1*b0d17251Schristos# libcommon.a Contains common building blocks and other routines, 2*b0d17251Schristos# potentially needed by any of our providers. 3*b0d17251Schristos# 4*b0d17251Schristos# libfips.a Contains all algorithm implementations that should 5*b0d17251Schristos# go in the FIPS provider. The compilations for this 6*b0d17251Schristos# library are all done with FIPS_MODULE defined. 7*b0d17251Schristos# 8*b0d17251Schristos# liblegacy.a Contains all algorithm implementations that should 9*b0d17251Schristos# go into the legacy provider. The compilations for 10*b0d17251Schristos# this library are all done with STATIC_LEGACY defined. 11*b0d17251Schristos# 12*b0d17251Schristos# libdefault.a Contains all algorithm implementations that should 13*b0d17251Schristos# into the default or base provider. 14*b0d17251Schristos# 15*b0d17251Schristos# To be noted is that the FIPS provider shares source code with libcrypto, 16*b0d17251Schristos# which means that select source files from crypto/ are compiled for 17*b0d17251Schristos# libfips.a the sources from providers/implementations. 18*b0d17251Schristos# 19*b0d17251Schristos# This is how a provider module should be linked: 20*b0d17251Schristos# 21*b0d17251Schristos# -o {modulename}.so {object files...} lib{modulename}.a libcommon.a 22*b0d17251Schristos# 23*b0d17251Schristos# It is crucial that code that checks the FIPS_MODULE macro ends up in 24*b0d17251Schristos# libfips.a. 25*b0d17251Schristos# It is crucial that code that checks the STATIC_LEGACY macro ends up in 26*b0d17251Schristos# liblegacy.a. 27*b0d17251Schristos# It is recommended that code that is written for libcommon.a doesn't end 28*b0d17251Schristos# up depending on libfips.a, liblegacy.a or libdefault.a 29*b0d17251Schristos# 30*b0d17251Schristos# Code in providers/implementations/ should be written in such a way that 31*b0d17251Schristos# the OSSL_DISPATCH arrays (and preferably the majority of the actual code) 32*b0d17251Schristos# end up in either libfips.a, liblegacy.a or libdefault.a. 33*b0d17251Schristos 34*b0d17251SchristosSUBDIRS=common implementations 35*b0d17251Schristos 36*b0d17251SchristosINCLUDE[../libcrypto]=common/include 37*b0d17251Schristos 38*b0d17251Schristos# Libraries we're dealing with 39*b0d17251Schristos$LIBCOMMON=libcommon.a 40*b0d17251Schristos$LIBFIPS=libfips.a 41*b0d17251Schristos$LIBLEGACY=liblegacy.a 42*b0d17251Schristos$LIBDEFAULT=libdefault.a 43*b0d17251SchristosLIBS{noinst}=$LIBDEFAULT $LIBCOMMON 44*b0d17251Schristos 45*b0d17251Schristos# Enough of our implementations include prov/ciphercommon.h (present in 46*b0d17251Schristos# providers/implementations/include), which includes crypto/*_platform.h 47*b0d17251Schristos# (present in include), which in turn may include very internal header 48*b0d17251Schristos# files in crypto/, so let's have a common include list for them all. 49*b0d17251Schristos$COMMON_INCLUDES=../crypto ../include implementations/include common/include 50*b0d17251Schristos 51*b0d17251SchristosINCLUDE[$LIBCOMMON]=$COMMON_INCLUDES 52*b0d17251SchristosINCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES 53*b0d17251SchristosINCLUDE[$LIBLEGACY]=.. $COMMON_INCLUDES 54*b0d17251SchristosINCLUDE[$LIBDEFAULT]=.. $COMMON_INCLUDES 55*b0d17251SchristosDEFINE[$LIBFIPS]=FIPS_MODULE 56*b0d17251Schristos 57*b0d17251Schristos# Weak dependencies to provide library order information. What is actually 58*b0d17251Schristos# used is determined by non-weak dependencies. 59*b0d17251SchristosDEPEND[$LIBCOMMON]{weak}=../libcrypto 60*b0d17251Schristos 61*b0d17251Schristos# Strong dependencies. This ensures that any time an implementation library 62*b0d17251Schristos# is used, libcommon gets included as well. 63*b0d17251Schristos# The $LIBFIPS dependency on $LIBCOMMON is extra strong, to mitigate for 64*b0d17251Schristos# linking problems because they are interdependent 65*b0d17251SchristosSOURCE[$LIBFIPS]=$LIBCOMMON 66*b0d17251SchristosDEPEND[$LIBLEGACY]=$LIBCOMMON 67*b0d17251SchristosDEPEND[$LIBDEFAULT]=$LIBCOMMON 68*b0d17251Schristos 69*b0d17251Schristos# 70*b0d17251Schristos# Default provider stuff 71*b0d17251Schristos# 72*b0d17251Schristos# Because the default provider is built in, it means that libcrypto must 73*b0d17251Schristos# include all the object files that are needed (we do that indirectly, 74*b0d17251Schristos# by using the appropriate libraries as source). Note that for shared 75*b0d17251Schristos# libraries, SOURCEd libraries are considered as if they were specified 76*b0d17251Schristos# with DEPEND. 77*b0d17251Schristos$DEFAULTGOAL=../libcrypto 78*b0d17251SchristosSOURCE[$DEFAULTGOAL]=$LIBDEFAULT defltprov.c 79*b0d17251SchristosINCLUDE[$DEFAULTGOAL]=implementations/include 80*b0d17251Schristos 81*b0d17251Schristos# 82*b0d17251Schristos# Base provider stuff 83*b0d17251Schristos# 84*b0d17251Schristos# Because the base provider is built in, it means that libcrypto must 85*b0d17251Schristos# include all of the object files that are needed, just like the default 86*b0d17251Schristos# provider. 87*b0d17251Schristos$BASEGOAL=../libcrypto 88*b0d17251SchristosSOURCE[$BASEGOAL]=$LIBDEFAULT baseprov.c 89*b0d17251SchristosINCLUDE[$BASEGOAL]=implementations/include 90*b0d17251Schristos 91*b0d17251Schristos# 92*b0d17251Schristos# FIPS provider stuff 93*b0d17251Schristos# 94*b0d17251Schristos# We define it this way to ensure that configdata.pm will have all the 95*b0d17251Schristos# necessary information even if we don't build the module. This will allow 96*b0d17251Schristos# us to make all kinds of checks on the source, based on what we specify in 97*b0d17251Schristos# diverse build.info files. libfips.a, fips.so and their sources aren't 98*b0d17251Schristos# built unless the proper LIBS or MODULES statement has been seen, so we 99*b0d17251Schristos# have those and only those within a condition. 100*b0d17251SchristosIF[{- !$disabled{fips} -}] 101*b0d17251Schristos SUBDIRS=fips 102*b0d17251Schristos $FIPSGOAL=fips 103*b0d17251Schristos 104*b0d17251Schristos # This is the trigger to actually build the FIPS module. Without these 105*b0d17251Schristos # statements, the final build file will not have a trace of it. 106*b0d17251Schristos MODULES{fips}=$FIPSGOAL 107*b0d17251Schristos LIBS{noinst}=$LIBFIPS 108*b0d17251Schristos 109*b0d17251Schristos DEPEND[$FIPSGOAL]=$LIBFIPS 110*b0d17251Schristos INCLUDE[$FIPSGOAL]=../include 111*b0d17251Schristos DEFINE[$FIPSGOAL]=FIPS_MODULE 112*b0d17251Schristos IF[{- defined $target{shared_defflag} -}] 113*b0d17251Schristos SOURCE[$FIPSGOAL]=fips.ld 114*b0d17251Schristos GENERATE[fips.ld]=../util/providers.num 115*b0d17251Schristos ENDIF 116*b0d17251Schristos 117*b0d17251Schristos DEPEND[|build_modules_nodep|]=fipsmodule.cnf 118*b0d17251Schristos GENERATE[fipsmodule.cnf]=../util/mk-fipsmodule-cnf.pl \ 119*b0d17251Schristos -module $(FIPSMODULE) -section_name fips_sect -key $(FIPSKEY) 120*b0d17251Schristos DEPEND[fipsmodule.cnf]=$FIPSGOAL 121*b0d17251Schristos 122*b0d17251Schristos # Add VERSIONINFO resource for windows 123*b0d17251Schristos IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}] 124*b0d17251Schristos GENERATE[fips.rc]=../util/mkrc.pl fips 125*b0d17251Schristos SOURCE[$FIPSGOAL]=fips.rc 126*b0d17251Schristos ENDIF 127*b0d17251SchristosENDIF 128*b0d17251Schristos 129*b0d17251Schristos# 130*b0d17251Schristos# Legacy provider stuff 131*b0d17251Schristos# 132*b0d17251SchristosIF[{- !$disabled{legacy} -}] 133*b0d17251Schristos LIBS{noinst}=$LIBLEGACY 134*b0d17251Schristos 135*b0d17251Schristos IF[{- $disabled{module} -}] 136*b0d17251Schristos # Become built in 137*b0d17251Schristos # In this case, we need to do the same thing a for the default provider, 138*b0d17251Schristos # and make the liblegacy object files end up in libcrypto. We could also 139*b0d17251Schristos # just say that for the built-in legacy, we put the source directly in 140*b0d17251Schristos # libcrypto instead of going via liblegacy, but that makes writing the 141*b0d17251Schristos # implementation specific build.info files harder to write, so we don't. 142*b0d17251Schristos $LEGACYGOAL=../libcrypto 143*b0d17251Schristos SOURCE[$LEGACYGOAL]=$LIBLEGACY 144*b0d17251Schristos DEFINE[$LEGACYGOAL]=STATIC_LEGACY 145*b0d17251Schristos ELSE 146*b0d17251Schristos # Become a module 147*b0d17251Schristos # In this case, we can work with dependencies 148*b0d17251Schristos $LEGACYGOAL=legacy 149*b0d17251Schristos MODULES=$LEGACYGOAL 150*b0d17251Schristos DEPEND[$LEGACYGOAL]=$LIBLEGACY ../libcrypto 151*b0d17251Schristos IF[{- defined $target{shared_defflag} -}] 152*b0d17251Schristos SOURCE[legacy]=legacy.ld 153*b0d17251Schristos GENERATE[legacy.ld]=../util/providers.num 154*b0d17251Schristos ENDIF 155*b0d17251Schristos 156*b0d17251Schristos # Add VERSIONINFO resource for windows 157*b0d17251Schristos IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-|BC-)/ -}] 158*b0d17251Schristos GENERATE[legacy.rc]=../util/mkrc.pl legacy 159*b0d17251Schristos SOURCE[$LEGACYGOAL]=legacy.rc 160*b0d17251Schristos ENDIF 161*b0d17251Schristos 162*b0d17251Schristos SOURCE[$LIBLEGACY]=prov_running.c 163*b0d17251Schristos ENDIF 164*b0d17251Schristos 165*b0d17251Schristos # Common things that are valid no matter what form the Legacy provider 166*b0d17251Schristos # takes. 167*b0d17251Schristos SOURCE[$LEGACYGOAL]=legacyprov.c 168*b0d17251Schristos INCLUDE[$LEGACYGOAL]=../include implementations/include common/include 169*b0d17251SchristosENDIF 170*b0d17251Schristos 171*b0d17251Schristos# 172*b0d17251Schristos# Null provider stuff 173*b0d17251Schristos# 174*b0d17251Schristos# Because the null provider is built in, it means that libcrypto must 175*b0d17251Schristos# include all the object files that are needed. 176*b0d17251Schristos$NULLGOAL=../libcrypto 177*b0d17251SchristosSOURCE[$NULLGOAL]=nullprov.c prov_running.c 178