PKCS#8 support for alternative PRFs.

[openssl.git] / util / mkdef.pl

diff --git a/util/mkdef.pl b/util/mkdef.pl
index e3cb0169bf2e926d71630fab8f3f76a15b71d920..8d74eaa9a9b4a4050344d263c0e6dd06d3d60a61 100755 (executable)
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -69,7 +69,7 @@ my $do_ctestall = 0;
 my $do_checkexist = 0;
 
 my $VMSVAX=0;
-my $VMSAlpha=0;
+my $VMSNonVAX=0;
 my $VMS=0;
 my $W32=0;
 my $W16=0;
@@ -79,13 +79,16 @@ my $OS2=0;
 my $safe_stack_def = 0;
 
 my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
-                       "EXPORT_VAR_AS_FUNCTION" );
+                       "EXPORT_VAR_AS_FUNCTION", "ZLIB",
+                       "OPENSSL_FIPS", "OPENSSL_FIPSCAPABLE" );
 my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
 my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                         "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
                         "SHA256", "SHA512", "RIPEMD",
-                        "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA",
-                        "HMAC", "AES", "WHIRLPOOL",
+                        "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
+                        "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+                        # EC_NISTP_64_GCC_128
+                        "EC_NISTP_64_GCC_128",
                         # Envelope "algorithms"
                         "EVP", "X509", "ASN1_TYPEDEFS",
                         # Helper "algorithms"
@@ -95,8 +98,28 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                         "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
                         # Engines
                         "STATIC_ENGINE", "ENGINE", "HW", "GMP",
+                        # RFC3779
+                        "RFC3779",
+                        # TLS
+                        "TLSEXT", "PSK", "SRP", "HEARTBEATS",
+                        # CMS
+                        "CMS",
+                        # CryptoAPI Engine
+                        "CAPIENG",
+                        # SSL v2
+                        "SSL2",
+                        # JPAKE
+                        "JPAKE",
+                        # NEXTPROTONEG
+                        "NEXTPROTONEG",
                         # Deprecated functions
-                        "DEPRECATED" );
+                        "DEPRECATED",
+                        # Hide SSL internals
+                        "SSL_INTERN",
+                        # SCTP
+                        "SCTP",
+                        # SSL TRACE
+                        "SSL_TRACE");
 
 my $options="";
 open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -109,11 +132,18 @@ close(IN);
 # defined with ifndef(NO_XXX) are not included in the .def file, and everything
 # in directory xxx is ignored.
 my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
-my $no_cast; my $no_whirlpool;
+my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
 my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
 my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
 my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
 my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
+my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake; my $no_ssl2; my $no_ec2m; my $no_nextprotoneg;
+my $no_srp; my $no_nistp_gcc; my $no_sctp; my $no_ssl_trace;
+
+my $fips;
+
+my $zlib;
 
 
 foreach (@ARGV, split(/ /, $options))
@@ -129,12 +159,17 @@ foreach (@ARGV, split(/ /, $options))
                $VMS=1;
                $VMSVAX=1;
        }
-       if ($_ eq "VMS-Alpha") {
+       if ($_ eq "VMS-NonVAX") {
                $VMS=1;
-               $VMSAlpha=1;
+               $VMSNonVAX=1;
        }
        $VMS=1 if $_ eq "VMS";
        $OS2=1 if $_ eq "OS2";
+       $fips=1 if /^fips/;
+       if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
+                        || $_ eq "enable-zlib-dynamic") {
+               $zlib = 1;
+       }
 
        $do_ssl=1 if $_ eq "ssleay";
        if ($_ eq "ssl") {
@@ -177,6 +212,8 @@ foreach (@ARGV, split(/ /, $options))
        elsif (/^no-ecdh$/)     { $no_ecdh=1; }
        elsif (/^no-hmac$/)     { $no_hmac=1; }
        elsif (/^no-aes$/)      { $no_aes=1; }
+       elsif (/^no-camellia$/) { $no_camellia=1; }
+       elsif (/^no-seed$/)     { $no_seed=1; }
        elsif (/^no-evp$/)      { $no_evp=1; }
        elsif (/^no-lhash$/)    { $no_lhash=1; }
        elsif (/^no-stack$/)    { $no_stack=1; }
@@ -190,6 +227,18 @@ foreach (@ARGV, split(/ /, $options))
        elsif (/^no-engine$/)   { $no_engine=1; }
        elsif (/^no-hw$/)       { $no_hw=1; }
        elsif (/^no-gmp$/)      { $no_gmp=1; }
+       elsif (/^no-rfc3779$/)  { $no_rfc3779=1; }
+       elsif (/^no-tlsext$/)   { $no_tlsext=1; }
+       elsif (/^no-cms$/)      { $no_cms=1; }
+       elsif (/^no-ec2m$/)     { $no_ec2m=1; }
+       elsif (/^no-ec-nistp224-64-gcc-128$/)   { $no_nistp_gcc=1; }
+       elsif (/^no-nextprotoneg$/)     { $no_nextprotoneg=1; }
+       elsif (/^no-ssl2$/)     { $no_ssl2=1; }
+       elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; }
+       elsif (/^no-capieng$/)  { $no_capieng=1; }
+       elsif (/^no-jpake$/)    { $no_jpake=1; }
+       elsif (/^no-srp$/)      { $no_srp=1; }
+       elsif (/^no-sctp$/)     { $no_sctp=1; }
        }
 
 
@@ -225,9 +274,14 @@ $max_crypto = $max_num;
 
 my $ssl="ssl/ssl.h";
 $ssl.=" ssl/kssl.h";
+$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
 
 my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
 $crypto.=" crypto/o_dir.h";
+$crypto.=" crypto/o_str.h";
+$crypto.=" crypto/o_time.h";
 $crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
 $crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
 $crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
@@ -243,6 +297,8 @@ $crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
 $crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
 $crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
 $crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
+$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
+$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
 
 $crypto.=" crypto/bn/bn.h";
 $crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
@@ -281,8 +337,13 @@ $crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
 $crypto.=" crypto/ocsp/ocsp.h";
 $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
 $crypto.=" crypto/krb5/krb5_asn.h";
-$crypto.=" crypto/store/store.h";
+#$crypto.=" crypto/store/store.h";
 $crypto.=" crypto/pqueue/pqueue.h";
+$crypto.=" crypto/cms/cms.h";
+$crypto.=" crypto/jpake/jpake.h";
+$crypto.=" crypto/srp/srp.h";
+$crypto.=" crypto/modes/modes.h";
+#$crypto.=" fips/fips.h fips/rand/fips_rand.h";
 
 my $symhacks="crypto/symhacks.h";
 
@@ -775,6 +836,7 @@ sub do_defs
                                        $def .= "int PEM_write_bio_$1(void);";
                                        next;
                                } elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
+                                       /^DECLARE_PEM_write_const\s*\(\s*(\w*)\s*,/ ||
                                         /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
                                        # Things not in Win16
                                        $def .=
@@ -856,6 +918,7 @@ sub do_defs
                        s/\{\}/\(\)/gs;
 
                        s/STACK_OF\(\)/void/gs;
+                       s/LHASH_OF\(\)/void/gs;
 
                        print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
                        if (/^\#INFO:([^:]*):(.*)$/) {
@@ -932,6 +995,19 @@ sub do_defs
        $platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
        $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
        $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
+       $platform{"EVP_sha384"} = "!VMSVAX";
+       $platform{"EVP_sha512"} = "!VMSVAX";
+       $platform{"SHA384_Init"} = "!VMSVAX";
+       $platform{"SHA384_Transform"} = "!VMSVAX";
+       $platform{"SHA384_Update"} = "!VMSVAX";
+       $platform{"SHA384_Final"} = "!VMSVAX";
+       $platform{"SHA384"} = "!VMSVAX";
+       $platform{"SHA512_Init"} = "!VMSVAX";
+       $platform{"SHA512_Transform"} = "!VMSVAX";
+       $platform{"SHA512_Update"} = "!VMSVAX";
+       $platform{"SHA512_Final"} = "!VMSVAX";
+       $platform{"SHA512"} = "!VMSVAX";
+
 
        # Info we know about
 
@@ -1056,6 +1132,8 @@ sub is_valid
 
                if ($platforms) {
                        # platforms
+                       if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
+                       if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
                        if ($keyword eq "VMS" && $VMS) { return 1; }
                        if ($keyword eq "WIN32" && $W32) { return 1; }
                        if ($keyword eq "WIN16" && $W16) { return 1; }
@@ -1068,6 +1146,13 @@ sub is_valid
                        if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
                                return 1;
                        }
+                       if ($keyword eq "OPENSSL_FIPSCAPABLE") {
+                               return 0;
+                       }
+                       if ($keyword eq "OPENSSL_FIPS" && $fips) {
+                               return 1;
+                       }
+                       if ($keyword eq "ZLIB" && $zlib) { return 1; }
                        return 0;
                } else {
                        # algorithms
@@ -1093,6 +1178,8 @@ sub is_valid
                        if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
                        if ($keyword eq "HMAC" && $no_hmac) { return 0; }
                        if ($keyword eq "AES" && $no_aes) { return 0; }
+                       if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
+                       if ($keyword eq "SEED" && $no_seed) { return 0; }
                        if ($keyword eq "EVP" && $no_evp) { return 0; }
                        if ($keyword eq "LHASH" && $no_lhash) { return 0; }
                        if ($keyword eq "STACK" && $no_stack) { return 0; }
@@ -1107,6 +1194,20 @@ sub is_valid
                        if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
                        if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
                        if ($keyword eq "GMP" && $no_gmp) { return 0; }
+                       if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
+                       if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
+                       if ($keyword eq "PSK" && $no_psk) { return 0; }
+                       if ($keyword eq "CMS" && $no_cms) { return 0; }
+                       if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+                                       { return 0; }
+                       if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+                       if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+                       if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+                       if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; }
+                       if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
+                       if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+                       if ($keyword eq "SRP" && $no_srp) { return 0; }
+                       if ($keyword eq "SCTP" && $no_sctp) { return 0; }
                        if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
 
                        # Nothing recognise as true
@@ -1210,8 +1311,6 @@ EOO
 
 LIBRARY         $libname       $liboptions
 
-DESCRIPTION     '$description'
-
 EOF
 
        if ($W16) {
@@ -1400,6 +1499,7 @@ sub update_numbers
                next if defined($rsyms{$sym});
                die "ERROR: Symbol $sym had no info attached to it."
                    if $i eq "";
+               next if $i =~ /OPENSSL_FIPSCAPABLE/;
                if (!exists $nums{$s}) {
                        $new_syms++;
                        my $s2 = $s;