[Cryptech-Commits] [sw/pkcs11] branch master updated: VPATH build for libpkcs11.so, and first cut at libpkcs11.dylib for Mac OS X.

git at cryptech.is git at cryptech.is
Fri Jun 24 21:14:27 UTC 2016


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch master
in repository sw/pkcs11.

The following commit(s) were added to refs/heads/master by this push:
       new  129e802   VPATH build for libpkcs11.so, and first cut at libpkcs11.dylib for Mac OS X.
129e802 is described below

commit 129e802fd4e0ca73f9dbae7968331d055c3a97d1
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Fri Jun 24 17:08:20 2016 -0400

    VPATH build for libpkcs11.so, and first cut at libpkcs11.dylib for Mac OS X.
    
    The Mac OS X build compiles, but is otherwise completely untested, and
    won't even be testable until cryptech_rpcd support configuring
    high-speed UARTs on Mac OS X (OS-specific voodoo).
---
 .gitignore                      | 26 ++++++++++-
 GNUmakefile                     | 99 +++++++++++++++++++++++++++++------------
 libhal/GNUmakefile              | 15 +++++++
 libhal/tests/GNUmakefile        | 10 +++++
 libhal/utils/GNUmakefile        | 10 +++++
 libtfm/GNUmakefile              | 46 +++++++++++++++++++
 libtfm/tomsfastmath/GNUmakefile |  8 ++++
 sqlite3/GNUmakefile             |  8 ++++
 8 files changed, 191 insertions(+), 31 deletions(-)

diff --git a/.gitignore b/.gitignore
index 9426d0c..90ecb31 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,11 +1,33 @@
 *.[oa]
-*.l[oa]
+*.dylib
+*.dylib.*
 *.pyc
 *.so
 *.so.*
 *~
-.libs
 TAGS
 attributes.h
+libhal/cryptech_rpcd
+libhal/tests/test-aes-key-wrap
+libhal/tests/test-bus
+libhal/tests/test-ecdsa
+libhal/tests/test-ecdsa-*.der
+libhal/tests/test-hash
+libhal/tests/test-mkmif
+libhal/tests/test-pbkdf2
+libhal/tests/test-rpc_get_random
+libhal/tests/test-rpc_get_version
+libhal/tests/test-rpc_hash
+libhal/tests/test-rpc_pkey
+libhal/tests/test-rpc_server
+libhal/tests/test-rsa
+libhal/tests/test-rsa-*.der
+libhal/tests/test-trng
+libhal/utils/cores
+libhal/utils/eim_peek_poke
+libtfm/tfm.h
 p11util
 schema.h
+sqlite3/build
+sqlite3/sqlite3
+sqlite3/sqlite3.h
diff --git a/GNUmakefile b/GNUmakefile
index c936c4a..62f1cba 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -31,53 +31,64 @@
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 # Locations of libraries on which this code depends.
-# This will probably need to change if we go to VPATHs.
 
-LIBHAL_DIR   = ../libhal
-LIBTFM_DIR   = ../thirdparty/libtfm
-SQLITE3_DIR  = ../thirdparty/sqlite3
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../..)
+endif
+
+PKCS11_DIR   ?= ${CRYPTECH_ROOT}/sw/pkcs11
+LIBHAL_DIR   ?= ${PKCS11_DIR}/libhal
+LIBTFM_DIR   ?= ${PKCS11_DIR}/libtfm
+SQLITE3_DIR  ?= ${PKCS11_DIR}/sqlite3
 
 # Whether to enable threading.  Main reason for being able to turn it
 # off is that gdb on the Novena (sometimes) goes bananas when
 # threading is enabled.
 
-ifndef ENABLE_THREADS
-  ENABLE_THREADS := yes
-endif
+ENABLE_THREADS ?= yes
 
 # Whether to enable debugging code that prints diagnostic information
 # to stderr on various conditions (mostly failures).
 
-ifndef ENABLE_DEBUGGING
-  ENABLE_DEBUGGING := no
-endif
+ENABLE_DEBUGGING ?= no
 
 # Whether to disable #warning statements; generally these are present for
 # a reason, but they can get distracting when one is attempting to debug
 # something else.
 
-ifndef ENABLE_FOOTNOTE_WARNINGS
-  ENABLE_FOOTNOTE_WARNINGS := yes
-endif
+ENABLE_FOOTNOTE_WARNINGS ?= yes
 
 # Whether to build and use our own copy of the sqlite3 library.
 
-ifndef ENABLE_OWN_SQLITE_LIBRARY
-  ENABLE_OWN_SQLITE_LIBRARY := $(if $(wildcard ${SQLITE3_DIR}),yes,no)
-endif
+ENABLE_OWN_SQLITE_LIBRARY ?= $(if $(wildcard ${CRYPTECH_ROOT}/sw/thirdparty/sqlite3),yes,no)
+
+# Target platform for shared library.  Every platform has its own
+# kinks, as does GNU libtool, so we just suck it up and do the
+# necessary kinks for the platforms we support.  Yuck.
+
+UNAME := $(shell uname)
 
-CFLAGS	:= -g3 -fPIC -Wall -std=c99 -I${LIBHAL_DIR}
-SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack -Wl,-soname,libpkcs11.so.0
+# Compilation flags, etc.
+
+CFLAGS	:= -g3 -fPIC -Wall -std=c99 -I${CRYPTECH_ROOT}/sw/libhal
 LIBS	:= ${LIBHAL_DIR}/libhal.a ${LIBTFM_DIR}/libtfm.a
 
+ifeq "${UNAME}" "Darwin"
+  SONAME  := libpkcs11.dylib
+  SOFLAGS := -dynamiclib
+else
+  SONAME  := libpkcs11.so
+  SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack -Wl,-soname,${SONAME}.0
+endif
+
 ifeq "${ENABLE_FOOTNOTE_WARNINGS}" "no"
   CFLAGS += -Wno-\#warnings -Wno-cpp
 endif
 
-ifeq "${ENABLE_THREADS}" "yes"
-  CFLAGS += -pthread
-else
+ifneq "${ENABLE_THREADS}" "yes"
   CFLAGS += -DUSE_PTHREADS=0
+else ifneq "${UNAME}" "Darwin"
+  CFLAGS += -pthread
 endif
 
 ifeq "${ENABLE_DEBUGGING}" "yes"
@@ -95,14 +106,30 @@ ifndef OBJCOPY
   OBJCOPY := objcopy
 endif
 
-all: libpkcs11.so p11util py11/attribute_map.py
+all: ${SONAME} p11util py11/attribute_map.py
 
 clean:
-	rm -rf pkcs11.o pkcs11.so libpkcs11.so* p11util p11util.o schema.h attributes.h
+	rm -rf *.o ${SONAME}* p11util schema.h attributes.h
+	cd libtfm; ${MAKE} $@
+	cd libhal; ${MAKE} $@
+ifeq "${ENABLE_OWN_SQLITE_LIBRARY}" "yes"
+	cd sqlite3; ${MAKE} $@
+endif
 
 distclean: clean
 	rm -f TAGS
 
+.FORCE:
+
+${LIBTFM_DIR}/libtfm.a: .FORCE
+	cd libtfm; ${MAKE}
+
+${LIBHAL_DIR}/libhal.a: .FORCE ${LIBTFM_DIR}/libtfm.a
+	cd libhal; ${MAKE} daemon
+
+${SQLITE3_DIR}/libsqlite3.a: .FORCE
+	cd sqlite3; ${MAKE}
+
 schema.h: schema.sql scripts/convert-schema.sed GNUmakefile
 	sed -f scripts/convert-schema.sed <schema.sql >schema.h
 
@@ -112,14 +139,28 @@ attributes.h: attributes.yaml scripts/build-attributes GNUmakefile
 py11/attribute_map.py: attributes.yaml scripts/build-py11-attributes GNUmakefile
 	python scripts/build-py11-attributes attributes.yaml py11/attribute_map.py
 
-pkcs11.o: pkcs11.c schema.h attributes.h
+pkcs11.o: pkcs11.c schema.h attributes.h ${LIBS}
 	${CC} ${CFLAGS} -c $<
 
-pkcs11.so: pkcs11.o ${LIBS}
-	${CC} ${CFLAGS} -shared -o $@ $^ ${SOFLAGS} ${LDFLAGS}
+ifeq "${ENABLE_OWN_SQLITE_LIBRARY}" "yes"
+  pkcs11.o: ${SQLITE3_DIR}/libsqlite3.a
+endif
+
+ifeq "${UNAME}" "Darwin"
 
-libpkcs11.so: pkcs11.so
-	${OBJCOPY} -w -G 'C_*' $< $@
+  ${SONAME}: pkcs11.o ${LIBS}
+	nm $< | awk 'NF == 3 && $$2 == "T" && $$3 ~ /^_C_/ {print $$3}' >$@.tmp
+	${CC} -Wl,-exported_symbols_list,$@.tmp -o $@ $^ ${SOFLAGS} ${LDFLAGS}
+	rm -f $@.tmp
+
+else
+
+  ${SONAME}: pkcs11.o ${LIBS}
+	${CC} ${CFLAGS} -shared -o $@.tmp $^ ${SOFLAGS} ${LDFLAGS}
+	${OBJCOPY} -w -G 'C_*' $@.tmp $@
+	rm -f $@.tmp
+
+endif
 
 p11util.o: p11util.c schema.h
 	${CC} ${CFLAGS} -c $<
@@ -144,7 +185,7 @@ HSMBULLY := $(firstword $(wildcard $(addsuffix /hsmbully,$(subst :, ,.:${PATH}))
 ifneq "${HSMBULLY}" ""
 
   HSMBULLY_OPTIONS := \
-	--pin fnord --so-pin fnord --pkcs11lib $(abspath libpkcs11.so) \
+	--pin fnord --so-pin fnord --pkcs11lib $(abspath ${SONAME}) \
 	--verbose=9 --fast-and-frivolous --skip-fragmentation --skip-keysizing
 
   HSMBULLY_DATABASE=$(abspath hsmbully.pkcs11.db)
diff --git a/libhal/GNUmakefile b/libhal/GNUmakefile
new file mode 100644
index 0000000..13c39ec
--- /dev/null
+++ b/libhal/GNUmakefile
@@ -0,0 +1,15 @@
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../..)
+endif
+
+TFMDIR := $(abspath ../libtfm)
+
+INC	= ${CRYPTECH_ROOT}/sw/libhal/hal.h
+LIB	= ../libhal.a
+
+CFLAGS += -I${CRYPTECH_ROOT}/sw/libhal
+
+vpath %.c ${CRYPTECH_ROOT}/sw/libhal
+vpath %.h ${CRYPTECH_ROOT}/sw/libhal:${LIBTFM_DIR}
+
+include ${CRYPTECH_ROOT}/sw/libhal/GNUmakefile
diff --git a/libhal/tests/GNUmakefile b/libhal/tests/GNUmakefile
new file mode 100644
index 0000000..e158ecf
--- /dev/null
+++ b/libhal/tests/GNUmakefile
@@ -0,0 +1,10 @@
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../../..)
+endif
+
+TFMDIR := $(abspath ../../libtfm)
+
+vpath %.c ${CRYPTECH_ROOT}/sw/libhal/tests
+vpath %.h ${CRYPTECH_ROOT}/sw/libhal/tests:${LIBTFM_DIR}
+
+include ${CRYPTECH_ROOT}/sw/libhal/tests/GNUmakefile
diff --git a/libhal/utils/GNUmakefile b/libhal/utils/GNUmakefile
new file mode 100644
index 0000000..cc428ae
--- /dev/null
+++ b/libhal/utils/GNUmakefile
@@ -0,0 +1,10 @@
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../../..)
+endif
+
+TFMDIR := $(abspath ../../libtfm)
+
+vpath %.c ${CRYPTECH_ROOT}/sw/libhal/utils
+vpath %.h ${CRYPTECH_ROOT}/sw/libhal/utils:${LIBTFM_DIR}
+
+include ${CRYPTECH_ROOT}/sw/libhal/utils/GNUmakefile
diff --git a/libtfm/GNUmakefile b/libtfm/GNUmakefile
new file mode 100644
index 0000000..df90ddf
--- /dev/null
+++ b/libtfm/GNUmakefile
@@ -0,0 +1,46 @@
+
+# This duplicates more of sw/thirdparty/libtfm/GNUmakefile than I
+# would like, but it does the job.  Prettier makefiles can wait for another day.
+
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../..)
+endif
+
+REPO := ${CRYPTECH_ROOT}/sw/thirdparty/libtfm
+
+# vpath %.c ${REPO}
+# vpath %.h ${REPO}
+
+BITS := 8192
+
+HDR  := ${REPO}/tomsfastmath/src/headers/tfm.h
+LIB  := tomsfastmath/libtfm.a
+
+#CFLAGS	+= -DTFM_X86
+#CFLAGS	+= -DTFM_NO_ASM
+
+CFLAGS	+= -fPIC -Wall -W -Wshadow -I${REPO}/tomsfastmath/src/headers -g3 -DFP_MAX_SIZE="(${BITS}*2+(8*DIGIT_BIT))"
+
+TARGETS	:= $(notdir ${HDR} ${LIB})
+
+all: ${TARGETS}
+
+clean:
+	rm -rf ${TARGETS} $(notdir ${HDR}.tmp) ${LIB} tomsfastmath/src
+
+distclean: clean
+	rm -f TAGS
+
+$(notdir ${HDR}): ${HDR}
+	echo  >$@.tmp '/* Configure size of largest bignum we want to handle -- see notes in tfm.pdf */'
+	echo >>$@.tmp '#define   FP_MAX_SIZE   (${BITS}*2+(8*DIGIT_BIT))'
+	echo >>$@.tmp ''
+	cat  >>$@.tmp $^
+	mv -f $@.tmp $@
+
+$(notdir ${LIB}): ${LIB}
+	ln -f $^ $@
+
+${LIB}: ${HDR}
+	(cd ${REPO} && find tomsfastmath/src -type d) | xargs mkdir -p
+	cd tomsfastmath; ${MAKE} CFLAGS='${CFLAGS}'
diff --git a/libtfm/tomsfastmath/GNUmakefile b/libtfm/tomsfastmath/GNUmakefile
new file mode 100644
index 0000000..ea0a524
--- /dev/null
+++ b/libtfm/tomsfastmath/GNUmakefile
@@ -0,0 +1,8 @@
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../../..)
+endif
+
+vpath %.c ${CRYPTECH_ROOT}/sw/thirdparty/libtfm/tomsfastmath
+vpath %.h ${CRYPTECH_ROOT}/sw/thirdparty/libtfm/tomsfastmath
+
+include ${CRYPTECH_ROOT}/sw/thirdparty/libtfm/tomsfastmath/makefile
diff --git a/sqlite3/GNUmakefile b/sqlite3/GNUmakefile
new file mode 100644
index 0000000..fb98ca5
--- /dev/null
+++ b/sqlite3/GNUmakefile
@@ -0,0 +1,8 @@
+ifndef CRYPTECH_ROOT
+  CRYPTECH_ROOT := $(abspath ../../..)
+endif
+
+REPO    = ${CRYPTECH_ROOT}/sw/thirdparty/sqlite3
+TARBALL = ${REPO}/$(notdir ${URL})
+
+include ${REPO}/GNUmakefile

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Commits mailing list