-# This source is common building blockss for all ciphers in all our providers.
+# This source is common building blocks for all ciphers in all our providers.
SOURCE[../../libcommon.a]=\
cipher_common.c cipher_common_hw.c block.c \
cipher_gcm.c cipher_gcm_hw.c \
cipher_ccm.c cipher_ccm_hw.c
-
-# These are our implementations
-$GOAL=../../libimplementations.a
-
-IF[{- !$disabled{des} -}]
- $COMMON_DES=cipher_tdes.c cipher_tdes_hw.c
-ENDIF
-
-SOURCE[$GOAL]=\
- cipher_aes.c cipher_aes_hw.c \
- cipher_aes_xts.c cipher_aes_xts_hw.c \
- cipher_aes_gcm.c cipher_aes_gcm_hw.c \
- cipher_aes_ccm.c cipher_aes_ccm_hw.c \
- cipher_aes_wrp.c \
- $COMMON_DES
-# Because some default ciphers need it
-INCLUDE[$GOAL]=.
-
-# Finally, we have a few things that aren't FIPS agnostic
-SOURCE[../../libfips.a]=cipher_fips.c
-SOURCE[../../libnonfips.a]=cipher_fips.c
/* Dispatch functions for ccm mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_ccm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_ccm.h"
#include "internal/providercommonerr.h"
static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
* https://www.openssl.org/source/license.html
*/
-#include "internal/ciphers/ciphercommon.h"
-#include "internal/ciphers/cipher_ccm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_ccm.h"
int ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
size_t nlen, size_t mlen)
* https://www.openssl.org/source/license.html
*/
-#include "cipher_local.h"
+#include "prov/ciphercommon.h"
/*-
* The generic cipher functions for cipher modes cbc, ecb, ofb, cfb and ctr.
/* Dispatch functions for gcm mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_gcm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_gcm.h"
#include "internal/providercommonerr.h"
#include "crypto/rand.h"
#include "internal/provider_ctx.h"
* https://www.openssl.org/source/license.html
*/
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_gcm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_gcm.h"
int gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen)
* https://www.openssl.org/source/license.html
*/
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
void padblock(unsigned char *buf, size_t *buflen, size_t blocksize);
int unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize);
-SUBDIRS=ciphers
$GOAL=../../libcrypto
SOURCE[$GOAL]=defltprov.c
-INCLUDE[$GOAL]=include
-SUBDIRS=digests macs kdfs exchange keymgmt signature
+SUBDIRS=digests ciphers macs kdfs exchange keymgmt signature
--- /dev/null
+# We make separate GOAL variables for each algorithm, to make it easy to
+# switch each to the Legacy provider when needed.
+#
+# $TDES_1_GOAL and $TDES_2_GOAL separate FIPSable and non-FIPSable TDES.
+# The latter may become legacy sooner, so it's comfortable to have two
+# variables already now, to switch the non-FIPSable TDES to legacy if needed.
+
+$AES_GOAL=../../libimplementations.a
+$TDES_1_GOAL=../../libimplementations.a
+$TDES_2_GOAL=../../libimplementations.a
+$DES_GOAL=../../libimplementations.a
+$ARIA_GOAL=../../libimplementations.a
+$CAMELLIA_GOAL=../../libimplementations.a
+$BLOWFISH_GOAL=../../libimplementations.a
+$IDEA_GOAL=../../libimplementations.a
+$CAST5_GOAL=../../libimplementations.a
+$SEED_GOAL=../../libimplementations.a
+$SM4_GOAL=../../libimplementations.a
+$RC4_GOAL=../../libimplementations.a
+$RC5_GOAL=../../libimplementations.a
+$RC2_GOAL=../../libimplementations.a
+
+IF[{- !$disabled{des} -}]
+ SOURCE[$TDES_1_GOAL]=cipher_tdes.c cipher_tdes_hw.c
+ENDIF
+
+SOURCE[$AES_GOAL]=\
+ cipher_aes.c cipher_aes_hw.c \
+ cipher_aes_xts.c cipher_aes_xts_hw.c \
+ cipher_aes_gcm.c cipher_aes_gcm_hw.c \
+ cipher_aes_ccm.c cipher_aes_ccm_hw.c \
+ cipher_aes_wrp.c
+# Extra code to satisfy the FIPS and non-FIPS separation.
+# When the AES-xxx-XTS moves to legacy, this can be removed.
+SOURCE[../../libfips.a]=cipher_aes_xts_fips.c
+SOURCE[../../libnonfips.a]=cipher_aes_xts_fips.c
+
+IF[{- !$disabled{des} -}]
+ SOURCE[$TDES_2_GOAL]=\
+ cipher_tdes_default.c cipher_tdes_default_hw.c \
+ cipher_tdes_wrap.c cipher_tdes_wrap_hw.c
+ SOURCE[$DES_GOAL]=\
+ cipher_desx.c cipher_desx_hw.c \
+ cipher_des.c cipher_des_hw.c
+ENDIF
+
+IF[{- !$disabled{aria} -}]
+ SOURCE[$ARIA_GOAL]=\
+ cipher_aria.c cipher_aria_hw.c \
+ cipher_aria_gcm.c cipher_aria_gcm_hw.c \
+ cipher_aria_ccm.c cipher_aria_ccm_hw.c
+ENDIF
+
+IF[{- !$disabled{camellia} -}]
+ SOURCE[$CAMELLIA_GOAL]=\
+ cipher_camellia.c cipher_camellia_hw.c
+ENDIF
+
+IF[{- !$disabled{bf} -}]
+ SOURCE[$BLOWFISH_GOAL]=\
+ cipher_blowfish.c cipher_blowfish_hw.c
+ENDIF
+
+IF[{- !$disabled{idea} -}]
+ SOURCE[$IDEA_GOAL]=\
+ cipher_idea.c cipher_idea_hw.c
+ENDIF
+
+IF[{- !$disabled{cast} -}]
+ SOURCE[$CAST5_GOAL]=\
+ cipher_cast5.c cipher_cast5_hw.c
+ENDIF
+
+IF[{- !$disabled{seed} -}]
+ SOURCE[$SEED_GOAL]=\
+ cipher_seed.c cipher_seed_hw.c
+ENDIF
+
+IF[{- !$disabled{sm4} -}]
+ SOURCE[$SM4_GOAL]=\
+ cipher_sm4.c cipher_sm4_hw.c
+ENDIF
+
+IF[{- !$disabled{ocb} -}]
+ SOURCE[$AES_GOAL]=\
+ cipher_aes_ocb.c cipher_aes_ocb_hw.c
+ENDIF
+
+IF[{- !$disabled{rc4} -}]
+ SOURCE[$RC4_GOAL]=\
+ cipher_rc4.c cipher_rc4_hw.c
+ENDIF
+
+IF[{- !$disabled{rc5} -}]
+ SOURCE[$RC5_GOAL]=\
+ cipher_rc5.c cipher_rc5_hw.c
+ENDIF
+
+IF[{- !$disabled{rc2} -}]
+ SOURCE[$RC2_GOAL]=\
+ cipher_rc2.c cipher_rc2_hw.c
+ENDIF
*/
#include <openssl/aes.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_aes_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
/* Dispatch functions for AES CCM mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_ccm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_ccm.h"
#include "internal/provider_algs.h"
static void *aes_ccm_newctx(void *provctx, size_t keybits)
/* AES CCM mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_ccm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_ccm.h"
#define AES_HW_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \
fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \
/* Dispatch functions for AES GCM mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_gcm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_gcm.h"
#include "internal/provider_algs.h"
static void *aes_gcm_newctx(void *provctx, size_t keybits)
/* Dispatch functions for AES GCM mode */
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_gcm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_gcm.h"
static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
size_t keylen)
#include "cipher_aes_ocb.h"
#include "internal/providercommonerr.h"
-#include "internal/ciphers/cipher_aead.h"
+#include "prov/cipher_aead.h"
#include "internal/provider_algs.h"
#define AES_OCB_FLAGS AEAD_FLAGS
*/
#include <openssl/aes.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
#define OCB_MAX_TAG_LEN AES_BLOCK_SIZE
#define OCB_MAX_DATA_LEN AES_BLOCK_SIZE
*/
#include <openssl/aes.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
/*
* Available in cipher_fips.c, and compiled with different values depending
*/
#include "crypto/aria.h"
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_aria_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include "crypto/aria.h"
-#include "internal/ciphers/ciphercommon.h"
-#include "internal/ciphers/cipher_ccm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_ccm.h"
typedef struct prov_aria_ccm_ctx_st {
PROV_CCM_CTX base; /* Must be first */
*/
#include "crypto/aria.h"
-#include "internal/ciphers/ciphercommon.h"
-#include "internal/ciphers/cipher_gcm.h"
+#include "prov/ciphercommon.h"
+#include "prov/cipher_gcm.h"
typedef struct prov_aria_gcm_ctx_st {
PROV_GCM_CTX base; /* must be first entry in struct */
*/
#include <openssl/blowfish.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_blowfish_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include "openssl/camellia.h"
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_camellia_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include <openssl/cast.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_cast_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
* https://www.openssl.org/source/license.html
*/
-#include "cipher_local.h"
+#include "prov/ciphercommon.h"
#include "cipher_des.h"
#include "crypto/rand.h"
#include "internal/provider_algs.h"
* https://www.openssl.org/source/license.html
*/
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
#include "cipher_des.h"
static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx,
*/
#include <openssl/idea.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_idea_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include <openssl/rc2.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_rc2_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include <openssl/rc4.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_rc4_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include <openssl/rc5.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_blowfish_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
*/
#include <openssl/seed.h>
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
typedef struct prov_seed_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
* https://www.openssl.org/source/license.html
*/
-#include "internal/ciphers/ciphercommon.h"
+#include "prov/ciphercommon.h"
#include "crypto/sm4.h"
typedef struct prov_cast_ctx_st {
* https://www.openssl.org/source/license.html
*/
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_tdes.h"
+#include "prov/ciphercommon.h"
+#include "cipher_tdes.h"
#include "crypto/rand.h"
#include "internal/provider_algs.h"
#include "internal/providercommonerr.h"
* https://www.openssl.org/source/license.html
*/
-#include "internal/ciphers/ciphercommon.h"
-#include "internal/ciphers/cipher_tdes.h"
+#include "prov/ciphercommon.h"
+#include "cipher_tdes.h"
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_ofb(void);
const PROV_CIPHER_HW *PROV_CIPHER_HW_tdes_ede3_cfb(void);
* https://www.openssl.org/source/license.html
*/
-#include "cipher_local.h"
-#include "internal/ciphers/cipher_tdes.h"
+#include "prov/ciphercommon.h"
+#include "cipher_tdes.h"
#define ks1 tks.ks[0]
#define ks2 tks.ks[1]