1 2SHLIB_NAME?= fips.so 3 4CFLAGS+= -DFIPS_MODULE 5 6SRCS+= fips_entry.c fipsprov.c self_test.c self_test_kats.c 7 8.include "../../Makefile.common" 9 10# crypto 11SRCS+= provider_core.c provider_predefined.c \ 12 core_fetch.c core_algorithm.c core_namemap.c self_test_core.c 13 14SRCS+= cpuid.c ctype.c 15.if defined(ASM_aarch64) 16SRCS+= arm64cpuid.S armcap.c 17ACFLAGS.arm64cpuid.S= -march=armv8-a+crypto 18.elif defined(ASM_amd64) 19SRCS+= x86_64cpuid.S 20.elif defined(ASM_arm) 21SRCS+= armv4cpuid.S armcap.c 22.elif defined(ASM_i386) 23SRCS+= x86cpuid.S 24.elif defined(ASM_powerpc) 25SRCS+= ppccpuid.S ppccap.c 26.elif defined(ASM_powerpc64) 27SRCS+= ppccpuid.S ppccap.c 28.elif defined(ASM_powerpc64le) 29SRCS+= ppccpuid.S ppccap.c 30.else 31SRCS+= mem_clr.c 32.endif 33 34# crypto/aes 35SRCS+= aes_cfb.c aes_ecb.c aes_ige.c aes_misc.c aes_ofb.c aes_wrap.c 36.if defined(ASM_aarch64) 37SRCS+= aes_cbc.c aes_core.c aesv8-armx.S vpaes-armv8.S 38ACFLAGS.aesv8-armx.S= -march=armv8-a+crypto 39.elif defined(ASM_amd64) 40SRCS+= aes-x86_64.S aesni-mb-x86_64.S aesni-sha1-x86_64.S 41SRCS+= aesni-sha256-x86_64.S aesni-x86_64.S bsaes-x86_64.S vpaes-x86_64.S 42.elif defined(ASM_arm) 43SRCS+= aes_cbc.c aes-armv4.S aesv8-armx.S bsaes-armv7.S 44.elif defined(ASM_i386) 45SRCS+= aes-586.S aesni-x86.S vpaes-x86.S 46.elif defined(ASM_powerpc) 47SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 48.elif defined(ASM_powerpc64) 49SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 50.elif defined(ASM_powerpc64le) 51SRCS+= aes_cbc.c aes_core.c aes-ppc.S vpaes-ppc.S aesp8-ppc.S 52.else 53SRCS+= aes_cbc.c aes_core.c 54.endif 55 56# crypto/bn 57SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ 58 bn_mod.c bn_conv.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ 59 bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_sqr.c \ 60 bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ 61 bn_intern.c bn_dh.c bn_rsa_fips186_4.c bn_const.c 62.if defined(ASM_aarch64) 63SRCS+= armv8-mont.S bn_asm.c 64.elif defined(ASM_amd64) 65SRCS+= rsaz-avx2.S rsaz-avx512.S rsaz-x86_64.S rsaz_exp.c rsaz_exp_x2.c 66SRCS+= x86_64-gcc.c x86_64-gf2m.S x86_64-mont.S x86_64-mont5.S 67.elif defined(ASM_arm) 68SRCS+= armv4-gf2m.S armv4-mont.S bn_asm.c 69.elif defined(ASM_i386) 70SRCS+= bn-586.S co-586.S x86-gf2m.S x86-mont.S 71.elif defined(ASM_powerpc) 72SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 73.elif defined(ASM_powerpc64) 74SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 75.elif defined(ASM_powerpc64le) 76SRCS+= bn_ppc.c bn-ppc.S ppc-mont.S 77.else 78SRCS+= bn_asm.c 79.endif 80 81# crypto/buffer 82SRCS+= buffer.c 83 84# crypto/cmac 85SRCS+= cmac.c 86 87# crypto/des 88SRCS+= set_key.c ecb3_enc.c 89.if defined(ASM_i386) 90SRCS+= crypt586.S des-586.S 91.else 92SRCS+= des_enc.c fcrypt_b.c 93.endif 94 95# crypto/dh 96SRCS+= dh_lib.c dh_key.c dh_group_params.c dh_check.c dh_backend.c dh_gen.c \ 97 dh_kdf.c 98 99# crypto/dsa 100SRCS+= dsa_sign.c dsa_vrf.c dsa_lib.c dsa_ossl.c dsa_check.c \ 101 dsa_key.c dsa_backend.c dsa_gen.c 102 103# crypto/ec 104SRCS+= ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ 105 ec_curve.c ec_check.c ec_key.c ec_kmeth.c ecx_key.c ec_asn1.c \ 106 ec2_smpl.c \ 107 ecp_oct.c ec2_oct.c ec_oct.c ecdh_ossl.c \ 108 ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \ 109 curve448/f_generic.c curve448/scalar.c \ 110 curve448/curve448_tables.c curve448/eddsa.c curve448/curve448.c \ 111 ec_backend.c ecx_backend.c ecdh_kdf.c curve448/arch_64/f_impl64.c \ 112 curve448/arch_32/f_impl32.c 113SRCS+= cryptlib.c params.c params_from_text.c bsearch.c ex_data.c o_str.c \ 114 threads_pthread.c threads_none.c initthread.c \ 115 context.c sparse_array.c asn1_dsa.c packet.c param_build.c \ 116 param_build_set.c der_writer.c threads_lib.c params_dup.c 117 118.include <bsd.opts.mk> 119.if ${MACHINE_ABI:Mlittle-endian} && ${MACHINE_ABI:Mlong64} 120SRCS+= ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c 121.endif 122.if defined(ASM_aarch64) 123SRCS+= ecp_nistz256-armv8.S ecp_nistz256.c 124.elif defined(ASM_amd64) 125SRCS+= ecp_nistz256-x86_64.S ecp_nistz256.c x25519-x86_64.S 126.elif defined(ASM_arm) 127SRCS+= ecp_nistz256-armv4.S ecp_nistz256.c 128.elif defined(ASM_i386) 129SRCS+= ecp_nistz256-x86.S ecp_nistz256.c 130.elif defined(ASM_powerpc64) 131SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S 132.elif defined(ASM_powerpc64le) 133SRCS+= ecp_nistp521-ppc64.S ecp_nistz256-ppc64.S ecp_nistz256.c ecp_ppc.c x25519-ppc64.S 134.endif 135 136# crypto/evp 137SRCS+= digest.c evp_enc.c evp_lib.c evp_fetch.c evp_utils.c \ 138 mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c \ 139 m_sigver.c pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ 140 evp_rand.c asymcipher.c kem.c dh_support.c ec_support.c pmeth_check.c 141 142# crypto/ffc 143SRCS+= ffc_params.c ffc_params_generate.c ffc_key_generate.c \ 144 ffc_params_validate.c ffc_key_validate.c ffc_backend.c \ 145 ffc_dh.c 146 147# crypto/hmac 148SRCS+= hmac.c 149 150# crypto/lhash 151SRCS+= lhash.c 152 153# crypto/modes 154SRCS+= cbc128.c ctr128.c cfb128.c ofb128.c gcm128.c ccm128.c xts128.c 155SRCS+= wrap128.c 156.if defined(ASM_aarch64) 157SRCS+= ghashv8-armx.S aes-gcm-armv8_64.S 158ACFLAGS.ghashv8-armx.S= -march=armv8-a+crypto 159.elif defined(ASM_amd64) 160SRCS+= aesni-gcm-x86_64.S ghash-x86_64.S 161.elif defined(ASM_arm) 162SRCS+= ghash-armv4.S ghashv8-armx.S 163.elif defined(ASM_i386) 164SRCS+= ghash-x86.S 165.elif defined(ASM_powerpc) 166SRCS+= ghashp8-ppc.S 167.elif defined(ASM_powerpc64) 168SRCS+= ghashp8-ppc.S 169.elif defined(ASM_powerpc64le) 170SRCS+= ghashp8-ppc.S 171.endif 172 173# crypto/property 174SRCS+= property_string.c property_parse.c property_query.c property.c defn_cache.c 175 176# crypto/rand 177SRCS+= rand_lib.c 178 179# crypto/rsa 180SRCS+= rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \ 181 rsa_none.c rsa_oaep.c rsa_chk.c rsa_pss.c rsa_x931.c rsa_crpt.c \ 182 rsa_sp800_56b_gen.c rsa_sp800_56b_check.c rsa_backend.c \ 183 rsa_mp_names.c rsa_schemes.c 184SRCS+= rsa_acvp_test_params.c 185 186# crypto/sha 187SRCS+= sha1dgst.c sha256.c sha512.c sha3.c 188.if defined(ASM_aarch64) 189SRCS+= keccak1600-armv8.S sha1-armv8.S sha256-armv8.S sha512-armv8.S 190.elif defined(ASM_amd64) 191SRCS+= keccak1600-x86_64.S sha1-mb-x86_64.S sha1-x86_64.S 192SRCS+= sha256-mb-x86_64.S sha256-x86_64.S sha512-x86_64.S 193.elif defined(ASM_arm) 194SRCS+= keccak1600-armv4.S sha1-armv4-large.S sha256-armv4.S sha512-armv4.S 195.elif defined(ASM_i386) 196SRCS+= keccak1600.c sha1-586.S sha256-586.S sha512-586.S 197.elif defined(ASM_powerpc) 198SRCS+= keccak1600.c sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 199.elif defined(ASM_powerpc64) 200SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 201.elif defined(ASM_powerpc64le) 202SRCS+= keccak1600-ppc64.S sha_ppc.c sha1-ppc.S sha256-ppc.S sha512-ppc.S sha256p8-ppc.S sha512p8-ppc.S 203.else 204SRCS+= keccak1600.c 205.endif 206 207# crypto/stack 208SRCS+= stack.c 209 210# common 211SRCS+= capabilities.c bio_prov.c digest_to_nid.c \ 212 securitycheck.c provider_seeding.c 213SRCS+= securitycheck_fips.c 214 215# common/der 216SRCS+= der_rsa_gen.c der_rsa_key.c 217SRCS+= der_rsa_sig.c 218 219SRCS+= der_dsa_gen.c der_dsa_key.c 220SRCS+= der_dsa_sig.c 221 222SRCS+= der_ec_gen.c der_ec_key.c 223SRCS+= der_ec_sig.c 224 225SRCS+= der_ecx_gen.c der_ecx_key.c 226 227SRCS+= der_wrap_gen.c 228 229# asymciphers 230SRCS+= rsa_enc.c 231 232# ciphers 233SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \ 234 ciphercommon_gcm.c ciphercommon_gcm_hw.c \ 235 ciphercommon_ccm.c ciphercommon_ccm_hw.c 236SRCS+= cipher_aes.c cipher_aes_hw.c \ 237 cipher_aes_xts.c cipher_aes_xts_hw.c \ 238 cipher_aes_gcm.c cipher_aes_gcm_hw.c \ 239 cipher_aes_ccm.c cipher_aes_ccm_hw.c \ 240 cipher_aes_wrp.c \ 241 cipher_aes_cbc_hmac_sha.c \ 242 cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \ 243 cipher_cts.c 244SRCS+= cipher_aes_xts_fips.c 245SRCS+= cipher_tdes.c cipher_tdes_common.c cipher_tdes_hw.c 246 247# digests 248SRCS+= digestcommon.c 249SRCS+= sha2_prov.c 250SRCS+= sha3_prov.c 251 252# exchange 253SRCS+= dh_exch.c 254SRCS+= ecx_exch.c 255SRCS+= ecdh_exch.c 256SRCS+= kdf_exch.c 257 258# kdfs 259SRCS+= tls1_prf.c 260SRCS+= hkdf.c 261SRCS+= kbkdf.c 262SRCS+= pbkdf2.c 263SRCS+= pbkdf2_fips.c 264SRCS+= sskdf.c 265SRCS+= sshkdf.c 266SRCS+= x942kdf.c 267 268# kem 269SRCS+= rsa_kem.c 270 271# keymgmt 272SRCS+= dh_kmgmt.c 273SRCS+= dsa_kmgmt.c 274SRCS+= ec_kmgmt.c 275SRCS+= ecx_kmgmt.c 276SRCS+= kdf_legacy_kmgmt.c 277SRCS+= mac_legacy_kmgmt.c 278SRCS+= rsa_kmgmt.c 279 280# macs 281SRCS+= gmac_prov.c 282SRCS+= hmac_prov.c 283SRCS+= kmac_prov.c 284SRCS+= cmac_prov.c 285 286# rands 287SRCS+= drbg.c test_rng.c drbg_ctr.c drbg_hash.c drbg_hmac.c crngt.c 288 289# signature 290SRCS+= dsa_sig.c 291SRCS+= eddsa_sig.c ecdsa_sig.c 292SRCS+= mac_legacy_sig.c 293SRCS+= rsa_sig.c 294 295# ssl 296SRCS+= record/tls_pad.c s3_cbc.c 297 298.include <bsd.lib.mk> 299 300.if defined(ASM_${MACHINE_CPUARCH}) 301.PATH: ${SRCTOP}/sys/crypto/openssl/${MACHINE_CPUARCH} 302.if defined(ASM_amd64) 303.PATH: ${LCRYPTO_SRC}/crypto/bn/asm 304.endif 305.elif defined(ASM_${MACHINE_ARCH}) 306.PATH: ${SRCTOP}/sys/crypto/openssl/${MACHINE_ARCH} 307.endif 308 309.PATH: ${LCRYPTO_SRC}/crypto \ 310 ${LCRYPTO_SRC}/crypto/aes \ 311 ${LCRYPTO_SRC}/crypto/bio \ 312 ${LCRYPTO_SRC}/crypto/bn \ 313 ${LCRYPTO_SRC}/crypto/buffer \ 314 ${LCRYPTO_SRC}/crypto/cmac \ 315 ${LCRYPTO_SRC}/crypto/des \ 316 ${LCRYPTO_SRC}/crypto/dh \ 317 ${LCRYPTO_SRC}/crypto/dsa \ 318 ${LCRYPTO_SRC}/crypto/ec \ 319 ${LCRYPTO_SRC}/crypto/evp \ 320 ${LCRYPTO_SRC}/crypto/ffc \ 321 ${LCRYPTO_SRC}/crypto/hmac \ 322 ${LCRYPTO_SRC}/crypto/lhash \ 323 ${LCRYPTO_SRC}/crypto/modes \ 324 ${LCRYPTO_SRC}/crypto/property \ 325 ${LCRYPTO_SRC}/crypto/rand \ 326 ${LCRYPTO_SRC}/crypto/rsa \ 327 ${LCRYPTO_SRC}/crypto/sha \ 328 ${LCRYPTO_SRC}/crypto/stack \ 329 ${LCRYPTO_SRC}/providers/fips \ 330 ${LCRYPTO_SRC}/providers/common/der \ 331 ${LCRYPTO_SRC}/providers/implementations/asymciphers \ 332 ${LCRYPTO_SRC}/providers/implementations/ciphers \ 333 ${LCRYPTO_SRC}/providers/implementations/digests \ 334 ${LCRYPTO_SRC}/providers/implementations/exchange \ 335 ${LCRYPTO_SRC}/providers/implementations/kdfs \ 336 ${LCRYPTO_SRC}/providers/implementations/kem \ 337 ${LCRYPTO_SRC}/providers/implementations/keymgmt \ 338 ${LCRYPTO_SRC}/providers/implementations/macs \ 339 ${LCRYPTO_SRC}/providers/implementations/rands \ 340 ${LCRYPTO_SRC}/providers/implementations/signature \ 341 ${LCRYPTO_SRC}/ssl 342