There was a lot of naming inconsistency, so we try and standardise on
one form.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Move rsa_meth_st away from public headers.
Add RSA_METHOD creator/destructor functions.
Add RSA_METHOD accessor/writer functions.
Adapt all other source to use the creator, destructor, accessors and writers.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Submitted by Michael McConville <mmcco@mykolab.com>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Also fixed a style issue
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

Numerous fixups based on feedback of the DSA opacity changes.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

Move the dsa_method structure out of the public header file, and provide
getter and setter functions for creating and modifying custom DSA_METHODs.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

The no-deprecated build was failing because afalg was relying on a
transitive include that does not exist in a no-deprecated build.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Compiling on Windows with no-hw was resulting in unresolved symbols
in the padlock engine.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

but not if there is reference to empty variable.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The AFALG engine created a global EVP_CIPHER instance but was not freeing
it up when the engine was destroyed.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Similarly, don't add e_capi if configured "no-capieng"

Also, indent a little deeper, for clarity.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Also, indent a little deeper, for clarity.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Before the 'Introduce the "pic" / "no-pic" config option' commit, the
shared_cflag value for the chosen config would be part of the make
variable CFLAG, which got replicated into CFLAGS and ASFLAGS.

Since said commit, the shared_cflag value has become a make variable
of its own, SHARED_CFLAG (which is left empty in a "no-pic" build).

However, ASFLAGS was forgotten.  That's what's corrected with this
change.
Reviewed-by: NAndy Polyakov <appro@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Move the chil engine to use the new thread API. As I don't have access to
the hardware I can't test this :-(. I think its ok...
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This fixes "make update".
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NAndy Polyakov <appro@openssl.org>

Move out most of the boiler plate code that is common between aes128-cbc
and aes128-cbc-hmac-sha1 into helper functions to improve code reuse.
Reviewed-by: NTim Hudson <tjh@openssl.org>

The _hidden_* variables were being created on-the-fly. It is better to
create them once up front during bind to avoid any potential race
conditions.
Reviewed-by: NTim Hudson <tjh@openssl.org>

We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add dummy pipline support to dasync for the aes128_cbc_hmac_sha1 cipher.
This is treated as an AEAD cipher.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Implement aes128-cbc as a pipeline capable cipher in the dasync engine.
As dasync is just a dummy engine, it actually just performs the parallel
encrypts/decrypts in serial.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

This gets rid of the BEGINRAW..ENDRAW sections in engines/build.info.

This also moves the assembler generating perl scripts to take the
output file name as last command line argument, where necessary.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

The af_alg engine and associated test were creating warnings when compiled
with clang. This fixes it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Misc afalg build fixes as suggested by Richard Levitte for the latest
Configure changes.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

1. Cleaned up eventfd handling
2. Reworked socket setup code to allow other algorithms to be added in
   future
3. Fixed compile errors for static build
4. Added error to error stack in all cases of ALG_PERR/ALG_ERR
5. Called afalg_aes_128_cbc() from bind() to avoid race conditions
6. Used MAX_INFLIGHT define in io_getevents system call
7. Coding style fixes
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Implementation experience has shown that the original plan for async wait
fds was too simplistic. Originally the async logic created a pipe internally
and user/engine code could then get access to it via API calls. It is more
flexible if the engine is able to create its own fd and provide it to the
async code.

Another issue is that there can be a lot of churn in the fd value within
the context of (say) a single SSL connection leading to continually adding
and removing fds from (say) epoll. It is better if we can provide some
stability of the fd value across a whole SSL connection. This is
problematic because an engine has no concept of an SSL connection.

This commit refactors things to introduce an ASYNC_WAIT_CTX which acts as a
proxy for an SSL connection down at the engine layer.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

The ubsec engine is now considered obsolete and therefore has been
removed.
Reviewed-by: NRich Salz <rsalz@openssl.org>