diff --git a/3rdp/build/CMakeLists-cl.txt b/3rdp/build/CMakeLists-cl.txt new file mode 100644 index 0000000000000000000000000000000000000000..0997637707b1d890d73fead673ab684a0c785870 --- /dev/null +++ b/3rdp/build/CMakeLists-cl.txt @@ -0,0 +1,402 @@ +cmake_minimum_required(VERSION 3.11) + +project (Cryptlib C) + +set(FIXED_FIXED_SEED OFF CACHE BOOL "Use a non-random fixed seed") + +include(CheckCCompilerFlag) +include(TestBigEndian) + +find_package(Threads) +string(REGEX MATCH "[0-9]+" SYSTEM_VERSION ${CMAKE_SYSTEM_VERSION}) +check_c_compiler_flag(-Wpointer-sign HAVE_POINTER_SIGN) +check_c_compiler_flag(-Wswitch HAVE_SWITCH) +check_c_compiler_flag(-fstack-protector HAVE_STACK_PROTECTOR) +check_c_compiler_flag(-fstack-protector-strong HAVE_STACK_PROTECTOR_STRONG) +check_c_compiler_flag(-fstack-clash-protection HAVE_STACK_CLASH_PROTECTION) +check_c_compiler_flag(-fwrapv HAVE_WRAPV) +check_c_compiler_flag(-fno-delete-null-pointer-checks HAVE_NO_DELETE_NULL_POINTER_CHECKS) +check_c_compiler_flag(-fPIC HAVE_BIG_PIC) +check_c_compiler_flag(-fpic HAVE_LITTLE_PIC) +test_big_endian(IS_BIG_ENDIAN) +if(FIXED_FIXED_SEED) + set(FIXED_SEED "FEEDC0DEBAADF00D") +else() + string(RANDOM LENGTH 16 ALPHABET "0123456789ABCDEF" FIXED_SEED) +endif() + +set(SOURCE + bn/bn_asm.c + bn/bn_exp.c + bn/bn_exp2.c + bn/bn_gcd.c + bn/bn_mul.c + bn/bn_recp.c + bn/ec_lib.c + bn/ecp_mont.c + bn/ecp_smpl.c + bn/ec_mult.c + cert/certrev.c + cert/certschk.c + cert/certsign.c + cert/certval.c + cert/chain.c + cert/chk_cert.c + cert/chk_chain.c + cert/chk_san.c + cert/chk_use.c + cert/comp_cert.c + cert/comp_curs.c + cert/comp_del.c + cert/comp_get.c + cert/comp_gets.c + cert/comp_pkiuser.c + cert/comp_set.c + cert/dn.c + cert/dn_rw.c + cert/dn_rws.c + cert/dn_string.c + cert/ext.c + cert/ext_add.c + cert/ext_check.c + cert/ext_copy.c + cert/ext_def.c + cert/ext_rd.c + cert/ext_rdattr.c + cert/ext_rdstack.c + cert/ext_wr.c + cert/imp_check.c + cert/imp_exp.c + cert/read.c + cert/trustmgr.c + cert/write.c + cert/write_pre.c + crypt/aes_modes.c + crypt/aes_ni.c + crypt/aescrypt.c + crypt/aeskey.c + crypt/aestab.c + crypt/castecb.c + crypt/castenc.c + crypt/castskey.c + crypt/chacha20.c + crypt/descbc.c + crypt/desecb.c + crypt/desecb3.c + crypt/desenc.c + crypt/desskey.c + crypt/gcm.c + crypt/gf128mul.c + crypt/icbc.c + crypt/iecb.c + crypt/iskey.c + crypt/poly1305.c + crypt/rc2cbc.c + crypt/rc2ecb.c + crypt/rc2skey.c + crypt/rc4enc.c + crypt/rc4skey.c + context/ctx_3des.c + context/ctx_aes.c + context/ctx_attr.c + context/ctx_bn.c + context/ctx_bnmath.c + context/ctx_bnpkc.c + context/ctx_bnprime.c + context/ctx_bnrw.c + context/ctx_bnsieve.c + context/ctx_bntest.c + context/ctx_cast.c + context/ctx_chacha20.c + context/ctx_des.c + context/ctx_dh.c + context/ctx_dsa.c + context/ctx_ecdh.c + context/ctx_ecdsa.c + context/ctx_elg.c + context/ctx_encr.c + context/ctx_generic.c + context/ctx_hsha.c + context/ctx_hsha2.c + context/ctx_idea.c + context/ctx_md5.c + context/ctx_misc.c + context/ctx_poly1305.c + context/ctx_rc2.c + context/ctx_rc4.c + context/ctx_rsa.c + context/ctx_sha.c + context/ctx_sha2.c + context/kg_dlp.c + context/kg_ecc.c + context/kg_prime.c + context/kg_rsa.c + context/keyload.c + context/key_id.c + context/key_rdpriv.c + context/key_rdpub.c + context/key_wrpriv.c + context/key_wrpub.c + device/dev_attr.c + device/dev_storage.c + device/hardware.c + device/hw_template.c + device/hw_templalg.c + device/hw_misc.c + device/pkcs11.c + device/pkcs11_init.c + device/pkcs11_pkc.c + device/pkcs11_rd.c + device/pkcs11_wr.c + device/system.c + enc_dec/asn1_algoenc.c + enc_dec/asn1_algoid.c + enc_dec/asn1_check.c + enc_dec/asn1_ext.c + enc_dec/asn1_oid.c + enc_dec/asn1_rd.c + enc_dec/asn1_wr.c + enc_dec/base32.c + enc_dec/base64.c + enc_dec/base64_id.c + enc_dec/misc_rw.c + enc_dec/pgp_rw.c + envelope/cms_deenv.c + envelope/cms_env.c + envelope/cms_envpre.c + envelope/decode.c + envelope/encode.c + envelope/env_attr.c + envelope/pgp_deenv.c + envelope/pgp_env.c + envelope/res_action.c + envelope/res_deenv.c + envelope/res_env.c + crypt/md5dgst.c + crypt/sha1dgst.c + crypt/sha2.c + io/dns.c + io/dns_srv.c + io/eap.c + io/eap_rd.c + io/eap_wr.c + io/file.c + io/http.c + io/http_rd.c + io/http_parse.c + io/http_wr.c + io/memory.c + io/net.c + io/net_proxy.c + io/net_trans.c + io/net_url.c + io/stream.c + io/tcp.c + io/tcp_conn.c + io/tcp_err.c + io/tcp_rw.c + kernel/attr_acl.c + kernel/certmgt_acl.c + kernel/init.c + kernel/int_msg.c + kernel/key_acl.c + kernel/mech_acl.c + kernel/msg_acl.c + kernel/obj_access.c + kernel/objects.c + kernel/sec_mem.c + kernel/selftest.c + kernel/semaphore.c + kernel/sendmsg.c + kernel/storage.c + keyset/dbms.c + keyset/ca_add.c + keyset/ca_clean.c + keyset/ca_issue.c + keyset/ca_misc.c + keyset/ca_rev.c + keyset/dbx_misc.c + keyset/dbx_rd.c + keyset/dbx_wr.c + keyset/http_keys.c + keyset/key_attr.c + keyset/ldap.c + keyset/odbc.c + keyset/pgp.c + keyset/pgp_rd.c + keyset/pgp_wr.c + keyset/pkcs12.c + keyset/pkcs12_rd.c + keyset/pkcs12_rdobj.c + keyset/pkcs12_wr.c + keyset/pkcs15.c + keyset/pkcs15_add.c + keyset/pkcs15_addpub.c + keyset/pkcs15_addpriv.c + keyset/pkcs15_attrrd.c + keyset/pkcs15_attrwr.c + keyset/pkcs15_get.c + keyset/pkcs15_getpkc.c + keyset/pkcs15_rd.c + keyset/pkcs15_set.c + keyset/pkcs15_wr.c + cryptapi.c + cryptcrt.c + cryptctx.c + cryptdev.c + cryptenv.c + cryptkey.c + cryptlib.c + cryptses.c + cryptusr.c + mechs/keyex.c + mechs/keyex_int.c + mechs/keyex_rw.c + mechs/mech_cwrap.c + mechs/mech_derive.c + mechs/mech_int.c + mechs/mech_pkwrap.c + mechs/mech_privk.c + mechs/mech_sign.c + mechs/obj_query.c + mechs/sign.c + mechs/sign_cms.c + mechs/sign_int.c + mechs/sign_pgp.c + mechs/sign_rw.c + mechs/sign_x509.c + misc/int_api.c + misc/int_attr.c + misc/int_debug.c + misc/int_env.c + misc/int_err.c + misc/int_mem.c + misc/int_string.c + misc/int_time.c + bindings/java_jni.c + misc/os_spec.c + misc/pgp_misc.c + random/random.c + random/rand_x917.c + random/unix.c + misc/user.c + misc/user_attr.c + misc/user_config.c + misc/user_rw.c + session/certstore.c + session/cmp.c + session/cmp_cli.c + session/cmp_crypt.c + session/cmp_err.c + session/cmp_rd.c + session/cmp_rdmsg.c + session/cmp_svr.c + session/cmp_wr.c + session/cmp_wrmsg.c + session/ocsp.c + session/pnppki.c + session/rtcs.c + session/scep.c + session/scep_cli.c + session/scep_svr.c + session/scvp.c + session/scvp_cli.c + session/scvp_svr.c + session/scorebrd.c + session/sess_attr.c + session/sess_iattr.c + session/sess_rd.c + session/sess_wr.c + session/sess_websock.c + session/session.c + session/ssh.c + session/ssh2.c + session/ssh2_algo.c + session/ssh2_authcli.c + session/ssh2_authsvr.c + session/ssh2_channel.c + session/ssh2_cli.c + session/ssh2_crypt.c + session/ssh2_id.c + session/ssh2_msg.c + session/ssh2_msgcli.c + session/ssh2_msgsvr.c + session/ssh2_rd.c + session/ssh2_svr.c + session/ssh2_wr.c + session/tls.c + session/tls13_crypt.c + session/tls13_hs.c + session/tls13_keyex.c + session/tls_cert.c + session/tls_cli.c + session/tls_crypt.c + session/tls_ext.c + session/tls_hello.c + session/tls_hscomplete.c + session/tls_keymgt.c + session/tls_rd.c + session/tls_sign.c + session/tls_suites.c + session/tls_svr.c + session/tls_wr.c + session/tsp.c + zlib/adler32.c + zlib/deflate.c + zlib/inffast.c + zlib/inflate.c + zlib/inftrees.c + zlib/trees.c + zlib/zutil.c +) + +add_library(cl STATIC ${SOURCE}) +if(HAVE_POINTER_SIGN) + target_compile_options(cl PRIVATE -Wno-pointer-sign) +endif() +if(HAVE_SWITCH) + target_compile_options(cl PRIVATE -Wno-switch) +endif() +if(HAVE_STACK_PROTECTOR_STRONG) + target_compile_options(cl PRIVATE -fstack-protector-strong) +else() + if(HAVE_STACK_PROTECTOR) + target_compile_options(cl PRIVATE -fstack-protector) + endif() +endif() +if(HAVE_STACK_CLASH_PROTECTION) + # Apple compilers will accept the flag, but then warn about it doing nothing + if(NOT APPLE) + target_compile_options(cl PRIVATE -fstack-clash-protection) + endif() +endif() +if(HAVE_WRAPV) + target_compile_options(cl PRIVATE -fwrapv) +endif() +if(HAVE_NO_DELETE_NULL_POINTER_CHECKS) + target_compile_options(cl PRIVATE -fno-delete-null-pointer-checks) +endif() +if(HAVE_BIG_PIC) + target_compile_options(cl PRIVATE -fPIC) +else() + if(HAVE_LITTLE_PIC) + target_compile_options(cl PRIVATE -fpic) + endif() +endif() +if(UNIX) + target_compile_definitions(cl PRIVATE __UNIX__) +endif() +if(IS_BIG_ENDIAN) + target_compile_definitions(cl PRIVATE DATA_BIGENDIAN) +else() + target_compile_definitions(cl PRIVATE DATA_LITTLEENDIAN) +endif() +target_compile_definitions(cl PRIVATE _FORTIFY_SOURCE=2) +target_compile_definitions(cl PRIVATE OSVERSION=${SYSTEM_VERSION}) +target_compile_definitions(cl PRIVATE FIXED_SEED=0x${FIXED_SEED}) +target_include_directories(cl PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}) +target_include_directories(cl PUBLIC $<TARGET_FILE_DIR:cl>) +target_link_libraries(cl ${CMAKE_THREAD_LIBS_INIT}) + +# Copy header into build directory... +add_custom_command(TARGET cl POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_SOURCE_DIR}/cryptlib.h $<TARGET_FILE_DIR:cl>) diff --git a/3rdp/build/CMakeLists.txt b/3rdp/build/CMakeLists.txt new file mode 100644 index 0000000000000000000000000000000000000000..1e42fe0b9355303c612484d2969489408da47ae7 --- /dev/null +++ b/3rdp/build/CMakeLists.txt @@ -0,0 +1,101 @@ +cmake_minimum_required(VERSION 3.11) + +project (Cryptlib C) + +include(ExternalProject) +find_program(PATCH_BIN patch REQUIRED) +find_program(PERL_BIN perl REQUIRED) + +set(PATCHES + cl-fix-test-select.patch + cl-terminal-params.patch + cl-ranlib.patch + cl-vcxproj.patch + cl-endian.patch + cl-win32-noasm.patch + cl-zz-country.patch + cl-algorithms.patch + cl-allow-duplicate-ext.patch + cl-macosx-minver.patch + cl-posix-me-gently.patch + cl-PAM-noprompts.patch + cl-zlib.patch + cl-Dynamic-linked-static-lib.patch + cl-SSL-fix.patch + cl-bigger-maxattribute.patch + cl-mingw-vcver.patch + cl-win32-build-fix.patch + cl-no-odbc.patch + cl-noasm-defines.patch + cl-bn-noasm64-fix.patch + cl-prefer-ECC.patch + cl-prefer-ECC-harder.patch + cl-clear-GCM-flag.patch + cl-use-ssh-ctr.patch + cl-ssh-list-ctr-modes.patch + cl-ssl-suite-blocksizes.patch + cl-no-tpm.patch + cl-no-via-aes.patch + cl-fix-ssh-ecc-ephemeral.patch + cl-just-use-cc.patch + cl-no-safe-stack.patch + cl-allow-pkcs12.patch + cl-openbsd-threads.patch + cl-allow-none-auth.patch + cl-poll-not-select.patch + cl-good-sockets.patch + cl-moar-objects.patch + cl-remove-march.patch + cl-server-term-support.patch + cl-add-pubkey-attribute.patch + cl-allow-ssh-auth-retries.patch + cl-fix-ssh-channel-close.patch + cl-vt-lt-2005-always-defined.patch + cl-no-pie.patch + cl-win32-lean-and-mean.patch + cl-thats-not-asm.patch + cl-make-channels-work.patch + cl-allow-ssh-2.0-go.patch + cl-read-timeout-every-time.patch + cl-pass-after-pubkey.patch + cl-allow-servercheck-pubkeys.patch + cl-double-delete-fine-on-close.patch + cl-handle-unsupported-pubkey.patch + cl-add-patches-info.patch + cl-netbsd-hmac-symbol.patch + cl-netbsd-no-getfsstat.patch + cl-fix-shell-exec-types.patch + cl-ssh-eof-half-close.patch + cl-fix-mb-w-conv-warnings.patch + cl-fix-ssh-header-read.patch + cl-ssh-service-type-for-channel.patch + cl-ssh-sbbs-id-string.patch + cl-channel-select-both.patch + cl-allow-none-auth-svr.patch +) + +add_custom_target(cl-dir ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/sources) + +# Note that remove has been replaced by rm as of 3.17 +add_custom_target(cl ALL + ${CMAKE_COMMAND} -E tar xzf ${CMAKE_CURRENT_SOURCE_DIR}/../dist/cryptlib.zip + COMMAND ${CMAKE_COMMAND} -E remove ${CMAKE_CURRENT_BINARY_DIR}/sources/makefile + SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../dist/cryptlib.zip + WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/sources) +add_custom_command(TARGET cl POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/CMakeLists-cl.txt ${CMAKE_CURRENT_BINARY_DIR}/sources/CMakeLists.txt) +add_dependencies(cl cl-dir) +foreach(PATCH IN LISTS PATCHES) + add_custom_command(TARGET cl POST_BUILD + COMMAND ${PATCH_BIN} -l -b -p0 -d ${CMAKE_CURRENT_BINARY_DIR}/sources -i ${CMAKE_CURRENT_SOURCE_DIR}/${PATCH} + DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${PATCH}) +endforeach() +add_custom_command(TARGET cl POST_BUILD + COMMAND ${PERL_BIN} -i.bak ${CMAKE_CURRENT_SOURCE_DIR}/hashpatch.pl ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_BINARY_DIR}/sources/cryptlib.h) +add_custom_command(TARGET cl POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/CMakeLists-cl.txt ${CMAKE_CURRENT_BINARY_DIR}/sources/CMakeLists.txt) + +ExternalProject_Add(CryptLib + SOURCE_DIR ${CMAKE_CURRENT_BINARY_DIR}/sources + DOWNLOAD_COMMAND "" + PATCH_COMMAND "" + INSTALL_COMMAND "" + DEPENDS cl) diff --git a/3rdp/build/hashpatch.pl b/3rdp/build/hashpatch.pl new file mode 100644 index 0000000000000000000000000000000000000000..84cca53ba6bca080c97a5b6a278d98f26718892c --- /dev/null +++ b/3rdp/build/hashpatch.pl @@ -0,0 +1,7 @@ +my $path = shift; +print "Path = $path\n"; +while(<>) { + s/^(#define CRYPTLIB_VERSION.*)$/"$1\n#define CRYPTLIB_PATCHES \"" . (chomp($val = `cat $path\/cl-*.patch | if (which md5sum > \/dev\/null 2>&1); then md5sum; else md5; fi`), $val) . "\""/e; +} continue { + print +}