On Mon, 6 Sep 2004, Doug Kaufman wrote:
> On Mon, 6 Sep 2004, Andy Polyakov wrote:
>
> (Gisle Vanem wrote)
> > > To be able to use SSE2 code on a Pentium 4(?) , you need to add
> > > -DOPENSSL_IA32_SSE2 -DOPENSSL_CPUID_OBJ and have an up-to-date
> > > version of "as". (v2.13?).
> >
> > ./Configure should take care of it. Naturally not of as version, but the
> > required preprocessor flags. Doug has probably configured with 386 flag.
>
> Yes, I configured with the 386 flag, to make sure any programs I
> distribute would be compatible with 386. I'll try to do another build
> without 386, though. Should the 386 flag be something shown with
> "openssl version -a"?
When testing without the "386" flag for configure, the asm code didn't
seem to have any problem, but the padlock engine code broke in 2
different areas in eng_padlock.c. There was a mismatch in the prototype
for padlock_aes_cipher. The code also uses snprintf, which is not
available on all platforms (such as DJGPP 2.03). We already have a
snprintf replacement in the code. I used that here and fixed the
prototype to match. With these changes (and the previously submitted
changes for configure and Makefile), this builds with configure, "make
depend", make, "make test", and "make install", without warnings.
This binary identifies itself as:
OpenSSL 0.9.8-dev XX xxx XXXX
built on: Mon Sep 6 14:52:52 PST 2004
platform: DJGPP
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx)
compiler: gcc -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2
-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fno-strict-aliasing
-fomit-frame-pointer -O2 -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2
-DSHA1_ASM -DMD5_ASM -DRMD160_ASM
OPENSSLDIR: "/dev/env/DJDIR/ssl"
I am attaching the patch for eng_padlock.c and am also submitting it to
the US Bureau of Industry and Security.
Doug
--
Doug Kaufman
Internet: [EMAIL PROTECTED]
--- OpenSSL-0.9.8/crypto/engine/eng_padlock.c.ori 2004-08-24 02:00:20.000000000
-0800
+++ OpenSSL-0.9.8/crypto/engine/eng_padlock.c 2004-09-06 23:44:16.000000000 -0800
@@ -68,7 +68,6 @@
#include <malloc.h>
#ifdef _MSC_VER
# define alloca _alloca
-# define snprintf _snprintf
#endif
#include <openssl/crypto.h>
@@ -153,7 +152,7 @@
#endif
/* Generate a nice engine name with available features */
- snprintf(padlock_name, sizeof(padlock_name), "VIA PadLock (%s, %s)",
+ BIO_snprintf(padlock_name, sizeof(padlock_name), "VIA PadLock (%s, %s)",
padlock_use_rng ? "RNG" : "no-RNG",
padlock_use_ace ? "ACE" : "no-ACE");
@@ -865,7 +864,7 @@
encryption function itself. This function is not AES-specific. */
static int
padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
- const unsigned char *in_arg, size_t nbytes)
+ const unsigned char *in_arg, unsigned int nbytes)
{
struct padlock_cipher_data *cdata;
const void *inp;
