1 # Copyright (c) 2021-2022 Yubico AB. All rights reserved.
2 # Use of this source code is governed by a BSD-style
3 # license that can be found in the LICENSE file.
4 # SPDX-License-Identifier: BSD-2-Clause
5
6 param(
7 [string]$CMakePath = "C:\Program Files\CMake\bin\cmake.exe",
8 [string]$GitPath = "C:\Program Files\Git\bin\git.exe",
9 [string]$SevenZPath = "C:\Program Files\7-Zip\7z.exe",
10 [string]$GPGPath = "C:\Program Files (x86)\GnuPG\bin\gpg.exe",
11 [string]$WinSDK = "",
12 [string]$Config = "Release",
13 [string]$Arch = "x64",
14 [string]$Type = "dynamic",
15 [string]$Fido2Flags = ""
16 )
17
18 $ErrorActionPreference = "Stop"
19 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
20
21 . "$PSScriptRoot\const.ps1"
22
ExitOnError()23 Function ExitOnError() {
24 if ($LastExitCode -ne 0) {
25 throw "A command exited with status $LastExitCode"
26 }
27 }
28
GitClone(${REPO}, ${BRANCH}, ${DIR})29 Function GitClone(${REPO}, ${BRANCH}, ${DIR}) {
30 Write-Host "Cloning ${REPO}..."
31 & $Git -c advice.detachedHead=false clone --quiet --depth=1 `
32 --branch "${BRANCH}" "${REPO}" "${DIR}"
33 Write-Host "${REPO}'s ${BRANCH} HEAD is:"
34 & $Git -C "${DIR}" show -s HEAD
35 }
36
37 # Find Git.
38 $Git = $(Get-Command git -ErrorAction Ignore | `
39 Select-Object -ExpandProperty Source)
40 if ([string]::IsNullOrEmpty($Git)) {
41 $Git = $GitPath
42 }
43 if (-Not (Test-Path $Git)) {
44 throw "Unable to find Git at $Git"
45 }
46
47 # Find CMake.
48 $CMake = $(Get-Command cmake -ErrorAction Ignore | `
49 Select-Object -ExpandProperty Source)
50 if ([string]::IsNullOrEmpty($CMake)) {
51 $CMake = $CMakePath
52 }
53 if (-Not (Test-Path $CMake)) {
54 throw "Unable to find CMake at $CMake"
55 }
56
57 # Find 7z.
58 $SevenZ = $(Get-Command 7z -ErrorAction Ignore | `
59 Select-Object -ExpandProperty Source)
60 if ([string]::IsNullOrEmpty($SevenZ)) {
61 $SevenZ = $SevenZPath
62 }
63 if (-Not (Test-Path $SevenZ)) {
64 throw "Unable to find 7z at $SevenZ"
65 }
66
67 # Find GPG.
68 $GPG = $(Get-Command gpg -ErrorAction Ignore | `
69 Select-Object -ExpandProperty Source)
70 if ([string]::IsNullOrEmpty($GPG)) {
71 $GPG = $GPGPath
72 }
73 if (-Not (Test-Path $GPG)) {
74 throw "Unable to find GPG at $GPG"
75 }
76
77 # Override CMAKE_SYSTEM_VERSION if $WinSDK is set.
78 if (-Not ([string]::IsNullOrEmpty($WinSDK))) {
79 $CMAKE_SYSTEM_VERSION = "-DCMAKE_SYSTEM_VERSION='$WinSDK'"
80 } else {
81 $CMAKE_SYSTEM_VERSION = ''
82 }
83
84 Write-Host "WinSDK: $WinSDK"
85 Write-Host "Config: $Config"
86 Write-Host "Arch: $Arch"
87 Write-Host "Type: $Type"
88 Write-Host "Git: $Git"
89 Write-Host "CMake: $CMake"
90 Write-Host "7z: $SevenZ"
91 Write-Host "GPG: $GPG"
92
93 # Create build directories.
94 New-Item -Type Directory "${BUILD}" -Force
95 New-Item -Type Directory "${BUILD}\${Arch}" -Force
96 New-Item -Type Directory "${BUILD}\${Arch}\${Type}" -Force
97 New-Item -Type Directory "${STAGE}\${LIBRESSL}" -Force
98 New-Item -Type Directory "${STAGE}\${LIBCBOR}" -Force
99 New-Item -Type Directory "${STAGE}\${ZLIB}" -Force
100
101 # Create output directories.
102 New-Item -Type Directory "${OUTPUT}" -Force
103 New-Item -Type Directory "${OUTPUT}\${Arch}" -Force
104 New-Item -Type Directory "${OUTPUT}\${Arch}\${Type}" -force
105
106 # Fetch and verify dependencies.
107 Push-Location ${BUILD}
108 try {
109 if (-Not (Test-Path .\${LIBRESSL})) {
110 if (-Not (Test-Path .\${LIBRESSL}.tar.gz -PathType leaf)) {
111 Invoke-WebRequest ${LIBRESSL_URL}/${LIBRESSL}.tar.gz `
112 -OutFile .\${LIBRESSL}.tar.gz
113 }
114 if (-Not (Test-Path .\${LIBRESSL}.tar.gz.asc -PathType leaf)) {
115 Invoke-WebRequest ${LIBRESSL_URL}/${LIBRESSL}.tar.gz.asc `
116 -OutFile .\${LIBRESSL}.tar.gz.asc
117 }
118
119 Copy-Item "$PSScriptRoot\libressl.gpg" -Destination "${BUILD}"
120 & $GPG --list-keys
121 & $GPG --quiet --no-default-keyring --keyring ./libressl.gpg `
122 --verify .\${LIBRESSL}.tar.gz.asc .\${LIBRESSL}.tar.gz
123 if ($LastExitCode -ne 0) {
124 throw "GPG signature verification failed"
125 }
126 & $SevenZ e .\${LIBRESSL}.tar.gz
127 & $SevenZ x .\${LIBRESSL}.tar
128 Remove-Item -Force .\${LIBRESSL}.tar
129 }
130 if (-Not (Test-Path .\${LIBCBOR})) {
131 GitClone "${LIBCBOR_GIT}" "${LIBCBOR_BRANCH}" ".\${LIBCBOR}"
132 }
133 if (-Not (Test-Path .\${ZLIB})) {
134 GitClone "${ZLIB_GIT}" "${ZLIB_BRANCH}" ".\${ZLIB}"
135 }
136 } catch {
137 throw "Failed to fetch and verify dependencies"
138 } finally {
139 Pop-Location
140 }
141
142 # Build LibreSSL.
143 Push-Location ${STAGE}\${LIBRESSL}
144 try {
145 & $CMake ..\..\..\${LIBRESSL} -A "${Arch}" `
146 -DBUILD_SHARED_LIBS="${SHARED}" -DLIBRESSL_TESTS=OFF `
147 -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG}" `
148 -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE}" `
149 -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; `
150 ExitOnError
151 & $CMake --build . --config ${Config} --verbose; ExitOnError
152 & $CMake --build . --config ${Config} --target install --verbose; `
153 ExitOnError
154 } catch {
155 throw "Failed to build LibreSSL"
156 } finally {
157 Pop-Location
158 }
159
160 # Build libcbor.
161 Push-Location ${STAGE}\${LIBCBOR}
162 try {
163 & $CMake ..\..\..\${LIBCBOR} -A "${Arch}" `
164 -DWITH_EXAMPLES=OFF `
165 -DBUILD_SHARED_LIBS="${SHARED}" `
166 -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG} /wd4703" `
167 -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE} /wd4703" `
168 -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; `
169 ExitOnError
170 & $CMake --build . --config ${Config} --verbose; ExitOnError
171 & $CMake --build . --config ${Config} --target install --verbose; `
172 ExitOnError
173 } catch {
174 throw "Failed to build libcbor"
175 } finally {
176 Pop-Location
177 }
178
179 # Build zlib.
180 Push-Location ${STAGE}\${ZLIB}
181 try {
182 & $CMake ..\..\..\${ZLIB} -A "${Arch}" `
183 -DBUILD_SHARED_LIBS="${SHARED}" `
184 -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG}" `
185 -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE}" `
186 -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; `
187 ExitOnError
188 & $CMake --build . --config ${Config} --verbose; ExitOnError
189 & $CMake --build . --config ${Config} --target install --verbose; `
190 ExitOnError
191 # Patch up zlib's various names.
192 if ("${Type}" -eq "Dynamic") {
193 ((Get-ChildItem -Path "${PREFIX}/lib") -Match "zlib[d]?.lib") |
194 Copy-Item -Destination "${PREFIX}/lib/zlib1.lib" -Force
195 ((Get-ChildItem -Path "${PREFIX}/bin") -Match "zlibd1.dll") |
196 Copy-Item -Destination "${PREFIX}/bin/zlib1.dll" -Force
197 } else {
198 ((Get-ChildItem -Path "${PREFIX}/lib") -Match "zlibstatic[d]?.lib") |
199 Copy-item -Destination "${PREFIX}/lib/zlib1.lib" -Force
200 }
201 } catch {
202 throw "Failed to build zlib"
203 } finally {
204 Pop-Location
205 }
206
207 # Build libfido2.
208 Push-Location ${STAGE}
209 try {
210 & $CMake ..\..\.. -A "${Arch}" `
211 -DCMAKE_BUILD_TYPE="${Config}" `
212 -DBUILD_SHARED_LIBS="${SHARED}" `
213 -DCBOR_INCLUDE_DIRS="${PREFIX}\include" `
214 -DCBOR_LIBRARY_DIRS="${PREFIX}\lib" `
215 -DCBOR_BIN_DIRS="${PREFIX}\bin" `
216 -DZLIB_INCLUDE_DIRS="${PREFIX}\include" `
217 -DZLIB_LIBRARY_DIRS="${PREFIX}\lib" `
218 -DZLIB_BIN_DIRS="${PREFIX}\bin" `
219 -DCRYPTO_INCLUDE_DIRS="${PREFIX}\include" `
220 -DCRYPTO_LIBRARY_DIRS="${PREFIX}\lib" `
221 -DCRYPTO_BIN_DIRS="${PREFIX}\bin" `
222 -DCRYPTO_LIBRARIES="${CRYPTO_LIBRARIES}" `
223 -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG} ${Fido2Flags}" `
224 -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE} ${Fido2Flags}" `
225 -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; `
226 ExitOnError
227 & $CMake --build . --config ${Config} --verbose; ExitOnError
228 & $CMake --build . --config ${Config} --target regress --verbose; `
229 ExitOnError
230 & $CMake --build . --config ${Config} --target install --verbose; `
231 ExitOnError
232 # Copy DLLs.
233 if ("${SHARED}" -eq "ON") {
234 "cbor.dll", "${CRYPTO_LIBRARIES}.dll", "zlib1.dll" | `
235 %{ Copy-Item "${PREFIX}\bin\$_" `
236 -Destination "examples\${Config}" }
237 }
238 } catch {
239 throw "Failed to build libfido2"
240 } finally {
241 Pop-Location
242 }
243