1*b077aed3SPierre Pronchery# libcommon.a Contains common building blocks and other routines, 2*b077aed3SPierre Pronchery# potentially needed by any of our providers. 3*b077aed3SPierre Pronchery# 4*b077aed3SPierre Pronchery# libfips.a Contains all algorithm implementations that should 5*b077aed3SPierre Pronchery# go in the FIPS provider. The compilations for this 6*b077aed3SPierre Pronchery# library are all done with FIPS_MODULE defined. 7*b077aed3SPierre Pronchery# 8*b077aed3SPierre Pronchery# liblegacy.a Contains all algorithm implementations that should 9*b077aed3SPierre Pronchery# go into the legacy provider. The compilations for 10*b077aed3SPierre Pronchery# this library are all done with STATIC_LEGACY defined. 11*b077aed3SPierre Pronchery# 12*b077aed3SPierre Pronchery# libdefault.a Contains all algorithm implementations that should 13*b077aed3SPierre Pronchery# into the default or base provider. 14*b077aed3SPierre Pronchery# 15*b077aed3SPierre Pronchery# To be noted is that the FIPS provider shares source code with libcrypto, 16*b077aed3SPierre Pronchery# which means that select source files from crypto/ are compiled for 17*b077aed3SPierre Pronchery# libfips.a the sources from providers/implementations. 18*b077aed3SPierre Pronchery# 19*b077aed3SPierre Pronchery# This is how a provider module should be linked: 20*b077aed3SPierre Pronchery# 21*b077aed3SPierre Pronchery# -o {modulename}.so {object files...} lib{modulename}.a libcommon.a 22*b077aed3SPierre Pronchery# 23*b077aed3SPierre Pronchery# It is crucial that code that checks the FIPS_MODULE macro ends up in 24*b077aed3SPierre Pronchery# libfips.a. 25*b077aed3SPierre Pronchery# It is crucial that code that checks the STATIC_LEGACY macro ends up in 26*b077aed3SPierre Pronchery# liblegacy.a. 27*b077aed3SPierre Pronchery# It is recommended that code that is written for libcommon.a doesn't end 28*b077aed3SPierre Pronchery# up depending on libfips.a, liblegacy.a or libdefault.a 29*b077aed3SPierre Pronchery# 30*b077aed3SPierre Pronchery# Code in providers/implementations/ should be written in such a way that 31*b077aed3SPierre Pronchery# the OSSL_DISPATCH arrays (and preferably the majority of the actual code) 32*b077aed3SPierre Pronchery# end up in either libfips.a, liblegacy.a or libdefault.a. 33*b077aed3SPierre Pronchery 34*b077aed3SPierre ProncherySUBDIRS=common implementations 35*b077aed3SPierre Pronchery 36*b077aed3SPierre ProncheryINCLUDE[../libcrypto]=common/include 37*b077aed3SPierre Pronchery 38*b077aed3SPierre Pronchery# Libraries we're dealing with 39*b077aed3SPierre Pronchery$LIBCOMMON=libcommon.a 40*b077aed3SPierre Pronchery$LIBFIPS=libfips.a 41*b077aed3SPierre Pronchery$LIBLEGACY=liblegacy.a 42*b077aed3SPierre Pronchery$LIBDEFAULT=libdefault.a 43*b077aed3SPierre ProncheryLIBS{noinst}=$LIBDEFAULT $LIBCOMMON 44*b077aed3SPierre Pronchery 45*b077aed3SPierre Pronchery# Enough of our implementations include prov/ciphercommon.h (present in 46*b077aed3SPierre Pronchery# providers/implementations/include), which includes crypto/*_platform.h 47*b077aed3SPierre Pronchery# (present in include), which in turn may include very internal header 48*b077aed3SPierre Pronchery# files in crypto/, so let's have a common include list for them all. 49*b077aed3SPierre Pronchery$COMMON_INCLUDES=../crypto ../include implementations/include common/include 50*b077aed3SPierre Pronchery 51*b077aed3SPierre ProncheryINCLUDE[$LIBCOMMON]=$COMMON_INCLUDES 52*b077aed3SPierre ProncheryINCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES 53*b077aed3SPierre ProncheryINCLUDE[$LIBLEGACY]=.. $COMMON_INCLUDES 54*b077aed3SPierre ProncheryINCLUDE[$LIBDEFAULT]=.. $COMMON_INCLUDES 55*b077aed3SPierre ProncheryDEFINE[$LIBFIPS]=FIPS_MODULE 56*b077aed3SPierre Pronchery 57*b077aed3SPierre Pronchery# Weak dependencies to provide library order information. What is actually 58*b077aed3SPierre Pronchery# used is determined by non-weak dependencies. 59*b077aed3SPierre ProncheryDEPEND[$LIBCOMMON]{weak}=../libcrypto 60*b077aed3SPierre Pronchery 61*b077aed3SPierre Pronchery# Strong dependencies. This ensures that any time an implementation library 62*b077aed3SPierre Pronchery# is used, libcommon gets included as well. 63*b077aed3SPierre Pronchery# The $LIBFIPS dependency on $LIBCOMMON is extra strong, to mitigate for 64*b077aed3SPierre Pronchery# linking problems because they are interdependent 65*b077aed3SPierre ProncherySOURCE[$LIBFIPS]=$LIBCOMMON 66*b077aed3SPierre ProncheryDEPEND[$LIBLEGACY]=$LIBCOMMON 67*b077aed3SPierre ProncheryDEPEND[$LIBDEFAULT]=$LIBCOMMON 68*b077aed3SPierre Pronchery 69*b077aed3SPierre Pronchery# 70*b077aed3SPierre Pronchery# Default provider stuff 71*b077aed3SPierre Pronchery# 72*b077aed3SPierre Pronchery# Because the default provider is built in, it means that libcrypto must 73*b077aed3SPierre Pronchery# include all the object files that are needed (we do that indirectly, 74*b077aed3SPierre Pronchery# by using the appropriate libraries as source). Note that for shared 75*b077aed3SPierre Pronchery# libraries, SOURCEd libraries are considered as if they were specified 76*b077aed3SPierre Pronchery# with DEPEND. 77*b077aed3SPierre Pronchery$DEFAULTGOAL=../libcrypto 78*b077aed3SPierre ProncherySOURCE[$DEFAULTGOAL]=$LIBDEFAULT defltprov.c 79*b077aed3SPierre ProncheryINCLUDE[$DEFAULTGOAL]=implementations/include 80*b077aed3SPierre Pronchery 81*b077aed3SPierre Pronchery# 82*b077aed3SPierre Pronchery# Base provider stuff 83*b077aed3SPierre Pronchery# 84*b077aed3SPierre Pronchery# Because the base provider is built in, it means that libcrypto must 85*b077aed3SPierre Pronchery# include all of the object files that are needed, just like the default 86*b077aed3SPierre Pronchery# provider. 87*b077aed3SPierre Pronchery$BASEGOAL=../libcrypto 88*b077aed3SPierre ProncherySOURCE[$BASEGOAL]=$LIBDEFAULT baseprov.c 89*b077aed3SPierre ProncheryINCLUDE[$BASEGOAL]=implementations/include 90*b077aed3SPierre Pronchery 91*b077aed3SPierre Pronchery# 92*b077aed3SPierre Pronchery# FIPS provider stuff 93*b077aed3SPierre Pronchery# 94*b077aed3SPierre Pronchery# We define it this way to ensure that configdata.pm will have all the 95*b077aed3SPierre Pronchery# necessary information even if we don't build the module. This will allow 96*b077aed3SPierre Pronchery# us to make all kinds of checks on the source, based on what we specify in 97*b077aed3SPierre Pronchery# diverse build.info files. libfips.a, fips.so and their sources aren't 98*b077aed3SPierre Pronchery# built unless the proper LIBS or MODULES statement has been seen, so we 99*b077aed3SPierre Pronchery# have those and only those within a condition. 100*b077aed3SPierre ProncheryIF[{- !$disabled{fips} -}] 101*b077aed3SPierre Pronchery SUBDIRS=fips 102*b077aed3SPierre Pronchery $FIPSGOAL=fips 103*b077aed3SPierre Pronchery 104*b077aed3SPierre Pronchery # This is the trigger to actually build the FIPS module. Without these 105*b077aed3SPierre Pronchery # statements, the final build file will not have a trace of it. 106*b077aed3SPierre Pronchery MODULES{fips}=$FIPSGOAL 107*b077aed3SPierre Pronchery LIBS{noinst}=$LIBFIPS 108*b077aed3SPierre Pronchery 109*b077aed3SPierre Pronchery DEPEND[$FIPSGOAL]=$LIBFIPS 110*b077aed3SPierre Pronchery INCLUDE[$FIPSGOAL]=../include 111*b077aed3SPierre Pronchery DEFINE[$FIPSGOAL]=FIPS_MODULE 112*b077aed3SPierre Pronchery IF[{- defined $target{shared_defflag} -}] 113*b077aed3SPierre Pronchery SOURCE[$FIPSGOAL]=fips.ld 114*b077aed3SPierre Pronchery GENERATE[fips.ld]=../util/providers.num 115*b077aed3SPierre Pronchery ENDIF 116*b077aed3SPierre Pronchery 117*b077aed3SPierre Pronchery DEPEND[|build_modules_nodep|]=fipsmodule.cnf 118*b077aed3SPierre Pronchery GENERATE[fipsmodule.cnf]=../util/mk-fipsmodule-cnf.pl \ 119*b077aed3SPierre Pronchery -module $(FIPSMODULE) -section_name fips_sect -key $(FIPSKEY) 120*b077aed3SPierre Pronchery DEPEND[fipsmodule.cnf]=$FIPSGOAL 121*b077aed3SPierre Pronchery 122*b077aed3SPierre Pronchery # Add VERSIONINFO resource for windows 123*b077aed3SPierre Pronchery IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}] 124*b077aed3SPierre Pronchery GENERATE[fips.rc]=../util/mkrc.pl fips 125*b077aed3SPierre Pronchery SOURCE[$FIPSGOAL]=fips.rc 126*b077aed3SPierre Pronchery ENDIF 127*b077aed3SPierre ProncheryENDIF 128*b077aed3SPierre Pronchery 129*b077aed3SPierre Pronchery# 130*b077aed3SPierre Pronchery# Legacy provider stuff 131*b077aed3SPierre Pronchery# 132*b077aed3SPierre ProncheryIF[{- !$disabled{legacy} -}] 133*b077aed3SPierre Pronchery LIBS{noinst}=$LIBLEGACY 134*b077aed3SPierre Pronchery 135*b077aed3SPierre Pronchery IF[{- $disabled{module} -}] 136*b077aed3SPierre Pronchery # Become built in 137*b077aed3SPierre Pronchery # In this case, we need to do the same thing a for the default provider, 138*b077aed3SPierre Pronchery # and make the liblegacy object files end up in libcrypto. We could also 139*b077aed3SPierre Pronchery # just say that for the built-in legacy, we put the source directly in 140*b077aed3SPierre Pronchery # libcrypto instead of going via liblegacy, but that makes writing the 141*b077aed3SPierre Pronchery # implementation specific build.info files harder to write, so we don't. 142*b077aed3SPierre Pronchery $LEGACYGOAL=../libcrypto 143*b077aed3SPierre Pronchery SOURCE[$LEGACYGOAL]=$LIBLEGACY 144*b077aed3SPierre Pronchery DEFINE[$LEGACYGOAL]=STATIC_LEGACY 145*b077aed3SPierre Pronchery ELSE 146*b077aed3SPierre Pronchery # Become a module 147*b077aed3SPierre Pronchery # In this case, we can work with dependencies 148*b077aed3SPierre Pronchery $LEGACYGOAL=legacy 149*b077aed3SPierre Pronchery MODULES=$LEGACYGOAL 150*b077aed3SPierre Pronchery DEPEND[$LEGACYGOAL]=$LIBLEGACY ../libcrypto 151*b077aed3SPierre Pronchery IF[{- defined $target{shared_defflag} -}] 152*b077aed3SPierre Pronchery SOURCE[legacy]=legacy.ld 153*b077aed3SPierre Pronchery GENERATE[legacy.ld]=../util/providers.num 154*b077aed3SPierre Pronchery ENDIF 155*b077aed3SPierre Pronchery 156*b077aed3SPierre Pronchery # Add VERSIONINFO resource for windows 157*b077aed3SPierre Pronchery IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}] 158*b077aed3SPierre Pronchery GENERATE[legacy.rc]=../util/mkrc.pl legacy 159*b077aed3SPierre Pronchery SOURCE[$LEGACYGOAL]=legacy.rc 160*b077aed3SPierre Pronchery ENDIF 161*b077aed3SPierre Pronchery 162*b077aed3SPierre Pronchery SOURCE[$LIBLEGACY]=prov_running.c 163*b077aed3SPierre Pronchery ENDIF 164*b077aed3SPierre Pronchery 165*b077aed3SPierre Pronchery # Common things that are valid no matter what form the Legacy provider 166*b077aed3SPierre Pronchery # takes. 167*b077aed3SPierre Pronchery SOURCE[$LEGACYGOAL]=legacyprov.c 168*b077aed3SPierre Pronchery INCLUDE[$LEGACYGOAL]=../include implementations/include common/include 169*b077aed3SPierre ProncheryENDIF 170*b077aed3SPierre Pronchery 171*b077aed3SPierre Pronchery# 172*b077aed3SPierre Pronchery# Null provider stuff 173*b077aed3SPierre Pronchery# 174*b077aed3SPierre Pronchery# Because the null provider is built in, it means that libcrypto must 175*b077aed3SPierre Pronchery# include all the object files that are needed. 176*b077aed3SPierre Pronchery$NULLGOAL=../libcrypto 177*b077aed3SPierre ProncherySOURCE[$NULLGOAL]=nullprov.c prov_running.c 178