# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$AESDEF
DEFINE[../../providers/libfips.a]=$AESDEF
-DEFINE[../../providers/libimplementations.a]=$AESDEF
GENERATE[aes-ia64.s]=asm/aes-ia64.S
DEFINE[../../providers/liblegacy.a]=$BNDEF
# Implementations are now spread across several libraries, so the defines
# need to be applied to all affected libraries and modules.
-DEFINE[../../providers/libimplementations.a]=$BNDEF
DEFINE[../../providers/libcommon.a]=$BNDEF
INCLUDE[bn_exp.o]=..
# Implementations are now spread across several libraries, so the CPUID define
# need to be applied to all affected libraries and modules.
-DEFINE[../providers/libimplementations.a]=$CPUIDDEF
DEFINE[../providers/libcommon.a]=$CPUIDDEF
# The Core
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$ECDEF
DEFINE[../../providers/libfips.a]=$ECDEF
-DEFINE[../../providers/libimplementations.a]=$ECDEF
GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl
ENDIF
$COMMON=md5_dgst.c md5_one.c md5_sha1.c $MD5ASM
-SOURCE[../../libcrypto]=$COMMON
-SOURCE[../../providers/libimplementations.a]=$COMMON
+SOURCE[../../libcrypto ../../providers/libfips.a]=$COMMON
# A no-deprecated no-shared build ends up with double function definitions
# without conditioning this on dso. The issue is MD5 which is needed in the
# Implementations are now spread across several libraries, so the defines
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$MD5DEF
-DEFINE[../../providers/libimplementations.a]=$MD5DEF
+DEFINE[../../providers/libfips.a]=$MD5DEF
DEFINE[../../providers/liblegacy.a]=$MD5DEF
GENERATE[md5-586.s]=asm/md5-586.pl
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$MODESDEF
DEFINE[../../providers/libfips.a]=$MODESDEF
-DEFINE[../../providers/libimplementations.a]=$MODESDEF
INCLUDE[gcm128.o]=..
# Implementations are now spread across several libraries, so the defines
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$POLY1305DEF
-DEFINE[../../providers/libimplementations.a]=$POLY1305DEF
GENERATE[poly1305-sparcv9.S]=asm/poly1305-sparcv9.pl
INCLUDE[poly1305-sparcv9.o]=..
# Implementations are now spread across several libraries, so the defines
# need to be applied to all affected libraries and modules
-DEFINE[../../providers/libimplementations.a]=$RMD160DEF
SOURCE[../../libcrypto]=rmd_dgst.c rmd_one.c $RMD160ASM
DEFINE[../../libcrypto]=$RMD160DEF
# need to be applied to all affected libraries and modules.
DEFINE[../../libcrypto]=$SHA1DEF $KECCAK1600DEF
DEFINE[../../providers/libfips.a]=$SHA1DEF $KECCAK1600DEF
-DEFINE[../../providers/libimplementations.a]=$SHA1DEF $KECCAK1600DEF
GENERATE[sha1-586.s]=asm/sha1-586.pl
DEPEND[sha1-586.s]=../perlasm/x86asm.pl
ENDIF
ENDIF
-# Implementations are now spread across several libraries, so the defines
-# need to be applied to all affected libraries and modules.
-DEFINE[../../providers/libimplementations.a]=$WPDEF
-
SOURCE[../../libcrypto]=wp_dgst.c $WPASM
DEFINE[../../libcrypto]=$WPDEF
-# We place all implementations in static libraries, and then let the
-# provider mains pilfer what they want through symbol resolution when
-# linking.
-#
-# The non-legacy implementations (libimplementations) must be made FIPS
-# agnostic as much as possible, as well as the common building blocks
-# (libcommon). The legacy implementations (liblegacy) will never be
-# part of the FIPS provider.
-#
-# If there is anything that isn't FIPS agnostic, it should be set aside
-# in its own source file, which is then included directly into other
-# static libraries geared for FIPS and non-FIPS providers, and built
-# separately.
-#
-# libcommon.a Contains common building blocks, potentially
-# needed both by non-legacy and legacy code.
-#
-# libimplementations.a Contains all non-legacy implementations.
-# liblegacy.a Contains all legacy implementations.
-#
-# libfips.a Contains all things needed to support
-# FIPS implementations, such as code from
-# crypto/ and object files that contain
-# FIPS-specific code. FIPS_MODULE is defined
-# for this library. The FIPS module uses
-# this.
-# libnonfips.a Corresponds to libfips.a, but built with
-# FIPS_MODULE undefined. The default and legacy
-# providers use this.
-#
-# This is how different provider modules should be linked:
-#
-# FIPS:
-# -o fips.so {object files...} libimplementations.a libcommon.a libfips.a
-# Non-FIPS:
-# -o module.so {object files...} libimplementations.a libcommon.a libnonfips.a
-#
-# It is crucial that code that checks for the FIPS_MODULE macro end up in
-# libfips.a and libnonfips.a, never in libcommon.a.
-# It is crucial that such code is written so libfips.a and libnonfips.a doesn't
-# end up depending on libimplementations.a or libcommon.a.
-# It is crucial that such code is written so libcommon.a doesn't end up
-# depending on libimplementations.a.
-#
-# Code in providers/implementations/ should be written in such a way that the
-# OSSL_DISPATCH arrays (and preferably the majority of the actual code) ends
-# up in either libimplementations.a or liblegacy.a.
-# If need be, write an abstraction layer in separate source files and make them
-# libfips.a / libnonfips.a sources.
+# libcommon.a Contains common building blocks and other routines,
+# potentially needed by any of our providers.
+#
+# libfips.a Contains all algorithm implementations that should
+# go in the FIPS provider. The compilations for this
+# library are all done with FIPS_MODULE defined.
+#
+# liblegacy.a Contains all algorithm implementations that should
+# go into the legacy provider. The compilations for
+# this library are all done with STATIC_LEGACY defined.
+#
+# libdefault.a Contains all algorithm implementations that should
+# into the default or base provider.
+#
+# To be noted is that the FIPS provider shares source code with libcrypto,
+# which means that select source files from crypto/ are compiled for
+# libfips.a the sources from providers/implementations.
+#
+# This is how a provider module should be linked:
+#
+# -o {modulename}.so {object files...} lib{modulename}.a libcommon.a
+#
+# It is crucial that code that checks the FIPS_MODULE macro ends up in
+# libfips.a.
+# It is crucial that code that checks the STATIC_LEGACY macro ends up in
+# liblegacy.a.
+# It is recommended that code that is written for libcommon.a doesn't end
+# up depending on libfips.a, liblegacy.a or libdefault.a
+#
+# Code in providers/implementations/ should be written in such a way that
+# the OSSL_DISPATCH arrays (and preferably the majority of the actual code)
+# end up in either libfips.a, liblegacy.a or libdefault.a.
SUBDIRS=common implementations
# Libraries we're dealing with
$LIBCOMMON=libcommon.a
-$LIBIMPLEMENTATIONS=libimplementations.a
-$LIBLEGACY=liblegacy.a
-$LIBNONFIPS=libnonfips.a
$LIBFIPS=libfips.a
+$LIBLEGACY=liblegacy.a
+$LIBDEFAULT=libdefault.a
+LIBS{noinst}=$LIBDEFAULT $LIBCOMMON
# Enough of our implementations include prov/ciphercommon.h (present in
# providers/implementations/include), which includes crypto/*_platform.h
$COMMON_INCLUDES=../crypto ../include implementations/include common/include
INCLUDE[$LIBCOMMON]=$COMMON_INCLUDES
-INCLUDE[$LIBIMPLEMENTATIONS]=.. $COMMON_INCLUDES
-INCLUDE[$LIBLEGACY]=.. $COMMON_INCLUDES
-INCLUDE[$LIBNONFIPS]=.. $COMMON_INCLUDES
INCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES
+INCLUDE[$LIBLEGACY]=.. $COMMON_INCLUDES
+INCLUDE[$LIBDEFAULT]=.. $COMMON_INCLUDES
DEFINE[$LIBFIPS]=FIPS_MODULE
-# Weak dependencies to provide library order information.
-# We make it weak so they aren't both used always; what is
-# actually used is determined by non-weak dependencies.
-DEPEND[$LIBIMPLEMENTATIONS]{weak}=$LIBFIPS $LIBNONFIPS
-DEPEND[$LIBCOMMON]{weak}=$LIBFIPS
+# Weak dependencies to provide library order information. What is actually
+# used is determined by non-weak dependencies.
+DEPEND[$LIBCOMMON]{weak}=../libcrypto
-# Strong dependencies. This ensures that any time libimplementations
+# Strong dependencies. This ensures that any time an implementation library
# is used, libcommon gets included as well.
-DEPEND[$LIBIMPLEMENTATIONS]=$LIBCOMMON
-DEPEND[$LIBNONFIPS]=../libcrypto
-# It's tempting to make libcommon depend on ../libcrypto. However,
-# since the FIPS provider module must NOT depend on ../libcrypto, we
-# need to set that dependency up specifically for the final products
-# that use $LIBCOMMON or anything that depends on it.
-
-# Libraries common to all providers, must be built regardless
-LIBS{noinst}=$LIBCOMMON
-# Libraries that are common for all non-FIPS providers, must be built regardless
-LIBS{noinst}=$LIBNONFIPS $LIBIMPLEMENTATIONS
+# The $LIBFIPS dependency on $LIBCOMMON is extra strong, to mitigate for
+# linking problems because they are interdependent
+SOURCE[$LIBFIPS]=$LIBCOMMON
+DEPEND[$LIBLEGACY]=$LIBCOMMON
+DEPEND[$LIBDEFAULT]=$LIBCOMMON
#
# Default provider stuff
# Because the default provider is built in, it means that libcrypto must
# include all the object files that are needed (we do that indirectly,
# by using the appropriate libraries as source). Note that for shared
-# libraries, SOURCEd libraries are considered as if the where specified
+# libraries, SOURCEd libraries are considered as if they were specified
# with DEPEND.
$DEFAULTGOAL=../libcrypto
-SOURCE[$DEFAULTGOAL]=$LIBIMPLEMENTATIONS $LIBNONFIPS
-SOURCE[$DEFAULTGOAL]=defltprov.c
-# Some legacy implementations depend on provider header files
+SOURCE[$DEFAULTGOAL]=$LIBDEFAULT defltprov.c
INCLUDE[$DEFAULTGOAL]=implementations/include
-LIBS=$DEFAULTGOAL
-
#
# Base provider stuff
#
-# Because the base provider is built in, it means that libcrypto
-# must include all of the object files that are needed.
+# Because the base provider is built in, it means that libcrypto must
+# include all of the object files that are needed, just like the default
+# provider.
$BASEGOAL=../libcrypto
-SOURCE[$BASEGOAL]=$LIBIMPLEMENTATIONS $LIBNONFIPS
-SOURCE[$BASEGOAL]=baseprov.c
+SOURCE[$BASEGOAL]=$LIBDEFAULT baseprov.c
INCLUDE[$BASEGOAL]=implementations/include
#
# diverse build.info files. libfips.a, fips.so and their sources aren't
# built unless the proper LIBS or MODULES statement has been seen, so we
# have those and only those within a condition.
-SUBDIRS=fips
-$FIPSGOAL=fips
-DEPEND[$FIPSGOAL]=$LIBIMPLEMENTATIONS $LIBFIPS
-INCLUDE[$FIPSGOAL]=../include
-DEFINE[$FIPSGOAL]=FIPS_MODULE
-IF[{- defined $target{shared_defflag} -}]
- SOURCE[$FIPSGOAL]=fips.ld
- GENERATE[fips.ld]=../util/providers.num
-ENDIF
-
IF[{- !$disabled{fips} -}]
+ SUBDIRS=fips
+ $FIPSGOAL=fips
+
# This is the trigger to actually build the FIPS module. Without these
# statements, the final build file will not have a trace of it.
MODULES{fips}=$FIPSGOAL
LIBS{noinst}=$LIBFIPS
+ DEPEND[$FIPSGOAL]=$LIBFIPS
+ INCLUDE[$FIPSGOAL]=../include
+ DEFINE[$FIPSGOAL]=FIPS_MODULE
+ IF[{- defined $target{shared_defflag} -}]
+ SOURCE[$FIPSGOAL]=fips.ld
+ GENERATE[fips.ld]=../util/providers.num
+ ENDIF
+
# For tests that try to use the FIPS module, we need to make a local fips
# module installation. We have the output go to standard output, because
# the generated commands in build templates are expected to catch that,
# Legacy provider stuff
#
IF[{- !$disabled{legacy} -}]
- # The legacy implementation library
LIBS{noinst}=$LIBLEGACY
- DEPEND[$LIBLEGACY]=$LIBCOMMON $LIBNONFIPS
- # The Legacy provider
IF[{- $disabled{module} -}]
# Become built in
# In this case, we need to do the same thing a for the default provider,
# implementation specific build.info files harder to write, so we don't.
$LEGACYGOAL=../libcrypto
SOURCE[$LEGACYGOAL]=$LIBLEGACY
- DEFINE[$LIBLEGACY]=STATIC_LEGACY
DEFINE[$LEGACYGOAL]=STATIC_LEGACY
ELSE
# Become a module
# In this case, we can work with dependencies
$LEGACYGOAL=legacy
MODULES=$LEGACYGOAL
- DEPEND[$LEGACYGOAL]=$LIBLEGACY
+ DEPEND[$LEGACYGOAL]=$LIBLEGACY ../libcrypto
IF[{- defined $target{shared_defflag} -}]
SOURCE[legacy]=legacy.ld
GENERATE[legacy.ld]=../util/providers.num
ENDIF
+ SOURCE[$LIBLEGACY]=prov_running.c
ENDIF
# Common things that are valid no matter what form the Legacy provider
$NULLGOAL=../libcrypto
SOURCE[$NULLGOAL]=nullprov.c prov_running.c
-SOURCE[$LIBNONFIPS]=prov_running.c
+SOURCE[$LIBDEFAULT]=prov_running.c
SOURCE[../libcommon.a]=provider_err.c provider_ctx.c
$FIPSCOMMON=provider_util.c capabilities.c bio_prov.c digest_to_nid.c\
securitycheck.c provider_seeding.c
-SOURCE[../libnonfips.a]=$FIPSCOMMON securitycheck_default.c
+SOURCE[../libdefault.a]=$FIPSCOMMON securitycheck_default.c
SOURCE[../libfips.a]=$FIPSCOMMON securitycheck_fips.c
#----- Conclusion
# TODO(3.0) $COMMON should go to libcommon.a, but this currently leads
-# to linking conflicts, so we add it to libfips.a and libnonfips.a for
+# to linking conflicts, so we add it to libfips.a and libdefault.a for
# the moment being
$COMMON= $DER_RSA_COMMON $DER_DIGESTS_GEN $DER_WRAP_GEN
ENDIF
SOURCE[../../libfips.a]=$COMMON $DER_RSA_FIPSABLE
-SOURCE[../../libnonfips.a]=$COMMON $DER_RSA_FIPSABLE
+SOURCE[../../libdefault.a]=$COMMON $DER_RSA_FIPSABLE
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$RSA_GOAL=../../libimplementations.a
-$SM2_GOAL=../../libimplementations.a
+$RSA_GOAL=../../libdefault.a ../../libfips.a
+$SM2_GOAL=../../libdefault.a
SOURCE[$RSA_GOAL]=rsa_enc.c
$COMMON_GOAL=../../libcommon.a
-$NULL_GOAL=../../libimplementations.a
-$AES_GOAL=../../libimplementations.a
-$TDES_1_GOAL=../../libimplementations.a
-$TDES_2_GOAL=../../libimplementations.a
-$ARIA_GOAL=../../libimplementations.a
-$CAMELLIA_GOAL=../../libimplementations.a
+$NULL_GOAL=../../libdefault.a
+$AES_GOAL=../../libdefault.a ../../libfips.a
+$TDES_1_GOAL=../../libdefault.a ../../libfips.a
+$TDES_2_GOAL=../../libdefault.a
+$ARIA_GOAL=../../libdefault.a
+$CAMELLIA_GOAL=../../libdefault.a
$DES_GOAL=../../liblegacy.a
$BLOWFISH_GOAL=../../liblegacy.a
$IDEA_GOAL=../../liblegacy.a
$RC4_GOAL=../../liblegacy.a
$RC5_GOAL=../../liblegacy.a
$SEED_GOAL=../../liblegacy.a
-$SM4_GOAL=../../libimplementations.a
-$CHACHA_GOAL=../../libimplementations.a
-$CHACHAPOLY_GOAL=../../libimplementations.a
-$SIV_GOAL=../../libimplementations.a
+$SM4_GOAL=../../libdefault.a
+$CHACHA_GOAL=../../libdefault.a
+$CHACHAPOLY_GOAL=../../libdefault.a
+$SIV_GOAL=../../libdefault.a
# This source is common building blocks for all ciphers in all our providers.
SOURCE[$COMMON_GOAL]=\
# Extra code to satisfy the FIPS and non-FIPS separation.
# When the AES-xxx-XTS moves to legacy, cipher_aes_xts_fips.c can be removed.
-SOURCE[../../libfips.a]=cipher_aes_xts_fips.c
-SOURCE[../../libnonfips.a]=cipher_aes_xts_fips.c
+SOURCE[$AES_GOAL]=cipher_aes_xts_fips.c
IF[{- !$disabled{siv} -}]
SOURCE[$SIV_GOAL]=\
$COMMON_GOAL=../../libcommon.a
-$SHA1_GOAL=../../libimplementations.a
-$SHA2_GOAL=../../libimplementations.a
-$SHA3_GOAL=../../libimplementations.a
-$BLAKE2_GOAL=../../libimplementations.a
-$SM3_GOAL=../../libimplementations.a
-$MD5_GOAL=../../libimplementations.a
+$SHA1_GOAL=../../libdefault.a ../../libfips.a
+$SHA2_GOAL=../../libdefault.a ../../libfips.a
+$SHA3_GOAL=../../libdefault.a ../../libfips.a
+$BLAKE2_GOAL=../../libdefault.a
+$SM3_GOAL=../../libdefault.a
+$MD5_GOAL=../../libdefault.a
$MD2_GOAL=../../liblegacy.a
$MD4_GOAL=../../liblegacy.a
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$ENCODER_GOAL=../../libimplementations.a
-$DECODER_GOAL=../../libimplementations.a
-$RSA_GOAL=../../libimplementations.a
-$FFC_GOAL=../../libimplementations.a
-$DH_GOAL=../../libimplementations.a
-$DSA_GOAL=../../libimplementations.a
-$ECX_GOAL=../../libimplementations.a
-$EC_GOAL=../../libimplementations.a
+$ENCODER_GOAL=../../libdefault.a
+$DECODER_GOAL=../../libdefault.a
+$RSA_GOAL=../../libdefault.a
+$FFC_GOAL=../../libdefault.a
+$DH_GOAL=../../libdefault.a
+$DSA_GOAL=../../libdefault.a
+$ECX_GOAL=../../libdefault.a
+$EC_GOAL=../../libdefault.a
SOURCE[$ENCODER_GOAL]=endecoder_common.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$DH_GOAL=../../libimplementations.a
-$ECDH_GOAL=../../libimplementations.a
-$ECX_GOAL=../../libimplementations.a
-$ECDH_GOAL=../../libimplementations.a
-$KDF_GOAL=../../libimplementations.a
+$DH_GOAL=../../libdefault.a ../../libfips.a
+$ECDH_GOAL=../../libdefault.a ../../libfips.a
+$ECX_GOAL=../../libdefault.a ../../libfips.a
+$KDF_GOAL=../../libdefault.a ../../libfips.a
IF[{- !$disabled{dh} -}]
SOURCE[$DH_GOAL]=dh_exch.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$TLS1_PRF_GOAL=../../libimplementations.a
-$HKDF_GOAL=../../libimplementations.a
-$KBKDF_GOAL=../../libimplementations.a
-$KRB5KDF_GOAL=../../libimplementations.a
-$PBKDF2_GOAL=../../libimplementations.a
-$PKCS12KDF_GOAL=../../libimplementations.a
-$SSKDF_GOAL=../../libimplementations.a
-$SCRYPT_GOAL=../../libimplementations.a
-$SSHKDF_GOAL=../../libimplementations.a
-$X942KDF_GOAL=../../libimplementations.a
+$TLS1_PRF_GOAL=../../libdefault.a ../../libfips.a
+$HKDF_GOAL=../../libdefault.a ../../libfips.a
+$KBKDF_GOAL=../../libdefault.a ../../libfips.a
+$KRB5KDF_GOAL=../../libdefault.a
+$PBKDF2_GOAL=../../libdefault.a ../../libfips.a
+$PKCS12KDF_GOAL=../../libdefault.a
+$SSKDF_GOAL=../../libdefault.a ../../libfips.a
+$SCRYPT_GOAL=../../libdefault.a
+$SSHKDF_GOAL=../../libdefault.a ../../libfips.a
+$X942KDF_GOAL=../../libdefault.a ../../libfips.a
SOURCE[$TLS1_PRF_GOAL]=tls1_prf.c
SOURCE[$PBKDF2_GOAL]=pbkdf2.c
# Extra code to satisfy the FIPS and non-FIPS separation.
# When the PBKDF2 moves to legacy, this can be removed.
-SOURCE[../../libfips.a]=pbkdf2_fips.c
-SOURCE[../../libnonfips.a]=pbkdf2_fips.c
+SOURCE[$PBKDF2_GOAL]=pbkdf2_fips.c
SOURCE[$PKCS12KDF_GOAL]=pkcs12kdf.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$RSA_KEM_GOAL=../../libimplementations.a
+$RSA_KEM_GOAL=../../libdefault.a ../../libfips.a
SOURCE[$RSA_KEM_GOAL]=rsa_kem.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$ECX_GOAL=../../libimplementations.a
-$KDF_GOAL=../../libimplementations.a
+$DH_GOAL=../../libdefault.a ../../libfips.a
+$DSA_GOAL=../../libdefault.a ../../libfips.a
+$EC_GOAL=../../libdefault.a ../../libfips.a
+$ECX_GOAL=../../libdefault.a ../../libfips.a
+$KDF_GOAL=../../libdefault.a ../../libfips.a
+$MAC_GOAL=../../libdefault.a ../../libfips.a
+$RSA_GOAL=../../libdefault.a ../../libfips.a
IF[{- !$disabled{dh} -}]
- SOURCE[../../libfips.a]=dh_kmgmt.c
- SOURCE[../../libnonfips.a]=dh_kmgmt.c
+ SOURCE[$DH_GOAL]=dh_kmgmt.c
ENDIF
IF[{- !$disabled{dsa} -}]
- SOURCE[../../libfips.a]=dsa_kmgmt.c
- SOURCE[../../libnonfips.a]=dsa_kmgmt.c
+ SOURCE[$DSA_GOAL]=dsa_kmgmt.c
ENDIF
IF[{- !$disabled{ec} -}]
- SOURCE[../../libfips.a]=ec_kmgmt.c
- SOURCE[../../libnonfips.a]=ec_kmgmt.c
+ SOURCE[$EC_GOAL]=ec_kmgmt.c
ENDIF
IF[{- !$disabled{asm} -}]
DEFINE[$ECX_GOAL]=$ECDEF
ENDIF
-SOURCE[../../libfips.a]=rsa_kmgmt.c
-SOURCE[../../libnonfips.a]=rsa_kmgmt.c
+SOURCE[$RSA_GOAL]=rsa_kmgmt.c
SOURCE[$KDF_GOAL]=kdf_legacy_kmgmt.c
-SOURCE[../../libfips.a]=mac_legacy_kmgmt.c
-SOURCE[../../libnonfips.a]=mac_legacy_kmgmt.c
+SOURCE[$MAC_GOAL]=mac_legacy_kmgmt.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$GMAC_GOAL=../../libimplementations.a
-$HMAC_GOAL=../../libimplementations.a
-$KMAC_GOAL=../../libimplementations.a
-$CMAC_GOAL=../../libimplementations.a
-$BLAKE2_GOAL=../../libimplementations.a
-$SIPHASH_GOAL=../../libimplementations.a
-$POLY1305_GOAL=../../libimplementations.a
+$GMAC_GOAL=../../libdefault.a ../../libfips.a
+$HMAC_GOAL=../../libdefault.a ../../libfips.a
+$KMAC_GOAL=../../libdefault.a ../../libfips.a
+$CMAC_GOAL=../../libdefault.a ../../libfips.a
+$BLAKE2_GOAL=../../libdefault.a
+$SIPHASH_GOAL=../../libdefault.a
+$POLY1305_GOAL=../../libdefault.a
SOURCE[$GMAC_GOAL]=gmac_prov.c
SOURCE[$HMAC_GOAL]=hmac_prov.c
SOURCE[$CMAC_GOAL]=cmac_prov.c
ENDIF
-$GOAL=../../libimplementations.a
-
IF[{- !$disabled{blake2} -}]
SOURCE[$BLAKE2_GOAL]=blake2b_mac.c blake2s_mac.c
ENDIF
SUBDIRS=seeding
-$COMMON=drbg.c test_rng.c drbg_ctr.c drbg_hash.c drbg_hmac.c crngt.c
+$RANDS_GOAL=../../libdefault.a ../../libfips.a
-SOURCE[../../libfips.a]=$COMMON
-SOURCE[../../libnonfips.a]=$COMMON seed_src.c
+SOURCE[$RANDS_GOAL]=drbg.c test_rng.c drbg_ctr.c drbg_hash.c drbg_hmac.c crngt.c
+SOURCE[../../libdefault.a]=seed_src.c
$COMMON=$COMMON rand_vms.c
ENDIF
-SOURCE[../../../libnonfips.a]=$COMMON
+SOURCE[../../../libdefault.a]=$COMMON
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$DSA_GOAL=../../libimplementations.a
-$EC_GOAL=../../libimplementations.a
-$SM2SIG_GOAL=../../libimplementations.a
+$DSA_GOAL=../../libdefault.a ../../libfips.a
+$EC_GOAL=../../libdefault.a ../../libfips.a
+$MAC_GOAL=../../libdefault.a ../../libfips.a
+$RSA_GOAL=../../libdefault.a ../../libfips.a
+$SM2_GOAL=../../libdefault.a
IF[{- !$disabled{dsa} -}]
SOURCE[$DSA_GOAL]=dsa_sig.c
SOURCE[$SM2_GOAL]=sm2_sig.c
ENDIF
-SOURCE[../../libfips.a]=rsa_sig.c
-SOURCE[../../libnonfips.a]=rsa_sig.c
+SOURCE[$RSA_GOAL]=rsa_sig.c
DEPEND[rsa.o]=../../common/include/prov/der_rsa.h
DEPEND[dsa.o]=../../common/include/prov/der_dsa.h
DEPEND[eddsa.o]=../../common/include/prov/der_ecx.h
DEPEND[sm2sig.o]=../../common/include/prov/der_sm2.h
-SOURCE[../../libfips.a]=mac_legacy_sig.c
-SOURCE[../../libnonfips.a]=mac_legacy_sig.c
+SOURCE[$MAC_GOAL]=mac_legacy_sig.c
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$STORE_GOAL=../../libimplementations.a
+$STORE_GOAL=../../libdefault.a
SOURCE[$STORE_GOAL]=file_store.c file_store_der2obj.c
DEFINE[../libssl]=$AESDEF
SOURCE[../providers/libcommon.a]=record/tls_pad.c
-SOURCE[../providers/libimplementations.a]=s3_cbc.c
+SOURCE[../providers/libdefault.a ../providers/libfips.a]=s3_cbc.c