diff --git a/Makefile.inc b/Makefile.inc index 2ae1b810..e5390ced 100644 --- a/Makefile.inc +++ b/Makefile.inc @@ -14,11 +14,22 @@ IDIRS := ${IDIRS} # Default is no man pages MAN = +# The SUBDIR_DEPTH variable (defined above) initializes tracking the +# subdirectory depth, but it's not fully set at this stage in the build +# process. Instead, we jump back to the shell and print the (finalized) value +# of SUBDIR_DEPTH. This avoids an infinite loop because we query the Makefile +# (which does not include ../Makefile.inc), rather than Makefile.BSD (which +# would end up including this file again). +FINALIZED_SUBDIR_DEPTH != ${MAKE} -v SUBDIR_DEPTH + .if !defined(NOLIBALL) # Link everything to liball.a, unless they specifically ask not to use it. -# If appropriate, metabuild.sh will do: +LIBALL = ${SUBDIR_DEPTH}/liball/liball.a +.if exists(${FINALIZED_SUBDIR_DEPTH}/liball/optional_mutex_normal) +# If we have optional_mutex, add it. If appropriate, metabuild.sh will do: # s/optional_mutex_normal/optional_mutex_pthread/g -LIBALL = ${SUBDIR_DEPTH}/liball/liball.a ${SUBDIR_DEPTH}/liball/optional_mutex_normal/liball_optional_mutex_normal.a +LIBALL += ${SUBDIR_DEPTH}/liball/optional_mutex_normal/liball_optional_mutex_normal.a +.endif LDADD += ${LIBALL} DPADD += ${LIBALL} .endif diff --git a/liball/Makefile b/liball/Makefile index 6d7208ca..7d1ad7c8 100644 --- a/liball/Makefile +++ b/liball/Makefile @@ -44,7 +44,7 @@ cpusupport_x86_sse2.o: ../libcperciva/cpusupport/cpusupport_x86_sse2.c ../libcpe cpusupport_x86_ssse3.o: ../libcperciva/cpusupport/cpusupport_x86_ssse3.c ../libcperciva/cpusupport/cpusupport.h ../cpusupport-config.h ${CC} ${CFLAGS_POSIX} -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DCPUSUPPORT_CONFIG_FILE=\"cpusupport-config.h\" -DAPISUPPORT_CONFIG_FILE=\"apisupport-config.h\" -I.. ${IDIRS} ${CPPFLAGS} ${CFLAGS} -c ../libcperciva/cpusupport/cpusupport_x86_ssse3.c -o cpusupport_x86_ssse3.o crypto_aes.o: ../libcperciva/crypto/crypto_aes.c ../libcperciva/cpusupport/cpusupport.h ../cpusupport-config.h ../libcperciva/crypto/crypto_aes_aesni.h ../libcperciva/crypto/crypto_aes_arm.h ../libcperciva/util/insecure_memzero.h ../libcperciva/util/warnp.h ../libcperciva/crypto/crypto_aes.h - ${CC} ${CFLAGS_POSIX} -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DCPUSUPPORT_CONFIG_FILE=\"cpusupport-config.h\" -DAPISUPPORT_CONFIG_FILE=\"apisupport-config.h\" -I.. ${IDIRS} ${CPPFLAGS} ${CFLAGS} -c ../libcperciva/crypto/crypto_aes.c -o crypto_aes.o + ${CC} ${CFLAGS_POSIX} -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DCPUSUPPORT_CONFIG_FILE=\"cpusupport-config.h\" -DAPISUPPORT_CONFIG_FILE=\"apisupport-config.h\" -I.. ${IDIRS} ${CPPFLAGS} ${CFLAGS} ${CFLAGS_LIBCRYPTO_LOW_LEVEL_AES} -c ../libcperciva/crypto/crypto_aes.c -o crypto_aes.o crypto_aes_aesni.o: ../libcperciva/crypto/crypto_aes_aesni.c ../libcperciva/cpusupport/cpusupport.h ../cpusupport-config.h ../libcperciva/util/align_ptr.h ../libcperciva/util/insecure_memzero.h ../libcperciva/util/warnp.h ../libcperciva/crypto/crypto_aes_aesni.h ../libcperciva/crypto/crypto_aes_aesni_m128i.h ${CC} ${CFLAGS_POSIX} -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DCPUSUPPORT_CONFIG_FILE=\"cpusupport-config.h\" -DAPISUPPORT_CONFIG_FILE=\"apisupport-config.h\" -I.. ${IDIRS} ${CPPFLAGS} ${CFLAGS} ${CFLAGS_X86_AESNI} -c ../libcperciva/crypto/crypto_aes_aesni.c -o crypto_aes_aesni.o crypto_aes_arm.o: ../libcperciva/crypto/crypto_aes_arm.c ../libcperciva/cpusupport/cpusupport.h ../cpusupport-config.h ../libcperciva/util/align_ptr.h ../libcperciva/util/insecure_memzero.h ../libcperciva/util/warnp.h ../libcperciva/crypto/crypto_aes_arm.h ../libcperciva/crypto/crypto_aes_arm_u8.h diff --git a/libcperciva/alg/sha256_arm.c b/libcperciva/alg/sha256_arm.c index e3e5f6b1..96223f4d 100644 --- a/libcperciva/alg/sha256_arm.c +++ b/libcperciva/alg/sha256_arm.c @@ -49,12 +49,11 @@ static const uint32_t Krnd[64] = { X0 = vsha256su1q_u32(vsha256su0q_u32(X0, X1), X2, X3) /** - * SHA256_Transform_arm(state, block, W, S): + * SHA256_Transform_arm(state, block): * Compute the SHA256 block compression function, transforming ${state} using * the data in ${block}. This implementation uses ARM SHA256 instructions, * and should only be used if _SHA256 is defined and cpusupport_arm_sha256() - * returns nonzero. The arrays W and S may be filled with sensitive data, and - * should be cleared by the callee. + * returns nonzero. */ #ifdef POSIXFAIL_ABSTRACT_DECLARATOR void diff --git a/libcperciva/alg/sha256_arm.h b/libcperciva/alg/sha256_arm.h index 4c39b6cf..d9ed3fab 100644 --- a/libcperciva/alg/sha256_arm.h +++ b/libcperciva/alg/sha256_arm.h @@ -4,12 +4,11 @@ #include /** - * SHA256_Transform_arm(state, block, W, S): + * SHA256_Transform_arm(state, block): * Compute the SHA256 block compression function, transforming ${state} using * the data in ${block}. This implementation uses ARM SHA256 instructions, * and should only be used if _SHA256 is defined and cpusupport_arm_sha256() - * returns nonzero. The arrays W and S may be filled with sensitive data, and - * should be cleared by the callee. + * returns nonzero. */ #ifdef POSIXFAIL_ABSTRACT_DECLARATOR void SHA256_Transform_arm(uint32_t state[8], const uint8_t block[64]); diff --git a/libcperciva/alg/sha256_sse2.c b/libcperciva/alg/sha256_sse2.c index 35b58d2f..d2575534 100644 --- a/libcperciva/alg/sha256_sse2.c +++ b/libcperciva/alg/sha256_sse2.c @@ -167,7 +167,7 @@ MSG4(__m128i X0, __m128i X1, __m128i X2, __m128i X3) } /** - * SHA256_Transform_sse2(state, block): + * SHA256_Transform_sse2(state, block, W, S): * Compute the SHA256 block compression function, transforming ${state} using * the data in ${block}. This implementation uses x86 SSE2 instructions, and * should only be used if _SSE2 is defined and cpusupport_x86_sse2() returns diff --git a/libcperciva/alg/sha256_sse2.h b/libcperciva/alg/sha256_sse2.h index 4035d388..16704cec 100644 --- a/libcperciva/alg/sha256_sse2.h +++ b/libcperciva/alg/sha256_sse2.h @@ -4,7 +4,7 @@ #include /** - * SHA256_Transform_sse2(state, block): + * SHA256_Transform_sse2(state, block, W, S): * Compute the SHA256 block compression function, transforming ${state} using * the data in ${block}. This implementation uses x86 SSE2 instructions, and * should only be used if _SSE2 is defined and cpusupport_x86_sse2() returns diff --git a/libcperciva/apisupport/Build/apisupport-LIBCRYPTO-LOW_LEVEL_AES.c b/libcperciva/apisupport/Build/apisupport-LIBCRYPTO-LOW_LEVEL_AES.c new file mode 100644 index 00000000..1864f011 --- /dev/null +++ b/libcperciva/apisupport/Build/apisupport-LIBCRYPTO-LOW_LEVEL_AES.c @@ -0,0 +1,15 @@ +#include + +#include + +int +main(void) +{ + AES_KEY kexp_actual; + const uint8_t key_unexpanded[16] = { 0 }; + + AES_set_encrypt_key(key_unexpanded, 128, &kexp_actual); + + /* Success! */ + return (0); +} diff --git a/libcperciva/apisupport/Build/apisupport.sh b/libcperciva/apisupport/Build/apisupport.sh index 37b3a342..4b11c6a0 100755 --- a/libcperciva/apisupport/Build/apisupport.sh +++ b/libcperciva/apisupport/Build/apisupport.sh @@ -75,6 +75,8 @@ feature NONPOSIX SETGROUPS "" "" \ "-U_POSIX_C_SOURCE -U_XOPEN_SOURCE" \ "-U_POSIX_C_SOURCE -U_XOPEN_SOURCE -Wno-reserved-id-macro" -# Detect how to compile libssl code. +# Detect how to compile libssl and libcrypto code. feature LIBSSL HOST_NAME "-lssl" "" \ "-Wno-cast-qual" +feature LIBCRYPTO LOW_LEVEL_AES "-lcrypto" "" \ + "-Wno-deprecated-declarations" diff --git a/libcperciva/crypto/crypto_aes.c b/libcperciva/crypto/crypto_aes.c index f884605b..d88f9510 100644 --- a/libcperciva/crypto/crypto_aes.c +++ b/libcperciva/crypto/crypto_aes.c @@ -1,3 +1,7 @@ +/** + * APISUPPORT CFLAGS: LIBCRYPTO_LOW_LEVEL_AES + */ + #include #include #include diff --git a/libcperciva/util/entropy.h b/libcperciva/util/entropy.h index ffe67cfe..abadfa94 100644 --- a/libcperciva/util/entropy.h +++ b/libcperciva/util/entropy.h @@ -25,7 +25,7 @@ int entropy_read_fill(struct entropy_read_cookie *, uint8_t *, size_t); * entropy_read_done(er): * Release any resources used by ${er}. */ -int entropy_read_done(struct entropy_read_cookie * er); +int entropy_read_done(struct entropy_read_cookie *); /** * entropy_read(buf, buflen): diff --git a/release-tools/metabuild.sh b/release-tools/metabuild.sh index 9d1a8050..2ba18f64 100755 --- a/release-tools/metabuild.sh +++ b/release-tools/metabuild.sh @@ -176,6 +176,9 @@ printf "RELATIVE_DIR=%s\n" "${D}" >> "${OUT}" if [ -n "$(${MAKEBSD} -v LIB)" ]; then cat "${SUBDIR_DEPTH}/release-tools/Makefile.lib" >> "${OUT}" elif [ -n "$(${MAKEBSD} -v SRCS)" ]; then + # This *must* come after SUBDIR_DEPTH has been copied into + # the Makefile, because it depends on being able to run: + # make -v SUBDIR_DEPTH copyvar_LIBALL_optional_mutex add_makefile_prog else