mirror of https://github.com/NekoX-Dev/NekoX.git
[TF][JNI][UPDATE] BoringSSL from source (master)
This commit is contained in:
parent
cb3d67b73a
commit
ee6cff18ea
|
@ -4,3 +4,6 @@
|
|||
[submodule "TMessagesProj/jni/ffmpeg"]
|
||||
path = TMessagesProj/jni/ffmpeg
|
||||
url = https://github.com/FFmpeg/FFmpeg
|
||||
[submodule "TMessagesProj/jni/boringssl"]
|
||||
path = TMessagesProj/jni/boringssl
|
||||
url = https://github.com/google/boringssl
|
||||
|
|
|
@ -106,13 +106,13 @@ include $(CLEAR_VARS)
|
|||
LOCAL_MODULE := crypto
|
||||
|
||||
ifeq ($(TARGET_ARCH_ABI),armeabi-v7a)
|
||||
LOCAL_SRC_FILES := ./boringssl/lib/libcrypto_armeabi-v7a.a
|
||||
LOCAL_SRC_FILES := ./boringssl/build/armeabi-v7a/crypto/libcrypto.a
|
||||
else ifeq ($(TARGET_ARCH_ABI),arm64-v8a)
|
||||
LOCAL_SRC_FILES := ./boringssl/lib/libcrypto_arm64-v8a.a
|
||||
LOCAL_SRC_FILES := ./boringssl/build/arm64-v8a/crypto/libcrypto.a
|
||||
else ifeq ($(TARGET_ARCH_ABI),x86)
|
||||
LOCAL_SRC_FILES := ./boringssl/lib/libcrypto_x86.a
|
||||
LOCAL_SRC_FILES := ./boringssl/build/x86/crypto/libcrypto.a
|
||||
else ifeq ($(TARGET_ARCH_ABI),x86_64)
|
||||
LOCAL_SRC_FILES := ./boringssl/lib/libcrypto_x86_64.a
|
||||
LOCAL_SRC_FILES := ./boringssl/build/x86_64/crypto/libcrypto.a
|
||||
endif
|
||||
|
||||
include $(PREBUILT_STATIC_LIBRARY)
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Subproject commit cbae965ca03825d517efe98cf7b8812584cab4a0
|
|
@ -0,0 +1,58 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
function build_one {
|
||||
mkdir ${CPU}
|
||||
cd ${CPU}
|
||||
|
||||
echo "Configuring..."
|
||||
cmake -DANDROID_NATIVE_API_LEVEL=${API} -DANDROID_ABI=${CPU} -DCMAKE_BUILD_TYPE=Release -DANDROID_NDK=${NDK} -DCMAKE_TOOLCHAIN_FILE=$NDK/build/cmake/android.toolchain.cmake -DANDROID_NATIVE_API_LEVEL=16 -GNinja -DCMAKE_MAKE_PROGRAM=${NINJA_PATH} ../..
|
||||
|
||||
echo "Building..."
|
||||
cmake --build .
|
||||
|
||||
cd ..
|
||||
}
|
||||
|
||||
function checkPreRequisites {
|
||||
|
||||
if ! [ -d "boringssl" ] || ! [ "$(ls -A boringssl)" ]; then
|
||||
echo -e "\033[31mFailed! Submodule 'boringssl' not found!\033[0m"
|
||||
echo -e "\033[31mTry to run: 'git submodule init && git submodule update'\033[0m"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ -z "$NDK" -a "$NDK" == "" ]; then
|
||||
echo -e "\033[31mFailed! NDK is empty. Run 'export NDK=[PATH_TO_NDK]'\033[0m"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ -z "$NINJA_PATH" -a "$NINJA_PATH" == "" ]; then
|
||||
echo -e "\033[31mFailed! NINJA_PATH is empty. Run 'export NINJA_PATH=[PATH_TO_NINJA]'\033[0m"
|
||||
exit
|
||||
fi
|
||||
}
|
||||
|
||||
ANDROID_NDK=$NDK
|
||||
checkPreRequisites
|
||||
|
||||
cd boringssl
|
||||
|
||||
mkdir build
|
||||
cd build
|
||||
|
||||
API=16
|
||||
|
||||
CPU=armeabi-v7a
|
||||
build_one
|
||||
|
||||
CPU=x86
|
||||
build_one
|
||||
|
||||
API=21
|
||||
CPU=arm64-v8a
|
||||
build_one
|
||||
|
||||
CPU=x86_64
|
||||
build_one
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
patch -d boringssl -p1 < patches/boringssl/0001-add-aes-ige-mode.patch
|
||||
patch -d boringssl -p1 < patches/boringssl/0001-only-build-what-we-need.patch
|
|
@ -0,0 +1,377 @@
|
|||
From b3958bdfcc9c753477fdf6e0da799c1c4e4077f1 Mon Sep 17 00:00:00 2001
|
||||
From: Marcus Hoffmann <bubu@bubu1.eu>
|
||||
Date: Tue, 31 Jul 2018 17:15:39 +0200
|
||||
Subject: [PATCH] add aes ige mode
|
||||
|
||||
---
|
||||
crypto/fipsmodule/CMakeLists.txt | 2 +
|
||||
crypto/fipsmodule/aes/aes_ige.c | 323 +++++++++++++++++++++++++++++++
|
||||
include/openssl/aes.h | 9 +
|
||||
3 files changed, 334 insertions(+)
|
||||
create mode 100644 crypto/fipsmodule/aes/aes_ige.c
|
||||
|
||||
diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt
|
||||
index 30823755..b349572c 100644
|
||||
--- a/crypto/fipsmodule/CMakeLists.txt
|
||||
+++ b/crypto/fipsmodule/CMakeLists.txt
|
||||
@@ -198,6 +198,8 @@ else()
|
||||
bcm.c
|
||||
is_fips.c
|
||||
|
||||
+ aes/aes_ige.c
|
||||
+
|
||||
${BCM_ASM_SOURCES}
|
||||
)
|
||||
|
||||
diff --git a/crypto/fipsmodule/aes/aes_ige.c b/crypto/fipsmodule/aes/aes_ige.c
|
||||
new file mode 100644
|
||||
index 00000000..b425c7d6
|
||||
--- /dev/null
|
||||
+++ b/crypto/fipsmodule/aes/aes_ige.c
|
||||
@@ -0,0 +1,323 @@
|
||||
+/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
+/* ====================================================================
|
||||
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
+ *
|
||||
+ * Redistribution and use in source and binary forms, with or without
|
||||
+ * modification, are permitted provided that the following conditions
|
||||
+ * are met:
|
||||
+ *
|
||||
+ * 1. Redistributions of source code must retain the above copyright
|
||||
+ * notice, this list of conditions and the following disclaimer.
|
||||
+ *
|
||||
+ * 2. Redistributions in binary form must reproduce the above copyright
|
||||
+ * notice, this list of conditions and the following disclaimer in
|
||||
+ * the documentation and/or other materials provided with the
|
||||
+ * distribution.
|
||||
+ *
|
||||
+ * 3. All advertising materials mentioning features or use of this
|
||||
+ * software must display the following acknowledgment:
|
||||
+ * "This product includes software developed by the OpenSSL Project
|
||||
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
+ *
|
||||
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
+ * endorse or promote products derived from this software without
|
||||
+ * prior written permission. For written permission, please contact
|
||||
+ * openssl-core@openssl.org.
|
||||
+ *
|
||||
+ * 5. Products derived from this software may not be called "OpenSSL"
|
||||
+ * nor may "OpenSSL" appear in their names without prior written
|
||||
+ * permission of the OpenSSL Project.
|
||||
+ *
|
||||
+ * 6. Redistributions of any form whatsoever must retain the following
|
||||
+ * acknowledgment:
|
||||
+ * "This product includes software developed by the OpenSSL Project
|
||||
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
+ *
|
||||
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
+ * ====================================================================
|
||||
+ *
|
||||
+ */
|
||||
+
|
||||
+#include <openssl/aes.h>
|
||||
+#include <assert.h>
|
||||
+#include <memory.h>
|
||||
+#include <string.h>
|
||||
+
|
||||
+#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
|
||||
+typedef struct {
|
||||
+ unsigned long data[N_WORDS];
|
||||
+} aes_block_t;
|
||||
+
|
||||
+/* XXX: probably some better way to do this */
|
||||
+#if defined(__i386__) || defined(__x86_64__)
|
||||
+#define UNALIGNED_MEMOPS_ARE_FAST 1
|
||||
+#else
|
||||
+#define UNALIGNED_MEMOPS_ARE_FAST 0
|
||||
+#endif
|
||||
+
|
||||
+#if UNALIGNED_MEMOPS_ARE_FAST
|
||||
+#define load_block(d, s) (d) = *(const aes_block_t *)(s)
|
||||
+#define store_block(d, s) *(aes_block_t *)(d) = (s)
|
||||
+#else
|
||||
+#define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE)
|
||||
+#define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE)
|
||||
+#endif
|
||||
+
|
||||
+/* N.B. The IV for this mode is _twice_ the block size */
|
||||
+
|
||||
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
+ size_t length, const AES_KEY *key,
|
||||
+ unsigned char *ivec, const int enc)
|
||||
+ {
|
||||
+ size_t n;
|
||||
+ size_t len = length;
|
||||
+
|
||||
+ assert(in && out && key && ivec);
|
||||
+ assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
||||
+ assert((length%AES_BLOCK_SIZE) == 0);
|
||||
+
|
||||
+ len = length / AES_BLOCK_SIZE;
|
||||
+
|
||||
+ if (AES_ENCRYPT == enc)
|
||||
+ {
|
||||
+ if (in != out &&
|
||||
+ (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
|
||||
+ {
|
||||
+ aes_block_t *ivp = (aes_block_t *)ivec;
|
||||
+ aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
|
||||
+
|
||||
+ while (len)
|
||||
+ {
|
||||
+ aes_block_t *inp = (aes_block_t *)in;
|
||||
+ aes_block_t *outp = (aes_block_t *)out;
|
||||
+
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ outp->data[n] = inp->data[n] ^ ivp->data[n];
|
||||
+ AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ outp->data[n] ^= iv2p->data[n];
|
||||
+ ivp = outp;
|
||||
+ iv2p = inp;
|
||||
+ --len;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
|
||||
+ memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ aes_block_t tmp, tmp2;
|
||||
+ aes_block_t iv;
|
||||
+ aes_block_t iv2;
|
||||
+
|
||||
+ load_block(iv, ivec);
|
||||
+ load_block(iv2, ivec + AES_BLOCK_SIZE);
|
||||
+
|
||||
+ while (len)
|
||||
+ {
|
||||
+ load_block(tmp, in);
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ tmp2.data[n] = tmp.data[n] ^ iv.data[n];
|
||||
+ AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key);
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ tmp2.data[n] ^= iv2.data[n];
|
||||
+ store_block(out, tmp2);
|
||||
+ iv = tmp2;
|
||||
+ iv2 = tmp;
|
||||
+ --len;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ memcpy(ivec, iv.data, AES_BLOCK_SIZE);
|
||||
+ memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ if (in != out &&
|
||||
+ (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
|
||||
+ {
|
||||
+ aes_block_t *ivp = (aes_block_t *)ivec;
|
||||
+ aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
|
||||
+
|
||||
+ while (len)
|
||||
+ {
|
||||
+ aes_block_t tmp;
|
||||
+ aes_block_t *inp = (aes_block_t *)in;
|
||||
+ aes_block_t *outp = (aes_block_t *)out;
|
||||
+
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ tmp.data[n] = inp->data[n] ^ iv2p->data[n];
|
||||
+ AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key);
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ outp->data[n] ^= ivp->data[n];
|
||||
+ ivp = inp;
|
||||
+ iv2p = outp;
|
||||
+ --len;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
|
||||
+ memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ aes_block_t tmp, tmp2;
|
||||
+ aes_block_t iv;
|
||||
+ aes_block_t iv2;
|
||||
+
|
||||
+ load_block(iv, ivec);
|
||||
+ load_block(iv2, ivec + AES_BLOCK_SIZE);
|
||||
+
|
||||
+ while (len)
|
||||
+ {
|
||||
+ load_block(tmp, in);
|
||||
+ tmp2 = tmp;
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ tmp.data[n] ^= iv2.data[n];
|
||||
+ AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key);
|
||||
+ for(n=0 ; n < N_WORDS; ++n)
|
||||
+ tmp.data[n] ^= iv.data[n];
|
||||
+ store_block(out, tmp);
|
||||
+ iv = tmp2;
|
||||
+ iv2 = tmp;
|
||||
+ --len;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ memcpy(ivec, iv.data, AES_BLOCK_SIZE);
|
||||
+ memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+/*
|
||||
+ * Note that its effectively impossible to do biIGE in anything other
|
||||
+ * than a single pass, so no provision is made for chaining.
|
||||
+ */
|
||||
+
|
||||
+/* N.B. The IV for this mode is _four times_ the block size */
|
||||
+
|
||||
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
+ size_t length, const AES_KEY *key,
|
||||
+ const AES_KEY *key2, const unsigned char *ivec,
|
||||
+ const int enc)
|
||||
+ {
|
||||
+ size_t n;
|
||||
+ size_t len = length;
|
||||
+ unsigned char tmp[AES_BLOCK_SIZE];
|
||||
+ unsigned char tmp2[AES_BLOCK_SIZE];
|
||||
+ unsigned char tmp3[AES_BLOCK_SIZE];
|
||||
+ unsigned char prev[AES_BLOCK_SIZE];
|
||||
+ const unsigned char *iv;
|
||||
+ const unsigned char *iv2;
|
||||
+
|
||||
+ assert(in && out && key && ivec);
|
||||
+ assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
|
||||
+ assert((length%AES_BLOCK_SIZE) == 0);
|
||||
+
|
||||
+ if (AES_ENCRYPT == enc)
|
||||
+ {
|
||||
+ /* XXX: Do a separate case for when in != out (strictly should
|
||||
+ check for overlap, too) */
|
||||
+
|
||||
+ /* First the forward pass */
|
||||
+ iv = ivec;
|
||||
+ iv2 = ivec + AES_BLOCK_SIZE;
|
||||
+ while (len >= AES_BLOCK_SIZE)
|
||||
+ {
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] = in[n] ^ iv[n];
|
||||
+ AES_encrypt(out, out, key);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] ^= iv2[n];
|
||||
+ iv = out;
|
||||
+ memcpy(prev, in, AES_BLOCK_SIZE);
|
||||
+ iv2 = prev;
|
||||
+ len -= AES_BLOCK_SIZE;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+
|
||||
+ /* And now backwards */
|
||||
+ iv = ivec + AES_BLOCK_SIZE*2;
|
||||
+ iv2 = ivec + AES_BLOCK_SIZE*3;
|
||||
+ len = length;
|
||||
+ while(len >= AES_BLOCK_SIZE)
|
||||
+ {
|
||||
+ out -= AES_BLOCK_SIZE;
|
||||
+ /* XXX: reduce copies by alternating between buffers */
|
||||
+ memcpy(tmp, out, AES_BLOCK_SIZE);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] ^= iv[n];
|
||||
+ /* hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
|
||||
+ AES_encrypt(out, out, key);
|
||||
+ /* hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
|
||||
+ /* hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] ^= iv2[n];
|
||||
+ /* hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
|
||||
+ iv = out;
|
||||
+ memcpy(prev, tmp, AES_BLOCK_SIZE);
|
||||
+ iv2 = prev;
|
||||
+ len -= AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ /* First backwards */
|
||||
+ iv = ivec + AES_BLOCK_SIZE*2;
|
||||
+ iv2 = ivec + AES_BLOCK_SIZE*3;
|
||||
+ in += length;
|
||||
+ out += length;
|
||||
+ while (len >= AES_BLOCK_SIZE)
|
||||
+ {
|
||||
+ in -= AES_BLOCK_SIZE;
|
||||
+ out -= AES_BLOCK_SIZE;
|
||||
+ memcpy(tmp, in, AES_BLOCK_SIZE);
|
||||
+ memcpy(tmp2, in, AES_BLOCK_SIZE);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ tmp[n] ^= iv2[n];
|
||||
+ AES_decrypt(tmp, out, key);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] ^= iv[n];
|
||||
+ memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
|
||||
+ iv = tmp3;
|
||||
+ iv2 = out;
|
||||
+ len -= AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+
|
||||
+ /* And now forwards */
|
||||
+ iv = ivec;
|
||||
+ iv2 = ivec + AES_BLOCK_SIZE;
|
||||
+ len = length;
|
||||
+ while (len >= AES_BLOCK_SIZE)
|
||||
+ {
|
||||
+ memcpy(tmp, out, AES_BLOCK_SIZE);
|
||||
+ memcpy(tmp2, out, AES_BLOCK_SIZE);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ tmp[n] ^= iv2[n];
|
||||
+ AES_decrypt(tmp, out, key);
|
||||
+ for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
|
||||
+ out[n] ^= iv[n];
|
||||
+ memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
|
||||
+ iv = tmp3;
|
||||
+ iv2 = out;
|
||||
+ len -= AES_BLOCK_SIZE;
|
||||
+ in += AES_BLOCK_SIZE;
|
||||
+ out += AES_BLOCK_SIZE;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
diff --git a/include/openssl/aes.h b/include/openssl/aes.h
|
||||
index 11565854..0130fec5 100644
|
||||
--- a/include/openssl/aes.h
|
||||
+++ b/include/openssl/aes.h
|
||||
@@ -138,6 +138,15 @@ OPENSSL_EXPORT void AES_cfb128_encrypt(const uint8_t *in, uint8_t *out,
|
||||
size_t len, const AES_KEY *key,
|
||||
uint8_t *ivec, int *num, int enc);
|
||||
|
||||
+/* NB: the IV is _two_ blocks long */
|
||||
+OPENSSL_EXPORT void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
+ size_t length, const AES_KEY *key,
|
||||
+ unsigned char *ivec, const int enc);
|
||||
+/* NB: the IV is _four_ blocks long */
|
||||
+OPENSSL_EXPORT void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
+ size_t length, const AES_KEY *key,
|
||||
+ const AES_KEY *key2, const unsigned char *ivec,
|
||||
+ const int enc);
|
||||
|
||||
// AES key wrap.
|
||||
//
|
||||
--
|
||||
2.17.1
|
||||
|
|
@ -0,0 +1,170 @@
|
|||
From 02952ace408e331237a1ccd724f072b3e67ceb20 Mon Sep 17 00:00:00 2001
|
||||
From: thermatk <thermatk@thermatk.com>
|
||||
Date: Wed, 23 Jan 2019 22:16:34 +0100
|
||||
Subject: [PATCH] only build what we need
|
||||
|
||||
---
|
||||
CMakeLists.txt | 36 ---------------------
|
||||
crypto/CMakeLists.txt | 74 -------------------------------------------
|
||||
2 files changed, 110 deletions(-)
|
||||
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index fd3532664..7fcfb1627 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -542,33 +542,7 @@ if(USE_CUSTOM_LIBCXX)
|
||||
target_link_libraries(libcxx libcxxabi)
|
||||
endif()
|
||||
|
||||
-# Add minimal googletest targets. The provided one has many side-effects, and
|
||||
-# googletest has a very straightforward build.
|
||||
-add_library(boringssl_gtest third_party/googletest/src/gtest-all.cc)
|
||||
-target_include_directories(boringssl_gtest PRIVATE third_party/googletest)
|
||||
-
|
||||
-include_directories(third_party/googletest/include)
|
||||
-
|
||||
-# Declare a dummy target to build all unit tests. Test targets should inject
|
||||
-# themselves as dependencies next to the target definition.
|
||||
-add_custom_target(all_tests)
|
||||
-
|
||||
-add_custom_command(
|
||||
- OUTPUT crypto_test_data.cc
|
||||
- COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go ${CRYPTO_TEST_DATA} >
|
||||
- ${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc
|
||||
- DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA}
|
||||
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
-
|
||||
-add_library(crypto_test_data OBJECT crypto_test_data.cc)
|
||||
-
|
||||
add_subdirectory(crypto)
|
||||
-add_subdirectory(ssl)
|
||||
-add_subdirectory(ssl/test)
|
||||
-add_subdirectory(tool)
|
||||
-add_subdirectory(util/fipstools/cavp)
|
||||
-add_subdirectory(util/fipstools/acvp/modulewrapper)
|
||||
-add_subdirectory(decrepit)
|
||||
|
||||
if(FUZZ)
|
||||
if(LIBFUZZER_FROM_DEPS)
|
||||
@@ -589,14 +564,3 @@ endif()
|
||||
if(UNIX AND NOT APPLE AND NOT ANDROID)
|
||||
set(HANDSHAKER_ARGS "-handshaker-path" $<TARGET_FILE:handshaker>)
|
||||
endif()
|
||||
-
|
||||
-add_custom_target(
|
||||
- run_tests
|
||||
- COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir
|
||||
- ${CMAKE_BINARY_DIR}
|
||||
- COMMAND cd ssl/test/runner &&
|
||||
- ${GO_EXECUTABLE} test -shim-path $<TARGET_FILE:bssl_shim>
|
||||
- ${HANDSHAKER_ARGS} ${RUNNER_ARGS}
|
||||
- WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
|
||||
- DEPENDS all_tests bssl_shim handshaker
|
||||
- ${MAYBE_USES_TERMINAL})
|
||||
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
|
||||
index e940f7d5f..f5221d70d 100644
|
||||
--- a/crypto/CMakeLists.txt
|
||||
+++ b/crypto/CMakeLists.txt
|
||||
@@ -85,7 +85,6 @@ function(perlasm dest src)
|
||||
endfunction()
|
||||
|
||||
add_subdirectory(fipsmodule)
|
||||
-add_subdirectory(test)
|
||||
|
||||
if(FIPS_DELOCATE)
|
||||
SET_SOURCE_FILES_PROPERTIES(fipsmodule/bcm.o PROPERTIES EXTERNAL_OBJECT true)
|
||||
@@ -461,91 +461,3 @@ endif()
|
||||
if(USE_CUSTOM_LIBCXX)
|
||||
target_link_libraries(crypto libcxx)
|
||||
endif()
|
||||
-
|
||||
-# urandom_test is a separate binary because it needs to be able to observe the
|
||||
-# PRNG initialisation, which means that it can't have other tests running before
|
||||
-# it does.
|
||||
-add_executable(
|
||||
- urandom_test
|
||||
-
|
||||
- fipsmodule/rand/urandom_test.cc
|
||||
-)
|
||||
-
|
||||
-target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto)
|
||||
-
|
||||
-add_dependencies(urandom_test global_target)
|
||||
-add_dependencies(all_tests urandom_test)
|
||||
-
|
||||
-add_executable(
|
||||
- crypto_test
|
||||
-
|
||||
- abi_self_test.cc
|
||||
- asn1/asn1_test.cc
|
||||
- base64/base64_test.cc
|
||||
- buf/buf_test.cc
|
||||
- bio/bio_test.cc
|
||||
- bytestring/bytestring_test.cc
|
||||
- chacha/chacha_test.cc
|
||||
- cipher_extra/aead_test.cc
|
||||
- cipher_extra/cipher_test.cc
|
||||
- cmac/cmac_test.cc
|
||||
- compiler_test.cc
|
||||
- constant_time_test.cc
|
||||
- cpu-arm-linux_test.cc
|
||||
- curve25519/ed25519_test.cc
|
||||
- curve25519/spake25519_test.cc
|
||||
- curve25519/x25519_test.cc
|
||||
- ecdh_extra/ecdh_test.cc
|
||||
- dh/dh_test.cc
|
||||
- digest_extra/digest_test.cc
|
||||
- dsa/dsa_test.cc
|
||||
- err/err_test.cc
|
||||
- evp/evp_extra_test.cc
|
||||
- evp/evp_test.cc
|
||||
- evp/pbkdf_test.cc
|
||||
- evp/scrypt_test.cc
|
||||
- fipsmodule/aes/aes_test.cc
|
||||
- fipsmodule/bn/bn_test.cc
|
||||
- fipsmodule/ec/ec_test.cc
|
||||
- fipsmodule/ec/p256-x86_64_test.cc
|
||||
- fipsmodule/ecdsa/ecdsa_test.cc
|
||||
- fipsmodule/md5/md5_test.cc
|
||||
- fipsmodule/modes/gcm_test.cc
|
||||
- fipsmodule/rand/ctrdrbg_test.cc
|
||||
- fipsmodule/sha/sha_test.cc
|
||||
- hkdf/hkdf_test.cc
|
||||
- hmac_extra/hmac_test.cc
|
||||
- hrss/hrss_test.cc
|
||||
- impl_dispatch_test.cc
|
||||
- lhash/lhash_test.cc
|
||||
- obj/obj_test.cc
|
||||
- pem/pem_test.cc
|
||||
- pkcs7/pkcs7_test.cc
|
||||
- pkcs8/pkcs8_test.cc
|
||||
- pkcs8/pkcs12_test.cc
|
||||
- poly1305/poly1305_test.cc
|
||||
- pool/pool_test.cc
|
||||
- rand_extra/rand_test.cc
|
||||
- refcount_test.cc
|
||||
- rsa_extra/rsa_test.cc
|
||||
- self_test.cc
|
||||
- stack/stack_test.cc
|
||||
- siphash/siphash_test.cc
|
||||
- test/file_test_gtest.cc
|
||||
- thread_test.cc
|
||||
- x509/x509_test.cc
|
||||
- x509/x509_time_test.cc
|
||||
- x509v3/tab_test.cc
|
||||
- x509v3/v3name_test.cc
|
||||
-
|
||||
- $<TARGET_OBJECTS:crypto_test_data>
|
||||
- $<TARGET_OBJECTS:boringssl_gtest_main>
|
||||
-)
|
||||
-
|
||||
-add_dependencies(crypto_test global_target)
|
||||
-
|
||||
-target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto)
|
||||
-if(WIN32)
|
||||
- target_link_libraries(crypto_test ws2_32)
|
||||
-endif()
|
||||
-add_dependencies(all_tests crypto_test)
|
||||
--
|
||||
2.20.1
|
||||
|
Loading…
Reference in New Issue