From c89b7d5f79b80ba3663f326c23b37ef3c783a657 Mon Sep 17 00:00:00 2001 From: elms Date: Fri, 29 Oct 2021 13:59:53 -0700 Subject: [PATCH 1/4] configure and cmake: Closing gap on options and output cmake: * 32-bit and 16-bit mode flags * Add 4bit to AESGCM * Add align data * Encrypted Keys option * PKC12 option * Header installation cleanup configure: * Add comment for `v5-RC9` * update CFLAGS to always be appended instead of mix of prepend and append * removed duplicate `ARC4` logic --- CMakeLists.txt | 257 ++++++++++++++++++++++++++++++++++-------- cmake/functions.cmake | 5 +- configure.ac | 100 ++++++++-------- 3 files changed, 259 insertions(+), 103 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 31562ef61..0e54709ca 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -177,8 +177,6 @@ find_package(Threads) # - Single precision math # - Enable all # - Enable all crypto -# - 32-bit mode -# - 16-bit mode # For reproducible build, gate out from the build anything that might # introduce semantically frivolous jitter, maximizing chance of @@ -187,11 +185,24 @@ set(WOLFSSL_REPRODUCIBLE_BUILD_HELP_STRING "Enable maximally reproducible build add_option("WOLFSSL_REPRODUCIBLE_BUILD" ${WOLFSSL_REPRODUCIBLE_BUILD_HELP_STRING} "no" "yes;no") if(WOLFSSL_REPRODUCIBLE_BUILD) + list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_REPRODUCIBLE_BUILD") set(CMAKE_C_ARCHIVE_CREATE " Dqc ") set(CMAKE_C_ARCHIVE_APPEND " Dq ") set(CMAKE_C_ARCHIVE_FINISH " -D ") endif() +# Support for forcing 32-bit mode +# TODO: detect platform from other options +set(WOLFSSL_32BIT_HELP_STRING "Enables 32-bit support (default: disabled)") +add_option("WOLFSSL_32BIT" ${WOLFSSL_32BIT_HELP_STRING} "no" "yes;no") + +# 16-bit compiler support +set(WOLFSSL_16BIT_HELP_STRING "Enables 16-bit support (default: disabled)") +add_option("WOLFSSL_16BIT" ${WOLFSSL_16BIT_HELP_STRING} "no" "yes;no") +if(WOLFSSL_16BIT) + list(APPEND WOLFSSL_DEFINITIONS "-DWC_16BIT_CPU") +endif() + # Support for disabling all ASM set(WOLFSSL_ASM_HELP_STRING "Enables option for assembly (default: enabled)") add_option("WOLFSSL_ASM" ${WOLFSSL_ASM_HELP_STRING} "yes" "yes;no") @@ -312,13 +323,17 @@ endif() # AES-GCM set(WOLFSSL_AESGCM_HELP_STRING "Enable wolfSSL AES-GCM support (default: enabled)") -add_option("WOLFSSL_AESGCM" ${WOLFSSL_AESGCM_HELP_STRING} "yes" "yes;no;table;small;word32") +add_option("WOLFSSL_AESGCM" ${WOLFSSL_AESGCM_HELP_STRING} "yes" "yes;no;table;small;word32;4bit") # leanpsk and leantls don't need gcm if(WOLFSSL_LEAN_PSK OR (WOLFSSL_LEAN_TLS AND NOT WOLFSSL_TLS13)) override_cache(WOLFSSL_AESGCM "no") endif() +if(WOLFSSL_AESGCM AND NOT WORDS_BIGENDIAN) + override_cache(WOLFSSL_AESGCM "4bit") +endif() + if(WOLFSSL_AESGCM) if("${WOLFSSL_AESGCM}" STREQUAL "word32") list(APPEND WOLFSSL_DEFINITIONS "-DGCM_WORD32") @@ -335,10 +350,16 @@ if(WOLFSSL_AESGCM) override_cache(WOLFSSL_AESGCM "yes") endif() + if("${WOLFSSL_AESGCM}" STREQUAL "4bit") + list(APPEND WOLFSSL_DEFINITIONS "-DGCM_TABLE_4BIT") + override_cache(WOLFSSL_AESGCM "yes") + endif() + list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_AESGCM") endif() # TODO: - AES-CCM +# - AES-GCM stream # - AES-CTR # - AES-OFB # - AES-CFB @@ -356,6 +377,13 @@ endif() # - BLAKE2 +# Align data +set(WOLFSSL_ALIGN_DATA_HELP_STRING "Align data for ciphers (default: enabled)") +add_option("WOLFSSL_ALIGN_DATA" ${WOLFSSL_ALIGN_DATA_HELP_STRING} "yes" "yes;no") +if(WOLFSSL_ALIGN_DATA) + list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_USE_ALIGN") +endif() + # SHA224 set(SHA224_DEFAULT "no") if(("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "x86_64") OR @@ -693,7 +721,7 @@ else() endif() endif() if(WOLFSSL_RSA_PSS) - list(APPEND WOLFSSL_DEFINITIONS "-DWC_RSA_PSS") + list(APPEND WOLFSSL_DEFINITIONS "-DWC_RSA_PSS") endif() # DH @@ -708,7 +736,7 @@ if(NOT WOLFSSL_DH) list(APPEND WOLFSSL_DEFINITIONS "-DNO_DH") else() if(WOLFSSL_LEAN_PSK OR WOLFSSL_LEAN_TLS) - list(APPEND WOLFSSL_DEFINITIONS "-DNO_DH") + list(APPEND WOLFSSL_DEFINITIONS "-DNO_DH") override_cache(WOLFSSL_DH "no") endif() endif() @@ -815,7 +843,7 @@ set(WOLFSSL_BASE64_ENCODE_HELP_STRING "Enable Base64 encoding (default: enabled add_option("WOLFSSL_BASE64_ENCODE" ${WOLFSSL_BASE64_ENCODE_HELP_STRING} ${BASE64_ENCODE_DEFAULT} "yes;no") if(WOLFSSL_BASE64_ENCODE) - list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_BASE64_ENCODE") + list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_BASE64_ENCODE") endif() # TODO: - Base16 @@ -841,16 +869,6 @@ if(WOLFSSL_OPENSSH OR WOLFSSL_WPAS) override_cache(WOLFSSL_ARC4 "yes") endif() -if(NOT WOLFSSL_ARC4) - list(APPEND WOLFSSL_DEFINITIONS "-DNO_RC4") -else() - # turn off ARC4 if leanpsk or leantls on - if(WOLFSSL_LEAN_PSK OR WOLFSSL_LEAN_TLS) - list(APPEND WOLFSSL_DEFINITIONS "-DNO_RC4") - override_cache(WOLFSSL_ARC4 "no") - endif() -endif() - # MD5 set(WOLFSSL_MD5_HELP_STRING "Enable MD5 (default: enabled)") add_option("WOLFSSL_MD5" ${WOLFSSL_MD5_HELP_STRING} "yes" "yes;no") @@ -921,10 +939,6 @@ if(WOLFSSL_SHA3 AND NOT WOLFSSL_32BIT) endif() # SHAKE256 -if(NOT WOLFSSL_SHAKE256) - override_cache(WOLFSSL_SHAKE256 ${WOLFSSL_SHA3}) -endif() - if(WOLFSSL_SHAKE256) if(NOT WOLFSSL_32BIT) list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SHAKE256") @@ -1069,7 +1083,7 @@ add_option("WOLFSSL_SUPPORTED_CURVES" ${WOLFSSL_SUPPORTED_CURVES_HELP_STRING} "y if(WOLFSSL_SUPPORTED_CURVES) if(NOT WOLFSSL_ECC AND NOT WOLFSSL_CURVE25519 AND NOT WOLFSSL_CURVE448) - override_cache(WOLFSSL_SUPPORTED_CURVES "no") + override_cache(WOLFSSL_SUPPORTED_CURVES "no") else() list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_TLS_EXTENSIONS" @@ -1095,9 +1109,10 @@ if (NOT WOLFSSL_ECC AND endif() if (WOLFSSL_TLS13) list(APPEND WOLFSSL_DEFINITIONS + "-DHAVE_SUPPORTED_CURVES" "-DWOLFSSL_TLS13" "-DHAVE_TLS_EXTENSIONS" - "-DHAVE_SUPPORTED_CURVES") + ) endif() # Session Ticket Extension @@ -1122,6 +1137,17 @@ if(WOLFSSL_EXTENDED_MASTER) list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_EXTENDED_MASTER") endif() + +if(NOT WOLFSSL_ARC4) + list(APPEND WOLFSSL_DEFINITIONS "-DNO_RC4") +else() + # turn off ARC4 if leanpsk or leantls on + if(WOLFSSL_LEAN_PSK OR WOLFSSL_LEAN_TLS) + list(APPEND WOLFSSL_DEFINITIONS "-DNO_RC4") + override_cache(WOLFSSL_ARC4 "no") + endif() +endif() + # TODO: - TLS extensions # - Early data handshake # - PKCS7 @@ -1161,16 +1187,16 @@ endif() set(WOLFSSL_STUNNEL_HELP_STRING "Enable stunnel (default: disabled)") add_option("WOLFSSL_STUNNEL" ${WOLFSSL_STUNNEL_HELP_STRING} "no" "yes;no") +if(WOLFSSL_ENC_THEN_MAC) + list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ENCRYPT_THEN_MAC") +endif() + if(NOT WOLFSSL_PSK AND NOT WOLFSSL_LEAN_PSK AND NOT WOLFSSL_STUNNEL) list(APPEND WOLFSSL_DEFINITIONS "-DNO_PSK") endif() -if(WOLFSSL_ENC_THEN_MAC) - list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ENCRYPT_THEN_MAC") -endif() - # MD4 set(WOLFSSL_MD4_HELP_STRING "Enable MD4 (default: disabled)") add_option("WOLFSSL_MD4" ${WOLFSSL_MD4_HELP_STRING} "no" "yes;no") @@ -1184,7 +1210,34 @@ if(NOT WOLFSSL_MD4) endif() endif() -# TODO: - Encrypted keys +# Encrypted keys +set(WOLFSSL_ENCKEYS_HELP_STRING "Enable PEM encrypted key support (default: disabled)") +add_option("WOLFSSL_ENCKEYS" ${WOLFSSL_ENCKEYS_HELP_STRING} "no" "yes;no") + +if(NOT WOLFSSL_ENCKEYS) + if(WOLFSSL_OPENSSLEXTRA OR + WOLFSSL_WEBSERVER OR + WOLFSSL_WPAS) + # opensslextra, webserver, and WPAS needs enckeys + override_cache(WOLFSSL_ENCKEYS "yes") + endif() +endif() + +if(WOLFSSL_ENCKEYS) + list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_ENCRYPTED_KEYS") +endif() + +# PKCS#12 +set(WOLFSSL_PKCS12_HELP_STRING "Enable pkcs12 (default: enabled)") +add_option("WOLFSSL_PKCS12" ${WOLFSSL_PKCS12_HELP_STRING} "yes" "yes;no") +if(NOT WOLFSSL_ASN) + override_cache(WOLFSSL_PKCS12 "no") +endif() + +if(NOT WOLFSSL_PKCS12) + list(APPEND WOLFSSL_DEFINITIONS "-DNO_PKCS12") +endif() + # PWDBASED has to come after certservice since we want it on w/o explicit on # PWDBASED @@ -1195,7 +1248,8 @@ if(NOT WOLFSSL_PWDBASED) if(WOLFSSL_OPENSSLEXTRA OR WOLFSSL_OPENSSLALL OR WOLFSSL_WEBSERVER OR - WOLFSSL_ENC_KEYS) + WOLFSSL_ENC_KEYS OR + WOLFSSL_PKCS12) # opensslextra, opensslall, webserver, and enckeys needs pwdbased override_cache(WOLFSSL_PWDBASED "yes") else() @@ -1280,7 +1334,6 @@ add_option("WOLFSSL_CRYPT_TESTS_LIBS" ${WOLFSSL_CRYPT_TESTS_LIBS_HELP_STRING} "n # TODO: - LIBZ # - PKCS#11 -# - PKCS#12 # - Cavium # - Cavium V # - Cavium Octeon @@ -1605,25 +1658,125 @@ endif() include(GNUInstallDirs) -set(EXCLUDED_HEADERS_REGEX - "(internal|\ - options|\ - pic32mz-crypt|\ - ti-hash|\ - ti-ccm|\ - nrf51|\ - ksdk_port|\ - dcp_port|\ - xil-sha3|\ - caam_driver|\ - wolfcaam|\ - wolfcaam_sha|\ - stm32|\ - stsafe|\ - esp32-cry|\ - cryptoCell|\ - renesas-tsip-crypt|\ - psoc6_crypto).h") +set(HEADER_EXCLUDE + "internal.h" + "pic32mz-crypt.h" + "ti-hash.h" + "ti-ccm.h" + "nrf51.h" + "ksdk_port.h" + "dcp_port.h" + "xil-sha3.h" + "caam_driver.h" + "wolfcaam.h" + "wolfcaam_sha.h" + "stm32.h" + "stsafe.h" + "esp32-cry.h" + "cryptoCell.h" + "renesas-tsip-crypt.h" + "psoc6_crypto.h" + ) + +# For distro build don't install options.h. +# It depends on the architecture and conflicts with Multi-Arch. +if(BUILD_DISTRO) + list(APPEND HEADER_EXCLUDE + "options.h") +endif() + +if(NOT BUILD_CRYPTOAUTHLIB) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/atmel/atmel.h") +endif() + +if(NOT BUILD_AFALG) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h" + "wolfssl/wolfcrypt/port/af_alg/wc_afalg.h") +endif() + +if(NOT BUILD_KCAPI) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/kcapi/wc_kcapi.h" + "wolfssl/wolfcrypt/port/kcapi/kcapi_hash.h" + "wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h" + "wolfssl/wolfcrypt/port/kcapi/kcapi_ecc.h" + "wolfssl/wolfcrypt/port/kcapi/kcapi_rsa.h" + "wolfssl/wolfcrypt/port/kcapi/kcapi_dh.h" + ) +endif() + +if(NOT BUILD_DEVCRYPTO) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h") +endif() + +if(NOT BUILD_ASYNCCRYPT) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/async.h") +endif() + +if(NOT BUILD_PKCS11) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/wc_pkcs11.h" + "wolfssl/wolfcrypt/pkcs11.h" + ) +endif() + +if(NOT BUILD_CAVIUM) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h") +endif() + +if(NOT BUILD_OCTEON_SYNC) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h" + ) +endif() + +if(NOT BUILD_INTEL_QA) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/intel/quickassist.h" + "wolfssl/wolfcrypt/port/intel/quickassist_mem.h" + ) +endif() + +if(NOT BUILD_INTEL_QA_SYNC) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/intel/quickassist_sync.h") +endif() + +if(NOT BUILD_SP) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/sp.h" + "wolfssl/wolfcrypt/sp_int.h") +endif() + +if(NOT BUILD_SELFTEST) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/selftest.h") +endif() + +if(NOT BUILD_FIPS OR BUILD_FIPS_V1) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/fips.h") +endif() + +if(NOT BUILD_QNXCAAM) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/caam/wolfcaam.h" + "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" + "wolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h" + "wolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h" + "wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h" + ) +endif() + +list(JOIN HEADER_EXCLUDE "|" EXCLUDED_HEADERS_REGEX) + +string(PREPEND EXCLUDED_HEADERS_REGEX "(") +string(APPEND EXCLUDED_HEADERS_REGEX ")") set(INSTALLED_EXAMPLES ${CMAKE_CURRENT_SOURCE_DIR}/examples/echoserver/echoserver.c @@ -1646,6 +1799,12 @@ install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl FILES_MATCHING PATTERN "*.h" REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE) +install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/cyassl/ + DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl + FILES_MATCHING PATTERN "*.h" + REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE) + + # Install the examples install(FILES ${INSTALLED_EXAMPLES} DESTINATION ${CMAKE_INSTALL_DOCDIR}/example) @@ -1653,7 +1812,7 @@ install(FILES ${INSTALLED_EXAMPLES} install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/doc/README.txt ${CMAKE_CURRENT_SOURCE_DIR}/certs/taoCert.txt - DESTINATION ${CMAKE_INSTALL_DOCDIR}/wolfssl) + DESTINATION ${CMAKE_INSTALL_DOCDIR}) # Install the export set install(EXPORT wolfssl-targets DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/wolfssl diff --git a/cmake/functions.cmake b/cmake/functions.cmake index 53b9e4c71..3825fc26c 100644 --- a/cmake/functions.cmake +++ b/cmake/functions.cmake @@ -164,6 +164,9 @@ function(generate_build_flags) if("${FIPS_VERSION}" STREQUAL "rand") set(BUILD_FIPS_RAND "yes" PARENT_SCOPE) endif() + if("${FIPS_VERSION}" STREQUAL "v5") + set(BUILD_FIPS_V5 "yes" PARENT_SCOPE) + endif() set(BUILD_FIPS_READY ${FIPS_READY} PARENT_SCOPE) if(WOLFSSL_CMAC OR WOLFSSL_USER_SETTINGS) set(BUILD_CMAC "yes" PARENT_SCOPE) @@ -884,7 +887,7 @@ function(generate_lib_src_list LIB_SOURCES) endfunction() function(add_to_options_file DEFINITIONS OPTION_FILE) - list(REMOVE_DUPLICATES DEFINITIONS) + #list(REMOVE_DUPLICATES DEFINITIONS) foreach(DEF IN LISTS DEFINITIONS) if(DEF MATCHES "^-D") if(DEF MATCHES "^-D(N)?DEBUG(=.+)?") diff --git a/configure.ac b/configure.ac index ef20fc2f1..08f9b97c1 100644 --- a/configure.ac +++ b/configure.ac @@ -150,7 +150,7 @@ AS_IF([test "x$thread_ls_on" = "xyes"],[AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"] # DEBUG AX_DEBUG AS_IF([test "$ax_enable_debug" = "yes"], - [AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"], + [AM_CFLAGS="$AM_CFLAGS $DEBUG_CFLAGS"], [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"]) AS_IF([test "$ax_enable_debug" = "yes"], [AM_CCASFLAGS="$DEBUG_CFLAGS $AM_CCASFLAGS"], @@ -744,7 +744,7 @@ then DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS=4096 # Enable multiple attribute additions such as DC - AM_CFLAGS="-DWOLFSSL_MULTI_ATTRIB $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MULTI_ATTRIB" fi @@ -760,14 +760,14 @@ AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[ # If AX_PTHREAD is adding -Qunused-arguments, need to prepend with -Xcompiler libtool will use it. Newer # versions of clang don't need the -Q flag when using pthreads. AS_CASE([$PTHREAD_CFLAGS],[-Qunused-arguments*],[PTHREAD_CFLAGS="-Xcompiler $PTHREAD_CFLAGS"]) - AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -D_POSIX_THREADS $PTHREAD_CFLAGS" LIBS="$LIBS $PTHREAD_LIBS" ],[ ENABLED_SINGLETHREADED=yes ]) ]) -AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ]) +AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="$AM_CFLAGS -DSINGLE_THREADED" ]) # DTLS @@ -780,7 +780,7 @@ AC_ARG_ENABLE([dtls], ) if test "$ENABLED_DTLS" = "yes" then - AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS" fi # DTLS change MTU @@ -791,7 +791,7 @@ AC_ARG_ENABLE([dtls-mtu], ) if test "$ENABLED_DTLS_MTU" = "yes" then - AM_CFLAGS="-DWOLFSSL_DTLS_MTU $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_MTU" fi @@ -826,7 +826,7 @@ then AC_MSG_NOTICE([TLS 1.3 is disabled - disabling Post-handshake Authentication]) ENABLED_TLS13_POST_AUTH="no" else - AM_CFLAGS="-DWOLFSSL_POST_HANDSHAKE_AUTH $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_POST_HANDSHAKE_AUTH" fi fi @@ -844,7 +844,7 @@ then AC_MSG_NOTICE([TLS 1.3 is disabled - disabling HRR Cookie]) ENABLED_SEND_HRR_COOKIE="no" else - AM_CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SEND_HRR_COOKIE" fi fi @@ -1141,7 +1141,7 @@ AC_ARG_ENABLE([error-queue-per-thread], if test "$ENABLED_ERRORQUEUEPERTHREAD" = "yes" then - AM_CFLAGS="-DERROR_QUEUE_PER_THREAD $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DERROR_QUEUE_PER_THREAD" fi # High Strength Build @@ -2275,7 +2275,7 @@ AC_ARG_ENABLE([sep], ) if test "$ENABLED_SEP" = "yes" then - AM_CFLAGS="-DWOLFSSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SEP -DKEEP_PEER_CERT" fi @@ -3308,18 +3308,6 @@ AC_ARG_ENABLE([arc4], [ ENABLED_ARC4=no ] ) -if test "$ENABLED_ARC4" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_RC4" -else - # turn off ARC4 if leanpsk or leantls on - if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" - then - AM_CFLAGS="$AM_CFLAGS -DNO_RC4" - ENABLED_ARC4=no - fi -fi - # MD5 AC_ARG_ENABLE([md5], [AS_HELP_STRING([--enable-md5],[Enable MD5 (default: enabled)])], @@ -4019,6 +4007,12 @@ AC_ARG_WITH([liboqs], AC_MSG_RESULT([yes]) fi + if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" + then + ENABLED_OPENSSLEXTRA="yes" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_LIBOQS -DHAVE_TLS_EXTENSIONS" ENABLED_LIBOQS="yes" ] @@ -4201,7 +4195,7 @@ if test "$ENABLED_DH" = "yes" then if test "$ENABLED_TLS13" = "yes" || test "$ENABLED_SUPPORTED_CURVES" = "yes" then - AM_CFLAGS="-DHAVE_FFDHE_2048 $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DHAVE_FFDHE_2048" fi fi @@ -4238,11 +4232,11 @@ fi if test "$ENABLED_TLS13" = "yes" && (test "x$ENABLED_ECC" = "xyes" || \ test "x$ENABLED_DH" = "xyes") then - AM_CFLAGS="-DHAVE_SUPPORTED_CURVES $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DHAVE_SUPPORTED_CURVES" fi if test "$ENABLED_TLS13" = "yes" then - AM_CFLAGS="-DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS" fi @@ -4313,7 +4307,7 @@ if test "$ENABLED_TLS13_EARLY_DATA" = "group" then ENABLED_TLS13_EARLY_DATA="yes" # Group EarlyData with ClientHello - AM_CFLAGS="-DWOLFSSL_EARLY_DATA_GROUP $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EARLY_DATA_GROUP" fi if test "$ENABLED_TLS13_EARLY_DATA" = "yes" then @@ -4325,7 +4319,7 @@ then then AC_MSG_ERROR([cannot enable earlydata without enabling session tickets and/or PSK.]) fi - AM_CFLAGS="-DWOLFSSL_EARLY_DATA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EARLY_DATA" fi if test "$ENABLED_TLSV12" = "no" && test "$ENABLED_TLS13" = "yes" && test "x$ENABLED_SESSION_TICKET" = "xno" @@ -4570,7 +4564,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_CERT_SERVICE" fi @@ -4684,7 +4678,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1" AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA" @@ -4730,7 +4724,7 @@ then then ENABLED_OPENSSLALL="yes" ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA -DOPENSSL_ALL $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DOPENSSL_ALL" fi if test "x$ENABLED_CERTGEN" = "xno" @@ -4790,7 +4784,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi fi @@ -4859,7 +4853,7 @@ then then ENABLED_OPENSSLALL="yes" ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA -DOPENSSL_ALL $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DOPENSSL_ALL" fi AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASIO -DASIO_USE_WOLFSSL -DWOLFSSL_KEY_GEN" AM_CFLAGS="$AM_CFLAGS -DBOOST_ASIO_USE_WOLFSSL -DHAVE_EX_DATA" @@ -4891,7 +4885,7 @@ then then ENABLED_OPENSSLALL="yes" ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA -DOPENSSL_ALL $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DOPENSSL_ALL" fi AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_APACHE_HTTPD" AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3 -DOPENSSL_NO_COMP" @@ -4994,7 +4988,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi if test "x$ENABLED_SESSION_TICKET" = "xno" @@ -5101,7 +5095,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi if test "x$ENABLED_DES3" = "xno" @@ -5122,7 +5116,7 @@ then if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA" fi if test "x$ENABLED_CERTGEN" = "xno" @@ -5151,9 +5145,9 @@ then then ENABLED_OPENSSLALL="yes" ENABLED_OPENSSLEXTRA="yes" - AM_CFLAGS="-DOPENSSL_EXTRA -DOPENSSL_ALL $AM_CFLAGS" - AM_CFLAGS="-DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING $AM_CFLAGS" - AM_CFLAGS="-DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DOPENSSL_ALL" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING" + AM_CFLAGS="$AM_CFLAGS -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT" fi # Requires OCSP @@ -6874,7 +6868,7 @@ then fi AS_IF([test "x$ENABLED_OPENSSLALL" = "xyes"], - [AM_CFLAGS="-DOPENSSL_ALL -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT $AM_CFLAGS"]) + [AM_CFLAGS="$AM_CFLAGS -DOPENSSL_ALL -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT"]) AS_IF([test "x$ENABLED_AESCTR" = "xyes" && test "x$ENABLED_FORTRESS" != "xyes"], [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT"]) @@ -6886,18 +6880,18 @@ fi if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then - AM_CFLAGS="-DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB $AM_CFLAGS" - AM_CFLAGS="-DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS $AM_CFLAGS" - AM_CFLAGS="-DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET $AM_CFLAGS" - AM_CFLAGS="-DWOLFSSL_AKID_NAME -DHAVE_CTS $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS" + AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AKID_NAME -DHAVE_CTS" fi if test "$ENABLED_OPENSSLEXTRA" = "x509small" then AC_MSG_NOTICE([Enabling only a subset of X509 opensslextra]) - AM_CFLAGS="-DOPENSSL_EXTRA_X509_SMALL $AM_CFLAGS" - AM_CFLAGS="-DWOLFSSL_EKU_OID -DWOLFSSL_MULTI_ATTRIB $AM_CFLAGS" - AM_CFLAGS="-DWOLFSSL_NO_OPENSSL_RAND_CB $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EKU_OID -DWOLFSSL_MULTI_ATTRIB" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OPENSSL_RAND_CB" fi if test "$ENABLED_WOLFSCEP" = "yes" @@ -7028,10 +7022,10 @@ AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \ [AC_MSG_ERROR([Cannot use Max Strength and SSLv3 at the same time.])]) AS_IF([test "x$ENABLED_SCTP" = "xyes"], - [AM_CFLAGS="-DWOLFSSL_SCTP $AM_CFLAGS"]) + [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SCTP"]) AS_IF([test "x$ENABLED_MCAST" = "xyes"], - [AM_CFLAGS="-DWOLFSSL_MULTICAST $AM_CFLAGS"]) + [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MULTICAST"]) # WOLFSSL_AFALG does not support SHA224 yet AS_IF([(test "x$ENABLED_AFALG" = "xyes") && (test "x$ENABLED_SHA224" = "xyes")], @@ -7044,20 +7038,20 @@ AS_IF([(test "x$ENABLED_DEVCRYPTO" = "xyes") && (test "x$ENABLED_SHA224" = "xyes # SCTP and Multicast require DTLS AS_IF([(test "x$ENABLED_DTLS" = "xno") && \ (test "x$ENABLED_SCTP" = "xyes" || test "x$ENABLED_MCAST" = "xyes")], - [AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS" + [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS" ENABLED_DTLS=yes]) # Multicast requires the null cipher AS_IF([test "x$ENABLED_NULL_CIPHER" = "xno" && \ test "x$ENABLED_MCAST" = "xyes"], - [AM_CFLAGS="-DHAVE_NULL_CIPHER $AM_CFLAGS" + [AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER" ENABLED_NULL_CIPHER=yes]) # wolfSSH and WPA Supplicant both need Public MP, only enable once. # This will let you know if you enabled wolfSSH but have any of the prereqs # disabled. Some of these options, disabling them adds things to the FLAGS and # you need to check and add items in two places depending on the option. -AS_IF([test "x$ENABLED_WOLFSSH" = "xyes"],[AS_IF([test "x$ENABLED_WPAS" = "xno"],[AM_CFLAGS="-DWOLFSSL_PUBLIC_MP $AM_CFLAGS"])]) +AS_IF([test "x$ENABLED_WOLFSSH" = "xyes"],[AS_IF([test "x$ENABLED_WPAS" = "xno"],[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP"])]) if test "x$ENABLED_OPENSSLCOEXIST" = "xyes"; then if test "x$ENABLED_OPENSSLALL" = "xyes"; then @@ -7376,7 +7370,7 @@ fi if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes" then - AM_CFLAGS="-include ${output_objdir}/.build_params $AM_CFLAGS" + AM_CFLAGS="$AM_CFLAGS -include ${output_objdir}/.build_params" fi From 6ff1e0b037aff20d56291f82ebede4577dbff485 Mon Sep 17 00:00:00 2001 From: elms Date: Fri, 29 Oct 2021 16:08:27 -0700 Subject: [PATCH 2/4] cmake: correct libtool version, default to shared library, generate pkgconfig --- CMakeLists.txt | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0e54709ca..94745a986 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -32,12 +32,12 @@ project(wolfssl VERSION 5.0.1 LANGUAGES C) # shared library versioning # increment if interfaces have been added, removed or changed -set(LIBTOOL_CURRENT 27) +set(LIBTOOL_CURRENT 30) # increment if source code has changed set to zero if current is incremented set(LIBTOOL_REVISION 0) # increment if interfaces have been added set to zero if interfaces have been # removed or changed -set(LIBTOOL_AGE 3) +set(LIBTOOL_AGE 0) math(EXPR LIBTOOL_SO_VERSION "${LIBTOOL_CURRENT} - ${LIBTOOL_AGE}") set(LIBTOOL_FULL_VERSION ${LIBTOOL_SO_VERSION}.${LIBTOOL_AGE}.${LIBTOOL_REVISION}) @@ -1488,6 +1488,8 @@ file(APPEND ${CYASSL_OPTION_FILE} ${OPTION_FILE_CONTENTS}) # TODO: - Build shared/static libs based on enables. Check CMake # global flag BUILD_SHARED_LIBS. +option(BUILD_SHARED_LIBS "Build shared libraries (.dll/.so) instead of static ones (.lib/.a)" ON) + set(LIB_SOURCES "") # Generates a list of sources to include in the library. # Corresponds to the instances of "src_libwolfssl_la_SOURCES += ..." @@ -1820,3 +1822,13 @@ install(EXPORT wolfssl-targets # TODO: Distro build + rules for what to include in the distro. # See various include.am files. + +set(prefix ${CMAKE_INSTALL_PREFIX}) +set(exec_prefix "\${prefix}") +set(libdir "\${exec_prefix}/lib") +set(includedir "\${prefix}/include") +set(VERSION ${PROJECT_VERSION}) + +configure_file(support/wolfssl.pc.in ${CMAKE_CURRENT_BINARY_DIR}/support/wolfssl.pc @ONLY) +install(FILES ${CMAKE_CURRENT_BINARY_DIR}/support/wolfssl.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) From 37eec1ed1965de987e0a5d70f04fa4b430c19e51 Mon Sep 17 00:00:00 2001 From: elms Date: Fri, 29 Oct 2021 16:42:15 -0700 Subject: [PATCH 3/4] cmake: reduce port includes TESTING: ``` ./autogen.sh && ./configure --enable-reproducible-build --prefix=$PWD/ac_repro && make install cmake -B b2 -DWOLFSSL_REPRODUCIBLE_BUILD=yes -DCMAKE_INSTALL_PREFIX:PATH=$PWD/cmake_repro && cmake --build b2 && cmake --install b2 diff -rq ac_repro cmake_repro ``` --- CMakeLists.txt | 86 +++++++++++++++++++++++++------------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 94745a986..503d1dd2f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1662,24 +1662,23 @@ include(GNUInstallDirs) set(HEADER_EXCLUDE "internal.h" - "pic32mz-crypt.h" - "ti-hash.h" - "ti-ccm.h" - "nrf51.h" - "ksdk_port.h" - "dcp_port.h" - "xil-sha3.h" - "caam_driver.h" - "wolfcaam.h" - "wolfcaam_sha.h" - "stm32.h" - "stsafe.h" - "esp32-cry.h" - "cryptoCell.h" - "renesas-tsip-crypt.h" - "psoc6_crypto.h" + "cyassl/ctaocrypt/port" + "wolfssl/wolfcrypt/port/nrf51.h" + "wolfssl/wolfcrypt/port/arm" + "wolfssl/wolfcrypt/port/cypress" + "wolfssl/wolfcrypt/port/Espressif" + "wolfssl/wolfcrypt/port/iotsafe" + "wolfssl/wolfcrypt/port/nxp" + "wolfssl/wolfcrypt/port/pic" + "wolfssl/wolfcrypt/port/Renesas" + "wolfssl/wolfcrypt/port/silabs" + "wolfssl/wolfcrypt/port/st" + "wolfssl/wolfcrypt/port/ti" + "wolfssl/wolfcrypt/port/xilinx" ) +# TODO: add support for the various ports + # For distro build don't install options.h. # It depends on the architecture and conflicts with Multi-Arch. if(BUILD_DISTRO) @@ -1689,29 +1688,23 @@ endif() if(NOT BUILD_CRYPTOAUTHLIB) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/atmel/atmel.h") + "wolfssl/wolfcrypt/port/atmel") endif() if(NOT BUILD_AFALG) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h" - "wolfssl/wolfcrypt/port/af_alg/wc_afalg.h") + "wolfssl/wolfcrypt/port/af_alg") endif() if(NOT BUILD_KCAPI) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/kcapi/wc_kcapi.h" - "wolfssl/wolfcrypt/port/kcapi/kcapi_hash.h" - "wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h" - "wolfssl/wolfcrypt/port/kcapi/kcapi_ecc.h" - "wolfssl/wolfcrypt/port/kcapi/kcapi_rsa.h" - "wolfssl/wolfcrypt/port/kcapi/kcapi_dh.h" + "wolfssl/wolfcrypt/port/kcapi" ) endif() if(NOT BUILD_DEVCRYPTO) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h") + "wolfssl/wolfcrypt/port/devcrypto") endif() if(NOT BUILD_ASYNCCRYPT) @@ -1726,27 +1719,38 @@ if(NOT BUILD_PKCS11) ) endif() -if(NOT BUILD_CAVIUM) +if(NOT BUILD_CAVIUM AND NOT BUILD_OCTEON_SYNC) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h") -endif() + "wolfssl/wolfcrypt/port/cavium") +else() + if(NOT BUILD_CAVIUM) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h") + endif() -if(NOT BUILD_OCTEON_SYNC) + if(NOT BUILD_OCTEON_SYNC) list(APPEND HEADER_EXCLUDE "wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h" ) + endif() endif() -if(NOT BUILD_INTEL_QA) - list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/intel/quickassist.h" - "wolfssl/wolfcrypt/port/intel/quickassist_mem.h" - ) -endif() -if(NOT BUILD_INTEL_QA_SYNC) +if(NOT BUILD_INTEL_QA AND NOT BUILD_INTEL_QA_SYNC) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/intel/quickassist_sync.h") + "wolfssl/wolfcrypt/port/intel") +else() + if(NOT BUILD_INTEL_QA) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/intel/quickassist.h" + "wolfssl/wolfcrypt/port/intel/quickassist_mem.h" + ) + endif() + + if(NOT BUILD_INTEL_QA_SYNC) + list(APPEND HEADER_EXCLUDE + "wolfssl/wolfcrypt/port/intel/quickassist_sync.h") + endif() endif() if(NOT BUILD_SP) @@ -1767,11 +1771,7 @@ endif() if(NOT BUILD_QNXCAAM) list(APPEND HEADER_EXCLUDE - "wolfssl/wolfcrypt/port/caam/wolfcaam.h" - "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h" - "wolfssl/wolfcrypt/port/caam/wolfcaam_ecdsa.h" - "wolfssl/wolfcrypt/port/caam/wolfcaam_cmac.h" - "wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h" + "wolfssl/wolfcrypt/port/caam" ) endif() From dc073f9c1d9d7b1e608406abd16ae8ae64eeab96 Mon Sep 17 00:00:00 2001 From: elms Date: Fri, 3 Dec 2021 16:49:55 -0800 Subject: [PATCH 4/4] cmake: add back de-duplication and fix formatting --- CMakeLists.txt | 2 +- cmake/functions.cmake | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 503d1dd2f..c8498c1f3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -200,7 +200,7 @@ add_option("WOLFSSL_32BIT" ${WOLFSSL_32BIT_HELP_STRING} "no" "yes;no") set(WOLFSSL_16BIT_HELP_STRING "Enables 16-bit support (default: disabled)") add_option("WOLFSSL_16BIT" ${WOLFSSL_16BIT_HELP_STRING} "no" "yes;no") if(WOLFSSL_16BIT) - list(APPEND WOLFSSL_DEFINITIONS "-DWC_16BIT_CPU") + list(APPEND WOLFSSL_DEFINITIONS "-DWC_16BIT_CPU") endif() # Support for disabling all ASM diff --git a/cmake/functions.cmake b/cmake/functions.cmake index 3825fc26c..0b03a6716 100644 --- a/cmake/functions.cmake +++ b/cmake/functions.cmake @@ -887,7 +887,7 @@ function(generate_lib_src_list LIB_SOURCES) endfunction() function(add_to_options_file DEFINITIONS OPTION_FILE) - #list(REMOVE_DUPLICATES DEFINITIONS) + list(REMOVE_DUPLICATES DEFINITIONS) foreach(DEF IN LISTS DEFINITIONS) if(DEF MATCHES "^-D") if(DEF MATCHES "^-D(N)?DEBUG(=.+)?")