2015-08-25 02:03:17 +01:00
|
|
|
include_directories(../include)
|
2014-06-20 20:00:00 +01:00
|
|
|
|
2014-06-24 19:15:12 +01:00
|
|
|
if(APPLE)
|
2015-01-29 00:37:10 +00:00
|
|
|
if (${ARCH} STREQUAL "x86")
|
2015-03-26 22:33:00 +00:00
|
|
|
set(PERLASM_FLAGS "-fPIC -DOPENSSL_IA32_SSE2")
|
2015-01-29 00:37:10 +00:00
|
|
|
endif()
|
|
|
|
|
set(PERLASM_STYLE macosx)
|
|
|
|
|
set(ASM_EXT S)
|
|
|
|
|
enable_language(ASM)
|
2014-07-31 23:23:51 +01:00
|
|
|
elseif(UNIX)
|
2015-01-29 00:37:10 +00:00
|
|
|
if (${ARCH} STREQUAL "aarch64")
|
|
|
|
|
# The "armx" Perl scripts look for "64" in the style argument
|
|
|
|
|
# in order to decide whether to generate 32- or 64-bit asm.
|
|
|
|
|
set(PERLASM_STYLE linux64)
|
2015-04-20 22:32:28 +01:00
|
|
|
elseif (${ARCH} STREQUAL "arm")
|
|
|
|
|
set(PERLASM_STYLE linux32)
|
2015-01-29 00:37:10 +00:00
|
|
|
elseif (${ARCH} STREQUAL "x86")
|
2015-03-26 22:33:00 +00:00
|
|
|
set(PERLASM_FLAGS "-fPIC -DOPENSSL_IA32_SSE2")
|
2015-01-29 00:37:10 +00:00
|
|
|
set(PERLASM_STYLE elf)
|
|
|
|
|
else()
|
|
|
|
|
set(PERLASM_STYLE elf)
|
|
|
|
|
endif()
|
|
|
|
|
set(ASM_EXT S)
|
|
|
|
|
enable_language(ASM)
|
2016-02-23 22:44:12 +00:00
|
|
|
set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -Wa,--noexecstack")
|
2014-06-20 20:00:00 +01:00
|
|
|
else()
|
2015-01-29 00:37:10 +00:00
|
|
|
if (CMAKE_CL_64)
|
|
|
|
|
message("Using nasm")
|
|
|
|
|
set(PERLASM_STYLE nasm)
|
|
|
|
|
else()
|
|
|
|
|
message("Using win32n")
|
|
|
|
|
set(PERLASM_STYLE win32n)
|
2015-03-26 22:33:00 +00:00
|
|
|
set(PERLASM_FLAGS "-DOPENSSL_IA32_SSE2")
|
2015-01-29 00:37:10 +00:00
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
# On Windows, we use the NASM output, specifically built with Yasm.
|
|
|
|
|
set(ASM_EXT asm)
|
|
|
|
|
enable_language(ASM_NASM)
|
2014-06-20 20:00:00 +01:00
|
|
|
endif()
|
|
|
|
|
|
|
|
|
|
function(perlasm dest src)
|
2015-01-29 00:37:10 +00:00
|
|
|
add_custom_command(
|
|
|
|
|
OUTPUT ${dest}
|
2015-02-23 18:06:19 +00:00
|
|
|
COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/${src} ${PERLASM_STYLE} ${PERLASM_FLAGS} ${ARGN} > ${dest}
|
2015-01-29 00:37:10 +00:00
|
|
|
DEPENDS
|
|
|
|
|
${src}
|
2015-04-20 18:25:46 +01:00
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/arm-xlate.pl
|
2015-01-29 00:37:10 +00:00
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/x86_64-xlate.pl
|
|
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/x86asm.pl
|
|
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/x86gas.pl
|
|
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/x86masm.pl
|
|
|
|
|
${PROJECT_SOURCE_DIR}/crypto/perlasm/x86nasm.pl
|
|
|
|
|
WORKING_DIRECTORY .
|
|
|
|
|
)
|
2014-06-20 20:00:00 +01:00
|
|
|
endfunction()
|
|
|
|
|
|
|
|
|
|
# Level 0.1 - depends on nothing outside this set.
|
|
|
|
|
add_subdirectory(stack)
|
|
|
|
|
add_subdirectory(lhash)
|
|
|
|
|
add_subdirectory(err)
|
|
|
|
|
add_subdirectory(buf)
|
|
|
|
|
add_subdirectory(base64)
|
|
|
|
|
add_subdirectory(bytestring)
|
|
|
|
|
|
|
|
|
|
# Level 0.2 - depends on nothing but itself
|
|
|
|
|
add_subdirectory(sha)
|
2014-08-22 19:06:14 +01:00
|
|
|
add_subdirectory(md4)
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(md5)
|
|
|
|
|
add_subdirectory(modes)
|
|
|
|
|
add_subdirectory(aes)
|
|
|
|
|
add_subdirectory(des)
|
|
|
|
|
add_subdirectory(rc4)
|
|
|
|
|
add_subdirectory(conf)
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(chacha)
|
|
|
|
|
add_subdirectory(poly1305)
|
2015-11-13 21:09:47 +00:00
|
|
|
add_subdirectory(curve25519)
|
2014-06-20 20:00:00 +01:00
|
|
|
|
|
|
|
|
# Level 1, depends only on 0.*
|
|
|
|
|
add_subdirectory(digest)
|
|
|
|
|
add_subdirectory(cipher)
|
|
|
|
|
add_subdirectory(rand)
|
|
|
|
|
add_subdirectory(bio)
|
|
|
|
|
add_subdirectory(bn)
|
|
|
|
|
add_subdirectory(obj)
|
|
|
|
|
add_subdirectory(asn1)
|
|
|
|
|
|
|
|
|
|
# Level 2
|
|
|
|
|
add_subdirectory(engine)
|
|
|
|
|
add_subdirectory(dh)
|
|
|
|
|
add_subdirectory(dsa)
|
|
|
|
|
add_subdirectory(rsa)
|
|
|
|
|
add_subdirectory(ec)
|
|
|
|
|
add_subdirectory(ecdh)
|
|
|
|
|
add_subdirectory(ecdsa)
|
|
|
|
|
add_subdirectory(hmac)
|
|
|
|
|
|
|
|
|
|
# Level 3
|
2015-05-06 00:36:32 +01:00
|
|
|
add_subdirectory(cmac)
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(evp)
|
2014-12-09 23:51:28 +00:00
|
|
|
add_subdirectory(hkdf)
|
2014-06-20 20:00:00 +01:00
|
|
|
add_subdirectory(pem)
|
|
|
|
|
add_subdirectory(x509)
|
|
|
|
|
add_subdirectory(x509v3)
|
|
|
|
|
|
|
|
|
|
# Level 4
|
|
|
|
|
add_subdirectory(pkcs8)
|
|
|
|
|
|
2015-05-10 03:46:47 +01:00
|
|
|
# Test support code
|
|
|
|
|
add_subdirectory(test)
|
|
|
|
|
|
2014-06-20 20:00:00 +01:00
|
|
|
add_library(
|
2015-01-29 00:37:10 +00:00
|
|
|
crypto
|
|
|
|
|
|
Rewrite ARM feature detection.
This removes the thread-unsafe SIGILL-based detection and the
multi-consumer-hostile CRYPTO_set_NEON_capable API. (Changing
OPENSSL_armcap_P after initialization is likely to cause problems.)
The right way to detect ARM features on Linux is getauxval. On aarch64,
we should be able to rely on this, so use it straight. Split this out
into its own file. The #ifdefs in the old cpu-arm.c meant it shared all
but no code with its arm counterpart anyway.
Unfortunately, various versions of Android have different missing APIs, so, on
arm, we need a series of workarounds. Previously, we used a SIGILL fallback
based on OpenSSL's logic, but this is inherently not thread-safe. (SIGILL also
does not tell us if the OS knows how to save and restore NEON state.) Instead,
base the behavior on Android NDK's cpu-features library, what Chromium
currently uses with CRYPTO_set_NEON_capable:
- Android before API level 20 does not provide getauxval. Where missing,
we can read from /proc/self/auxv.
- On some versions of Android, /proc/self/auxv is also not readable, so
use /proc/cpuinfo's Features line.
- Linux only advertises optional features in /proc/cpuinfo. ARMv8 makes NEON
mandatory, so /proc/cpuinfo can't be used without additional effort.
Finally, we must blacklist a particular chip because the NEON unit is broken
(https://crbug.com/341598).
Unfortunately, this means CRYPTO_library_init now depends on /proc being
available, which will require some care with Chromium's sandbox. The
simplest solution is to just call CRYPTO_library_init before entering
the sandbox.
It's worth noting that Chromium's current EnsureOpenSSLInit function already
depends on /proc/cpuinfo to detect the broken CPU, by way of base::CPU.
android_getCpuFeatures also interally depends on it. We were already relying on
both of those being stateful and primed prior to entering the sandbox.
BUG=chromium:589200
Change-Id: Ic5d1c341aab5a614eb129d8aa5ada2809edd6af8
Reviewed-on: https://boringssl-review.googlesource.com/7506
Reviewed-by: David Benjamin <davidben@google.com>
2016-03-01 22:35:47 +00:00
|
|
|
cpu-aarch64-linux.c
|
|
|
|
|
cpu-arm.c
|
|
|
|
|
cpu-arm-linux.c
|
|
|
|
|
cpu-intel.c
|
2015-01-29 00:37:10 +00:00
|
|
|
crypto.c
|
2016-04-11 23:04:18 +01:00
|
|
|
directory_posix.c
|
|
|
|
|
directory_win.c
|
2015-05-15 20:01:29 +01:00
|
|
|
ex_data.c
|
2015-01-29 00:37:10 +00:00
|
|
|
mem.c
|
2015-05-15 20:01:29 +01:00
|
|
|
refcount_c11.c
|
|
|
|
|
refcount_lock.c
|
2015-01-29 00:37:10 +00:00
|
|
|
thread.c
|
2015-05-08 02:28:27 +01:00
|
|
|
thread_none.c
|
2015-03-16 19:48:56 +00:00
|
|
|
thread_pthread.c
|
|
|
|
|
thread_win.c
|
2015-01-29 00:37:10 +00:00
|
|
|
time_support.c
|
|
|
|
|
|
|
|
|
|
$<TARGET_OBJECTS:stack>
|
|
|
|
|
$<TARGET_OBJECTS:lhash>
|
|
|
|
|
$<TARGET_OBJECTS:err>
|
|
|
|
|
$<TARGET_OBJECTS:base64>
|
|
|
|
|
$<TARGET_OBJECTS:bytestring>
|
|
|
|
|
$<TARGET_OBJECTS:sha>
|
|
|
|
|
$<TARGET_OBJECTS:md4>
|
|
|
|
|
$<TARGET_OBJECTS:md5>
|
|
|
|
|
$<TARGET_OBJECTS:digest>
|
|
|
|
|
$<TARGET_OBJECTS:cipher>
|
|
|
|
|
$<TARGET_OBJECTS:modes>
|
|
|
|
|
$<TARGET_OBJECTS:aes>
|
|
|
|
|
$<TARGET_OBJECTS:des>
|
|
|
|
|
$<TARGET_OBJECTS:rc4>
|
|
|
|
|
$<TARGET_OBJECTS:conf>
|
|
|
|
|
$<TARGET_OBJECTS:chacha>
|
|
|
|
|
$<TARGET_OBJECTS:poly1305>
|
2015-11-13 21:09:47 +00:00
|
|
|
$<TARGET_OBJECTS:curve25519>
|
2015-01-29 00:37:10 +00:00
|
|
|
$<TARGET_OBJECTS:buf>
|
|
|
|
|
$<TARGET_OBJECTS:bn>
|
|
|
|
|
$<TARGET_OBJECTS:bio>
|
|
|
|
|
$<TARGET_OBJECTS:rand>
|
|
|
|
|
$<TARGET_OBJECTS:obj>
|
|
|
|
|
$<TARGET_OBJECTS:asn1>
|
|
|
|
|
$<TARGET_OBJECTS:engine>
|
|
|
|
|
$<TARGET_OBJECTS:dh>
|
|
|
|
|
$<TARGET_OBJECTS:dsa>
|
|
|
|
|
$<TARGET_OBJECTS:rsa>
|
|
|
|
|
$<TARGET_OBJECTS:ec>
|
|
|
|
|
$<TARGET_OBJECTS:ecdh>
|
|
|
|
|
$<TARGET_OBJECTS:ecdsa>
|
|
|
|
|
$<TARGET_OBJECTS:hmac>
|
2015-05-06 00:36:32 +01:00
|
|
|
$<TARGET_OBJECTS:cmac>
|
2015-01-29 00:37:10 +00:00
|
|
|
$<TARGET_OBJECTS:evp>
|
|
|
|
|
$<TARGET_OBJECTS:hkdf>
|
|
|
|
|
$<TARGET_OBJECTS:pem>
|
|
|
|
|
$<TARGET_OBJECTS:x509>
|
|
|
|
|
$<TARGET_OBJECTS:x509v3>
|
|
|
|
|
$<TARGET_OBJECTS:pkcs8>
|
2014-06-20 20:00:00 +01:00
|
|
|
)
|
|
|
|
|
|
2015-04-29 01:46:58 +01:00
|
|
|
if(NOT MSVC AND NOT ANDROID)
|
2015-04-02 21:47:15 +01:00
|
|
|
target_link_libraries(crypto pthread)
|
|
|
|
|
endif()
|
|
|
|
|
|
2014-11-04 02:51:20 +00:00
|
|
|
add_executable(
|
2015-01-29 00:37:10 +00:00
|
|
|
constant_time_test
|
2014-11-04 02:51:20 +00:00
|
|
|
|
2015-01-29 00:37:10 +00:00
|
|
|
constant_time_test.c
|
2015-05-16 00:08:49 +01:00
|
|
|
|
|
|
|
|
$<TARGET_OBJECTS:test_support>
|
2014-11-04 02:51:20 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
target_link_libraries(constant_time_test crypto)
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
add_dependencies(all_tests constant_time_test)
|
2014-11-04 02:51:20 +00:00
|
|
|
|
2015-03-16 19:48:56 +00:00
|
|
|
add_executable(
|
|
|
|
|
thread_test
|
|
|
|
|
|
|
|
|
|
thread_test.c
|
2015-05-16 00:08:49 +01:00
|
|
|
|
|
|
|
|
$<TARGET_OBJECTS:test_support>
|
2015-03-16 19:48:56 +00:00
|
|
|
)
|
|
|
|
|
|
2015-04-02 21:47:15 +01:00
|
|
|
target_link_libraries(thread_test crypto)
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
add_dependencies(all_tests thread_test)
|
2015-03-16 19:48:56 +00:00
|
|
|
|
2015-05-15 20:01:29 +01:00
|
|
|
add_executable(
|
|
|
|
|
refcount_test
|
|
|
|
|
|
|
|
|
|
refcount_test.c
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
target_link_libraries(refcount_test crypto)
|
Add a run_tests target to run all tests.
It's very annoying having to remember the right incant every time I want
to switch around between my build, build-release, build-asan, etc.,
output directories.
Unfortunately, this target is pretty unfriendly without CMake 3.2+ (and
Ninja 1.5+). This combination gives a USES_TERMINAL flag to
add_custom_target which uses Ninja's "console" pool, otherwise the
output buffering gets in the way. Ubuntu LTS is still on an older CMake,
so do a version check in the meantime.
CMake also has its own test mechanism (CTest), but this doesn't use it.
It seems to prefer knowing what all the tests are and then tries to do
its own output management and parallelizing and such. We already have
our own runners. all_tests.go could actually be converted tidily, but
generate_build_files.py also needs to read it, and runner.go has very
specific needs.
Naming the target ninja -C build test would be nice, but CTest squats
that name and CMake grumps when you use a reserved name, so I've gone
with run_tests.
Change-Id: Ibd20ebd50febe1b4e91bb19921f3bbbd9fbcf66c
Reviewed-on: https://boringssl-review.googlesource.com/6270
Reviewed-by: Adam Langley <alangley@gmail.com>
2015-10-15 02:34:40 +01:00
|
|
|
add_dependencies(all_tests refcount_test)
|
