1 # libcommon.a Contains common building blocks and other routines,
2 # potentially needed by any of our providers.
4 # libfips.a Contains all algorithm implementations that should
5 # go in the FIPS provider. The compilations for this
6 # library are all done with FIPS_MODULE defined.
8 # liblegacy.a Contains all algorithm implementations that should
9 # go into the legacy provider. The compilations for
10 # this library are all done with STATIC_LEGACY defined.
12 # libdefault.a Contains all algorithm implementations that should
13 # into the default or base provider.
15 # To be noted is that the FIPS provider shares source code with libcrypto,
16 # which means that select source files from crypto/ are compiled for
17 # libfips.a the sources from providers/implementations.
19 # This is how a provider module should be linked:
21 # -o {modulename}.so {object files...} lib{modulename}.a libcommon.a
23 # It is crucial that code that checks the FIPS_MODULE macro ends up in
25 # It is crucial that code that checks the STATIC_LEGACY macro ends up in
27 # It is recommended that code that is written for libcommon.a doesn't end
28 # up depending on libfips.a, liblegacy.a or libdefault.a
30 # Code in providers/implementations/ should be written in such a way that
31 # the OSSL_DISPATCH arrays (and preferably the majority of the actual code)
32 # end up in either libfips.a, liblegacy.a or libdefault.a.
34 SUBDIRS=common implementations
36 INCLUDE[../libcrypto]=common/include
38 # Libraries we're dealing with
39 $LIBCOMMON=libcommon.a
41 $LIBLEGACY=liblegacy.a
42 $LIBDEFAULT=libdefault.a
43 LIBS{noinst}=$LIBDEFAULT $LIBCOMMON
45 # Enough of our implementations include prov/ciphercommon.h (present in
46 # providers/implementations/include), which includes crypto/*_platform.h
47 # (present in include), which in turn may include very internal header
48 # files in crypto/, so let's have a common include list for them all.
49 $COMMON_INCLUDES=../crypto ../include implementations/include common/include
51 INCLUDE[$LIBCOMMON]=$COMMON_INCLUDES
52 INCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES
53 INCLUDE[$LIBLEGACY]=.. $COMMON_INCLUDES
54 INCLUDE[$LIBDEFAULT]=.. $COMMON_INCLUDES
55 DEFINE[$LIBFIPS]=FIPS_MODULE
57 # Weak dependencies to provide library order information. What is actually
58 # used is determined by non-weak dependencies.
59 DEPEND[$LIBCOMMON]{weak}=../libcrypto
61 # Strong dependencies. This ensures that any time an implementation library
62 # is used, libcommon gets included as well.
63 # The $LIBFIPS dependency on $LIBCOMMON is extra strong, to mitigate for
64 # linking problems because they are interdependent
65 SOURCE[$LIBFIPS]=$LIBCOMMON
66 DEPEND[$LIBLEGACY]=$LIBCOMMON
67 DEPEND[$LIBDEFAULT]=$LIBCOMMON
70 # Default provider stuff
72 # Because the default provider is built in, it means that libcrypto must
73 # include all the object files that are needed (we do that indirectly,
74 # by using the appropriate libraries as source). Note that for shared
75 # libraries, SOURCEd libraries are considered as if they were specified
77 $DEFAULTGOAL=../libcrypto
78 SOURCE[$DEFAULTGOAL]=$LIBDEFAULT defltprov.c
79 INCLUDE[$DEFAULTGOAL]=implementations/include
84 # Because the base provider is built in, it means that libcrypto must
85 # include all of the object files that are needed, just like the default
87 $BASEGOAL=../libcrypto
88 SOURCE[$BASEGOAL]=$LIBDEFAULT baseprov.c
89 INCLUDE[$BASEGOAL]=implementations/include
94 # We define it this way to ensure that configdata.pm will have all the
95 # necessary information even if we don't build the module. This will allow
96 # us to make all kinds of checks on the source, based on what we specify in
97 # diverse build.info files. libfips.a, fips.so and their sources aren't
98 # built unless the proper LIBS or MODULES statement has been seen, so we
99 # have those and only those within a condition.
100 IF[{- !$disabled{fips} -}]
104 # This is the trigger to actually build the FIPS module. Without these
105 # statements, the final build file will not have a trace of it.
106 MODULES{fips}=$FIPSGOAL
107 LIBS{noinst}=$LIBFIPS
109 DEPEND[$FIPSGOAL]=$LIBFIPS
110 INCLUDE[$FIPSGOAL]=../include
111 DEFINE[$FIPSGOAL]=FIPS_MODULE
112 IF[{- defined $target{shared_defflag} -}]
113 SOURCE[$FIPSGOAL]=fips.ld
114 GENERATE[fips.ld]=../util/providers.num
117 DEPEND[|build_modules_nodep|]=fipsmodule.cnf
118 GENERATE[fipsmodule.cnf]=../util/mk-fipsmodule-cnf.pl \
119 -module $(FIPSMODULE) -section_name fips_sect -key $(FIPSKEY)
120 DEPEND[fipsmodule.cnf]=$FIPSGOAL
124 # Legacy provider stuff
126 IF[{- !$disabled{legacy} -}]
127 LIBS{noinst}=$LIBLEGACY
129 IF[{- $disabled{module} -}]
131 # In this case, we need to do the same thing a for the default provider,
132 # and make the liblegacy object files end up in libcrypto. We could also
133 # just say that for the built-in legacy, we put the source directly in
134 # libcrypto instead of going via liblegacy, but that makes writing the
135 # implementation specific build.info files harder to write, so we don't.
136 $LEGACYGOAL=../libcrypto
137 SOURCE[$LEGACYGOAL]=$LIBLEGACY
138 DEFINE[$LEGACYGOAL]=STATIC_LEGACY
141 # In this case, we can work with dependencies
144 DEPEND[$LEGACYGOAL]=$LIBLEGACY ../libcrypto
145 IF[{- defined $target{shared_defflag} -}]
146 SOURCE[legacy]=legacy.ld
147 GENERATE[legacy.ld]=../util/providers.num
149 SOURCE[$LIBLEGACY]=prov_running.c
152 # Common things that are valid no matter what form the Legacy provider
154 SOURCE[$LEGACYGOAL]=legacyprov.c
155 INCLUDE[$LEGACYGOAL]=../include implementations/include common/include
159 # Null provider stuff
161 # Because the null provider is built in, it means that libcrypto must
162 # include all the object files that are needed.
163 $NULLGOAL=../libcrypto
164 SOURCE[$NULLGOAL]=nullprov.c prov_running.c
166 SOURCE[$LIBDEFAULT]=prov_running.c