Index: Makefile.in ================================================================== --- Makefile.in +++ Makefile.in @@ -8,49 +8,34 @@ SHOBJFLAGS = @SHOBJFLAGS@ SHOBJLDFLAGS = @SHOBJLDFLAGS@ AR = @AR@ RANLIB = @RANLIB@ STRIP = @STRIP@ +OBJCOPY = @OBJCOPY@ prefix = @prefix@ exec_prefix = @exec_prefix@ libdir = @libdir@ @SET_MAKE@ all: $(MAKE) libcackey.@SHOBJEXT@ -$(MAKE) libcackey_g.@SHOBJEXT@ -cackey.o: cackey.c cackey_builtin_certs.h sha1.h md5.h asn1-x509.h config.h +cackey.o: cackey.c cackey_builtin_certs.h sha1.c sha1.h md5.c md5.h asn1-x509.c asn1-x509.h config.h $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o cackey.o -c cackey.c -cackey_g.o: cackey.c cackey_builtin_certs.h sha1.h md5.h asn1-x509.h config.h +cackey_g.o: cackey.c cackey_builtin_certs.h sha1.c sha1.h md5.c md5.h asn1-x509.c asn1-x509.h config.h $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o cackey_g.o -c cackey.c -asn1-x509.o: asn1-x509.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o asn1-x509.o -c asn1-x509.c - -asn1-x509_g.o: asn1-x509.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o asn1-x509_g.o -c asn1-x509.c - -sha1.o: sha1.c sha1.h config.h - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o sha1.o -c sha1.c - -sha1_g.o: sha1.c sha1.h config.h - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o sha1_g.o -c sha1.c - -md5.o: md5.c md5.h config.h - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o md5.o -c md5.c - -md5_g.o: md5.c md5.h config.h - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o md5_g.o -c md5.c - -libcackey.@SHOBJEXT@: cackey.o asn1-x509.o sha1.o md5.o - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey.@SHOBJEXT@ cackey.o asn1-x509.o sha1.o md5.o $(LIBS) +libcackey.@SHOBJEXT@: cackey.o + $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey.@SHOBJEXT@ cackey.o $(LIBS) + -$(OBJCOPY) --wildcard --keep-global-symbol 'C_*' libcackey.@SHOBJEXT@ -$(STRIP) -x "libcackey.@SHOBJEXT@" -libcackey_g.@SHOBJEXT@: cackey_g.o asn1-x509_g.o sha1_g.o md5_g.o - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey_g.@SHOBJEXT@ cackey_g.o asn1-x509_g.o sha1.o md5_g.o $(LIBS) +libcackey_g.@SHOBJEXT@: cackey_g.o + $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey_g.@SHOBJEXT@ cackey_g.o $(LIBS) + -$(OBJCOPY) --wildcard --keep-global-symbol 'C_*' libcackey.@SHOBJEXT@ test: test.c libcackey_g.@SHOBJEXT@ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o test test.c -Wl,-R,. libcackey_g.@SHOBJEXT@ splint-cackey.txt: cackey.c cackey_builtin_certs.h asn1-x509.c asn1-x509.h config.h @@ -65,11 +50,11 @@ clean: rm -f libcackey.@SHOBJEXT@ libcackey_g.@SHOBJEXT@ rm -f libcackey.@SHOBJEXT@.def libcackey_g.@SHOBJEXT@.def rm -f libcackey.@SHOBJEXT@.a libcackey_g.@SHOBJEXT@.a - rm -f cackey.o asn1-x509.o cackey_g.o asn1-x509_g.o sha1.o sha1_g.o md5.o md5_g.o + rm -f cackey.o cackey_g.o rm -f test rm -f splint-cackey.txt distclean: clean rm -f config.log config.status config.h Makefile Index: asn1-x509.c ================================================================== --- asn1-x509.c +++ asn1-x509.c @@ -186,11 +186,11 @@ } return(x509.subject.asn1rep_len); } -ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { +static ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { struct x509_object x509; int read_ret; read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); if (read_ret != 0) { @@ -202,11 +202,11 @@ } return(x509.serial_number.asn1rep_len); } -ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { +static ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { struct asn1_object null, pubkey, modulus, exponent; struct x509_object x509; int read_ret; read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); @@ -230,11 +230,11 @@ } return(modulus.size); } -ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { +static ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { struct asn1_object null, pubkey, modulus, exponent; struct x509_object x509; int read_ret; read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); @@ -258,11 +258,11 @@ } return(exponent.size); } -ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len) { +static ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len) { struct asn1_object null, pubkey, modulus, exponent; struct x509_object x509; int read_ret; read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); @@ -323,11 +323,11 @@ } return("???"); } -ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel) { +static ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel) { struct asn1_object whole_thing, current_set, current_seq; struct asn1_object label, value; const char *label_str; ssize_t snprintf_ret, retval; char *outbuf_s; Index: asn1-x509.h ================================================================== --- asn1-x509.h +++ asn1-x509.h @@ -8,20 +8,20 @@ # endif #else # include #endif -ssize_t x509_to_subject(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_issuer(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len); - -ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel); +static ssize_t x509_to_subject(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_issuer(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len); + +static ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel); #endif Index: cackey.c ================================================================== --- cackey.c +++ cackey.c @@ -58,10 +58,18 @@ #include "pkcs11n.h" #include "asn1-x509.h" #include "sha1.h" #include "md5.h" +/* + * Include these source files in this translation unit so that we can bind to + * functions and not include any symbols in the output shared object. + */ +#include "asn1-x509.c" +#include "sha1.c" +#include "md5.c" + #ifndef CACKEY_CRYPTOKI_VERSION_CODE # define CACKEY_CRYPTOKI_VERSION_CODE 0x021e00 #endif /* GSC-IS v2.1 Definitions */ Index: configure.ac ================================================================== --- configure.ac +++ configure.ac @@ -1,6 +1,6 @@ -AC_INIT(cackey, 0.6.1) +AC_INIT(cackey, 0.6.2) AC_CONFIG_HEADERS(config.h) dnl Locate standard tools AC_PROG_CC AC_PROG_MAKE_SET @@ -21,11 +21,12 @@ dnl Determine how to create static archives on this platform AC_CHECK_TOOL(AR, ar) AC_CHECK_TOOL(RANLIB, ranlib) dnl Determine how to strip executables -AC_CHECK_TOOL(STRIP, strip) +AC_CHECK_TOOL(OBJCOPY, objcopy) +AC_CHECK_TOOL(STRIP, stripf, [$OBJCOPY]) dnl Check for all required headers AC_CHECK_HEADERS(arpa/inet.h inttypes.h stdarg.h stdint.h stdio.h stdlib.h string.h sys/socket.h sys/types.h sys/un.h time.h unistd.h pthread.h zlib.h limits.h,,[ AC_WARN([Required header missing, compilation will likely fail.]) ], [ Index: md5.c ================================================================== --- md5.c +++ md5.c @@ -96,11 +96,11 @@ (a) += (b); \ } /* MD5 initialization. Begins an MD5 operation, writing a new context. */ -void MD5Init (MD5_CTX *context) { +static void MD5Init (MD5_CTX *context) { context->count[0] = context->count[1] = 0; /* Load magic initialization constants. */ context->state[0] = 0x67452301; context->state[1] = 0xefcdab89; @@ -110,11 +110,11 @@ /* MD5 block update operation. Continues an MD5 message-digest operation, processing another message block, and updating the context. */ -void MD5Update (MD5_CTX *context, unsigned char *input, unsigned int inputLen) { +static void MD5Update (MD5_CTX *context, unsigned char *input, unsigned int inputLen) { unsigned int i, index, partLen; /* Compute number of bytes mod 64 */ index = (unsigned int)((context->count[0] >> 3) & 0x3F); @@ -149,11 +149,11 @@ } /* MD5 finalization. Ends an MD5 message-digest operation, writing the the message digest and zeroizing the context. */ -void MD5Final(unsigned char digest[16], MD5_CTX *context) { +static void MD5Final(unsigned char digest[16], MD5_CTX *context) { unsigned char bits[8]; unsigned int index, padLen; /* Save number of bits */ Encode(bits, context->count, 8); Index: md5.h ================================================================== --- md5.h +++ md5.h @@ -42,10 +42,10 @@ uint32_t state[4]; /* state (ABCD) */ uint32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */ uint8_t buffer[64]; /* input buffer */ } MD5_CTX; -void MD5Init(MD5_CTX *); -void MD5Update(MD5_CTX *, unsigned char *, unsigned int); -void MD5Final(unsigned char [MD5HashSize], MD5_CTX *); +static void MD5Init(MD5_CTX *); +static void MD5Update(MD5_CTX *, unsigned char *, unsigned int); +static void MD5Final(unsigned char [MD5HashSize], MD5_CTX *); #endif Index: sha1.c ================================================================== --- sha1.c +++ sha1.c @@ -36,12 +36,12 @@ */ #define SHA1CircularShift(bits,word) \ (((word) << (bits)) | ((word) >> (32-(bits)))) /* Local Function Prototyptes */ -void SHA1PadMessage(SHA1Context *); -void SHA1ProcessMessageBlock(SHA1Context *); +static void SHA1PadMessage(SHA1Context *); +static void SHA1ProcessMessageBlock(SHA1Context *); /* * SHA1Reset * * Description: @@ -54,11 +54,11 @@ * * Returns: * sha Error Code. * */ -int SHA1Reset(SHA1Context *context) +static int SHA1Reset(SHA1Context *context) { if (!context) { return shaNull; } @@ -96,11 +96,11 @@ * * Returns: * sha Error Code. * */ -int SHA1Result( SHA1Context *context, +static int SHA1Result( SHA1Context *context, uint8_t Message_Digest[SHA1HashSize]) { int i; if (!context || !Message_Digest) @@ -153,11 +153,11 @@ * * Returns: * sha Error Code. * */ -int SHA1Input( SHA1Context *context, +static int SHA1Input( SHA1Context *context, const uint8_t *message_array, unsigned length) { if (!length) { @@ -225,11 +225,11 @@ * single character names, were used because those were the * names used in the publication. * * */ -void SHA1ProcessMessageBlock(SHA1Context *context) +static void SHA1ProcessMessageBlock(SHA1Context *context) { const uint32_t K[] = { /* Constants defined in SHA-1 */ 0x5A827999, 0x6ED9EBA1, 0x8F1BBCDC, @@ -335,11 +335,11 @@ * Returns: * Nothing. * */ -void SHA1PadMessage(SHA1Context *context) +static void SHA1PadMessage(SHA1Context *context) { /* * Check to see if the current message block is too small to hold * the initial padding bits and length. If so, we will pad the * block, process it, and then continue padding into a second Index: sha1.h ================================================================== --- sha1.h +++ sha1.h @@ -68,13 +68,13 @@ } SHA1Context; /* * Function Prototypes */ -int SHA1Reset( SHA1Context *); -int SHA1Input( SHA1Context *, +static int SHA1Reset( SHA1Context *); +static int SHA1Input( SHA1Context *, const uint8_t *, unsigned int); -int SHA1Result( SHA1Context *, +static int SHA1Result( SHA1Context *, uint8_t Message_Digest[SHA1HashSize]); #endif