diff options
Diffstat (limited to 'secure/lib/libcrypto')
| -rw-r--r-- | secure/lib/libcrypto/Makefile | 250 | ||||
| -rw-r--r-- | secure/lib/libcrypto/Makefile.inc | 16 | ||||
| -rw-r--r-- | secure/lib/libcrypto/des_crypt.3 | 508 | ||||
| -rw-r--r-- | secure/lib/libcrypto/opensslconf-alpha.h | 144 | ||||
| -rw-r--r-- | secure/lib/libcrypto/opensslconf-i386.h | 144 |
5 files changed, 0 insertions, 1062 deletions
diff --git a/secure/lib/libcrypto/Makefile b/secure/lib/libcrypto/Makefile deleted file mode 100644 index 589eeb74a067d..0000000000000 --- a/secure/lib/libcrypto/Makefile +++ /dev/null @@ -1,250 +0,0 @@ -# $FreeBSD$ - -.include "Makefile.inc" - -LIB= crypto -SHLIB_MAJOR= 1 - -MAINTAINER= kris - -# base sources -SRCS+= cryptlib.c mem.c cversion.c ex_data.c cpt_err.c tmdiff.c - -# asn1 -SRCS+= a_bitstr.c a_bmp.c a_bool.c a_bytes.c a_d2i_fp.c a_digest.c \ - a_dup.c a_enum.c a_gentm.c a_hdr.c a_i2d_fp.c a_int.c a_meth.c \ - a_object.c a_octet.c a_print.c a_set.c a_sign.c a_time.c a_type.c \ - a_utctm.c a_utf8.c a_verify.c a_vis.c asn1_err.c asn1_lib.c \ - asn1_par.c asn_pack.c d2i_dhp.c d2i_dsap.c d2i_pr.c d2i_pu.c \ - d2i_r_pr.c d2i_r_pu.c d2i_s_pr.c d2i_s_pu.c evp_asn1.c f_enum.c \ - f_int.c f_string.c i2d_dhp.c i2d_dsap.c i2d_pr.c i2d_pu.c \ - i2d_r_pr.c i2d_r_pu.c i2d_s_pr.c i2d_s_pu.c n_pkey.c nsseq.c \ - p5_pbe.c p5_pbev2.c p7_dgst.c p7_enc.c p7_enc_c.c p7_evp.c \ - p7_i_s.c p7_lib.c p7_recip.c p7_s_e.c p7_signd.c p7_signi.c \ - p8_pkey.c t_crl.c t_pkey.c t_req.c t_x509.c x_algor.c \ - x_attrib.c x_cinf.c x_crl.c x_exten.c x_info.c x_name.c \ - x_pkey.c x_pubkey.c x_req.c x_sig.c x_spki.c x_val.c x_x509.c - -# blowfish -SRCS+= bf_cfb64.c bf_ecb.c bf_enc.c bf_ofb64.c bf_skey.c - -# bio -SRCS+= b_dump.c b_print.c b_sock.c bf_buff.c bf_nbio.c bf_null.c \ - bio_cb.c bio_err.c bio_lib.c bss_acpt.c bss_bio.c bss_conn.c \ - bss_fd.c bss_file.c bss_log.c bss_mem.c bss_null.c bss_sock.c - -# bn -SRCS+= bn_add.c bn_asm.c bn_blind.c bn_div.c bn_err.c bn_exp.c bn_exp2.c \ - bn_gcd.c bn_lib.c bn_mont.c bn_mpi.c bn_mul.c bn_prime.c \ - bn_print.c bn_rand.c bn_recp.c bn_shift.c bn_sqr.c bn_word.c - -# buffer -SRCS+= buf_err.c buffer.c - -# cast -SRCS+= c_cfb64.c c_ecb.c c_enc.c c_ofb64.c c_skey.c - -# comp -SRCS+= c_rle.c c_zlib.c comp_lib.c - -# conf -SRCS+= conf.c conf_err.c - -# des -SRCS+= cbc_cksm.c cbc_enc.c cfb64ede.c cfb64enc.c cfb_enc.c des_enc.c \ - ecb3_enc.c ecb_enc.c ede_cbcm_enc.c enc_read.c enc_writ.c \ - fcrypt.c fcrypt.c fcrypt_b.c ofb64ede.c ofb64enc.c ofb_enc.c \ - pcbc_enc.c qud_cksm.c rand_key.c read2pwd.c read_pwd.c rpc_enc.c \ - set_key.c str2key.c supp.c xcbc_enc.c rnd_keys.c - -# dh -SRCS+= dh_check.c dh_err.c dh_gen.c dh_key.c dh_lib.c - -# dsa -SRCS+= dsa_asn1.c dsa_err.c dsa_gen.c dsa_key.c dsa_lib.c dsa_sign.c \ - dsa_vrf.c - -# err -SRCS+= err.c err_all.c err_prn.c - -# evp -SRCS+= bio_b64.c bio_enc.c bio_md.c bio_ok.c c_all.c digest.c e_cbc_3d.c \ - e_cbc_bf.c e_cbc_c.c e_cbc_d.c e_cbc_i.c e_cbc_r2.c e_cbc_r5.c \ - e_cfb_3d.c e_cfb_bf.c e_cfb_c.c e_cfb_d.c e_cfb_i.c e_cfb_r2.c \ - e_cfb_r5.c e_ecb_3d.c e_ecb_bf.c e_ecb_c.c e_ecb_d.c e_ecb_i.c \ - e_ecb_r2.c e_ecb_r5.c e_null.c e_ofb_3d.c e_ofb_bf.c e_ofb_c.c \ - e_ofb_d.c e_ofb_i.c e_ofb_r2.c e_ofb_r5.c e_rc4.c e_xcbc_d.c \ - encode.c evp_enc.c evp_err.c evp_key.c evp_lib.c evp_pbe.c \ - evp_pkey.c m_dss.c m_dss1.c m_md2.c m_md5.c m_mdc2.c m_null.c \ - m_ripemd.c m_sha.c m_sha1.c names.c p5_crpt.c p5_crpt2.c p_dec.c \ - p_enc.c p_lib.c p_open.c p_seal.c p_sign.c p_verify.c - -# hmac -SRCS+= hmac.c - -# lhash -SRCS+= lh_stats.c lhash.c - -# md2 -SRCS+= md2_dgst.c md2_one.c - -# md5 -SRCS+= md5_dgst.c md5_one.c - -# mdc2 -SRCS+= mdc2dgst.c mdc2_one.c - -# objects -SRCS+= o_names.c obj_dat.c obj_err.c obj_lib.c - -# pem -SRCS+= pem_all.c pem_err.c pem_info.c pem_lib.c pem_seal.c pem_sign.c - -# pkcs7 -SRCS+= pk7_doit.c pk7_lib.c pkcs7err.c - -# pkcs12 -SRCS+= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \ - p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c \ - p12_sbag.c p12_utl.c pk12err.c - -# rand -SRCS+= md_rand.c rand_lib.c randfile.c - -# rc2 -SRCS+= rc2_cbc.c rc2cfb64.c rc2_ecb.c rc2ofb64.c rc2_skey.c - -# rc4 -SRCS+= rc4_enc.c rc4_skey.c - -# rc5 -SRCS+= rc5cfb64.c rc5_ecb.c rc5_enc.c rc5ofb64.c rc5_skey.c - -# ripemd -SRCS+= rmd_dgst.c rmd_one.c - -# rsa -.if defined(WITH_RSA) && ${WITH_RSA} == YES -SRCS+= rsa_chk.c rsa_gen.c rsa_lib.c rsa_none.c rsa_oaep.c \ - rsa_pk1.c rsa_saos.c rsa_sign.c rsa_ssl.c rsa_stubs.c -.endif - -# sha -SRCS+= sha_dgst.c sha_one.c sha1_one.c sha1dgst.c - -# stack -SRCS+= stack.c - -# txt_db -SRCS+= txt_db.c - -# x509 -SRCS+= by_dir.c by_file.c x509_cmp.c x509_d2.c x509_def.c x509_err.c \ - x509_ext.c x509_lu.c x509_obj.c x509_r2x.c x509_req.c x509_set.c \ - x509_txt.c x509_v3.c x509_vfy.c x509name.c x509rset.c x509type.c \ - x_all.c - -# x509v3 -SRCS+= v3_akey.c v3_alt.c v3_bcons.c v3_bitst.c v3_conf.c v3_cpols.c \ - v3_crld.c v3_enum.c v3_extku.c v3_genn.c v3_ia5.c v3_int.c \ - v3_lib.c v3_pku.c v3_prn.c v3_skey.c v3_sxnet.c v3_utl.c v3err.c - -HDRS= asn1/asn1.h asn1/asn1_mac.h bio/bio.h bf/blowfish.h bn/bn.h \ - buffer/buffer.h cast/cast.h comp/comp.h conf/conf.h crypto.h \ - des/des.h dh/dh.h dsa/dsa.h ../e_os.h ../e_os2.h ebcdic.h \ - err/err.h evp/evp.h hmac/hmac.h lhash/lhash.h md2/md2.h \ - md5/md5.h mdc2/mdc2.h objects/objects.h opensslv.h pem/pem.h \ - pem/pem2.h pkcs12/pkcs12.h pkcs7/pkcs7.h rand/rand.h rc2/rc2.h \ - rc4/rc4.h rc5/rc5.h ripemd/ripemd.h rsa/rsa.h stack/safestack.h \ - sha/sha.h stack/stack.h tmdiff.h txt_db/txt_db.h x509/x509.h \ - x509/x509_vfy.h x509v3/x509v3.h - -MAN3= des_crypt.3 - -MLINKS= des_crypt.3 des_read_password.3 \ - des_crypt.3 des_read_2password.3 des_crypt.3 des_string_to_key.3 \ - des_crypt.3 des_string_to_2key.3 des_crypt.3 des_read_pw_string.3 \ - des_crypt.3 des_random_key.3 des_crypt.3 des_set_key.3 \ - des_crypt.3 des_key_sched.3 des_crypt.3 des_ecb_encrypt.3 \ - des_crypt.3 des_3ecb_encrypt.3 des_crypt.3 des_cbc_encrypt.3 \ - des_crypt.3 des_3cbc_encrypt.3 des_crypt.3 des_pcbc_encrypt.3 \ - des_crypt.3 des_cfb_encrypt.3 des_crypt.3 des_ofb_encrypt.3 \ - des_crypt.3 des_cbc_cksum.3 des_crypt.3 des_quad_cksum.3 \ - des_crypt.3 des_enc_read.3 des_crypt.3 des_enc_write.3 \ - des_crypt.3 des_set_odd_parity.3 des_crypt.3 des_is_weak_key.3 - -beforedepend: ${.OBJDIR}/obj_dat.h ${.OBJDIR}/buildinf.h \ - ${.OBJDIR}/openssl/opensslconf.h headers - -DPADD+= ${.OBJDIR}/obj_dat.h ${.OBJDIR}/buildinf.h ${.OBJDIR}/openssl/opensslconf.h - -CLEANFILES+= ${.OBJDIR}/obj_dat.h ${.OBJDIR}/buildinf.h -CLEANDIRS+= ${.OBJDIR}/openssl - -${.OBJDIR}/obj_dat.h: ${LCRYPTO_SRC}/objects/obj_dat.pl - perl ${LCRYPTO_SRC}/objects/obj_dat.pl < ${LCRYPTO_SRC}/objects/objects.h > ${.OBJDIR}/obj_dat.h - -${.OBJDIR}/buildinf.h: - ( echo "#ifndef MK1MF_BUILD"; \ - echo " /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \ - echo " #define CFLAGS \"$(CC)\""; \ - echo " #define PLATFORM \"`uname -s`-`uname -m`\""; \ - echo " #define DATE \"`date`\""; \ - echo "#endif" ) > ${.OBJDIR}/buildinf.h - -${.OBJDIR}/openssl/opensslconf.h: opensslconf-${MACHINE_ARCH}.h - @test -d ${.OBJDIR}/openssl || mkdir -p ${.OBJDIR}/openssl; \ - cp ${.OODATE} ${.TARGET} - -headers: - @test -d ${.OBJDIR}/openssl || mkdir -p ${.OBJDIR}/openssl; \ - for i in ${HDRS}; do \ - ${INSTALL} ${COPY} -m 444 ${LCRYPTO_SRC}/$$i \ - ${.OBJDIR}/openssl; \ - done - -beforeinstall: ${.OBJDIR}/openssl/opensslconf.h - for i in ${HDRS}; do \ - ${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ - ${LCRYPTO_SRC}/$$i ${DESTDIR}/usr/include/openssl; \ - done; \ - ${INSTALL} ${COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ - ${.OBJDIR}/openssl/opensslconf.h ${DESTDIR}/usr/include/openssl - -.PATH: ${LCRYPTO_SRC} ${LCRYPTO_SRC}/asn1 ${LCRYPTO_SRC}/bf \ - ${LCRYPTO_SRC}/bio ${LCRYPTO_SRC}/bn ${LCRYPTO_SRC}/buffer \ - ${LCRYPTO_SRC}/cast ${LCRYPTO_SRC}/comp ${LCRYPTO_SRC}/conf \ - ${LCRYPTO_SRC}/des ${LCRYPTO_SRC}/dh ${LCRYPTO_SRC}/dsa \ - ${LCRYPTO_SRC}/err ${LCRYPTO_SRC}/evp ${LCRYPTO_SRC}/hmac \ - ${LCRYPTO_SRC}/lhash ${LCRYPTO_SRC}/md2 ${LCRYPTO_SRC}/md5 \ - ${LCRYPTO_SRC}/mdc2 ${LCRYPTO_SRC}/objects ${LCRYPTO_SRC}/pem \ - ${LCRYPTO_SRC}/pkcs7 ${LCRYPTO_SRC}/pkcs12 ${LCRYPTO_SRC}/rand \ - ${LCRYPTO_SRC}/rc2 ${LCRYPTO_SRC}/rc4 ${LCRYPTO_SRC}/rc5 \ - ${LCRYPTO_SRC}/ripemd ${LCRYPTO_SRC}/rsa ${LCRYPTO_SRC}/../rsaref \ - ${LCRYPTO_SRC}/sha ${LCRYPTO_SRC}/stack ${LCRYPTO_SRC}/txt_db \ - ${LCRYPTO_SRC}/x509 ${LCRYPTO_SRC}/x509v3 - -.include <bsd.lib.mk> - -afterinstall: -.if !defined(NOPIC) - @cd ${DESTDIR}${SHLIBDIR}; \ - rm -f libdes.so.3; \ - ln -sf lib${LIB}.so.${SHLIB_MAJOR} libdes.so.3; -.endif -.if !defined(NOPIC) && ${OBJFORMAT} == elf - @cd ${DESTDIR}${SHLIBDIR}; \ - rm -f libdes.so; \ - ln -sf lib${LIB}.so libdes.so -.endif - @cd ${DESTDIR}${LIBDIR}; \ - rm -f libdes.a; \ - ln -sf lib${LIB}.a libdes.a - @cd ${DESTDIR}${INCDIR}; \ - rm -f des.h; \ - ln -sf openssl/des.h -.if !defined(NOPROFILE) - @cd ${DESTDIR}${LIBDIR}; \ - rm -f libdes_p.a; \ - ln -sf lib${LIB}_p.a libdes_p.a -.endif diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc deleted file mode 100644 index 6391c68740190..0000000000000 --- a/secure/lib/libcrypto/Makefile.inc +++ /dev/null @@ -1,16 +0,0 @@ -# $FreeBSD$ - -LCRYPTO_SRC= ${.CURDIR}/../../../crypto/openssl/crypto -CFLAGS+= -DTERMIOS -DANSI_SOURCE -DNO_IDEA -I${LCRYPTO_SRC} -I${.OBJDIR} - -.if ${MACHINE_ARCH} == "i386" -CFLAGS+= -DL_ENDIAN -# -DBN_ASM -DSHA1_ASM -DMD5_ASM -DRMD160_ASM - XXX notyet -CFLAGS+= -DDEVRANDOM=\"/dev/urandom\" -.else -.if ${MACHINE_ARCH} == "alpha" -# no ENDIAN stuff defined for alpha (64-bit) -.endif -.endif - -WITH_RSA?= YES diff --git a/secure/lib/libcrypto/des_crypt.3 b/secure/lib/libcrypto/des_crypt.3 deleted file mode 100644 index 0ecc416877fe6..0000000000000 --- a/secure/lib/libcrypto/des_crypt.3 +++ /dev/null @@ -1,508 +0,0 @@ -.TH DES_CRYPT 3 -.SH NAME -des_read_password, des_read_2password, -des_string_to_key, des_string_to_2key, des_read_pw_string, -des_random_key, des_set_key, -des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt, -des_3cbc_encrypt, -des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt, -des_cbc_cksum, des_quad_cksum, -des_enc_read, des_enc_write, des_set_odd_parity, -des_is_weak_key, crypt \- (non USA) DES encryption -.SH SYNOPSIS -.nf -.nj -.ft B -#include <des.h> -.PP -.B int des_read_password(key,prompt,verify) -des_cblock *key; -char *prompt; -int verify; -.PP -.B int des_read_2password(key1,key2,prompt,verify) -des_cblock *key1,*key2; -char *prompt; -int verify; -.PP -.B int des_string_to_key(str,key) -char *str; -des_cblock *key; -.PP -.B int des_string_to_2keys(str,key1,key2) -char *str; -des_cblock *key1,*key2; -.PP -.B int des_read_pw_string(buf,length,prompt,verify) -char *buf; -int length; -char *prompt; -int verify; -.PP -.B int des_random_key(key) -des_cblock *key; -.PP -.B int des_set_key(key,schedule) -des_cblock *key; -des_key_schedule schedule; -.PP -.B int des_key_sched(key,schedule) -des_cblock *key; -des_key_schedule schedule; -.PP -.B int des_ecb_encrypt(input,output,schedule,encrypt) -des_cblock *input; -des_cblock *output; -des_key_schedule schedule; -int encrypt; -.PP -.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt) -des_cblock *input; -des_cblock *output; -des_key_schedule ks1,ks2; -int encrypt; -.PP -.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule sk1; -des_key_schedule sk2; -des_cblock *ivec1; -des_cblock *ivec2; -int encrypt; -.PP -.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt) -unsigned char *input; -unsigned char *output; -int numbits; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec) -unsigned char *input,*output; -int numbits; -long length; -des_key_schedule schedule; -des_cblock *ivec; -.PP -.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -.PP -.B unsigned long des_quad_cksum(input,output,length,out_count,seed) -des_cblock *input; -des_cblock *output; -long length; -int out_count; -des_cblock *seed; -.PP -.B int des_check_key; -.PP -.B int des_enc_read(fd,buf,len,sched,iv) -int fd; -char *buf; -int len; -des_key_schedule sched; -des_cblock *iv; -.PP -.B int des_enc_write(fd,buf,len,sched,iv) -int fd; -char *buf; -int len; -des_key_schedule sched; -des_cblock *iv; -.PP -.B extern int des_rw_mode; -.PP -.B void des_set_odd_parity(key) -des_cblock *key; -.PP -.B int des_is_weak_key(key) -des_cblock *key; -.PP -.B char *crypt(passwd,salt) -char *passwd; -char *salt; -.PP -.fi -.SH DESCRIPTION -This library contains a fast implementation of the DES encryption -algorithm. -.PP -There are two phases to the use of DES encryption. -The first is the generation of a -.I des_key_schedule -from a key, -the second is the actual encryption. -A des key is of type -.I des_cblock. -This type is made from 8 characters with odd parity. -The least significant bit in the character is the parity bit. -The key schedule is an expanded form of the key; it is used to speed the -encryption process. -.PP -.I des_read_password -writes the string specified by prompt to the standard output, -turns off echo and reads an input string from standard input -until terminated with a newline. -If verify is non-zero, it prompts and reads the input again and verifies -that both entered passwords are the same. -The entered string is converted into a des key by using the -.I des_string_to_key -routine. -The new key is placed in the -.I des_cblock -that was passed (by reference) to the routine. -If there were no errors, -.I des_read_password -returns 0, --1 is returned if there was a terminal error and 1 is returned for -any other error. -.PP -.I des_read_2password -operates in the same way as -.I des_read_password -except that it generates 2 keys by using the -.I des_string_to_2key -function. -.PP -.I des_read_pw_string -is called by -.I des_read_password -to read and verify a string from a terminal device. -The string is returned in -.I buf. -The size of -.I buf -is passed to the routine via the -.I length -parameter. -.PP -.I des_string_to_key -converts a string into a valid des key. -.PP -.I des_string_to_2key -converts a string into 2 valid des keys. -This routine is best suited for used to generate keys for use with -.I des_ecb3_encrypt. -.PP -.I des_random_key -returns a random key that is made of a combination of process id, -time and an increasing counter. -.PP -Before a des key can be used it is converted into a -.I des_key_schedule -via the -.I des_set_key -routine. -If the -.I des_check_key -flag is non-zero, -.I des_set_key -will check that the key passed is of odd parity and is not a week or -semi-weak key. -If the parity is wrong, -then -1 is returned. -If the key is a weak key, -then -2 is returned. -If an error is returned, -the key schedule is not generated. -.PP -.I des_key_sched -is another name for the -.I des_set_key -function. -.PP -The following routines mostly operate on an input and output stream of -.I des_cblock's. -.PP -.I des_ecb_encrypt -is the basic DES encryption routine that encrypts or decrypts a single 8-byte -.I des_cblock -in -.I electronic code book -mode. -It always transforms the input data, pointed to by -.I input, -into the output data, -pointed to by the -.I output -argument. -If the -.I encrypt -argument is non-zero (DES_ENCRYPT), -the -.I input -(cleartext) is encrypted in to the -.I output -(ciphertext) using the key_schedule specified by the -.I schedule -argument, -previously set via -.I des_set_key. -If -.I encrypt -is zero (DES_DECRYPT), -the -.I input -(now ciphertext) -is decrypted into the -.I output -(now cleartext). -Input and output may overlap. -No meaningful value is returned. -.PP -.I des_ecb3_encrypt -encrypts/decrypts the -.I input -block by using triple ecb DES encryption. -This involves encrypting the input with -.I ks1, -decryption with the key schedule -.I ks2, -and then encryption with the first again. -This routine greatly reduces the chances of brute force breaking of -DES and has the advantage of if -.I ks1 -and -.I ks2 -are the same, it is equivalent to just encryption using ecb mode and -.I ks1 -as the key. -.PP -.I des_cbc_encrypt -encrypts/decrypts using the -.I cipher-block-chaining -mode of DES. -If the -.I encrypt -argument is non-zero, -the routine cipher-block-chain encrypts the cleartext data pointed to by the -.I input -argument into the ciphertext pointed to by the -.I output -argument, -using the key schedule provided by the -.I schedule -argument, -and initialisation vector provided by the -.I ivec -argument. -If the -.I length -argument is not an integral multiple of eight bytes, -the last block is copied to a temporary area and zero filled. -The output is always -an integral multiple of eight bytes. -To make multiple cbc encrypt calls on a large amount of data appear to -be one -.I des_cbc_encrypt -call, the -.I ivec -of subsequent calls should be the last 8 bytes of the output. -.PP -.I des_3cbc_encrypt -encrypts/decrypts the -.I input -block by using triple cbc DES encryption. -This involves encrypting the input with key schedule -.I ks1, -decryption with the key schedule -.I ks2, -and then encryption with the first again. -2 initialisation vectors are required, -.I ivec1 -and -.I ivec2. -Unlike -.I des_cbc_encrypt, -these initialisation vectors are modified by the subroutine. -This routine greatly reduces the chances of brute force breaking of -DES and has the advantage of if -.I ks1 -and -.I ks2 -are the same, it is equivalent to just encryption using cbc mode and -.I ks1 -as the key. -.PP -.I des_pcbc_encrypt -encrypt/decrypts using a modified block chaining mode. -It provides better error propagation characteristics than cbc -encryption. -.PP -.I des_cfb_encrypt -encrypt/decrypts using cipher feedback mode. This method takes an -array of characters as input and outputs and array of characters. It -does not require any padding to 8 character groups. Note: the ivec -variable is changed and the new changed value needs to be passed to -the next call to this function. Since this function runs a complete -DES ecb encryption per numbits, this function is only suggested for -use when sending small numbers of characters. -.PP -.I des_ofb_encrypt -encrypt using output feedback mode. This method takes an -array of characters as input and outputs and array of characters. It -does not require any padding to 8 character groups. Note: the ivec -variable is changed and the new changed value needs to be passed to -the next call to this function. Since this function runs a complete -DES ecb encryption per numbits, this function is only suggested for -use when sending small numbers of characters. -.PP -.I des_cbc_cksum -produces an 8 byte checksum based on the input stream (via cbc encryption). -The last 4 bytes of the checksum is returned and the complete 8 bytes is -placed in -.I output. -.PP -.I des_quad_cksum -returns a 4 byte checksum from the input bytes. -The algorithm can be iterated over the input, -depending on -.I out_count, -1, 2, 3 or 4 times. -If -.I output -is non-NULL, -the 8 bytes generated by each pass are written into -.I output. -.PP -.I des_enc_write -is used to write -.I len -bytes -to file descriptor -.I fd -from buffer -.I buf. -The data is encrypted via -.I pcbc_encrypt -(default) using -.I sched -for the key and -.I iv -as a starting vector. -The actual data send down -.I fd -consists of 4 bytes (in network byte order) containing the length of the -following encrypted data. The encrypted data then follows, padded with random -data out to a multiple of 8 bytes. -.PP -.I des_enc_read -is used to read -.I len -bytes -from file descriptor -.I fd -into buffer -.I buf. -The data being read from -.I fd -is assumed to have come from -.I des_enc_write -and is decrypted using -.I sched -for the key schedule and -.I iv -for the initial vector. -The -.I des_enc_read/des_enc_write -pair can be used to read/write to files, pipes and sockets. -I have used them in implementing a version of rlogin in which all -data is encrypted. -.PP -.I des_rw_mode -is used to specify the encryption mode to use with -.I des_enc_read -and -.I des_end_write. -If set to -.I DES_PCBC_MODE -(the default), des_pcbc_encrypt is used. -If set to -.I DES_CBC_MODE -des_cbc_encrypt is used. -These two routines and the variable are not part of the normal MIT library. -.PP -.I des_set_odd_parity -sets the parity of the passed -.I key -to odd. This routine is not part of the standard MIT library. -.PP -.I des_is_weak_key -returns 1 is the passed key is a weak key (pick again :-), -0 if it is ok. -This routine is not part of the standard MIT library. -.PP -.I crypt -is a replacement for the normal system crypt. -It is much faster than the system crypt. -.PP -.SH FILES -/usr/include/des.h -.br -/usr/lib/libdes.a -.PP -The encryption routines have been tested on 16bit, 32bit and 64bit -machines of various endian and even works under VMS. -.PP -.SH BUGS -.PP -If you think this manual is sparse, -read the des_crypt(3) manual from the MIT kerberos (or bones outside -of the USA) distribution. -.PP -.I des_cfb_encrypt -and -.I des_ofb_encrypt -operates on input of 8 bits. What this means is that if you set -numbits to 12, and length to 2, the first 12 bits will come from the 1st -input byte and the low half of the second input byte. The second 12 -bits will have the low 8 bits taken from the 3rd input byte and the -top 4 bits taken from the 4th input byte. The same holds for output. -This function has been implemented this way because most people will -be using a multiple of 8 and because once you get into pulling bytes input -bytes apart things get ugly! -.PP -.I des_read_pw_string -is the most machine/OS dependent function and normally generates the -most problems when porting this code. -.PP -.I des_string_to_key -is probably different from the MIT version since there are lots -of fun ways to implement one-way encryption of a text string. -.PP -The routines are optimised for 32 bit machines and so are not efficient -on IBM PCs. -.PP -NOTE: extensive work has been done on this library since this document -was origionally written. Please try to read des.doc from the libdes -distribution since it is far more upto date and documents more of the -functions. Libdes is now also being shipped as part of SSLeay, a -general cryptographic library that amonst other things implements -netscapes SSL protocoll. The most recent version can be found in -SSLeay distributions. -.SH AUTHOR -Eric Young (eay@cryptsoft.com) diff --git a/secure/lib/libcrypto/opensslconf-alpha.h b/secure/lib/libcrypto/opensslconf-alpha.h deleted file mode 100644 index 03894d577ae20..0000000000000 --- a/secure/lib/libcrypto/opensslconf-alpha.h +++ /dev/null @@ -1,144 +0,0 @@ -/* $FreeBSD$ */ - -/* crypto/opensslconf.h */ -/* WARNING: This file is autogenerated by Configure */ - -/* Generate 80386 code? */ -#undef I386_ONLY - -#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ -#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/usr/local/ssl" -#endif -#endif - -#define OPENSSL_UNISTD <unistd.h> - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) && !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -#define RC4_INT unsigned int -#endif - -#if defined(HEADER_DES_H) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) -#define CONFIG_HEADER_RC4_LOCL_H -/* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ -#undef RC4_INDEX -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#define DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ -#ifndef DES_UNROLL -#undef DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman <pgut001@cs.auckland.ac.nz> - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( i386 ) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/secure/lib/libcrypto/opensslconf-i386.h b/secure/lib/libcrypto/opensslconf-i386.h deleted file mode 100644 index d80b68fc91de2..0000000000000 --- a/secure/lib/libcrypto/opensslconf-i386.h +++ /dev/null @@ -1,144 +0,0 @@ -/* $FreeBSD$ */ - -/* crypto/opensslconf.h */ -/* WARNING: This file is autogenerated by Configure */ - -/* Generate 80386 code? */ -#undef I386_ONLY - -#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ -#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif -#endif - -#define OPENSSL_UNISTD <unistd.h> - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) && !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -#define RC4_INT unsigned int -#endif - -#if defined(HEADER_DES_H) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned long -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) -#define CONFIG_HEADER_RC4_LOCL_H -/* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ -#define RC4_INDEX -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#define DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman <pgut001@cs.auckland.ac.nz> - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( i386 ) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ |