[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-cvs
Subject: [CVS] OpenSSL: OpenSSL-fips-0_9_8-stable: openssl/ CHANGES Configure M...
From: "Dr. Stephen Henson" <steve () openssl ! org>
Date: 2007-04-24 11:30:52
Message-ID: 20070424113052.76C721AC617D () master ! openssl ! org
[Download RAW message or body]
OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________________________
Server: cvs.openssl.org Name: Dr. Stephen Henson
Root: /v/openssl/cvs Email: steve@openssl.org
Module: openssl Date: 24-Apr-2007 13:30:52
Branch: OpenSSL-fips-0_9_8-stable Handle: 2007042412302724
Added files: (Branch: OpenSSL-fips-0_9_8-stable)
openssl/crypto/evp e_seed.c
openssl/crypto/seed Makefile seed.c seed.h seed_cbc.c seed_cfb.c
seed_ecb.c seed_locl.h seed_ofb.c
Modified files: (Branch: OpenSSL-fips-0_9_8-stable)
openssl CHANGES Configure Makefile.org config makevms.com
openssl/apps dsa.c gendsa.c genrsa.c pkcs12.c progs.h progs.pl
rsa.c smime.c speed.c
openssl/crypto crypto-lib.com install.com
openssl/crypto/bn bn.h bn_err.c
openssl/crypto/evp Makefile c_allc.c evp.h evp_test.c evptests.txt
openssl/crypto/objects obj_dat.h obj_mac.h obj_mac.num objects.txt
openssl/crypto/rsa rsa_test.c
openssl/doc standards.txt
openssl/doc/apps ciphers.pod
openssl/ssl s3_lib.c ssl.h ssl_algs.c ssl_ciph.c ssl_locl.h
tls1.h
openssl/test Makefile
openssl/util mk1mf.pl mkdef.pl mkfiles.pl
Log:
Merge from 0.9.8 stable branch.
Summary:
Revision Changes Path
1.1238.2.65.2.11+51 -0 openssl/CHANGES
1.488.2.35.2.6+5 -4 openssl/Configure
1.256.2.12.2.3+1 -1 openssl/Makefile.org
1.30.2.2.2.1+4 -0 openssl/apps/dsa.c
1.32.2.2.2.1+8 -0 openssl/apps/gendsa.c
1.35.2.2.2.2+8 -0 openssl/apps/genrsa.c
1.79.2.5.2.2+7 -1 openssl/apps/pkcs12.c
1.34.2.1.2.1+15 -0 openssl/apps/progs.h
1.18.2.1.2.1+4 -2 openssl/apps/progs.pl
1.39.2.2.2.1+4 -0 openssl/apps/rsa.c
1.56.2.3.2.1+7 -0 openssl/apps/smime.c
1.126.2.5.2.1+58 -20 openssl/apps/speed.c
1.139.2.16.2.1+1 -1 openssl/config
1.100.2.6.2.3+2 -0 openssl/crypto/bn/bn.h
1.27.2.1.2.1+3 -1 openssl/crypto/bn/bn_err.c
1.86.2.11.2.1+3 -2 openssl/crypto/crypto-lib.com
1.4.2.3.2.3 +3 -2 openssl/crypto/evp/Makefile
1.11.2.1.2.1+9 -0 openssl/crypto/evp/c_allc.c
1.1.4.2 +83 -0 openssl/crypto/evp/e_seed.c
1.112.2.4.2.4+9 -0 openssl/crypto/evp/evp.h
1.24.2.2.2.1+7 -0 openssl/crypto/evp/evp_test.c
1.10.4.1.2.1+9 -0 openssl/crypto/evp/evptests.txt
1.20.2.2.2.1+2 -1 openssl/crypto/install.com
1.78.2.6.2.1+33 -5 openssl/crypto/objects/obj_dat.h
1.46.2.4.2.1+25 -0 openssl/crypto/objects/obj_mac.h
1.37.2.4.2.1+8 -0 openssl/crypto/objects/obj_mac.num
1.49.2.3.2.1+10 -0 openssl/crypto/objects/objects.txt
1.13.4.2 +22 -4 openssl/crypto/rsa/rsa_test.c
1.1.4.2 +87 -0 openssl/crypto/seed/Makefile
1.1.4.2 +286 -0 openssl/crypto/seed/seed.c
1.2.2.2 +135 -0 openssl/crypto/seed/seed.h
1.1.4.2 +129 -0 openssl/crypto/seed/seed_cbc.c
1.1.4.2 +144 -0 openssl/crypto/seed/seed_cfb.c
1.1.4.2 +60 -0 openssl/crypto/seed/seed_ecb.c
1.1.4.2 +116 -0 openssl/crypto/seed/seed_locl.h
1.1.4.2 +128 -0 openssl/crypto/seed/seed_ofb.c
1.9.2.3.2.1 +26 -9 openssl/doc/apps/ciphers.pod
1.9.2.1.2.1 +9 -0 openssl/doc/standards.txt
1.44.2.3.2.1+3 -2 openssl/makevms.com
1.74.2.15.2.2+105 -19 openssl/ssl/s3_lib.c
1.161.2.9.2.2+1 -0 openssl/ssl/ssl.h
1.12.2.2.2.1+3 -2 openssl/ssl/ssl_algs.c
1.49.2.14.2.2+14 -5 openssl/ssl/ssl_ciph.c
1.63.2.4.2.2+3 -2 openssl/ssl/ssl_locl.h
1.17.2.3.2.1+16 -1 openssl/ssl/tls1.h
1.12.2.10.2.3+1 -1 openssl/test/Makefile
1.61.2.15.2.6+6 -4 openssl/util/mk1mf.pl
1.92.2.5.2.2+5 -1 openssl/util/mkdef.pl
1.18.2.1.2.2+1 -0 openssl/util/mkfiles.pl
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openssl/CHANGES
============================================================================
$ cvs diff -u -r1.1238.2.65.2.10 -r1.1238.2.65.2.11 CHANGES
--- openssl/CHANGES 8 Apr 2007 17:50:54 -0000 1.1238.2.65.2.10
+++ openssl/CHANGES 24 Apr 2007 11:30:27 -0000 1.1238.2.65.2.11
@@ -160,6 +160,57 @@
[Matthew D Wood (Intel Corp)]
+ *) Add the Korean symmetric 128-bit cipher SEED (see
+ http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
+ add SEED ciphersuites from RFC 4162:
+
+ TLS_RSA_WITH_SEED_CBC_SHA = "SEED-SHA"
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA = "DHE-DSS-SEED-SHA"
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA = "DHE-RSA-SEED-SHA"
+ TLS_DH_anon_WITH_SEED_CBC_SHA = "ADH-SEED-SHA"
+
+ To minimize changes between patchlevels in the OpenSSL 0.9.8
+ series, SEED remains excluded from compilation unless OpenSSL
+ is configured with 'enable-seed'.
+ [KISA, Bodo Moeller]
+
+ *) Mitigate branch prediction attacks, which can be practical if a
+ single processor is shared, allowing a spy process to extract
+ information. For detailed background information, see
+ http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
+ J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
+ and Necessary Software Countermeasures"). The core of the change
+ are new versions BN_div_no_branch() and
+ BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
+ respectively, which are slower, but avoid the security-relevant
+ conditional branches. These are automatically called by BN_div()
+ and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+ of the input BIGNUMs. Also, BN_is_bit_set() has been changed to
+ remove a conditional branch.
+
+ BN_FLG_CONSTTIME is the new name for the previous
+ BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
+ modular exponentiation. (Since OpenSSL 0.9.7h, setting this flag
+ in the exponent causes BN_mod_exp_mont() to use the alternative
+ implementation in BN_mod_exp_mont_consttime().) The old name
+ remains as a deprecated alias.
+
+ Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
+ RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
+ constant-time implementations for more than just exponentiation.
+ Here too the old name is kept as a deprecated alias.
+
+ BN_BLINDING_new() will now use BN_dup() for the modulus so that
+ the BN_BLINDING structure gets an independent copy of the
+ modulus. This means that the previous "BIGNUM *m" argument to
+ BN_BLINDING_new() and to BN_BLINDING_create_param() now
+ essentially becomes "const BIGNUM *m", although we can't actually
+ change this in the header file before 0.9.9. It allows
+ RSA_setup_blinding() to use BN_with_flags() on the modulus to
+ enable BN_FLG_CONSTTIME.
+
+ [Matthew D Wood (Intel Corp)]
+
*) In the SSL/TLS server implementation, be strict about session ID
context matching (which matters if an application uses a single
external cache for different purposes). Previously,
@@ .
patch -p0 <<'@@ .'
Index: openssl/Configure
============================================================================
$ cvs diff -u -r1.488.2.35.2.5 -r1.488.2.35.2.6 Configure
--- openssl/Configure 25 Mar 2007 15:42:13 -0000 1.488.2.35.2.5
+++ openssl/Configure 24 Apr 2007 11:30:28 -0000 1.488.2.35.2.6
@@ -609,11 +609,12 @@
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment"
- "camellia" => "default",
- "gmp" => "default",
+ "camellia" => "default",
+ "gmp" => "default",
"mdc2" => "default",
"rc5" => "default",
- "rfc3779" => "default",
+ "rfc3779" => "default",
+ "seed" => "default",
"shared" => "default",
"zlib" => "default",
"zlib-dynamic" => "default"
@@ -624,7 +625,7 @@
# For symmetry, "disable-..." is a synonym for "no-...".
# This is what $depflags will look like with the above default:
-my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 \
-DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 "; +my $default_depflags = \
"-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 \
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED ";
my $no_sse2=0;
@@ .
patch -p0 <<'@@ .'
Index: openssl/Makefile.org
============================================================================
$ cvs diff -u -r1.256.2.12.2.2 -r1.256.2.12.2.3 Makefile.org
--- openssl/Makefile.org 2 Apr 2007 23:59:34 -0000 1.256.2.12.2.2
+++ openssl/Makefile.org 24 Apr 2007 11:30:29 -0000 1.256.2.12.2.3
@@ -141,7 +141,7 @@
SDIRS= \
objects \
md2 md4 md5 sha mdc2 hmac ripemd \
- des aes rc2 rc4 rc5 idea bf cast camellia \
+ des aes rc2 rc4 rc5 idea bf cast camellia seed \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/dsa.c
============================================================================
$ cvs diff -u -r1.30.2.2 -r1.30.2.2.2.1 dsa.c
--- openssl/apps/dsa.c 9 Jun 2006 15:42:10 -0000 1.30.2.2
+++ openssl/apps/dsa.c 24 Apr 2007 11:30:30 -0000 1.30.2.2.2.1
@@ -87,6 +87,7 @@
* -camellia128 - encrypt output if PEM format
* -camellia192 - encrypt output if PEM format
* -camellia256 - encrypt output if PEM format
+ * -seed - encrypt output if PEM format
* -text - print a text version
* -modulus - print the DSA public key
*/
@@ -219,6 +220,9 @@
BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
+#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the DSA public value\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/gendsa.c
============================================================================
$ cvs diff -u -r1.32.2.2 -r1.32.2.2.2.1 gendsa.c
--- openssl/apps/gendsa.c 9 Jun 2006 15:42:10 -0000 1.32.2.2
+++ openssl/apps/gendsa.c 24 Apr 2007 11:30:31 -0000 1.32.2.2.2.1
@@ -140,6 +140,10 @@
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
+#ifndef OPENSSL_NO_SEED
+ else if (strcmp(*argv,"-seed") == 0)
+ enc=EVP_seed_cbc();
+#endif
#ifndef OPENSSL_NO_AES
else if (strcmp(*argv,"-aes128") == 0)
enc=EVP_aes_128_cbc();
@@ -178,6 +182,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc \
mode\n"); #endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err," -seed\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
+#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/genrsa.c
============================================================================
$ cvs diff -u -r1.35.2.2.2.1 -r1.35.2.2.2.2 genrsa.c
--- openssl/apps/genrsa.c 22 Mar 2007 00:37:43 -0000 1.35.2.2.2.1
+++ openssl/apps/genrsa.c 24 Apr 2007 11:30:31 -0000 1.35.2.2.2.2
@@ -163,6 +163,10 @@
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
+#ifndef OPENSSL_NO_SEED
+ else if (strcmp(*argv,"-seed") == 0)
+ enc=EVP_seed_cbc();
+#endif
#ifndef OPENSSL_NO_AES
else if (strcmp(*argv,"-aes128") == 0)
enc=EVP_aes_128_cbc();
@@ -198,6 +202,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc \
mode\n"); #endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err," -seed\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
+#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/pkcs12.c
============================================================================
$ cvs diff -u -r1.79.2.5.2.1 -r1.79.2.5.2.2 pkcs12.c
--- openssl/apps/pkcs12.c 22 Mar 2007 00:37:44 -0000 1.79.2.5.2.1
+++ openssl/apps/pkcs12.c 24 Apr 2007 11:30:31 -0000 1.79.2.5.2.2
@@ -160,10 +160,13 @@
cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
else if (!strcmp (*args, "-export")) export_cert = 1;
else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
+ else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
#ifndef OPENSSL_NO_IDEA
else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
#endif
- else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
+#ifndef OPENSSL_NO_SEED
+ else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc();
+#endif
#ifndef OPENSSL_NO_AES
else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
@@ -313,6 +316,9 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf (bio_err, "-idea encrypt private keys with idea\n");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf (bio_err, "-seed encrypt private keys with seed\n");
+#endif
#ifndef OPENSSL_NO_AES
BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/progs.h
============================================================================
$ cvs diff -u -r1.34.2.1 -r1.34.2.1.2.1 progs.h
--- openssl/apps/progs.h 9 Jun 2006 15:42:11 -0000 1.34.2.1
+++ openssl/apps/progs.h 24 Apr 2007 11:30:31 -0000 1.34.2.1.2.1
@@ -197,6 +197,9 @@
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea",enc_main},
#endif
+#ifndef OPENSSL_NO_SEED
+ {FUNC_TYPE_CIPHER,"seed",enc_main},
+#endif
#ifndef OPENSSL_NO_RC4
{FUNC_TYPE_CIPHER,"rc4",enc_main},
#endif
@@ -263,6 +266,18 @@
#ifndef OPENSSL_NO_IDEA
{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
#endif
+#ifndef OPENSSL_NO_SEED
+ {FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+ {FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+ {FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+ {FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
+#endif
#ifndef OPENSSL_NO_RC2
{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
#endif
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/progs.pl
============================================================================
$ cvs diff -u -r1.18.2.1 -r1.18.2.1.2.1 progs.pl
--- openssl/apps/progs.pl 9 Jun 2006 15:42:11 -0000 1.18.2.1
+++ openssl/apps/progs.pl 24 Apr 2007 11:30:31 -0000 1.18.2.1.2.1
@@ -61,13 +61,14 @@
"camellia-192-cbc", "camellia-192-ecb",
"camellia-256-cbc", "camellia-256-ecb",
"base64",
- "des", "des3", "desx", "idea", "rc4", "rc4-40",
+ "des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
"rc2", "bf", "cast", "rc5",
"des-ecb", "des-ede", "des-ede3",
"des-cbc", "des-ede-cbc","des-ede3-cbc",
"des-cfb", "des-ede-cfb","des-ede3-cfb",
"des-ofb", "des-ede-ofb","des-ede3-ofb",
- "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
+ "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
+ "seed-cbc","seed-ecb", "seed-cfb", "seed-ofb",
"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
"bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb",
"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
@@ -80,6 +81,7 @@
elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
+ elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/rsa.c
============================================================================
$ cvs diff -u -r1.39.2.2 -r1.39.2.2.2.1 rsa.c
--- openssl/apps/rsa.c 9 Jun 2006 15:42:11 -0000 1.39.2.2
+++ openssl/apps/rsa.c 24 Apr 2007 11:30:31 -0000 1.39.2.2.2.1
@@ -81,6 +81,7 @@
* -des - encrypt output if PEM format with DES in cbc mode
* -des3 - encrypt output if PEM format
* -idea - encrypt output if PEM format
+ * -seed - encrypt output if PEM format
* -aes128 - encrypt output if PEM format
* -aes192 - encrypt output if PEM format
* -aes256 - encrypt output if PEM format
@@ -211,6 +212,9 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
+#endif
#ifndef OPENSSL_NO_AES
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/smime.c
============================================================================
$ cvs diff -u -r1.56.2.3 -r1.56.2.3.2.1 smime.c
--- openssl/apps/smime.c 13 Jul 2006 20:35:33 -0000 1.56.2.3
+++ openssl/apps/smime.c 24 Apr 2007 11:30:31 -0000 1.56.2.3.2.1
@@ -145,6 +145,10 @@
else if (!strcmp (*args, "-des"))
cipher = EVP_des_cbc();
#endif
+#ifndef OPENSSL_NO_SEED
+ else if (!strcmp (*args, "-seed"))
+ cipher = EVP_seed_cbc();
+#endif
#ifndef OPENSSL_NO_RC2
else if (!strcmp (*args, "-rc2-40"))
cipher = EVP_rc2_40_cbc();
@@ -423,6 +427,9 @@
BIO_printf (bio_err, "-des3 encrypt with triple DES\n");
BIO_printf (bio_err, "-des encrypt with DES\n");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf (bio_err, "-seed encrypt with SEED\n");
+#endif
#ifndef OPENSSL_NO_RC2
BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n");
BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n");
@@ .
patch -p0 <<'@@ .'
Index: openssl/apps/speed.c
============================================================================
$ cvs diff -u -r1.126.2.5 -r1.126.2.5.2.1 speed.c
--- openssl/apps/speed.c 9 Jun 2006 15:42:11 -0000 1.126.2.5
+++ openssl/apps/speed.c 24 Apr 2007 11:30:31 -0000 1.126.2.5.2.1
@@ -201,6 +201,9 @@
#ifndef OPENSSL_NO_IDEA
#include <openssl/idea.h>
#endif
+#ifndef OPENSSL_NO_SEED
+#include <openssl/seed.h>
+#endif
#ifndef OPENSSL_NO_BF
#include <openssl/blowfish.h>
#endif
@@ -272,7 +275,7 @@
static int do_multi(int multi);
#endif
-#define ALGOR_NUM 24
+#define ALGOR_NUM 25
#define SIZE_NUM 5
#define RSA_NUM 4
#define DSA_NUM 3
@@ -282,7 +285,7 @@
static const char *names[ALGOR_NUM]={
"md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
- "des cbc","des ede3","idea cbc",
+ "des cbc","des ede3","idea cbc","seed cbc",
"rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
"aes-128 cbc","aes-192 cbc","aes-256 cbc",
"camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
@@ -533,6 +536,9 @@
#ifndef OPENSSL_NO_IDEA
IDEA_KEY_SCHEDULE idea_ks;
#endif
+#ifndef OPENSSL_NO_SEED
+ SEED_KEY_SCHEDULE seed_ks;
+#endif
#ifndef OPENSSL_NO_BF
BF_KEY bf_ks;
#endif
@@ -597,19 +603,20 @@
#define D_CBC_DES 8
#define D_EDE3_DES 9
#define D_CBC_IDEA 10
-#define D_CBC_RC2 11
-#define D_CBC_RC5 12
-#define D_CBC_BF 13
-#define D_CBC_CAST 14
-#define D_CBC_128_AES 15
-#define D_CBC_192_AES 16
-#define D_CBC_256_AES 17
-#define D_CBC_128_CML 18
-#define D_CBC_192_CML 19
-#define D_CBC_256_CML 20
-#define D_EVP 21
-#define D_SHA256 22
-#define D_SHA512 23
+#define D_CBC_SEED 11
+#define D_CBC_RC2 12
+#define D_CBC_RC5 13
+#define D_CBC_BF 14
+#define D_CBC_CAST 15
+#define D_CBC_128_AES 16
+#define D_CBC_192_AES 17
+#define D_CBC_256_AES 18
+#define D_CBC_128_CML 19
+#define D_CBC_192_CML 20
+#define D_CBC_256_CML 21
+#define D_EVP 22
+#define D_SHA256 23
+#define D_SHA512 24
double d=0.0;
long c[ALGOR_NUM][SIZE_NUM];
#define R_DSA_512 0
@@ -999,6 +1006,11 @@
else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
else
#endif
+#ifndef OPENSSL_NO_SEED
+ if (strcmp(*argv,"seed-cbc") == 0) doit[D_CBC_SEED]=1;
+ else if (strcmp(*argv,"seed") == 0) doit[D_CBC_SEED]=1;
+ else
+#endif
#ifndef OPENSSL_NO_BF
if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
@@ -1144,6 +1156,9 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,"idea-cbc ");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err,"seed-cbc ");
+#endif
#ifndef OPENSSL_NO_RC2
BIO_printf(bio_err,"rc2-cbc ");
#endif
@@ -1153,7 +1168,7 @@
#ifndef OPENSSL_NO_BF
BIO_printf(bio_err,"bf-cbc");
#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
!defined(OPENSSL_NO_RC2) || \
!defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
BIO_printf(bio_err,"\n");
#endif
@@ -1195,6 +1210,9 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,"idea ");
#endif
+#ifndef OPENSSL_NO_SEED
+ BIO_printf(bio_err,"seed ");
+#endif
#ifndef OPENSSL_NO_RC2
BIO_printf(bio_err,"rc2 ");
#endif
@@ -1213,10 +1231,10 @@
#ifndef OPENSSL_NO_BF
BIO_printf(bio_err,"blowfish");
#endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
- !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \
- !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES) || \
- !defined(OPENSSL_NO_CAMELLIA)
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
+ !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
+ !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
+ !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
BIO_printf(bio_err,"\n");
#endif
@@ -1318,6 +1336,9 @@
#ifndef OPENSSL_NO_IDEA
idea_set_encrypt_key(key16,&idea_ks);
#endif
+#ifndef OPENSSL_NO_SEED
+ SEED_set_key(key16,&seed_ks);
+#endif
#ifndef OPENSSL_NO_RC4
RC4_set_key(&rc4_ks,16,key16);
#endif
@@ -1361,6 +1382,7 @@
c[D_CBC_DES][0]=count;
c[D_EDE3_DES][0]=count/3;
c[D_CBC_IDEA][0]=count;
+ c[D_CBC_SEED][0]=count;
c[D_CBC_RC2][0]=count;
c[D_CBC_RC5][0]=count;
c[D_CBC_BF][0]=count;
@@ -1396,6 +1418,7 @@
c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
+ c[D_CBC_SEED][i]=c[D_CBC_SEED][i-1]*l0/l1;
c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
@@ -1861,6 +1884,21 @@
}
}
#endif
+#ifndef OPENSSL_NO_SEED
+ if (doit[D_CBC_SEED])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_SEED],c[D_CBC_SEED][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_SEED][j]); count++)
+ SEED_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&seed_ks,iv,1);
+ d=Time_F(STOP);
+ print_result(D_CBC_SEED,j,count,d);
+ }
+ }
+#endif
#ifndef OPENSSL_NO_RC2
if (doit[D_CBC_RC2])
{
@@ .
patch -p0 <<'@@ .'
Index: openssl/config
============================================================================
$ cvs diff -u -r1.139.2.16 -r1.139.2.16.2.1 config
--- openssl/config 20 Mar 2007 09:06:50 -0000 1.139.2.16
+++ openssl/config 24 Apr 2007 11:30:29 -0000 1.139.2.16.2.1
@@ -797,7 +797,7 @@
i386-*) options="$options 386" ;;
esac
-for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 \
ripemd rsa sha +for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 \
rc2 rc4 rc5 ripemd rsa seed sha do
if [ ! -d crypto/$i ]
then
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/bn/bn.h
============================================================================
$ cvs diff -u -r1.100.2.6.2.2 -r1.100.2.6.2.3 bn.h
--- openssl/crypto/bn/bn.h 28 Mar 2007 12:38:49 -0000 1.100.2.6.2.2
+++ openssl/crypto/bn/bn.h 24 Apr 2007 11:30:34 -0000 1.100.2.6.2.3
@@ -809,6 +809,7 @@
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_CTX_START 129
#define BN_F_BN_DIV 107
+#define BN_F_BN_DIV_NO_BRANCH 138
#define BN_F_BN_DIV_RECP 130
#define BN_F_BN_EXP 123
#define BN_F_BN_EXPAND2 108
@@ -827,6 +828,7 @@
#define BN_F_BN_MOD_EXP_RECP 125
#define BN_F_BN_MOD_EXP_SIMPLE 126
#define BN_F_BN_MOD_INVERSE 110
+#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
#define BN_F_BN_MOD_LSHIFT_QUICK 119
#define BN_F_BN_MOD_MUL_RECIPROCAL 111
#define BN_F_BN_MOD_SQRT 121
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/bn/bn_err.c
============================================================================
$ cvs diff -u -r1.27.2.1 -r1.27.2.1.2.1 bn_err.c
--- openssl/crypto/bn/bn_err.c 21 Nov 2006 20:14:38 -0000 1.27.2.1
+++ openssl/crypto/bn/bn_err.c 24 Apr 2007 11:30:34 -0000 1.27.2.1.2.1
@@ -1,6 +1,6 @@
/* crypto/bn/bn_err.c */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -82,6 +82,7 @@
{ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
{ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
{ERR_FUNC(BN_F_BN_DIV), "BN_div"},
+{ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
{ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
{ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
{ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
@@ -100,6 +101,7 @@
{ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"},
{ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"},
{ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
+{ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
{ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
{ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/crypto-lib.com
============================================================================
$ cvs diff -u -r1.86.2.11 -r1.86.2.11.2.1 crypto-lib.com
--- openssl/crypto/crypto-lib.com 26 Dec 2006 21:21:09 -0000 1.86.2.11
+++ openssl/crypto/crypto-lib.com 24 Apr 2007 11:30:33 -0000 1.86.2.11.2.1
@@ -78,7 +78,7 @@
$ ENCRYPT_TYPES = "Basic,"+ -
"OBJECTS,"+ -
"MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
- "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,"+ -
+ "DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,"+ -
"BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ -
"BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
"EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
@@ -184,6 +184,7 @@
$ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ -
"cmll_cfb,cmll_ctr"
+$ LIB_SEED = "seed,seed_cbc,seed_ecb,seed_cfb,seed_ofb"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
$ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
@@ -226,7 +227,7 @@
$ LIB_ERR = "err,err_all,err_prn"
$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err"
$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ -
- "e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
+ "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ -
"e_rc4,e_aes,names,"+ -
"e_xcbc_d,e_rc2,e_cast,e_rc5"
$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + -
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/Makefile
============================================================================
$ cvs diff -u -r1.4.2.3.2.2 -r1.4.2.3.2.3 Makefile
--- openssl/crypto/evp/Makefile 8 Apr 2007 17:50:58 -0000 1.4.2.3.2.2
+++ openssl/crypto/evp/Makefile 24 Apr 2007 11:30:34 -0000 1.4.2.3.2.3
@@ -20,7 +20,7 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= encode.c digest.c dig_eng.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
- e_rc4.c e_aes.c names.c \
+ e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
@@ -32,7 +32,7 @@
LIBOBJ= encode.o digest.o dig_eng.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
- e_rc4.o e_aes.o names.o \
+ e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
@@ -293,6 +293,7 @@
e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
+e_seed.o: ../../include/openssl/opensslconf.h e_seed.c
e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/c_allc.c
============================================================================
$ cvs diff -u -r1.11.2.1 -r1.11.2.1.2.1 c_allc.c
--- openssl/crypto/evp/c_allc.c 9 Jun 2006 15:42:13 -0000 1.11.2.1
+++ openssl/crypto/evp/c_allc.c 24 Apr 2007 11:30:34 -0000 1.11.2.1.2.1
@@ -107,6 +107,15 @@
EVP_add_cipher_alias(SN_idea_cbc,"idea");
#endif
+#ifndef OPENSSL_NO_SEED
+ EVP_add_cipher(EVP_seed_ecb());
+ EVP_add_cipher(EVP_seed_cfb());
+ EVP_add_cipher(EVP_seed_ofb());
+ EVP_add_cipher(EVP_seed_cbc());
+ EVP_add_cipher_alias(SN_seed_cbc,"SEED");
+ EVP_add_cipher_alias(SN_seed_cbc,"seed");
+#endif
+
#ifndef OPENSSL_NO_RC2
EVP_add_cipher(EVP_rc2_ecb());
EVP_add_cipher(EVP_rc2_cfb());
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/e_seed.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 e_seed.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ e_seed.c 2007-04-24 13:30:35 +0200
@@ -0,0 +1,83 @@
+/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_SEED
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <string.h>
+#include <assert.h>
+#include <openssl/seed.h>
+#include "evp_locl.h"
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const \
unsigned char *iv, int enc); +
+typedef struct
+ {
+ SEED_KEY_SCHEDULE ks;
+ } EVP_SEED_KEY;
+
+IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
+ 16, 16, 16, 128,
+ 0, seed_init_key, 0, 0, 0, 0)
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ SEED_set_key(key, ctx->cipher_data);
+ return 1;
+ }
+
+#endif
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/evp.h
============================================================================
$ cvs diff -u -r1.112.2.4.2.3 -r1.112.2.4.2.4 evp.h
--- openssl/crypto/evp/evp.h 8 Apr 2007 17:50:58 -0000 1.112.2.4.2.3
+++ openssl/crypto/evp/evp.h 24 Apr 2007 11:30:35 -0000 1.112.2.4.2.4
@@ -810,6 +810,14 @@
const EVP_CIPHER *EVP_camellia_256_ofb(void);
#endif
+#ifndef OPENSSL_NO_SEED
+const EVP_CIPHER *EVP_seed_ecb(void);
+const EVP_CIPHER *EVP_seed_cbc(void);
+const EVP_CIPHER *EVP_seed_cfb128(void);
+# define EVP_seed_cfb EVP_seed_cfb128
+const EVP_CIPHER *EVP_seed_ofb(void);
+#endif
+
void OPENSSL_add_all_algorithms_noconf(void);
void OPENSSL_add_all_algorithms_conf(void);
@@ -1029,6 +1037,7 @@
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
+#define EVP_R_SEED_KEY_SETUP_FAILED 162
#ifdef __cplusplus
}
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/evp_test.c
============================================================================
$ cvs diff -u -r1.24.2.2 -r1.24.2.2.2.1 evp_test.c
--- openssl/crypto/evp/evp_test.c 9 Jun 2006 15:42:13 -0000 1.24.2.2
+++ openssl/crypto/evp/evp_test.c 24 Apr 2007 11:30:35 -0000 1.24.2.2.2.1
@@ -424,6 +424,13 @@
continue;
}
#endif
+#ifdef OPENSSL_NO_SEED
+ if (strstr(cipher, "SEED") == cipher)
+ {
+ fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+ continue;
+ }
+#endif
fprintf(stderr,"Can't find %s\n",cipher);
EXIT(3);
}
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/evp/evptests.txt
============================================================================
$ cvs diff -u -r1.10.4.1 -r1.10.4.1.2.1 evptests.txt
--- openssl/crypto/evp/evptests.txt 9 Jun 2006 15:42:13 -0000 1.10.4.1
+++ openssl/crypto/evp/evptests.txt 24 Apr 2007 11:30:35 -0000 1.10.4.1.2.1
@@ -310,3 +310,12 @@
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E \
1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41 \
635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
+# SEED test vectors from RFC4269
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/install.com
============================================================================
$ cvs diff -u -r1.20.2.2 -r1.20.2.2.2.1 install.com
--- openssl/crypto/install.com 10 Jun 2006 05:38:29 -0000 1.20.2.2
+++ openssl/crypto/install.com 24 Apr 2007 11:30:33 -0000 1.20.2.2.2.1
@@ -35,7 +35,7 @@
$ SDIRS := ,-
OBJECTS,-
MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
- DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,-
+ DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,-
BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,-
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
@@ -59,6 +59,7 @@
$ EXHEADER_BF := blowfish.h
$ EXHEADER_CAST := cast.h
$ EXHEADER_CAMELLIA := camellia.h
+$ EXHEADER_SEED := seed.h
$ EXHEADER_BN := bn.h
$ EXHEADER_EC := ec.h
$ EXHEADER_RSA := rsa.h
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/objects/obj_dat.h
============================================================================
$ cvs diff -u -r1.78.2.6 -r1.78.2.6.2.1 obj_dat.h
--- openssl/crypto/objects/obj_dat.h 4 Dec 2006 18:48:16 -0000 1.78.2.6
+++ openssl/crypto/objects/obj_dat.h 24 Apr 2007 11:30:36 -0000 1.78.2.6.2.1
@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
-#define NUM_NID 772
-#define NUM_SN 768
-#define NUM_LN 768
-#define NUM_OBJ 724
+#define NUM_NID 780
+#define NUM_SN 773
+#define NUM_LN 773
+#define NUM_OBJ 729
-static unsigned char lvalues[5116]={
+static unsigned char lvalues[5154]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -792,6 +792,11 @@
0x55,0x1D,0x09, /* [5106] \
OBJ_subject_directory_attributes */ 0x55,0x1D,0x1C, /* \
[5109] OBJ_issuing_distribution_point */ 0x55,0x1D,0x1D, \
/* [5112] OBJ_certificate_issuer */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* \
[5115] OBJ_kisa */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5121] \
OBJ_seed_ecb */ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5129] OBJ_seed_cbc \
*/ +0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5137] OBJ_seed_ofb128 */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5145] OBJ_seed_cfb128 */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1996,6 +2001,14 @@
NID_issuing_distribution_point,3,&(lvalues[5109]),0},
{"certificateIssuer","X509v3 Certificate Issuer",
NID_certificate_issuer,3,&(lvalues[5112]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"KISA","kisa",NID_kisa,6,&(lvalues[5115]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5121]),0},
+{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5129]),0},
+{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5137]),0},
+{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5145]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -2085,6 +2098,7 @@
&(nid_objs[183]),/* "ISO-US" */
&(nid_objs[645]),/* "ITU-T" */
&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */
+&(nid_objs[773]),/* "KISA" */
&(nid_objs[15]),/* "L" */
&(nid_objs[ 3]),/* "MD2" */
&(nid_objs[257]),/* "MD4" */
@@ -2147,6 +2161,10 @@
&(nid_objs[668]),/* "RSA-SHA256" */
&(nid_objs[669]),/* "RSA-SHA384" */
&(nid_objs[670]),/* "RSA-SHA512" */
+&(nid_objs[777]),/* "SEED-CBC" */
+&(nid_objs[779]),/* "SEED-CFB" */
+&(nid_objs[776]),/* "SEED-ECB" */
+&(nid_objs[778]),/* "SEED-OFB" */
&(nid_objs[41]),/* "SHA" */
&(nid_objs[64]),/* "SHA1" */
&(nid_objs[675]),/* "SHA224" */
@@ -3221,6 +3239,7 @@
&(nid_objs[492]),/* "janetMailbox" */
&(nid_objs[646]),/* "joint-iso-itu-t" */
&(nid_objs[150]),/* "keyBag" */
+&(nid_objs[773]),/* "kisa" */
&(nid_objs[477]),/* "lastModifiedBy" */
&(nid_objs[476]),/* "lastModifiedTime" */
&(nid_objs[157]),/* "localKeyID" */
@@ -3371,6 +3390,10 @@
&(nid_objs[733]),/* "sect571k1" */
&(nid_objs[734]),/* "sect571r1" */
&(nid_objs[635]),/* "secure device signature" */
+&(nid_objs[777]),/* "seed-cbc" */
+&(nid_objs[779]),/* "seed-cfb" */
+&(nid_objs[776]),/* "seed-ecb" */
+&(nid_objs[778]),/* "seed-ofb" */
&(nid_objs[105]),/* "serialNumber" */
&(nid_objs[625]),/* "set-addPolicy" */
&(nid_objs[515]),/* "set-attr" */
@@ -3811,6 +3834,7 @@
&(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
+&(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */
&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
&(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */
&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
@@ -3861,6 +3885,10 @@
&(nid_objs[768]),/* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
&(nid_objs[759]),/* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
&(nid_objs[437]),/* OBJ_pilot 0 9 2342 19200300 100 */
+&(nid_objs[776]),/* OBJ_seed_ecb 1 2 410 200004 1 3 */
+&(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */
+&(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */
+&(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */
&(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */
&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
&(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/objects/obj_mac.h
============================================================================
$ cvs diff -u -r1.46.2.4 -r1.46.2.4.2.1 obj_mac.h
--- openssl/crypto/objects/obj_mac.h 4 Dec 2006 18:48:16 -0000 1.46.2.4
+++ openssl/crypto/objects/obj_mac.h 24 Apr 2007 11:30:37 -0000 1.46.2.4.2.1
@@ -3406,3 +3406,28 @@
#define LN_camellia_256_cfb8 "camellia-256-cfb8"
#define NID_camellia_256_cfb8 765
+#define SN_kisa "KISA"
+#define LN_kisa "kisa"
+#define NID_kisa 773
+#define OBJ_kisa OBJ_member_body,410L,200004L
+
+#define SN_seed_ecb "SEED-ECB"
+#define LN_seed_ecb "seed-ecb"
+#define NID_seed_ecb 776
+#define OBJ_seed_ecb OBJ_kisa,1L,3L
+
+#define SN_seed_cbc "SEED-CBC"
+#define LN_seed_cbc "seed-cbc"
+#define NID_seed_cbc 777
+#define OBJ_seed_cbc OBJ_kisa,1L,4L
+
+#define SN_seed_cfb128 "SEED-CFB"
+#define LN_seed_cfb128 "seed-cfb"
+#define NID_seed_cfb128 779
+#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
+
+#define SN_seed_ofb128 "SEED-OFB"
+#define LN_seed_ofb128 "seed-ofb"
+#define NID_seed_ofb128 778
+#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
+
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/objects/obj_mac.num
============================================================================
$ cvs diff -u -r1.37.2.4 -r1.37.2.4.2.1 obj_mac.num
--- openssl/crypto/objects/obj_mac.num 4 Dec 2006 18:48:16 -0000 1.37.2.4
+++ openssl/crypto/objects/obj_mac.num 24 Apr 2007 11:30:37 -0000 1.37.2.4.2.1
@@ -769,3 +769,11 @@
subject_directory_attributes 769
issuing_distribution_point 770
certificate_issuer 771
+korea 772
+kisa 773
+kftc 774
+npki_alg 775
+seed_ecb 776
+seed_cbc 777
+seed_ofb128 778
+seed_cfb128 779
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/objects/objects.txt
============================================================================
$ cvs diff -u -r1.49.2.3 -r1.49.2.3.2.1 objects.txt
--- openssl/crypto/objects/objects.txt 4 Dec 2006 18:48:16 -0000 1.49.2.3
+++ openssl/crypto/objects/objects.txt 24 Apr 2007 11:30:37 -0000 1.49.2.3.2.1
@@ -1091,3 +1091,13 @@
: CAMELLIA-192-CFB8 : camellia-192-cfb8
: CAMELLIA-256-CFB8 : camellia-256-cfb8
+
+# Definitions for SEED cipher - ECB, CBC, OFB mode
+
+member-body 410 200004 : KISA : kisa
+kisa 1 3 : SEED-ECB : seed-ecb
+kisa 1 4 : SEED-CBC : seed-cbc
+!Cname seed-cfb128
+kisa 1 5 : SEED-CFB : seed-cfb
+!Cname seed-ofb128
+kisa 1 6 : SEED-OFB : seed-ofb
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/rsa/rsa_test.c
============================================================================
$ cvs diff -u -r1.13.4.1 -r1.13.4.2 rsa_test.c
--- openssl/crypto/rsa/rsa_test.c 28 Mar 2007 12:38:53 -0000 1.13.4.1
+++ openssl/crypto/rsa/rsa_test.c 24 Apr 2007 11:30:38 -0000 1.13.4.2
@@ -219,6 +219,7 @@
int plen;
int clen = 0;
int num;
+ int n;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -278,7 +279,7 @@
err=1;
goto next;
}
-
+
num = RSA_private_decrypt(num, ctext, ptext, key,
RSA_PKCS1_OAEP_PADDING);
if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
@@ -287,10 +288,7 @@
err=1;
}
else if (memcmp(ctext, ctext_ex, num) == 0)
- {
printf("OAEP test vector %d passed!\n", v);
- goto next;
- }
/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
Try decrypting ctext_ex */
@@ -305,6 +303,26 @@
}
else
printf("OAEP encryption/decryption ok\n");
+
+ /* Try decrypting corrupted ciphertexts */
+ for(n = 0 ; n < clen ; ++n)
+ {
+ int b;
+ unsigned char saved = ctext[n];
+ for(b = 0 ; b < 256 ; ++b)
+ {
+ if(b == saved)
+ continue;
+ ctext[n] = b;
+ num = RSA_private_decrypt(num, ctext, ptext, key,
+ RSA_PKCS1_OAEP_PADDING);
+ if(num > 0)
+ {
+ printf("Corrupt data decrypted!\n");
+ err = 1;
+ }
+ }
+ }
next:
RSA_free(key);
}
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/Makefile
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 Makefile
--- /dev/null 2007-04-24 13:30:15 +0200
+++ Makefile 2007-04-24 13:30:43 +0200
@@ -0,0 +1,87 @@
+#
+# crypto/seed/Makefile
+#
+
+DIR= seed
+TOP= ../..
+CC= cc
+CPP= $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= seed.h
+HEADER= seed_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+ @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) \
>Makefile.new + mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+seed.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+seed.o: ../../include/openssl/seed.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/seed.h seed_cbc.c seed_locl.h
+seed_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/seed.h seed_cfb.c seed_locl.h
+seed_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/seed.h
+seed_ecb.o: seed_ecb.c
+seed_ofb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/seed.h seed_locl.h seed_ofb.c
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed.c 2007-04-24 13:30:43 +0200
@@ -0,0 +1,286 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights \
reserved. + *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef OPENSSL_NO_SEED
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN32
+#include <memory.h>
+#endif
+
+#include <openssl/seed.h>
+#include "seed_locl.h"
+
+static seed_word SS[4][256] = { {
+ 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, \
0x2c8ca0ac, 0x25052124, + 0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, \
0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360, + 0x28082028, 0x04444044, \
0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314, \
+ 0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, \
0x2ecee2ec, + 0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, \
0x1dcdd1dc, 0x36c6f2f4, 0x34447074, + 0x2ccce0ec, 0x15859194, 0x0b0b0308, \
0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100, + 0x24042024, \
0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8, \
+ 0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, \
0x09c9c1c8, + 0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, \
0x3686b2b4, 0x1e8e929c, 0x0f4f434c, + 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, \
0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4, + 0x21416160, \
0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008, \
+ 0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, \
0x21c1e1e0, + 0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, \
0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8, + 0x2282a2a0, 0x2e4e626c, 0x13839390, \
0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208, + 0x3f8fb3bc, \
0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064, \
+ 0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, \
0x26466264, + 0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, \
0x3383b3b0, 0x3e4e727c, 0x10c0d0d0, + 0x3a4a7278, 0x07474344, 0x16869294, \
0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc, + 0x2181a1a0, \
0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038, \
+ 0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, \
0x17879394, + 0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, \
0x11011110, 0x07c7c3c4, 0x09898188, + 0x35457174, 0x3bcbf3f8, 0x1acad2d8, \
0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4, + 0x3fcff3fc, \
0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8, \
+ 0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, \
0x2484a0a4, + 0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, \
0x3d0d313c, 0x2d0d212c, 0x00404040, + 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, \
0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154, + 0x3b0b3338, \
0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254, \
+ 0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, \
0x3acaf2f8, + 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, \
0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0, + 0x31013130, 0x2acae2e8, 0x2d4d616c, \
0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088, + 0x16061214, \
0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330, \
+ 0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, \
0x1a8a9298 +}, {
+ 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, \
0xb03383b3, 0xb83888b0, + 0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, \
0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53, + 0xc003c3c3, 0x60224262, \
0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3, \
+ 0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, \
0x480b4b43, + 0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, \
0xc404c4c0, 0x14160612, 0xf434c4f0, + 0xc002c2c2, 0x44054541, 0xe021c1e1, \
0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890, + 0x28280820, \
0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3, \
+ 0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, \
0x70324272, + 0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, \
0x64274763, 0xac2c8ca0, 0x880b8b83, + 0xf437c7f3, 0xac2d8da1, 0x80008080, \
0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430, + 0xd012c2d2, \
0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0, \
+ 0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, \
0xb83989b1, + 0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, \
0x880a8a82, 0x682a4a62, 0xb03181b1, + 0xd011c1d1, 0x20200020, 0xd417c7d3, \
0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171, + 0x04070703, \
0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951, \
+ 0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, \
0xd010c0d0, + 0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, \
0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3, + 0x94168692, 0x783b4b73, 0x5c1c4c50, \
0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41, + 0xc808c8c0, \
0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62, \
+ 0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, \
0xcc0cccc0, + 0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, \
0x34350531, 0x10100010, 0x00030303, + 0x64244460, 0x6c2d4d61, 0xc406c6c2, \
0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901, + 0x74364672, \
0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501, \
+ 0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, \
0x40034343, + 0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, \
0xe425c5e1, 0x48084840, 0x78394971, + 0x94178793, 0xfc3cccf0, 0x1c1e0e12, \
0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53, + 0x74374773, \
0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642, \
+ 0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, \
0xfc3dcdf1, + 0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, \
0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70, + 0x0c0e0e02, 0x50104050, 0x38390931, \
0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393, + 0x34370733, \
0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783, \
+ 0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, \
0xb43787b3 +}, {
+ 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, \
0xa0ac2c8c, 0x21242505, + 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, \
0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343, + 0x20282808, 0x40440444, \
0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707, \
+ 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, \
0xe2ec2ece, + 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, \
0xd1dc1dcd, 0xf2f436c6, 0x70743444, + 0xe0ec2ccc, 0x91941585, 0x03080b0b, \
0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101, + 0x20242404, \
0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9, \
+ 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, \
0xc1c809c9, + 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, \
0xb2b43686, 0x929c1e8e, 0x434c0f4f, + 0xb3b43787, 0x52581a4a, 0xc2c406c6, \
0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5, + 0x61602141, \
0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808, \
+ 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, \
0xe1e021c1, + 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, \
0x83880b8b, 0x020c0e0e, 0xa3a82b8b, + 0xa2a02282, 0x626c2e4e, 0x93901383, \
0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a, + 0xb3bc3f8f, \
0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444, \
+ 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, \
0x62642646, + 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, \
0xb3b03383, 0x727c3e4e, 0xd0d010c0, + 0x72783a4a, 0x43440747, 0x92941686, \
0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf, + 0xa1a02181, \
0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808, \
+ 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, \
0x93941787, + 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, \
0x11101101, 0xc3c407c7, 0x81880989, + 0x71743545, 0xf3f83bcb, 0xd2d81aca, \
0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4, + 0xf3fc3fcf, \
0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888, \
+ 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, \
0xa0a42484, + 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, \
0x313c3d0d, 0x212c2d0d, 0x40400040, + 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, \
0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545, + 0x33383b0b, \
0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646, \
+ 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, \
0xf2f83aca, + 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, \
0xf1f839c9, 0xe2e426c6, 0xb2b03282, + 0x31303101, 0xe2e82aca, 0x616c2d4d, \
0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888, + 0x12141606, \
0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303, \
+ 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, \
0x92981a8a +}, {
+ 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, \
0x83b3b033, 0x88b0b838, + 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, \
0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b, + 0xc3c3c003, 0x42626022, \
0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427, \
+ 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, \
0x4b43480b, + 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, \
0xc4c0c404, 0x06121416, 0xc4f0f434, + 0xc2c2c002, 0x45414405, 0xc1e1e021, \
0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818, + 0x08202828, \
0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f, \
+ 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, \
0x42727032, + 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, \
0x47636427, 0x8ca0ac2c, 0x8b83880b, + 0xc7f3f437, 0x8da1ac2d, 0x80808000, \
0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434, + 0xc2d2d012, \
0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838, \
+ 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, \
0x89b1b839, + 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, \
0x8a82880a, 0x4a62682a, 0x81b1b031, + 0xc1d1d011, 0x00202020, 0xc7d3d417, \
0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031, + 0x07030407, \
0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819, \
+ 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, \
0xc0d0d010, + 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, \
0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f, + 0x86929416, 0x4b73783b, 0x4c505c1c, \
0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d, + 0xc8c0c808, \
0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e, \
+ 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, \
0xccc0cc0c, + 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, \
0x05313435, 0x00101010, 0x03030003, + 0x44606424, 0x4d616c2d, 0xc6c2c406, \
0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809, + 0x46727436, \
0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405, \
+ 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, \
0x43434003, + 0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, \
0xc5e1e425, 0x48404808, 0x49717839, + 0x87939417, 0xccf0fc3c, 0x0e121c1e, \
0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f, + 0x47737437, \
0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406, \
+ 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, \
0xcdf1fc3d, + 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, \
0xc4e0e424, 0x8bb3b83b, 0x4c707c3c, + 0x0e020c0e, 0x40505010, 0x09313839, \
0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013, + 0x07333437, \
0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407, \
+ 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, \
0x87b3b437 +} };
+
+/* key schedule constants - golden ratio */
+#define KC0 0x9e3779b9
+#define KC1 0x3c6ef373
+#define KC2 0x78dde6e6
+#define KC3 0xf1bbcdcc
+#define KC4 0xe3779b99
+#define KC5 0xc6ef3733
+#define KC6 0x8dde6e67
+#define KC7 0x1bbcdccf
+#define KC8 0x3779b99e
+#define KC9 0x6ef3733c
+#define KC10 0xdde6e678
+#define KC11 0xbbcdccf1
+#define KC12 0x779b99e3
+#define KC13 0xef3733c6
+#define KC14 0xde6e678d
+#define KC15 0xbcdccf1b
+
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE \
*ks) +{
+ seed_word x1, x2, x3, x4;
+ seed_word t0, t1;
+
+ char2word(rawkey , x1);
+ char2word(rawkey+4 , x2);
+ char2word(rawkey+8 , x3);
+ char2word(rawkey+12, x4);
+
+ t0 = (x1 + x3 - KC0) & 0xffffffff;
+ t1 = (x2 - x4 + KC0) & 0xffffffff; KEYUPDATE_TEMP(t0, t1, \
&ks->data[0]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1); \
KEYUPDATE_TEMP(t0, t1, &ks->data[2]); + KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, \
KC2); KEYUPDATE_TEMP(t0, t1, &ks->data[4]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, \
x2, x3, x4, KC3); KEYUPDATE_TEMP(t0, t1, &ks->data[6]); \
+ KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4); KEYUPDATE_TEMP(t0, t1, \
&ks->data[8]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5); \
KEYUPDATE_TEMP(t0, t1, &ks->data[10]); + KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, \
KC6); KEYUPDATE_TEMP(t0, t1, &ks->data[12]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, \
x2, x3, x4, KC7); KEYUPDATE_TEMP(t0, t1, &ks->data[14]); \
+ KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8); KEYUPDATE_TEMP(t0, t1, \
&ks->data[16]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9); \
KEYUPDATE_TEMP(t0, t1, &ks->data[18]); + KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, \
KC10); KEYUPDATE_TEMP(t0, t1, &ks->data[20]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, \
x2, x3, x4, KC11); KEYUPDATE_TEMP(t0, t1, &ks->data[22]); \
+ KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12); KEYUPDATE_TEMP(t0, t1, \
&ks->data[24]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13); \
KEYUPDATE_TEMP(t0, t1, &ks->data[26]); + KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, \
KC14); KEYUPDATE_TEMP(t0, t1, &ks->data[28]); + KEYSCHEDULE_UPDATE1(t0, t1, x1, \
x2, x3, x4, KC15); KEYUPDATE_TEMP(t0, t1, &ks->data[30]); +}
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char \
d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks) +{
+ seed_word x1, x2, x3, x4;
+ seed_word t0, t1;
+
+ char2word(s, x1);
+ char2word(s+4, x2);
+ char2word(s+8, x3);
+ char2word(s+12, x4);
+
+ E_SEED(t0, t1, x1, x2, x3, x4, 0);
+ E_SEED(t0, t1, x3, x4, x1, x2, 2);
+ E_SEED(t0, t1, x1, x2, x3, x4, 4);
+ E_SEED(t0, t1, x3, x4, x1, x2, 6);
+ E_SEED(t0, t1, x1, x2, x3, x4, 8);
+ E_SEED(t0, t1, x3, x4, x1, x2, 10);
+ E_SEED(t0, t1, x1, x2, x3, x4, 12);
+ E_SEED(t0, t1, x3, x4, x1, x2, 14);
+ E_SEED(t0, t1, x1, x2, x3, x4, 16);
+ E_SEED(t0, t1, x3, x4, x1, x2, 18);
+ E_SEED(t0, t1, x1, x2, x3, x4, 20);
+ E_SEED(t0, t1, x3, x4, x1, x2, 22);
+ E_SEED(t0, t1, x1, x2, x3, x4, 24);
+ E_SEED(t0, t1, x3, x4, x1, x2, 26);
+ E_SEED(t0, t1, x1, x2, x3, x4, 28);
+ E_SEED(t0, t1, x3, x4, x1, x2, 30);
+
+ word2char(x3, d);
+ word2char(x4, d+4);
+ word2char(x1, d+8);
+ word2char(x2, d+12);
+}
+
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char \
d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks) +{
+ seed_word x1, x2, x3, x4;
+ seed_word t0, t1;
+
+ char2word(s, x1);
+ char2word(s+4, x2);
+ char2word(s+8, x3);
+ char2word(s+12, x4);
+
+ E_SEED(t0, t1, x1, x2, x3, x4, 30);
+ E_SEED(t0, t1, x3, x4, x1, x2, 28);
+ E_SEED(t0, t1, x1, x2, x3, x4, 26);
+ E_SEED(t0, t1, x3, x4, x1, x2, 24);
+ E_SEED(t0, t1, x1, x2, x3, x4, 22);
+ E_SEED(t0, t1, x3, x4, x1, x2, 20);
+ E_SEED(t0, t1, x1, x2, x3, x4, 18);
+ E_SEED(t0, t1, x3, x4, x1, x2, 16);
+ E_SEED(t0, t1, x1, x2, x3, x4, 14);
+ E_SEED(t0, t1, x3, x4, x1, x2, 12);
+ E_SEED(t0, t1, x1, x2, x3, x4, 10);
+ E_SEED(t0, t1, x3, x4, x1, x2, 8);
+ E_SEED(t0, t1, x1, x2, x3, x4, 6);
+ E_SEED(t0, t1, x3, x4, x1, x2, 4);
+ E_SEED(t0, t1, x1, x2, x3, x4, 2);
+ E_SEED(t0, t1, x3, x4, x1, x2, 0);
+
+ word2char(x3, d);
+ word2char(x4, d+4);
+ word2char(x1, d+8);
+ word2char(x2, d+12);
+}
+
+#endif /* OPENSSL_NO_SEED */
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed.h
============================================================================
$ cvs diff -u -r0 -r1.2.2.2 seed.h
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed.h 2007-04-24 13:30:43 +0200
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights \
reserved. + *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#ifndef HEADER_SEED_H
+#define HEADER_SEED_H
+
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_SEED
+#error SEED is disabled.
+#endif
+
+#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
+# ifndef SEED_LONG
+# define SEED_LONG 1
+# endif
+#endif
+
+#if !defined(NO_SYS_TYPES_H)
+# include <sys/types.h>
+#endif
+
+#define SEED_BLOCK_SIZE 16
+#define SEED_KEY_LENGTH 16
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct seed_key_st {
+#ifdef SEED_LONG
+ unsigned long data[32];
+#else
+ unsigned int data[32];
+#endif
+} SEED_KEY_SCHEDULE;
+
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE \
*ks); +
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char \
d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks); +void SEED_decrypt(const unsigned \
char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE \
*ks); +
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const \
SEED_KEY_SCHEDULE *ks, int enc); +void SEED_cbc_encrypt(const unsigned char *in, \
unsigned char *out, + size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char \
ivec[SEED_BLOCK_SIZE], int enc); +void SEED_cfb128_encrypt(const unsigned char *in, \
unsigned char *out, + size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char \
ivec[SEED_BLOCK_SIZE], int *num, int enc); +void SEED_ofb128_encrypt(const unsigned \
char *in, unsigned char *out, + size_t len, const SEED_KEY_SCHEDULE *ks, \
unsigned char ivec[SEED_BLOCK_SIZE], int *num); +
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_H */
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed_cbc.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed_cbc.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed_cbc.c 2007-04-24 13:30:43 +0200
@@ -0,0 +1,129 @@
+/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "seed_locl.h"
+#include <string.h>
+
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int enc)
+ {
+ size_t n;
+ unsigned char tmp[SEED_BLOCK_SIZE];
+ const unsigned char *iv = ivec;
+
+ if (enc)
+ {
+ while (len >= SEED_BLOCK_SIZE)
+ {
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] = in[n] ^ iv[n];
+ SEED_encrypt(out, out, ks);
+ iv = out;
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+ if (len)
+ {
+ for (n = 0; n < len; ++n)
+ out[n] = in[n] ^ iv[n];
+ for (n = len; n < SEED_BLOCK_SIZE; ++n)
+ out[n] = iv[n];
+ SEED_encrypt(out, out, ks);
+ iv = out;
+ }
+ memcpy(ivec, iv, SEED_BLOCK_SIZE);
+ }
+ else if (in != out) /* decrypt */
+ {
+ while (len >= SEED_BLOCK_SIZE)
+ {
+ SEED_decrypt(in, out, ks);
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] ^= iv[n];
+ iv = in;
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+ if (len)
+ {
+ SEED_decrypt(in, tmp, ks);
+ for (n = 0; n < len; ++n)
+ out[n] = tmp[n] ^ iv[n];
+ iv = in;
+ }
+ memcpy(ivec, iv, SEED_BLOCK_SIZE);
+ }
+ else /* decrypt, overlap */
+ {
+ while (len >= SEED_BLOCK_SIZE)
+ {
+ memcpy(tmp, in, SEED_BLOCK_SIZE);
+ SEED_decrypt(in, out, ks);
+ for (n = 0; n < SEED_BLOCK_SIZE; ++n)
+ out[n] ^= ivec[n];
+ memcpy(ivec, tmp, SEED_BLOCK_SIZE);
+ len -= SEED_BLOCK_SIZE;
+ in += SEED_BLOCK_SIZE;
+ out += SEED_BLOCK_SIZE;
+ }
+ if (len)
+ {
+ memcpy(tmp, in, SEED_BLOCK_SIZE);
+ SEED_decrypt(tmp, tmp, ks);
+ for (n = 0; n < len; ++n)
+ out[n] = tmp[n] ^ ivec[n];
+ memcpy(ivec, tmp, SEED_BLOCK_SIZE);
+ }
+ }
+ }
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed_cfb.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed_cfb.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed_cfb.c 2007-04-24 13:30:43 +0200
@@ -0,0 +1,144 @@
+/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "seed_locl.h"
+#include <string.h>
+
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc)
+ {
+ int n;
+ unsigned char c;
+
+ n = *num;
+
+ if (enc)
+ {
+ while (len--)
+ {
+ if (n == 0)
+ SEED_encrypt(ivec, ivec, ks);
+ ivec[n] = *(out++) = *(in++) ^ ivec[n];
+ n = (n+1) % SEED_BLOCK_SIZE;
+ }
+ }
+ else
+ {
+ while (len--)
+ {
+ if (n == 0)
+ SEED_encrypt(ivec, ivec, ks);
+ c = *(in);
+ *(out++) = *(in++) ^ ivec[n];
+ ivec[n] = c;
+ n = (n+1) % SEED_BLOCK_SIZE;
+ }
+ }
+
+ *num = n;
+ }
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed_ecb.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed_ecb.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed_ecb.c 2007-04-24 13:30:43 +0200
@@ -0,0 +1,60 @@
+/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const \
SEED_KEY_SCHEDULE *ks, int enc) + {
+ if (enc)
+ SEED_encrypt(in, out, ks);
+ else
+ SEED_decrypt(in, out, ks);
+ }
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed_locl.h
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed_locl.h
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed_locl.h 2007-04-24 13:30:43 +0200
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights \
reserved. + *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef HEADER_SEED_LOCL_H
+#define HEADER_SEED_LOCL_H
+
+#include "openssl/e_os2.h"
+#include <openssl/seed.h>
+
+
+#ifdef SEED_LONG /* need 32-bit type */
+typedef unsigned long seed_word;
+#else
+typedef unsigned int seed_word;
+#endif
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define G_FUNC(v) \
+ SS[0][(unsigned char) (v) & 0xff] ^ SS[1][(unsigned char) ((v)>>8) & \
0xff] ^ \ + SS[2][(unsigned char)((v)>>16) & 0xff] ^ SS[3][(unsigned \
char)((v)>>24) & 0xff] +
+#define char2word(c, i) \
+ (i) = ((((seed_word)(c)[0]) << 24) | (((seed_word)(c)[1]) << 16) | \
(((seed_word)(c)[2]) << 8) | ((seed_word)(c)[3])) +
+#define word2char(l, c) \
+ *((c)+0) = (unsigned char)((l)>>24) & 0xff; \
+ *((c)+1) = (unsigned char)((l)>>16) & 0xff; \
+ *((c)+2) = (unsigned char)((l)>> 8) & 0xff; \
+ *((c)+3) = (unsigned char)((l)) & 0xff
+
+#define KEYSCHEDULE_UPDATE0(T0, T1, X1, X2, X3, X4, KC) \
+ (T0) = (X3); \
+ (X3) = (((X3)<<8) ^ ((X4)>>24)) & 0xffffffff; \
+ (X4) = (((X4)<<8) ^ ((T0)>>24)) & 0xffffffff; \
+ (T0) = ((X1) + (X3) - (KC)) & 0xffffffff; \
+ (T1) = ((X2) + (KC) - (X4)) & 0xffffffff
+
+#define KEYSCHEDULE_UPDATE1(T0, T1, X1, X2, X3, X4, KC) \
+ (T0) = (X1); \
+ (X1) = (((X1)>>8) ^ ((X2)<<24)) & 0xffffffff; \
+ (X2) = (((X2)>>8) ^ ((T0)<<24)) & 0xffffffff; \
+ (T0) = ((X1) + (X3) - (KC)) & 0xffffffff; \
+ (T1) = ((X2) + (KC) - (X4)) & 0xffffffff
+
+#define KEYUPDATE_TEMP(T0, T1, K) \
+ (K)[0] = G_FUNC((T0)); \
+ (K)[1] = G_FUNC((T1))
+
+#define XOR_SEEDBLOCK(DST, SRC) \
+ ((DST))[0] ^= ((SRC))[0]; \
+ ((DST))[1] ^= ((SRC))[1]; \
+ ((DST))[2] ^= ((SRC))[2]; \
+ ((DST))[3] ^= ((SRC))[3]
+
+#define MOV_SEEDBLOCK(DST, SRC) \
+ ((DST))[0] = ((SRC))[0]; \
+ ((DST))[1] = ((SRC))[1]; \
+ ((DST))[2] = ((SRC))[2]; \
+ ((DST))[3] = ((SRC))[3]
+
+# define CHAR2WORD(C, I) \
+ char2word((C), (I)[0]); \
+ char2word((C+4), (I)[1]); \
+ char2word((C+8), (I)[2]); \
+ char2word((C+12), (I)[3])
+
+# define WORD2CHAR(I, C) \
+ word2char((I)[0], (C)); \
+ word2char((I)[1], (C+4)); \
+ word2char((I)[2], (C+8)); \
+ word2char((I)[3], (C+12))
+
+# define E_SEED(T0, T1, X1, X2, X3, X4, rbase) \
+ (T0) = (X3) ^ (ks->data)[(rbase)]; \
+ (T1) = (X4) ^ (ks->data)[(rbase)+1]; \
+ (T1) ^= (T0); \
+ (T1) = G_FUNC((T1)); \
+ (T0) = ((T0) + (T1)) & 0xffffffff; \
+ (T0) = G_FUNC((T0)); \
+ (T1) = ((T1) + (T0)) & 0xffffffff; \
+ (T1) = G_FUNC((T1)); \
+ (T0) = ((T0) + (T1)) & 0xffffffff; \
+ (X1) ^= (T0); \
+ (X2) ^= (T1)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_LOCL_H */
@@ .
patch -p0 <<'@@ .'
Index: openssl/crypto/seed/seed_ofb.c
============================================================================
$ cvs diff -u -r0 -r1.1.4.2 seed_ofb.c
--- /dev/null 2007-04-24 13:30:15 +0200
+++ seed_ofb.c 2007-04-24 13:30:43 +0200
@@ -0,0 +1,128 @@
+/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "seed_locl.h"
+#include <string.h>
+
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE], int *num)
+ {
+ int n;
+
+ n = *num;
+
+ while (len--)
+ {
+ if (n == 0)
+ SEED_encrypt(ivec, ivec, ks);
+ *(out++) = *(in++) ^ ivec[n];
+ n = (n+1) % SEED_BLOCK_SIZE;
+ }
+
+ *num = n;
+ }
@@ .
patch -p0 <<'@@ .'
Index: openssl/doc/apps/ciphers.pod
============================================================================
$ cvs diff -u -r1.9.2.3 -r1.9.2.3.2.1 ciphers.pod
--- openssl/doc/apps/ciphers.pod 6 Feb 2007 19:40:45 -0000 1.9.2.3
+++ openssl/doc/apps/ciphers.pod 24 Apr 2007 11:30:44 -0000 1.9.2.3.2.1
@@ -105,7 +105,8 @@
=item B<DEFAULT>
the default cipher list. This is determined at compile time and is normally
-B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string
+B<ALL:!aNULL:!eNULL:+RC4:@STRENGTH> or
+B<AES:CAMELLIA:ALL!aNULL:!eNULL:+RC4:@STRENGTH>. This must be the first cipher \
string specified.
=item B<COMPLEMENTOFDEFAULT>
@@ -209,6 +210,10 @@
cipher suites using AES.
+=item B<CAMELLIA>
+
+cipher suites using Camellia.
+
=item B<3DES>
cipher suites using triple DES.
@@ -229,6 +234,10 @@
cipher suites using IDEA.
+=item B<SEED>
+
+cipher suites using SEED.
+
=item B<MD5>
cipher suites using MD5.
@@ -237,10 +246,6 @@
cipher suites using SHA1.
-=item B<Camellia>
-
-cipher suites using Camellia.
-
=back
=head1 CIPHER SUITE NAMES
@@ -323,10 +328,10 @@
TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
- TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA
- TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA
- TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA
- TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented.
TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
@@ -354,6 +359,18 @@
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA
+=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
+
+ TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented.
+ TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented.
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA
+
=head2 Additional Export 1024 and other cipher suites
Note: these ciphers can also be used in SSL v3.
@@ .
patch -p0 <<'@@ .'
Index: openssl/doc/standards.txt
============================================================================
$ cvs diff -u -r1.9.2.1 -r1.9.2.1.2.1 standards.txt
--- openssl/doc/standards.txt 19 Jul 2006 13:37:10 -0000 1.9.2.1
+++ openssl/doc/standards.txt 24 Apr 2007 11:30:44 -0000 1.9.2.1.2.1
@@ -100,6 +100,15 @@
(TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
bytes) (Status: PROPOSED STANDARD)
+4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS).
+ H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes)
+ (Status: PROPOSED STANDARD)
+
+4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon,
+ D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes)
+ (Obsoletes RFC4009) (Status: INFORMATIONAL)
+
+
Related:
--------
@@ .
patch -p0 <<'@@ .'
Index: openssl/makevms.com
============================================================================
$ cvs diff -u -r1.44.2.3 -r1.44.2.3.2.1 makevms.com
--- openssl/makevms.com 10 Jun 2006 05:38:28 -0000 1.44.2.3
+++ openssl/makevms.com 24 Apr 2007 11:30:29 -0000 1.44.2.3.2.1
@@ -183,7 +183,7 @@
$ WRITE H_FILE "#endif"
$ CONFIG_LOGICALS := NO_ASM,NO_RSA,NO_DSA,NO_DH,NO_MD2,NO_MD5,NO_RIPEMD,-
NO_SHA,NO_SHA0,NO_SHA1,NO_DES/NO_MDC2;NO_MDC2,NO_RC2,NO_RC4,NO_RC5,-
- NO_IDEA,NO_BF,NO_CAST,NO_CAMELLIA,NO_HMAC,NO_SSL2
+ NO_IDEA,NO_BF,NO_CAST,NO_CAMELLIA,NO_SEED,NO_HMAC,NO_SSL2
$ CONFIG_LOG_I = 0
$ CONFIG_LOG_LOOP:
$ CONFIG_LOG_E1 = F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS)
@@ -424,7 +424,7 @@
$ SDIRS := ,-
OBJECTS,-
MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
- DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,-
+ DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,-
BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,-
BUFFER,BIO,STACK,LHASH,RAND,ERR,-
EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,-
@@ -447,6 +447,7 @@
$ EXHEADER_BF := blowfish.h
$ EXHEADER_CAST := cast.h
$ EXHEADER_CAMELLIA := camellia.h
+$ EXHEADER_SEED := seed.h
$ EXHEADER_BN := bn.h
$ EXHEADER_EC := ec.h
$ EXHEADER_RSA := rsa.h
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/s3_lib.c
============================================================================
$ cvs diff -u -r1.74.2.15.2.1 -r1.74.2.15.2.2 s3_lib.c
--- openssl/ssl/s3_lib.c 22 Mar 2007 00:39:14 -0000 1.74.2.15.2.1
+++ openssl/ssl/s3_lib.c 24 Apr 2007 11:30:46 -0000 1.74.2.15.2.2
@@ -542,11 +542,8 @@
#endif
#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers
-** 20000107 VRS: And the first shall be last,
-** in hopes of avoiding the lynx ssl renegotiation problem.
-*/
-/* Cipher 1E VRS */
+/* The Kerberos ciphers */
+/* Cipher 1E */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_SHA,
@@ -560,7 +557,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 1F VRS */
+/* Cipher 1F */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_SHA,
@@ -574,7 +571,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 20 VRS */
+/* Cipher 20 */
{
1,
SSL3_TXT_KRB5_RC4_128_SHA,
@@ -588,7 +585,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 21 VRS */
+/* Cipher 21 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
@@ -602,7 +599,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 22 VRS */
+/* Cipher 22 */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_MD5,
@@ -616,7 +613,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 23 VRS */
+/* Cipher 23 */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_MD5,
@@ -630,7 +627,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 24 VRS */
+/* Cipher 24 */
{
1,
SSL3_TXT_KRB5_RC4_128_MD5,
@@ -644,7 +641,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 25 VRS */
+/* Cipher 25 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
@@ -658,7 +655,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 26 VRS */
+/* Cipher 26 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_SHA,
@@ -672,7 +669,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 27 VRS */
+/* Cipher 27 */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_SHA,
@@ -686,7 +683,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 28 VRS */
+/* Cipher 28 */
{
1,
SSL3_TXT_KRB5_RC4_40_SHA,
@@ -700,7 +697,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 29 VRS */
+/* Cipher 29 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_MD5,
@@ -714,7 +711,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 2A VRS */
+/* Cipher 2A */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_MD5,
@@ -728,7 +725,7 @@
SSL_ALL_STRENGTHS,
},
-/* Cipher 2B VRS */
+/* Cipher 2B */
{
1,
SSL3_TXT_KRB5_RC4_40_MD5,
@@ -742,8 +739,8 @@
SSL_ALL_STRENGTHS,
},
#endif /* OPENSSL_NO_KRB5 */
-/* New AES ciphersuites */
+/* New AES ciphersuites */
/* Cipher 2F */
{
1,
@@ -1165,6 +1162,95 @@
},
#endif /* OPENSSL_NO_CAMELLIA */
+#ifndef OPENSSL_NO_SEED
+ /* SEED ciphersuites from RFC4162 */
+
+ /* Cipher 96 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_SEED_SHA,
+ TLS1_CK_RSA_WITH_SEED_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+ /* Cipher 97 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+ TLS1_CK_DH_DSS_WITH_SEED_SHA,
+ SSL_kDHd|SSL_aDH|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+ /* Cipher 98 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+ TLS1_CK_DH_RSA_WITH_SEED_SHA,
+ SSL_kDHr|SSL_aDH|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+ /* Cipher 99 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+ TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+ /* Cipher 9A */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+ TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+ /* Cipher 9B */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_SEED_SHA,
+ TLS1_CK_ADH_WITH_SEED_SHA,
+ SSL_kEDH|SSL_aNULL|SSL_SEED|SSL_SHA1|SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
+
+#endif /* OPENSSL_NO_SEED */
+
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl.h
============================================================================
$ cvs diff -u -r1.161.2.9.2.1 -r1.161.2.9.2.2 ssl.h
--- openssl/ssl/ssl.h 22 Mar 2007 00:39:14 -0000 1.161.2.9.2.1
+++ openssl/ssl/ssl.h 24 Apr 2007 11:30:47 -0000 1.161.2.9.2.2
@@ -282,6 +282,7 @@
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
+#define SSL_TXT_SEED "SEED"
#define SSL_TXT_AES "AES"
#define SSL_TXT_CAMELLIA "CAMELLIA"
#define SSL_TXT_MD5 "MD5"
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl_algs.c
============================================================================
$ cvs diff -u -r1.12.2.2 -r1.12.2.2.2.1 ssl_algs.c
--- openssl/ssl/ssl_algs.c 9 Jun 2006 15:42:18 -0000 1.12.2.2
+++ openssl/ssl/ssl_algs.c 24 Apr 2007 11:30:48 -0000 1.12.2.2.2.1
@@ -83,13 +83,14 @@
EVP_add_cipher(EVP_aes_256_cbc());
#endif
-
-/* The Camellia algorithm is registered in the management table of EVP. */
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_256_cbc());
#endif
+#ifndef OPENSSL_NO_SEED
+ EVP_add_cipher(EVP_seed_cbc());
+#endif
#ifndef OPENSSL_NO_MD2
EVP_add_digest(EVP_md2());
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl_ciph.c
============================================================================
$ cvs diff -u -r1.49.2.14.2.1 -r1.49.2.14.2.2 ssl_ciph.c
--- openssl/ssl/ssl_ciph.c 22 Mar 2007 00:39:15 -0000 1.49.2.14.2.1
+++ openssl/ssl/ssl_ciph.c 24 Apr 2007 11:30:48 -0000 1.49.2.14.2.2
@@ -127,11 +127,10 @@
#define SSL_ENC_NULL_IDX 6
#define SSL_ENC_AES128_IDX 7
#define SSL_ENC_AES256_IDX 8
-#define SSL_ENC_NUM_IDX 9
#define SSL_ENC_CAMELLIA128_IDX 9
#define SSL_ENC_CAMELLIA256_IDX 10
-#undef SSL_ENC_NUM_IDX
-#define SSL_ENC_NUM_IDX 11
+#define SSL_ENC_SEED_IDX 11
+#define SSL_ENC_NUM_IDX 12
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
@@ -196,10 +195,11 @@
#ifndef OPENSSL_NO_IDEA
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
#endif
+ {0,SSL_TXT_SEED,0,SSL_SEED, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
- {0,SSL_TXT_CAMELLIA, 0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_CAMELLIA,0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
@@ -248,6 +248,8 @@
EVP_get_cipherbyname(SN_camellia_128_cbc);
ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]=
EVP_get_cipherbyname(SN_camellia_256_cbc);
+ ssl_cipher_methods[SSL_ENC_SEED_IDX]=
+ EVP_get_cipherbyname(SN_seed_cbc);
ssl_digest_methods[SSL_MD_MD5_IDX]=
EVP_get_digestbyname(SN_md5);
@@ -374,6 +376,9 @@
default: i=-1; break;
}
break;
+ case SSL_SEED:
+ i=SSL_ENC_SEED_IDX;
+ break;
default:
i= -1;
@@ -471,6 +476,7 @@
mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
+ mask |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0;
mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
@@ -1209,7 +1215,10 @@
default: enc="Camellia(?""?""?)"; break;
}
break;
-
+ case SSL_SEED:
+ enc="SEED(128)";
+ break;
+
default:
enc="unknown";
break;
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl_locl.h
============================================================================
$ cvs diff -u -r1.63.2.4.2.1 -r1.63.2.4.2.2 ssl_locl.h
--- openssl/ssl/ssl_locl.h 22 Mar 2007 00:39:15 -0000 1.63.2.4.2.1
+++ openssl/ssl/ssl_locl.h 24 Apr 2007 11:30:48 -0000 1.63.2.4.2.2
@@ -278,7 +278,7 @@
#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
-#define SSL_ENC_MASK 0x0C3F8000L
+#define SSL_ENC_MASK 0x1C3F8000L
#define SSL_DES 0x00008000L
#define SSL_3DES 0x00010000L
#define SSL_RC4 0x00020000L
@@ -288,6 +288,7 @@
#define SSL_eNULL 0x00200000L
#define SSL_AES 0x04000000L
#define SSL_CAMELLIA 0x08000000L
+#define SSL_SEED 0x10000000L
#define SSL_MAC_MASK 0x00c00000L
#define SSL_MD5 0x00400000L
@@ -299,7 +300,7 @@
#define SSL_SSLV3 0x02000000L
#define SSL_TLSV1 SSL_SSLV3 /* for now */
-/* we have used 0fffffff - 4 bits left to go. */
+/* we have used 1fffffff - 3 bits left to go. */
/*
* Export and cipher strength information. For each cipher we have to decide
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/tls1.h
============================================================================
$ cvs diff -u -r1.17.2.3 -r1.17.2.3.2.1 tls1.h
--- openssl/ssl/tls1.h 14 Jun 2006 17:52:01 -0000 1.17.2.3
+++ openssl/ssl/tls1.h 24 Apr 2007 11:30:48 -0000 1.17.2.3.2.1
@@ -140,6 +140,14 @@
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
+/* SEED ciphersuites from RFC4162 */
+#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
+#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
+#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
+#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
+#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
+#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
+
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in \
draft 13 */ #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@@ -232,7 +240,7 @@
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
-/* Camellia ciphersuites form RFC4132 */
+/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
@@ -247,6 +255,13 @@
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
+/* SEED ciphersuites from RFC4162 */
+#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
+#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
+#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
+#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
@@ .
patch -p0 <<'@@ .'
Index: openssl/test/Makefile
============================================================================
$ cvs diff -u -r1.12.2.10.2.2 -r1.12.2.10.2.3 Makefile
--- openssl/test/Makefile 25 Mar 2007 14:40:33 -0000 1.12.2.10.2.2
+++ openssl/test/Makefile 24 Apr 2007 11:30:49 -0000 1.12.2.10.2.3
@@ -229,7 +229,7 @@
echo test second x509v3 certificate
sh ./tx509 v3-cert2.pem 2>/dev/null
-test_rsa:
+test_rsa: $(RSATEST)$(EXE_EXT)
@sh ./trsa 2>/dev/null
../util/shlib_wrap.sh ./$(RSATEST)
@@ .
patch -p0 <<'@@ .'
Index: openssl/util/mk1mf.pl
============================================================================
$ cvs diff -u -r1.61.2.15.2.5 -r1.61.2.15.2.6 mk1mf.pl
--- openssl/util/mk1mf.pl 26 Mar 2007 12:06:44 -0000 1.61.2.15.2.5
+++ openssl/util/mk1mf.pl 24 Apr 2007 11:30:50 -0000 1.61.2.15.2.6
@@ -75,7 +75,7 @@
no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest
no-ripemd
no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
- no-bf no-cast no-aes no-camellia
+ no-bf no-cast no-aes no-camellia no-seed
no-rsa no-dsa no-dh - Skip this public key cipher
no-ssl2 no-ssl3 - Skip this version of SSL
just-ssl - remove all non-ssl keys/digest
@@ -211,6 +211,7 @@
$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia;
+$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4;
$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
@@ -950,6 +951,7 @@
return("") if $no_idea && $dir =~ /\/idea/;
return("") if $no_aes && $dir =~ /\/aes/;
return("") if $no_camellia && $dir =~ /\/camellia/;
+ return("") if $no_seed && $dir =~ /\/seed/;
return("") if $no_rc2 && $dir =~ /\/rc2/;
return("") if $no_rc4 && $dir =~ /\/rc4/;
return("") if $no_rc5 && $dir =~ /\/rc5/;
@@ -984,6 +986,7 @@
@a=grep(!/^e_.*_c$/,@a) if $no_cast;
@a=grep(!/^e_rc4$/,@a) if $no_rc4;
@a=grep(!/^e_camellia$/,@a) if $no_camellia;
+ @a=grep(!/^e_seed$/,@a) if $no_seed;
@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
@@ -1196,6 +1199,7 @@
"no-idea" => \$no_idea,
"no-aes" => \$no_aes,
"no-camellia" => \$no_camellia,
+ "no-seed" => \$no_seed,
"no-des" => \$no_des,
"no-bf" => \$no_bf,
"no-cast" => \$no_cast,
@@ -1212,8 +1216,6 @@
"no-dsa" => \$no_dsa,
"no-dh" => \$no_dh,
"no-hmac" => \$no_hmac,
- "no-aes" => \$no_aes,
- "no-camellia" => \$no_camellia,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
"nw-nasm" => \$nw_nasm,
@@ -1233,7 +1235,7 @@
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia],
+ \$no_aes, \$no_camellia, \$no_seed],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
@@ .
patch -p0 <<'@@ .'
Index: openssl/util/mkdef.pl
============================================================================
$ cvs diff -u -r1.92.2.5.2.1 -r1.92.2.5.2.2 mkdef.pl
--- openssl/util/mkdef.pl 22 Mar 2007 00:39:22 -0000 1.92.2.5.2.1
+++ openssl/util/mkdef.pl 24 Apr 2007 11:30:50 -0000 1.92.2.5.2.2
@@ -84,7 +84,7 @@
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"SHA256", "SHA512", "RIPEMD",
- "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA",
+ "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES", "CAMELLIA", \
"SEED", # Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
@@ -114,6 +114,7 @@
my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia;
+my $no_seed;
my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated;
my $no_rfc3779;
my $fips;
@@ -181,6 +182,7 @@
elsif (/^no-hmac$/) { $no_hmac=1; }
elsif (/^no-aes$/) { $no_aes=1; }
elsif (/^no-camellia$/) { $no_camellia=1; }
+ elsif (/^no-seed$/) { $no_seed=1; }
elsif (/^no-evp$/) { $no_evp=1; }
elsif (/^no-lhash$/) { $no_lhash=1; }
elsif (/^no-stack$/) { $no_stack=1; }
@@ -248,6 +250,7 @@
$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
+$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
$crypto.=" crypto/bn/bn.h";
$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
@@ -1102,6 +1105,7 @@
if ($keyword eq "HMAC" && $no_hmac) { return 0; }
if ($keyword eq "AES" && $no_aes) { return 0; }
if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
+ if ($keyword eq "SEED" && $no_seed) { return 0; }
if ($keyword eq "EVP" && $no_evp) { return 0; }
if ($keyword eq "LHASH" && $no_lhash) { return 0; }
if ($keyword eq "STACK" && $no_stack) { return 0; }
@@ .
patch -p0 <<'@@ .'
Index: openssl/util/mkfiles.pl
============================================================================
$ cvs diff -u -r1.18.2.1.2.1 -r1.18.2.1.2.2 mkfiles.pl
--- openssl/util/mkfiles.pl 22 Mar 2007 00:39:22 -0000 1.18.2.1.2.1
+++ openssl/util/mkfiles.pl 24 Apr 2007 11:30:51 -0000 1.18.2.1.2.2
@@ -25,6 +25,7 @@
"crypto/cast",
"crypto/aes",
"crypto/camellia",
+"crypto/seed",
"crypto/bn",
"crypto/rsa",
"crypto/dsa",
@@ .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List openssl-cvs@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic