diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index e2a20ffcace..1a7472d046e 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -266,6 +266,8 @@ if(GO_EXECUTABLE) else() file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/) endif() +add_library(generated_err_data OBJECT err_data.c) +target_include_directories(generated_err_data PRIVATE ${PROJECT_SOURCE_DIR}/include) set(DILITHIUM_SOURCES) if(ENABLE_DILITHIUM) diff --git a/crypto/fips_hashing/CMakeLists.txt b/crypto/fips_hashing/CMakeLists.txt index d5edb7d5ea1..f7584bce225 100644 --- a/crypto/fips_hashing/CMakeLists.txt +++ b/crypto/fips_hashing/CMakeLists.txt @@ -1,38 +1,19 @@ add_definitions(-DOPENSSL_NO_ASM=1) remove_definitions(-DBORINGSSL_FIPS -DFIPS_ENTROPY_SOURCE_JITTER_CPU -DFIPS_ENTROPY_SOURCE_PASSIVE) -set(FIPS_HASHING_CRYPTO_OBJS "") - -foreach(file ${CRYPTO_OBJ_SOURCES}) - set(modified_file "../${file}") - list(APPEND FIPS_HASHING_CRYPTO_OBJS ${modified_file}) -endforeach() +add_library( + fips_hashing + + fips_hashing.c -set(GENERATE_CODE_ROOT "${PROJECT_SOURCE_DIR}/generated-src") -file(COPY ${GENERATE_CODE_ROOT}/err_data.c DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/) + ../mem.c + ../thread_none.c + ../thread_pthread.c -add_library( - clean_crypto_objects - OBJECT - ${FIPS_HASHING_CRYPTO_OBJS} -# ${DILITHIUM_SOURCES} -# ${CRYPTO_ARCH_SOURCES} - err_data.c + ../err/err.c + ../decrepit/ripemd/ripemd.c ) -target_compile_definitions(clean_crypto_objects PRIVATE BORINGSSL_IMPLEMENTATION) -# For the prefix build, the object files need the prefix header files to build. -add_dependencies(clean_crypto_objects boringssl_prefix_symbols) -target_include_directories(clean_crypto_objects BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include) -target_include_directories(clean_crypto_objects PRIVATE ${PROJECT_SOURCE_DIR}/include) -add_library(fips_hashing $) - SET_TARGET_PROPERTIES(fips_hashing PROPERTIES LINKER_LANGUAGE C) -target_link_libraries(fips_hashing PUBLIC nofipsmodule pthread) - -add_dependencies(fips_hashing boringssl_prefix_symbols) -target_include_directories(fips_hashing BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include) - -target_include_directories(fips_hashing PUBLIC - $ - $) +target_include_directories(fips_hashing PUBLIC $) +target_link_libraries(fips_hashing generated_err_data) \ No newline at end of file diff --git a/crypto/fips_hashing/fips_hashing.c b/crypto/fips_hashing/fips_hashing.c new file mode 100644 index 00000000000..092eab72c8c --- /dev/null +++ b/crypto/fips_hashing/fips_hashing.c @@ -0,0 +1,13 @@ +#include "../fipsmodule/delocate.h" + +#include "../fipsmodule/evp/p_hmac.c" +#include "../fipsmodule/digest/digest.c" +#include "../fipsmodule/digest/digests.c" +#include "../fipsmodule/hmac/hmac.c" +#include "../fipsmodule/md4/md4.c" +#include "../fipsmodule/md5/md5.c" +#include "../fipsmodule/sha/keccak1600.c" +#include "../fipsmodule/sha/sha1.c" +#include "../fipsmodule/sha/sha256.c" +#include "../fipsmodule/sha/sha3.c" +#include "../fipsmodule/sha/sha512.c" diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt index 26709d58670..5550dbb876f 100644 --- a/crypto/fipsmodule/CMakeLists.txt +++ b/crypto/fipsmodule/CMakeLists.txt @@ -457,9 +457,6 @@ elseif(FIPS_SHARED) target_include_directories(bcm_library BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include) target_include_directories(bcm_library PRIVATE ${PROJECT_SOURCE_DIR}/include) if (APPLE) - # Add a subdirectory that creates a non-FIPS version of fipsmodule for use in inject_hash - add_subdirectory(nofipsmodule) - # add_subdirectory(${PROJECT_SOURCE_DIR}/util/fipstools/inject_hash inject_hash) set(BCM_NAME bcm.o) # The linker on macOS doesn't have the ability to process linker scripts, # so we build the FIPS module differently than on Linux. Similarly to diff --git a/crypto/fipsmodule/nofipsmodule/CMakeLists.txt b/crypto/fipsmodule/nofipsmodule/CMakeLists.txt deleted file mode 100644 index e70a3af772f..00000000000 --- a/crypto/fipsmodule/nofipsmodule/CMakeLists.txt +++ /dev/null @@ -1,28 +0,0 @@ -add_definitions(-DOPENSSL_NO_ASM) -remove_definitions(-DBORINGSSL_FIPS -DFIPS_ENTROPY_SOURCE_JITTER_CPU -DFIPS_ENTROPY_SOURCE_PASSIVE) - -set(BCM_ASM_SOURCES_FIPS_HASHING "") - -foreach(file ${BCM_ASM_SOURCES}) - set(modified_file "../${file}") - list(APPEND BCM_ASM_SOURCES_FIPS_HASHING ${modified_file}) -endforeach() - -add_custom_target(BCM_SOURCES_HASHING_TARGET DEPENDS ${BCM_ASM_SOURCES_FIPS_HASHING}) - -# Create a non-FIPS version of bcm_library for use in a non-FIPS libcrypto so inject_hash can use it for hashing -add_library( - nofipsmodule - - OBJECT - - ../bcm.c - ../fips_shared_support.c - ../cpucap/cpucap.c -) -target_compile_definitions(nofipsmodule PRIVATE BORINGSSL_IMPLEMENTATION) -add_dependencies(nofipsmodule BCM_SOURCES_HASHING_TARGET) - -add_dependencies(nofipsmodule boringssl_prefix_symbols) -target_include_directories(nofipsmodule BEFORE PRIVATE ${PROJECT_BINARY_DIR}/symbol_prefix_include) -target_include_directories(nofipsmodule PRIVATE ${PROJECT_SOURCE_DIR}/include) \ No newline at end of file diff --git a/util/fipstools/inject_hash/CMakeLists.txt b/util/fipstools/inject_hash/CMakeLists.txt index 366d7a752ca..e6f84da4e4b 100644 --- a/util/fipstools/inject_hash/CMakeLists.txt +++ b/util/fipstools/inject_hash/CMakeLists.txt @@ -5,10 +5,6 @@ if(FIPS AND APPLE) inject_hash.c macho_parser/macho_parser.c ) - target_link_libraries( - inject_hash - - fips_hashing - ) + target_link_libraries(inject_hash fips_hashing) target_include_directories(inject_hash PRIVATE ${PROJECT_SOURCE_DIR}/include) endif() \ No newline at end of file