1 # We place all implementations in static libraries, and then let the
2 # provider mains pilfer what they want through symbol resolution when
5 # The non-legacy implementations (libimplementations) must be made FIPS
6 # agnostic as much as possible, as well as the common building blocks
7 # (libcommon). The legacy implementations (liblegacy) will never be
8 # part of the FIPS provider.
10 # If there is anything that isn't FIPS agnostic, it should be set aside
11 # in its own source file, which is then included directly into other
12 # static libraries geared for FIPS and non-FIPS providers, and built
15 # libcommon.a Contains common building blocks, potentially
16 # needed both by non-legacy and legacy code.
18 # libimplementations.a Contains all non-legacy implementations.
19 # liblegacy.a Contains all legacy implementaions.
21 # libfips.a Contains all things needed to support
22 # FIPS implementations, such as code from
23 # crypto/ and object files that contain
24 # FIPS-specific code. FIPS_MODE is defined
25 # for this library. The FIPS module uses
27 # libnonfips.a Corresponds to libfips.a, but built with
28 # FIPS_MODE undefined. The default and legacy
31 SUBDIRS=common default implementations
33 INCLUDE[../libcrypto]=common/include
35 # Libraries we're dealing with
36 $LIBCOMMON=libcommon.a
37 $LIBIMPLEMENTATIONS=libimplementations.a
38 $LIBLEGACY=liblegacy.a
39 $LIBNONFIPS=libnonfips.a
42 # Enough of our implementations include prov/ciphercommon.h (present in
43 # providers/common/include), which includes crypto/ciphermode_platform.h
44 # (present in include), which in turn may include very internal header
45 # files in crypto/, so let's have a common include list for them all.
46 $COMMON_INCLUDES=../crypto ../include common/include
48 INCLUDE[$LIBCOMMON]=$COMMON_INCLUDES
49 INCLUDE[$LIBIMPLEMENTATIONS]=.. $COMMON_INCLUDES implementations/include
50 INCLUDE[$LIBLEGACY]=$COMMON_INCLUDES implementations/include
51 INCLUDE[$LIBNONFIPS]=$COMMON_INCLUDES
52 INCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES
53 DEFINE[$LIBFIPS]=FIPS_MODE
55 # Weak dependencies to provide library order information.
56 # We make it weak so they aren't both used always; what is
57 # actually used is determined by non-weak dependencies.
58 DEPEND[$LIBIMPLEMENTATIONS]{weak}=$LIBFIPS $LIBNONFIPS
59 DEPEND[$LIBCOMMON]{weak}=$LIBFIPS
61 # Strong dependencies. This ensures that any time libimplementations
62 # is used, libcommon gets included as well.
63 DEPEND[$LIBIMPLEMENTATIONS]=$LIBCOMMON
64 DEPEND[$LIBNONFIPS]=../libcrypto
65 # It's tempting to make libcommon depend on ../libcrypto. However,
66 # since the FIPS provider module must NOT depend on ../libcrypto, we
67 # need to set that dependency up specifically for the final products
68 # that use $LIBCOMMON or anything that depends on it.
70 # Libraries common to all providers, must be built regardless
71 LIBS{noinst}=$LIBCOMMON
72 # Libraries that are common for all non-FIPS providers, must be built regardless
73 LIBS{noinst}=$LIBNONFIPS $LIBIMPLEMENTATIONS
76 # Default provider stuff
78 # Because the default provider is built in, it means that libcrypto must
79 # include all the object files that are needed (we do that indirectly,
80 # by using the appropriate libraries as source). Note that for shared
81 # libraries, SOURCEd libraries are considered as if the where specified
83 $DEFAULTGOAL=../libcrypto
84 SOURCE[$DEFAULTGOAL]=$LIBIMPLEMENTATIONS $LIBNONFIPS
85 # Some legacy implementations depend on provider header files
86 INCLUDE[../libcrypto]=implementations/include
93 # We define it this way to ensure that configdata.pm will have all the
94 # necessary information even if we don't build the module. This will allow
95 # us to make all kinds of checks on the source, based on what we specify in
96 # diverse build.info files. libfips.a, fips.so and their sources aren't
97 # built unless the proper LIBS or MODULES statement has been seen, so we
98 # have those and only those within a condition.
101 DEPEND[$FIPSGOAL]=$LIBIMPLEMENTATIONS $LIBFIPS
102 INCLUDE[$FIPSGOAL]=../include
103 IF[{- defined $target{shared_defflag} -}]
104 SOURCE[$FIPSGOAL]=fips.ld
105 GENERATE[fips.ld]=../util/providers.num
108 IF[{- !$disabled{fips} -}]
109 # This is the trigger to actually build the FIPS module. Without these
110 # statements, the final build file will not have a trace of it.
112 LIBS{noinst}=$LIBFIPS
116 # Legacy provider stuff
118 IF[{- !$disabled{legacy} -}]
119 # The legacy implementation library
121 LIBS{noinst}=$LIBLEGACY
122 DEPEND[$LIBLEGACY]=$LIBCOMMON $LIBNONFIPS
124 # The Legacy provider
125 IF[{- $disabled{module} -}]
127 # In this case, we need to do the same thing a for the default provider,
128 # and make the liblegacy object files end up in libcrypto. We could also
129 # just say that for the built-in legacy, we put the source directly in
130 # libcrypto instead of going via liblegacy, but that makes writing the
131 # implementation specific build.info files harder to write, so we don't.
132 $LEGACYGOAL=../libcrypto
133 SOURCE[$LEGACYGOAL]=$LIBLEGACY
134 DEFINE[$LIBLEGACY]=STATIC_LEGACY
135 DEFINE[$LEGACYGOAL]=STATIC_LEGACY
138 # In this case, we can work with dependencies
141 DEPEND[$LEGACYGOAL]=$LIBLEGACY
142 IF[{- defined $target{shared_defflag} -}]
143 SOURCE[legacy]=legacy.ld
144 GENERATE[legacy.ld]=../util/providers.num
148 # Common things that are valid no matter what form the Legacy provider
150 INCLUDE[$LEGACYGOAL]=../include common/include