1# $FreeBSD$ 2 3SHLIB_NAME?= fips.so 4 5CFLAGS+= -DFIPS_MODULE 6 7SRCS+= fips_entry.c fipsprov.c self_test.c self_test_kats.c 8 9.include "../../Makefile.common" 10 11# crypto 12SRCS+= provider_core.c provider_predefined.c \ 13 core_fetch.c core_algorithm.c core_namemap.c self_test_core.c 14 15SRCS+= cpuid.c ctype.c 16.if defined(ASM_aarch64) 17SRCS+= arm64cpuid.S armcap.c 18ACFLAGS.arm64cpuid.S= -march=armv8-a+crypto 19.elif defined(ASM_amd64) 20SRCS+= x86_64cpuid.S 21.elif defined(ASM_arm) 22SRCS+= armv4cpuid.S armcap.c 23.elif defined(ASM_i386) 24SRCS+= x86cpuid.S 25.elif defined(ASM_powerpc) 26SRCS+= ppccpuid.S ppccap.c 27.elif defined(ASM_powerpc64) 28SRCS+= ppccpuid.S ppccap.c 29.elif defined(ASM_powerpc64le) 30SRCS+= ppccpuid.S ppccap.c 31.else 32SRCS+= mem_clr.c 33.endif 34 35# crypto/aes 36SRCS+= aes_cbc.c aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c 37.if defined(ASM_aarch64) 38SRCS+= aes_core.c aesv8-armx.S vpaes-armv8.S 39ACFLAGS.aesv8-armx.S= -march=armv8-a+crypto 40.elif defined(ASM_amd64) 41SRCS+= aes_core.c aesni-mb-x86_64.S aesni-sha1-x86_64.S aesni-sha256-x86_64.S 42SRCS+= aesni-x86_64.S vpaes-x86_64.S 43.elif defined(ASM_arm) 44SRCS+= aes-armv4.S aesv8-armx.S bsaes-armv7.S 45.elif defined(ASM_i386) 46SRCS+= aes_core.c aesni-x86.S vpaes-x86.S 47.elif defined(ASM_powerpc) 48SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 49.elif defined(ASM_powerpc64) 50SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 51.elif defined(ASM_powerpc64le) 52SRCS+= aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 53.else 54SRCS+= aes_core.c 55.endif 56 57# crypto/bn 58SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ 59 bn_mod.c bn_conv.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ 60 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_sqr.c \ 61 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ 62 bn_intern.c bn_dh.c bn_rsa_fips186_4.c bn_const.c 63.if defined(ASM_aarch64) 64SRCS+= armv8-mont.S bn_asm.c 65.elif defined(ASM_amd64) 66SRCS+= rsaz-avx2.S rsaz-avx512.S rsaz-x86_64.S rsaz_exp.c rsaz_exp_x2.c 67SRCS+= x86_64-gcc.c x86_64-gf2m.S x86_64-mont.S x86_64-mont5.S 68.elif defined(ASM_arm) 69SRCS+= armv4-gf2m.S armv4-mont.S bn_asm.c 70.elif defined(ASM_i386) 71SRCS+= bn-586.S co-586.S x86-gf2m.S x86-mont.S 72.elif defined(ASM_powerpc) 73SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 74.elif defined(ASM_powerpc64) 75SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 76.elif defined(ASM_powerpc64le) 77SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 78.else 79SRCS+= bn_asm.c 80.endif 81 82# crypto/buffer 83SRCS+= buffer.c 84 85# crypto/cmac 86SRCS+= cmac.c 87 88# crypto/des 89SRCS+= set_key.c ecb3_enc.c 90.if defined(ASM_i386) 91SRCS+= crypt586.S des-586.S 92.else 93SRCS+= des_enc.c fcrypt_b.c 94.endif 95 96# crypto/dh 97SRCS+= dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c \ 98 dh_kdf.c 99 100# crypto/dsa 101SRCS+= dsa_sign.c dsa_vrf.c dsa_lib.c dsa_ossl.c dsa_check.c \ 102 dsa_key.c dsa_backend.c dsa_gen.c 103 104# crypto/ec 105SRCS+= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ 106 ec_curve.c ec_check.c ec_key.c ec_kmeth.c ecx_key.c ec_asn1.c \ 107 ec2_smpl.c \ 108 ecp_oct.c ec2_oct.c ec_oct.c ecdh_ossl.c \ 109 ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \ 110 curve448/f_generic.c curve448/scalar.c \ 111 curve448/curve448_tables.c curve448/eddsa.c curve448/curve448.c \ 112 ec_backend.c ecx_backend.c ecdh_kdf.c curve448/arch_64/f_impl64.c \ 113 curve448/arch_32/f_impl32.c 114SRCS+= cryptlib.c params.c params_from_text.c bsearch.c ex_data.c o_str.c \ 115 threads_pthread.c threads_none.c initthread.c \ 116 context.c sparse_array.c asn1_dsa.c packet.c param_build.c \ 117 param_build_set.c der_writer.c threads_lib.c params_dup.c 118 119.include <bsd.opts.mk> 120.if ${MACHINE_ABI:Mlittle-endian} && ${MACHINE_ABI:Mlong64} 121SRCS+= ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c 122.endif 123.if defined(ASM_aarch64) 124SRCS+= ecp_nistz256-armv8.S ecp_nistz256.c 125.elif defined(ASM_amd64) 126SRCS+= ecp_nistz256-x86_64.S ecp_nistz256.c x25519-x86_64.S 127.elif defined(ASM_arm) 128SRCS+= ecp_nistz256-armv4.S ecp_nistz256.c 129.elif defined(ASM_i386) 130SRCS+= ecp_nistz256-x86.S ecp_nistz256.c 131.elif defined(ASM_powerpc64) 132SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S 133.elif defined(ASM_powerpc64le) 134SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S 135.endif 136 137# crypto/evp 138SRCS+= digest.c evp_enc.c evp_lib.c evp_fetch.c evp_utils.c \ 139 mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c \ 140 m_sigver.c pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ 141 evp_rand.c asymcipher.c kem.c dh_support.c ec_support.c pmeth_check.c 142 143# crypto/ffc 144SRCS+= ffc_params.c ffc_params_generate.c ffc_key_generate.c \ 145 ffc_params_validate.c ffc_key_validate.c ffc_backend.c \ 146 ffc_dh.c 147 148# crypto/hmac 149SRCS+= hmac.c 150 151# crypto/lhash 152SRCS+= lhash.c 153 154# crypto/modes 155SRCS+= cbc128.c ctr128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c 156SRCS+= wrap128.c 157.if defined(ASM_aarch64) 158SRCS+= ghashv8-armx.S aes-gcm-armv8_64.S 159ACFLAGS.ghashv8-armx.S= -march=armv8-a+crypto 160.elif defined(ASM_amd64) 161SRCS+= aesni-gcm-x86_64.S ghash-x86_64.S 162.elif defined(ASM_arm) 163SRCS+= ghash-armv4.S ghashv8-armx.S 164.elif defined(ASM_i386) 165SRCS+= ghash-x86.S 166.elif defined(ASM_powerpc) 167SRCS+= ghashp8-ppc.S 168.elif defined(ASM_powerpc64) 169SRCS+= ghashp8-ppc.S 170.elif defined(ASM_powerpc64le) 171SRCS+= ghashp8-ppc.S 172.endif 173 174# crypto/property 175SRCS+= property_string.c property_parse.c property_query.c property.c defn_cache.c 176 177# crypto/rand 178SRCS+= rand_lib.c 179 180# crypto/rsa 181SRCS+= rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \ 182 rsa_none.c rsa_oaep.c rsa_chk.c rsa_pss.c rsa_x931.c rsa_crpt.c \ 183 rsa_sp800_56b_gen.c rsa_sp800_56b_check.c rsa_backend.c \ 184 rsa_mp_names.c rsa_schemes.c 185SRCS+= rsa_acvp_test_params.c 186 187# crypto/sha 188SRCS+= sha1dgst.c sha256.c sha512.c sha3.c 189.if defined(ASM_aarch64) 190SRCS+= keccak1600-armv8.S sha1-armv8.S sha256-armv8.S sha512-armv8.S 191.elif defined(ASM_amd64) 192SRCS+= keccak1600-x86_64.S sha1-mb-x86_64.S sha1-x86_64.S 193SRCS+= sha256-mb-x86_64.S sha256-x86_64.S sha512-x86_64.S 194.elif defined(ASM_arm) 195SRCS+= keccak1600-armv4.S sha1-armv4-large.S sha256-armv4.S sha512-armv4.S 196.elif defined(ASM_i386) 197SRCS+= keccak1600.c sha1-586.S sha256-586.S sha512-586.S 198.elif defined(ASM_powerpc) 199SRCS+= keccak1600.c sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 200.elif defined(ASM_powerpc64) 201SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 202.elif defined(ASM_powerpc64le) 203SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 204.else 205SRCS+= keccak1600.c 206.endif 207 208# crypto/stack 209SRCS+= stack.c 210 211# common 212SRCS+= capabilities.c bio_prov.c digest_to_nid.c \ 213 securitycheck.c provider_seeding.c 214SRCS+= securitycheck_fips.c 215 216# common/der 217SRCS+= der_rsa_gen.c der_rsa_key.c 218SRCS+= der_rsa_sig.c 219 220SRCS+= der_dsa_gen.c der_dsa_key.c 221SRCS+= der_dsa_sig.c 222 223SRCS+= der_ec_gen.c der_ec_key.c 224SRCS+= der_ec_sig.c 225 226SRCS+= der_ecx_gen.c der_ecx_key.c 227 228SRCS+= der_wrap_gen.c 229 230# asymciphers 231SRCS+= rsa_enc.c 232 233# ciphers 234SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \ 235 ciphercommon_gcm.c ciphercommon_gcm_hw.c \ 236 ciphercommon_ccm.c ciphercommon_ccm_hw.c 237SRCS+= cipher_aes.c cipher_aes_hw.c \ 238 cipher_aes_xts.c cipher_aes_xts_hw.c \ 239 cipher_aes_gcm.c cipher_aes_gcm_hw.c \ 240 cipher_aes_ccm.c cipher_aes_ccm_hw.c \ 241 cipher_aes_wrp.c \ 242 cipher_aes_cbc_hmac_sha.c \ 243 cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \ 244 cipher_cts.c 245SRCS+= cipher_aes_xts_fips.c 246SRCS+= cipher_tdes.c cipher_tdes_common.c cipher_tdes_hw.c 247 248# digests 249SRCS+= digestcommon.c 250SRCS+= sha2_prov.c 251SRCS+= sha3_prov.c 252 253# exchange 254SRCS+= dh_exch.c 255SRCS+= ecx_exch.c 256SRCS+= ecdh_exch.c 257SRCS+= kdf_exch.c 258 259# kdfs 260SRCS+= tls1_prf.c 261SRCS+= hkdf.c 262SRCS+= kbkdf.c 263SRCS+= pbkdf2.c 264SRCS+= pbkdf2_fips.c 265SRCS+= sskdf.c 266SRCS+= sshkdf.c 267SRCS+= x942kdf.c 268 269# kem 270SRCS+= rsa_kem.c 271 272# keymgmt 273SRCS+= dh_kmgmt.c 274SRCS+= dsa_kmgmt.c 275SRCS+= ec_kmgmt.c 276SRCS+= ecx_kmgmt.c 277SRCS+= kdf_legacy_kmgmt.c 278SRCS+= mac_legacy_kmgmt.c 279SRCS+= rsa_kmgmt.c 280 281# macs 282SRCS+= gmac_prov.c 283SRCS+= hmac_prov.c 284SRCS+= kmac_prov.c 285SRCS+= cmac_prov.c 286 287# rands 288SRCS+= drbg.c test_rng.c drbg_ctr.c drbg_hash.c drbg_hmac.c crngt.c 289 290# signature 291SRCS+= dsa_sig.c 292SRCS+= eddsa_sig.c ecdsa_sig.c 293SRCS+= mac_legacy_sig.c 294SRCS+= rsa_sig.c 295 296# ssl 297SRCS+= record/tls_pad.c s3_cbc.c 298 299.include <bsd.lib.mk> 300 301.if defined(ASM_${MACHINE_CPUARCH}) 302.PATH: ${SRCTOP}/secure/lib/libcrypto/arch/${MACHINE_CPUARCH} 303.if defined(ASM_amd64) 304.PATH: ${LCRYPTO_SRC}/crypto/bn/asm 305.endif 306.elif defined(ASM_${MACHINE_ARCH}) 307.PATH: ${SRCTOP}/secure/lib/libcrypto/arch/${MACHINE_ARCH} 308.endif 309 310.PATH: ${LCRYPTO_SRC}/crypto \ 311 ${LCRYPTO_SRC}/crypto/aes \ 312 ${LCRYPTO_SRC}/crypto/bio \ 313 ${LCRYPTO_SRC}/crypto/bn \ 314 ${LCRYPTO_SRC}/crypto/buffer \ 315 ${LCRYPTO_SRC}/crypto/cmac \ 316 ${LCRYPTO_SRC}/crypto/des \ 317 ${LCRYPTO_SRC}/crypto/dh \ 318 ${LCRYPTO_SRC}/crypto/dsa \ 319 ${LCRYPTO_SRC}/crypto/ec \ 320 ${LCRYPTO_SRC}/crypto/evp \ 321 ${LCRYPTO_SRC}/crypto/ffc \ 322 ${LCRYPTO_SRC}/crypto/hmac \ 323 ${LCRYPTO_SRC}/crypto/lhash \ 324 ${LCRYPTO_SRC}/crypto/modes \ 325 ${LCRYPTO_SRC}/crypto/property \ 326 ${LCRYPTO_SRC}/crypto/rand \ 327 ${LCRYPTO_SRC}/crypto/rsa \ 328 ${LCRYPTO_SRC}/crypto/sha \ 329 ${LCRYPTO_SRC}/crypto/stack \ 330 ${LCRYPTO_SRC}/providers/fips \ 331 ${LCRYPTO_SRC}/providers/common/der \ 332 ${LCRYPTO_SRC}/providers/implementations/asymciphers \ 333 ${LCRYPTO_SRC}/providers/implementations/ciphers \ 334 ${LCRYPTO_SRC}/providers/implementations/digests \ 335 ${LCRYPTO_SRC}/providers/implementations/exchange \ 336 ${LCRYPTO_SRC}/providers/implementations/kdfs \ 337 ${LCRYPTO_SRC}/providers/implementations/kem \ 338 ${LCRYPTO_SRC}/providers/implementations/keymgmt \ 339 ${LCRYPTO_SRC}/providers/implementations/macs \ 340 ${LCRYPTO_SRC}/providers/implementations/rands \ 341 ${LCRYPTO_SRC}/providers/implementations/signature \ 342 ${LCRYPTO_SRC}/ssl 343