patch
@@ -1,7 +1,7 @@
-From f6a5204b8dc94d73521f962183ee302533b2a196 Mon Sep 17 00:00:00 2001
+From b96276c8f11e656e4296955bf1a8d0ac2b6094fe Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
 Date: Fri, 4 Jun 2010 18:02:39 +0300
-Subject: [PATCH 4/4] crypto/engine: autoload padlock dynamic engine
+Subject: [PATCH 5/5] crypto/engine: autoload padlock dynamic engine
 
 ---
  crypto/engine/eng_all.c |   10 ++++++++++
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index eb23f31fc..34eabb072 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=openssl
 pkgver=1.0.0a
-pkgrel=1
+pkgrel=2
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -15,11 +15,11 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 	openssl-bb-basename.patch
 	0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
 	0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
-	0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch
-	0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+	0003-engines-e_padlock-backport-cvs-head-changes.patch
+	0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+	0005-crypto-engine-autoload-padlock-dynamic-engine.patch
 	"
 
-#	openssl-0.9.8k-padlock-sha.patch
 _builddir="$srcdir"/$pkgname-$pkgver
 prepare() {
 	cd "$_builddir"
@@ -69,7 +69,8 @@ libssl() {
 md5sums="e3873edfffc783624cfbdb65e2249cbd  openssl-1.0.0a.tar.gz
 115c481cd59b3dba631364e8fb1778f5  fix-manpages.patch
 c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
-ceae7d6166a455ecc41adc8f44f1a07e  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
-383c0c0305532f471bf583d6e05cbea9  0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
-f687ab90b23587dc445eb0803a6eb1fb  0003-engine-padlock-implement-sha1-sha224-sha256-accelera.patch
-f197ac9a2748e64b1cb15a12ddca3d61  0004-crypto-engine-autoload-padlock-dynamic-engine.patch"
+1f607b8e11347e56a0906756f3d6928a  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
+5ba830cf1e828192c8c40023dc92917d  0002-apps-speed-fix-digest-speed-measurement-and-add-hmac.patch
+53fbd01733b488717575e04a5aaf6664  0003-engines-e_padlock-backport-cvs-head-changes.patch
+beea8819faeefb9ab19ef90f00c53782  0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+8bc7a427f6005158585386b9837f700c  0005-crypto-engine-autoload-padlock-dynamic-engine.patch"