create cut down fips_hashing library

crypto/CMakeLists.txt

@@ -266,6 +266,8 @@ if(GO_EXECUTABLE)
 else()
   file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/)
 endif()
+add_library(generated_err_data OBJECT err_data.c)
+target_include_directories(generated_err_data PRIVATE ${PROJECT_SOURCE_DIR}/include)
 
 set(DILITHIUM_SOURCES)
 if(ENABLE_DILITHIUM)

crypto/fips_hashing/CMakeLists.txt

@@ -1,38 +1,19 @@
 add_definitions(-DOPENSSL_NO_ASM=1)
 remove_definitions(-DBORINGSSL_FIPS -DFIPS_ENTROPY_SOURCE_JITTER_CPU -DFIPS_ENTROPY_SOURCE_PASSIVE)
 
-set(FIPS_HASHING_CRYPTO_OBJS "")
-
-foreach(file ${CRYPTO_OBJ_SOURCES})
-  set(modified_file "../${file}")
-  list(APPEND FIPS_HASHING_CRYPTO_OBJS ${modified_file})
-endforeach()
+add_library(
+  fips_hashing
+
+  fips_hashing.c
 
-set(GENERATE_CODE_ROOT "${PROJECT_SOURCE_DIR}/generated-src")
-file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/)
+  ../mem.c
+  ../thread_none.c
+  ../thread_pthread.c
 
-add_library(
-  clean_crypto_objects
-  OBJECT
-  ${FIPS_HASHING_CRYPTO_OBJS}
-#   ${DILITHIUM_SOURCES}
-#   ${CRYPTO_ARCH_SOURCES}
-  err_data.c
+  ../err/err.c
+  ../decrepit/ripemd/ripemd.c
 )
 
-target_compile_definitions(clean_crypto_objects PRIVATE BORINGSSL_IMPLEMENTATION)
-# For the prefix build, the object files need the prefix header files to build.
-add_dependencies(clean_crypto_objects boringssl_prefix_symbols)
-target_include_directories(clean_crypto_objects BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include)
-target_include_directories(clean_crypto_objects PRIVATE ${PROJECT_SOURCE_DIR}/include)
-add_library(fips_hashing $<TARGET_OBJECTS:clean_crypto_objects>)
-
 SET_TARGET_PROPERTIES(fips_hashing PROPERTIES LINKER_LANGUAGE C)
-target_link_libraries(fips_hashing PUBLIC nofipsmodule pthread)
-
-add_dependencies(fips_hashing boringssl_prefix_symbols)
-target_include_directories(fips_hashing BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include)
-
-target_include_directories(fips_hashing PUBLIC
-        $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>
-        $<INSTALL_INTERFACE:include>)
+target_include_directories(fips_hashing PUBLIC $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/include>)
+target_link_libraries(fips_hashing generated_err_data)

crypto/fips_hashing/fips_hashing.c

@@ -0,0 +1,13 @@
+#include "../fipsmodule/delocate.h"
+
+#include "../fipsmodule/evp/p_hmac.c"
+#include "../fipsmodule/digest/digest.c"
+#include "../fipsmodule/digest/digests.c"
+#include "../fipsmodule/hmac/hmac.c"
+#include "../fipsmodule/md4/md4.c"
+#include "../fipsmodule/md5/md5.c"
+#include "../fipsmodule/sha/keccak1600.c"
+#include "../fipsmodule/sha/sha1.c"
+#include "../fipsmodule/sha/sha256.c"
+#include "../fipsmodule/sha/sha3.c"
+#include "../fipsmodule/sha/sha512.c"

crypto/fipsmodule/CMakeLists.txt

@@ -457,9 +457,6 @@ elseif(FIPS_SHARED)
   target_include_directories(bcm_library BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include)
   target_include_directories(bcm_library PRIVATE ${PROJECT_SOURCE_DIR}/include)
   if (APPLE)
-    # Add a subdirectory that creates a non-FIPS version of fipsmodule for use in inject_hash
-    add_subdirectory(nofipsmodule)
-    # add_subdirectory(${PROJECT_SOURCE_DIR}/util/fipstools/inject_hash inject_hash)
     set(BCM_NAME bcm.o)
     # The linker on macOS doesn't have the ability to process linker scripts,
     # so we build the FIPS module differently than on Linux. Similarly to

util/fipstools/inject_hash/CMakeLists.txt

@@ -5,10 +5,6 @@ if(FIPS AND APPLE)
         inject_hash.c
         macho_parser/macho_parser.c
     )
-    target_link_libraries(
-        inject_hash
-
-        fips_hashing
-    )
+    target_link_libraries(inject_hash fips_hashing)
     target_include_directories(inject_hash PRIVATE ${PROJECT_SOURCE_DIR}/include)
 endif()