unix-Makefile.tmpl: Add a target to install the FIPS module config

Fixes #12195

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13032)

diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 36a7ffbf93803ff07e5e7093496e00684f66e1c9..4fab096121d6662a3266b46cd176cf3688d3c8b5 100644 (file)
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -87,6 +87,14 @@ MODULES={- join(" \\\n" . ' ' x 8,
                 fill_lines(" ", $COLUMNS - 8,
                            map { platform->dso($_) }
                            @{$unified_info{modules}})) -}
+FIPSMODULENAME={- # We do some extra checking here, as there should be only one
+                  my @fipsmodules =
+                      grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
+                             && $unified_info{attributes}->{modules}->{$_}->{fips} }
+                      @{$unified_info{modules}};
+                  die "More that one FIPS module" if scalar @fipsmodules > 1;
+                  join(" ", map { basename platform->dso($_) } @fipsmodules) -}
+
 PROGRAMS={- join(" \\\n" . ' ' x 9,
                  fill_lines(" ", $COLUMNS - 9,
                             map { platform->bin($_) }
@@ -551,6 +559,18 @@ install_docs: install_man_docs install_html_docs
 uninstall_docs: uninstall_man_docs uninstall_html_docs
        $(RM) -r $(DESTDIR)$(DOCDIR)
 
+install_fips: install_sw
+       @$(ECHO) "*** Installing FIPS module configuration"
+       @$(ECHO) "fipsinstall $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf"
+       @openssl fipsinstall -module $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME) \
+               -out $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf \
+               -macopt 'key:$(FIPSKEY)'
+
+uninstall_fips: uninstall_sw
+       @$(ECHO) "*** Uninstalling FIPS module configuration"
+       @$(ECHO) "$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf"
+       @$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf
+
 install_ssldirs:
        @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs
        @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/private