summaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/win32/Configure.py
diff options
context:
space:
mode:
authorNingSun <ning.sun@intel.com>2018-03-14 16:35:31 -0700
committerNingSun <ning.sun@intel.com>2018-03-14 17:02:47 -0700
commitda00ff6db5e68773996ec79d711c45fb3444c580 (patch)
tree0387aa1f70a468e6c3264767454ae6f4528f59e8 /SoftHSMv2/win32/Configure.py
parent535535b7c5f2781fa096a5fd00a762d24db4eddc (diff)
Remove win32 support in SoftHSMv2
Due to license issue, we have to remove win32 support in SoftHSMv2. Issue-ID: AAF-151 Change-Id: I31dda45ed84065819e26be8205747dd096a37432 Signed-off-by: NingSun <ning.sun@intel.com>
Diffstat (limited to 'SoftHSMv2/win32/Configure.py')
-rw-r--r--SoftHSMv2/win32/Configure.py1167
1 files changed, 0 insertions, 1167 deletions
diff --git a/SoftHSMv2/win32/Configure.py b/SoftHSMv2/win32/Configure.py
deleted file mode 100644
index a39a046..0000000
--- a/SoftHSMv2/win32/Configure.py
+++ /dev/null
@@ -1,1167 +0,0 @@
-#!python
-
-# Configure -- python version
-#
-# this script builds Visual Studio files
-
-from __future__ import print_function
-
-import sys
-import os
-import os.path
-import re
-import subprocess
-
-# files to configure
-
-filelist = ["config.h",
- "softhsm2.sln",
- "convarch\\convarch.vcxproj.filters",
- "convarch\\convarch.vcxproj",
- "cryptotest\\cryptotest.vcxproj",
- "datamgrtest\\datamgrtest.vcxproj",
- "dump\\dump.vcxproj",
- "handlemgrtest\\handlemgrtest.vcxproj",
- "keyconv\\keyconv.vcxproj.filters",
- "keyconv\\keyconv.vcxproj",
- "objstoretest\\objstoretest.vcxproj",
- "p11test\\p11test.vcxproj",
- "sessionmgrtest\\sessionmgrtest.vcxproj",
- "slotmgrtest\\slotmgrtest.vcxproj",
- "softhsm2\\softhsm2.vcxproj",
- "util\\util.vcxproj.filters",
- "util\\util.vcxproj"]
-
-# test files
-testlist = ["botan",
- "ecc",
- "gnump",
- "gost",
- "ossl",
- "osslv",
- "rawpss",
- "rfc3394",
- "rfc5649"]
-
-# variables to expand
-
-varvals = {}
-
-varnames = ["CUINCPATH",
- "CULIBPATH",
- "DEBUGDLLPATH",
- "DEBUGINCPATH",
- "DEBUGLIBPATH",
- "DLLPATH",
- "EXTRALIBS",
- "INCLUDEPATH",
- "LIBNAME",
- "LIBPATH",
- "PLATFORM",
- "PLATFORMDIR",
- "PLATFORMTOOLSET",
- "RUNTIMELIBRARY"]
-
-# conditions to stack
-
-condvals = {}
-
-condnames = ["AESGCM",
- "BOTAN",
- "ECC",
- "GOST",
- "NONPAGE",
- "OPENSSL",
- "RAWPSS",
- "RFC3394",
- "RFC5649",
- "TESTS"]
-
-# enable-xxx/disable-xxx arguments
-
-enablelist = ["64bit",
- "debug",
- "ecc",
- "gost",
- "keep",
- "non-paged-memory",
- "static-runtime",
- "verbose"]
-
-# with-xxx/without-xxx arguments
-
-withlist = ["botan",
- "cppunit",
- "crypto-backend",
- "debug-botan",
- "debug-openssl",
- "openssl",
- "toolset"]
-
-# general commands
-
-commandlist = ["help", "clean"] # verbose, keep
-
-# usage
-
-usage = ["Usage: python Configure.py help",
- " python Configure.py options*",
- " python Configure.py clean"]
-
-# help
-
-myhelp = ["'python Configure.py' configures SoftHSMv2 build files.\n"] +\
-usage + [\
-"\nGeneral Commands:",
-" help print this help",
-" clean clean up generated files",
-" <none> print a summary of the configuration",
-"\nOptional Features:",
-" enable-verbose print messages [default=no]",
-" enable-keep keep test files after config [default=no]",
-" enable-64bit enable 64-bit compiling [default=no]",
-" enable-debug enable build of Debug config [default=yes]",
-" enable-ecc enable support for ECC [default=yes]",
-" enable-gost enable support for GOST [default=yes]",
-" enable-static-runtime enable build with static CRT (/MT) [default=no]",
-" enable-non-paged-memory enable non-paged memory [default=yes]",
-"\nOptional Packages:",
-" with-crypto-backend select the crypto backend [openssl|botan]",
-" with-botan=PATH speficy prefix of path of Botan (Release)",
-" with-debug-botan=PATH speficy prefix of path of Botan (Debug)",
-" with-openssl=PATH speficy prefix of path of OpenSSL (Release)",
-" with-debug-openssl=PATH speficy prefix of path of OpenSSL (Debug)",
-" with-cppunit=PATH specify prefix of path of CppUnit",
-" with-toolset=VALUE set Visual Studio platform toolset version (eg v110 for vs2012)",
-]
-
-# variables for parsing
-
-verbose = False
-configargs = None
-want_help = False
-want_clean = False
-want_unknown = False
-unknown_value = None
-enable_keep = False
-enable_debug = True
-enable_ecc = True
-enable_gost = True
-enable_static_runtime = False
-enable_non_paged = True
-platform = 32
-crypto_backend = "openssl"
-botan_path = "..\\..\\btn"
-debug_botan_path = None
-openssl_path = "..\\..\\ssl"
-debug_openssl_path = None
-want_tests = True
-cppunit_path = "..\\..\\cu"
-toolset = ""
-
-def dodetectplatform(visualstudio):
- # detect platform tool set >= VS2010
- global toolset
-
- if "Microsoft Visual Studio 10.0" in visualstudio:
- toolset="v100"
- elif "Microsoft Visual Studio 11.0" in visualstudio:
- toolset="v110"
- elif "Microsoft Visual Studio 12.0" in visualstudio:
- toolset="v120"
- elif "Microsoft Visual Studio 14.0" in visualstudio:
- toolset="v140"
- else:
- print("PlatformToolset for \""+visualstudio+"\" not supported")
- toolset=""
-
-def dodetectvisualstudio():
- """detect visual studio version"""
- if os.environ.get('VSINSTALLDIR'):
- dodetectplatform(os.environ.get('VSINSTALLDIR'))
-
-def parseargs(args):
- """parse arguments"""
- global verbose
- global enable_keep
- global want_help
- global want_clean
- global want_unknown
- global unknown_value
- global debug_botan_path
- global debug_openssl_path
- for arg in args:
- if arg.lower() == "verbose":
- verbose = True
- continue
- if arg.lower() == "keep":
- enable_keep = True
- continue
- if arg.lower() == "help":
- want_help = True
- continue
- di = re.match(r'disable-(.*)', arg, re.I)
- if di:
- appargs(arg)
- myenable(di.group(1), False)
- continue
- en = re.match(r'enable-(.*)', arg, re.I)
- if en:
- appargs(arg)
- myenable(en.group(1), True)
- continue
- wo = re.match(r'without-(.*)', arg, re.I)
- if wo:
- appargs(arg)
- mywith(wo.group(1), False)
- continue
- wv = re.match(r'with-(.*)=(.*)', arg, re.I)
- if wv:
- appargs(arg)
- if wv.group(2).lower() == "no":
- mywith(wv.group(1), False)
- continue
- mywith(wv.group(1), True, wv.group(2))
- continue
- wi = re.match(r'with-(.*)', arg, re.I)
- if wi:
- appargs(arg)
- mywith(wi.group(1), True)
- continue
- if arg.lower() == "clean":
- want_clean = True
- continue
- want_unknown = True
- unknown_value = arg
- break
-
- # debug
- if enable_debug:
- if debug_botan_path is None:
- debug_botan_path = botan_path + "_d"
- if debug_openssl_path is None:
- debug_openssl_path = openssl_path + "_d"
-
-def appargs(arg):
- """append seen arguments to configargs"""
- global configargs
- # escape backslashes, spaces and double quotes
- escaped = ""
-
- for x in arg:
- if (x == "\\") or (x == " ") or (x == "\""):
- escaped += "\\"
- escaped += x
- if configargs:
- configargs += " " + escaped
- else:
- configargs = escaped
-
-def myenable(key, val):
- """parse enable/disable"""
- global platform
- global enable_debug
- global enable_ecc
- global enable_gost
- global enable_static_runtime
- global enable_non_paged
- global enable_keep
- global verbose
- global want_unknown
- global unknown_value
- if key.lower() == "64bit":
- if val:
- platform = 64
- return
- if key.lower() == "debug":
- if not val:
- enable_debug = False
- return
- if key.lower() == "ecc":
- if not val:
- enable_ecc = False
- return
- if key.lower() == "gost":
- if not val:
- enable_gost = False
- return
- if key.lower() == "static-runtime":
- if val:
- enable_static_runtime = True
- return
- if key.lower() == "non-paged-memory":
- if not val:
- enable_non_paged = False
- return
- if key.lower() == "keep":
- if val:
- enable_keep = True
- return
- if key.lower() == "verbose":
- if val:
- verbose = True
- return
- want_unknown = True
- if not val:
- unknown_value = "disable-" + key
- else:
- unknown_value = "enable-" + key
-
-def mywith(key, val, detail=None):
- """parse with/without"""
- global crypto_backend
- global botan_path
- global debug_botan_path
- global openssl_path
- global debug_openssl_path
- global want_tests
- global cppunit_path
- global want_unknown
- global unknown_value
- global toolset
-
- if key.lower() == "crypto-backend":
- if val and (detail.lower() == "openssl"):
- crypto_backend = "openssl"
- return
- if val and (detail.lower() == "botan"):
- crypto_backend = "botan"
- return
- want_unknown = True
- unknown_value = "with-crypto-backend=" + detail
- return
- if key.lower() == "botan":
- if not val:
- want_unknown = True
- unknown_value = "without-botan doesn't make sense"
- return
- if detail.lower() != "yes":
- botan_path = detail
- return
- if key.lower() == "debug-botan":
- if not val:
- want_unknown = True
- unknown_value = "without-debug-botan doesn't make sense"
- return
- if detail.lower() != "yes":
- debug_botan_path = detail
- return
- if key.lower() == "openssl":
- if not val:
- want_unknown = True
- unknown_value = "without-openssl doesn't make sense"
- return
- if detail.lower() != "yes":
- openssl_path = detail
- return
- if key.lower() == "debug-openssl":
- if not val:
- want_unknown = True
- unknown_value = "without-debug-openssl doesn't make sense"
- return
- if detail.lower() != "yes":
- debug_openssl_path = detail
- return
- if key.lower() == "cppunit":
- if not val:
- want_tests = False
- return
- if detail.lower() != "yes":
- cppunit_path = detail
- return
- if key.lower() == "toolset":
- if not val:
- want_tests = False
- return
- if detail:
- toolset=detail.lower()
- return
- want_unknown = True
- if not val:
- unknown_value = "without-" + key
- else:
- unknown_value = "with-" + key
-
-def dohelp():
- """help"""
- for line in myhelp:
- print(line)
- sys.exit(1)
-
-def docleantest():
- """clean test files"""
- for basename in testlist:
- filename = "test" + basename + ".c"
- if os.path.isfile(filename):
- os.unlink(filename)
- filename = "test" + basename + ".cpp"
- if os.path.isfile(filename):
- os.unlink(filename)
- filename = "test" + basename + ".obj"
- if os.path.isfile(filename):
- os.unlink(filename)
- filename = "test" + basename + ".exe"
- if os.path.isfile(filename):
- os.unlink(filename)
- if os.path.isfile("botan.dll"):
- os.unlink("botan.dll")
- if os.path.isfile("libeay32.dll"):
- os.unlink("libeay32.dll")
- if os.path.isfile("libeaycompat32.dll"):
- os.unlink("libeaycompat32.dll")
- if os.path.isfile("libcrypto-1_1.dll"):
- os.unlink("libcrypto-1_1.dll")
- if os.path.isfile("libcrypto-1_1-x64.dll"):
- os.unlink("libcrypto-1_1-x64.dll")
-
-def doclean():
- """clean"""
- docleantest()
- for filename in filelist:
- if os.path.isfile(filename):
- os.unlink(filename)
- sys.exit(0)
-
-def dounknown():
- """parsing error"""
- print("can't parse " + unknown_value + "", file=sys.stderr)
- sys.exit(1)
-
-def doconfig():
- """config itself"""
- global botan_path
- global debug_botan_path
- global openssl_path
- global debug_openssl_path
- global cppunit_path
-
- # configure the platform
- if platform == 32:
- varvals["PLATFORM"] = "Win32"
- else:
- varvals["PLATFORM"] = "x64"
- varvals["PLATFORMDIR"] = "x64\\"
-
- # configure the runtime library
- if enable_static_runtime:
- varvals["RUNTIMELIBRARY"] = "MultiThreaded"
- else:
- varvals["RUNTIMELIBRARY"] = "MultiThreadedDLL"
-
- # configure ECC and GOST
- if enable_ecc:
- condvals["ECC"] = True
- if enable_gost:
- condvals["GOST"] = True
-
- # configure the crypto
- if crypto_backend == "botan":
- condvals["BOTAN"] = True
- varvals["LIBNAME"] = "botan.lib"
- botan_path = os.path.abspath(botan_path)
- botan_inc = os.path.join(botan_path, "include")
- botan_dll = ""
- if os.path.exists(os.path.join(botan_inc, "botan-2\\botan\\init.h")):
- varvals["INCLUDEPATH"] = os.path.join(botan_inc, "botan-2")
- elif os.path.exists(os.path.join(botan_inc, "botan-1.11\\botan\\init.h")):
- varvals["INCLUDEPATH"] = os.path.join(botan_inc, "botan-1.11")
- elif os.path.exists(os.path.join(botan_inc, "botan\\init.h")):
- varvals["INCLUDEPATH"] = botan_inc
- else:
- print("can't find Botan includes", file=sys.stderr)
- sys.exit(1)
- if os.path.exists(os.path.join(botan_path, "lib\\botan.lib")):
- varvals["LIBPATH"] = os.path.join(botan_path, "lib")
- botan_dll = os.path.join(botan_path, "lib\\botan.dll")
- elif os.path.exists(os.path.join(botan_path, "botan.lib")):
- varvals["LIBPATH"] = botan_path
- botan_dll = os.path.join(botan_path, "botan.dll")
- else:
- print("can't find Botan library", file=sys.stderr)
- sys.exit(1)
- varvals["DLLPATH"] = botan_dll
- if enable_debug:
- debug_botan_path = os.path.abspath(debug_botan_path)
- debug_botan_inc = os.path.join(debug_botan_path, "include")
- debug_botan_dll = ""
- if os.path.exists(os.path.join(debug_botan_inc, "botan-2\\botan\\init.h")):
- varvals["DEBUGINCPATH"] = os.path.join(debug_botan_inc, "botan-2")
- elif os.path.exists(os.path.join(debug_botan_inc, "botan-1.11\\botan\\init.h")):
- varvals["DEBUGINCPATH"] = os.path.join(debug_botan_inc, "botan-1.11")
- elif os.path.exists(os.path.join(debug_botan_inc, "botan\\init.h")):
- varvals["DEBUGINCPATH"] = debug_botan_inc
- else:
- print("can't find debug Botan includes", file=sys.stderr)
- sys.exit(1)
- if os.path.exists(os.path.join(debug_botan_path, "lib\\botan.lib")):
- varvals["DEBUGLIBPATH"] = os.path.join(debug_botan_path, "lib")
- debug_botan_dll = os.path.join(debug_botan_path, "lib\\botan.dll")
- if os.path.exists(os.path.join(debug_botan_path, "botan.lib")):
- varvals["DEBUGLIBPATH"] = debug_botan_path
- debug_botan_dll = os.path.join(debug_botan_path, "botan.dll")
- else:
- print("can't find debug Botan library", file=sys.stderr)
- sys.exit(1)
- varvals["DEBUGDLLPATH"] = debug_botan_dll
- else:
- varvals["DEBUGDLLPATH"] = varvals["DLLPATH"]
- varvals["DEBUGINCPATH"] = varvals["INCLUDEPATH"]
- varvals["DEBUGLIBPATH"] = varvals["LIBPATH"]
-
- # Botan version
- if verbose:
- print("checking Botan version")
- botan_version_major = 0
- botan_version_minor = 0
- system_libs = []
- if os.path.exists(botan_dll):
- subprocess.call(["copy", botan_dll, "."], shell=True)
- else:
- system_libs = ["user32.lib", "advapi32.lib"]
- inc = varvals["INCLUDEPATH"]
- lib = os.path.join(varvals["LIBPATH"], "botan.lib")
- testfile = open("testbotan.cpp", "w")
- print('\
-#include <botan/version.h>\n\
-int main() {\n\
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(2,0,0)\n\
- return 3;\n\
-#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)\n\
- return 2;\n\
-#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,10,0)\n\
- return 1;\n\
-#else\n\
- return 0;\n\
-#endif\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testbotan.cpp", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testbotan.exe"):
- print("can't create .\\testbotan.exe", file=sys.stderr)
- sys.exit(1)
- ret = subprocess.call(".\\testbotan.exe")
- if ret == 0:
- print("Botan version too old", file=sys.stderr)
- sys.exit(1)
- elif ret == 1:
- botan_version_major = 1
- botan_version_minor = 10
- elif ret == 2:
- botan_version_major = 1
- botan_version_minor = 11
- print("Botan version 1.11 not yet supported", file=sys.stderr)
- sys.exit(1)
- elif ret == 3:
- botan_version_major = 2
- botan_version_minor = 0
- print("Botan version 2.0 not yet supported", file=sys.stderr)
- sys.exit(1)
- else:
- print("Botan test failed", file=sys.stderr)
- sys.exit(1)
-
- # Botan ECC support
- if enable_ecc:
- if verbose:
- print("checking Botan ECC support")
- testfile = open("testecc.cpp", "w")
- print('\
-#include <botan/init.h>\n\
-#include <botan/ec_group.h>\n\
-#include <botan/oids.h>\n\
-#include <botan/version.h>\n\
-int main() {\n\
- Botan::LibraryInitializer::initialize();\n\
- const std::string name("secp256r1");\n\
- const Botan::OID oid(Botan::OIDS::lookup(name));\n\
- const Botan::EC_Group ecg(oid);\n\
- try {\n\
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)\n\
- const std::vector<Botan::byte> der =\n\
- ecg.DER_encode(Botan::EC_DOMPAR_ENC_OID);\n\
-#else\n\
- const Botan::SecureVector<Botan::byte> der =\n\
- ecg.DER_encode(Botan::EC_DOMPAR_ENC_OID);\n\
-#endif\n\
- } catch(...) {\n\
- return 1;\n\
- }\n\
- return 0;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testecc.cpp", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testecc.exe"):
- print("can't create .\\testecc.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testecc.exe") != 0:
- print("can't find P256: upgrade to Botan >= 1.10.6", file=sys.stderr)
- sys.exit(1)
-
- # Botan GOST support
- if enable_gost:
- if verbose:
- print("checking Botan GOST support")
- testfile = open("testgost.cpp", "w")
- print('\
-#include <botan/init.h>\n\
-#include <botan/gost_3410.h>\n\
-#include <botan/oids.h>\n\
-#include <botan/version.h>\n\
-int main() {\n\
- Botan::LibraryInitializer::initialize();\n\
- const std::string name("gost_256A");\n\
- const Botan::OID oid(Botan::OIDS::lookup(name));\n\
- const Botan::EC_Group ecg(oid);\n\
- try {\n\
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)\n\
- const std::vector<Botan::byte> der =\n\
- ecg.DER_encode(Botan::EC_DOMPAR_ENC_OID);\n\
-#else\n\
- const Botan::SecureVector<Botan::byte> der =\n\
- ecg.DER_encode(Botan::EC_DOMPAR_ENC_OID);\n\
-#endif\n\
- } catch(...) {\n\
- return 1;\n\
- }\n\
- return 0;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testgost.cpp", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testgost.exe"):
- print("can't create .\\testgost.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testgost.exe") != 0:
- print("can't find GOST: upgrade to Botan >= 1.10.6", file=sys.stderr)
- sys.exit(1)
-
- # no check for Botan RFC3394 support
- condvals["RFC3394"] = True
-
- # Botan RFC5649 support
- if verbose:
- print("checking Botan RFC5649 support")
- testfile = open("testrfc5649.cpp", "w")
- print('\
-#include <botan/botan.h>\n\
-#include <botan/rfc3394.h>\n\
-#include <botan/version.h>\n\
-using namespace Botan;\n\
-int main() {\n\
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)\n\
- secure_vector<byte> key(10);\n\
- SymmetricKey kek("AABB");\n\
- secure_vector<byte> x = rfc5649_keywrap(key, kek);\n\
-#else\n\
- SecureVector<byte> key(10);\n\
- SymmetricKey kek("AABB");\n\
- Algorithm_Factory& af = global_state().algorithm_factory();\n\
- SecureVector<byte> x = rfc5649_keywrap(key, kek, af);\n\
-#endif\n\
- return 1;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/EHsc","/I", inc, "testrfc5649.cpp", lib]
- command.extend(system_libs)
- subprocess.call(command)
- if os.path.exists(".\\testrfc5649.exe"):
- if verbose:
- print("Found AES key wrap with pad")
- condvals["RFC5649"] = True
- else:
- if verbose:
- print("can't compile Botan AES key wrap with pad")
-
- # Botan GNU MP support
- if botan_version_major == 1 and botan_version_minor == 10:
- if verbose:
- print("checking Botan GNU MP support")
- testfile = open("testgnump.cpp", "w")
- print('\
-#include <botan/build.h>\n\
-int main() {\n\
-#ifndef BOTAN_HAS_ENGINE_GNU_MP\n\
-#error "No GNU MP support";\n\
-#endif\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testgnump.cpp", lib]
- command.extend(system_libs)
- subprocess.call(command)
- if os.path.exists(".\\testgnump.exe"):
- if verbose:
- print("Botan GNU MP is supported")
- else:
- if verbose:
- print("Botan GNU MP is not supported")
-
- # Botan raw PSS support
- if verbose:
- print("checking Botan raw PSS support")
- testfile = open("testrawpss.cpp", "w")
- print('\
-#include <botan/botan.h>\n\
-#include <botan/version.h>\n\
-int main() {\n\
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(2,3,0)\n\
- return 0;\n\
-#endif\n\
- return 1;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testrawpss.cpp", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testrawpss.exe"):
- if verbose:
- print("can't create .\\testrawpss.exe", file=sys.stderr)
- else:
- if subprocess.call(".\\testrawpss.exe") != 0:
- if verbose:
- print("can't find raw PSS: upgrade to Botan >= 2.3.0", file=sys.stderr)
- else:
- condvals["RAWPSS"] = True
-
- else:
-
- condvals["OPENSSL"] = True
- varvals["EXTRALIBS"] = "crypt32.lib;ws2_32.lib;"
- openssl_path = os.path.abspath(openssl_path)
- openssl_inc = os.path.join(openssl_path, "include")
- if not os.path.exists(os.path.join(openssl_inc, "openssl\\ssl.h")):
- print("can't find OpenSSL headers", file=sys.stderr)
- sys.exit(1)
- varvals["INCLUDEPATH"] = openssl_inc
- openssl_lib = os.path.join(openssl_path, "lib")
- openssl_lib_name = ""
- openssl_lib_dll = ""
- if os.path.exists(os.path.join(openssl_lib, "libeay32.lib")):
- openssl_lib_name = "libeay32.lib"
- openssl_lib_dll = "bin\\libeay32.dll"
- elif os.path.exists(os.path.join(openssl_lib, "libeaycompat32.lib")):
- openssl_lib_name = "libeaycompat32.lib"
- openssl_lib_dll = "bin\\libeaycompat32.dll"
- elif os.path.exists(os.path.join(openssl_lib, "libcrypto.lib")):
- openssl_lib_name = "libcrypto.lib"
- if platform == 32:
- openssl_lib_dll = "bin\\libcrypto-1_1.dll"
- else:
- openssl_lib_dll = "bin\\libcrypto-1_1-x64.dll"
-
- else:
- print("can't find OpenSSL library", file=sys.stderr)
- sys.exit(1)
- openssl_dll = os.path.join(openssl_path,openssl_lib_dll)
- varvals["LIBPATH"] = openssl_lib
- varvals["LIBNAME"] = openssl_lib_name
- varvals["DLLPATH"] = openssl_dll
- if enable_debug:
- debug_openssl_path = os.path.abspath(debug_openssl_path)
- varvals["DEBUGDLLPATH"] = \
- os.path.join(debug_openssl_path, openssl_lib_dll)
- debug_openssl_inc = os.path.join(debug_openssl_path, "include")
- if not os.path.exists(os.path.join(debug_openssl_inc,
- "openssl\\ssl.h")):
- print("can't find debug OpenSSL headers", file=sys.stderr)
- sys.exit(1)
- varvals["DEBUGINCPATH"] = debug_openssl_inc
- debug_openssl_lib = os.path.join(debug_openssl_path, "lib")
- if not os.path.exists(os.path.join(debug_openssl_lib,
- openssl_lib_name)):
- print("can't find debug OpenSSL library", file=sys.stderr)
- sys.exit(1)
- varvals["DEBUGLIBPATH"] = debug_openssl_lib
- else:
- varvals["DEBUGDLLPATH"] = varvals["DLLPATH"]
- varvals["DEBUGINCPATH"] = varvals["INCLUDEPATH"]
- varvals["DEBUGLIBPATH"] = varvals["LIBPATH"]
-
- # OpenSSL support
- if verbose:
- print("checking OpenSSL")
- system_libs = []
- if os.path.exists(openssl_dll):
- subprocess.call(["copy", openssl_dll, "."], shell=True)
- else:
- system_libs = ["user32.lib", "advapi32.lib", "gdi32.lib", "crypt32.lib", "ws2_32.lib"]
- inc = openssl_inc
- lib = os.path.join(openssl_lib, openssl_lib_name)
- testfile = open("testossl.c", "w")
- print('\
-#include <openssl/err.h>\n\
-int main() {\n\
- ERR_clear_error();\n\
- return 0;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testossl.c", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testossl.exe"):
- print("can't create .\\testossl.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testossl.exe") != 0:
- print("OpenSSL test failed", file=sys.stderr)
- sys.exit(1)
-
- # OpenSSL version
- if verbose:
- print("checking OpenSSL version")
- testfile = open("testosslv.c", "w")
- print('\
-#include <openssl/ssl.h>\n\
-#include <openssl/opensslv.h>\n\
-int main() {\n\
-#ifndef OPENSSL_VERSION_NUMBER\n\
- return -1;\n\
-#endif\n\
-#if OPENSSL_VERSION_NUMBER >= 0x010000000L\n\
- return 0;\n\
-#else\n\
- return 1;\n\
-#endif\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testosslv.c", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testosslv.exe"):
- print("can't create .\\testosslv.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testosslv.exe") != 0:
- print("OpenSLL version too old (1.0.0 or later required)", file=sys.stderr)
- sys.exit(1)
-
- # OpenSSL ECC support
- if enable_ecc:
- if verbose:
- print("checking OpenSSL ECC support")
- testfile = open("testecc.c", "w")
- print('\
-#include <openssl/ecdsa.h>\n\
-#include <openssl/objects.h>\n\
-int main() {\n\
- EC_KEY *ec256, *ec384, *ec521;\n\
- ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);\n\
- ec384 = EC_KEY_new_by_curve_name(NID_secp384r1);\n\
- ec521 = EC_KEY_new_by_curve_name(NID_secp521r1);\n\
- if (ec256 == NULL || ec384 == NULL || ec521 == NULL)\n\
- return 1;\n\
- return 0;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testecc.c", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testecc.exe"):
- print("can't create .\\testecc.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testecc.exe") != 0:
- print("can't find P256, P384, or P521: no ECC support", file=sys.stderr)
- sys.exit(1)
-
- # OpenSSL GOST support
- if enable_gost:
- if verbose:
- print("checking OpenSSL GOST support")
- testfile = open("testgost.c", "w")
- print('\
-#include <openssl/conf.h>\n\
-#include <openssl/engine.h>\n\
-#include <openssl/crypto.h>\n\
-#include <openssl/opensslv.h>\n\
-int main() {\n\
- ENGINE *eg;\n\
- const EVP_MD* EVP_GOST_34_11;\n\
- OpenSSL_add_all_algorithms();\n\
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)\n\
- ENGINE_load_builtin_engines();\n\
-#else\n\
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN | OPENSSL_INIT_LOAD_CONFIG, NULL);\n\
-#endif\n\
- eg = ENGINE_by_id("gost");\n\
- if (eg == NULL)\n\
- return 1;\n\
- if (ENGINE_init(eg) <= 0)\n\
- return 1;\n\
- EVP_GOST_34_11 = ENGINE_get_digest(eg, NID_id_GostR3411_94);\n\
- if (EVP_GOST_34_11 == NULL)\n\
- return 1;\n\
- if (ENGINE_register_pkey_asn1_meths(eg) <= 0)\n\
- return 1;\n\
- if (ENGINE_ctrl_cmd_string(eg, "CRYPT_PARAMS",\n\
- "id-Gost28147-89-CryptoPro-A-ParamSet", 0) <= 0)\n\
- return 1;\n\
- return 0;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testgost.c", lib]
- command.extend(system_libs)
- subprocess.check_output(command, stderr=subprocess.STDOUT)
- if not os.path.exists(".\\testgost.exe"):
- print("can't create .\\testgost.exe", file=sys.stderr)
- sys.exit(1)
- if subprocess.call(".\\testgost.exe") != 0:
- print("can't find GOST: no GOST support", file=sys.stderr)
- sys.exit(1)
-
- # OpenSSL EVP interface for AES key wrapping (aka RFC 3394)
- if verbose:
- print("checking OpenSSL EVP interface for AES key wrapping")
- testfile = open("testrfc3394.c", "w")
- print('\
-#include <openssl/evp.h>\n\
-int main() {\n\
- EVP_aes_128_wrap();\n\
- return 1;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testrfc3394.c", lib]
- command.extend(system_libs)
- subprocess.call(command)
- if os.path.exists(".\\testrfc3394.exe"):
- if verbose:
- print("RFC 3394 is supported")
- condvals["RFC3394"] = True
- else:
- if verbose:
- print("can't compile OpenSSL RFC 3394")
-
- # OpenSSL EVP interface for AES key wrap with pad (aka RFC 5649)
- if verbose:
- print("checking OpenSSL EVP interface for AES key wrapping with pad")
- testfile = open("testrfc5649.c", "w")
- print('\
-#include <openssl/evp.h>\n\
-int main() {\n\
- EVP_aes_128_wrap_pad();\n\
- return 1;\n\
-}', file=testfile)
- testfile.close()
- command = ["cl", "/nologo", "/MD", "/I", inc, "testrfc5649.c", lib]
- command.extend(system_libs)
- subprocess.call(command)
- if os.path.exists(".\\testrfc5649.exe"):
- if verbose:
- print("RFC 5649 is supported")
- condvals["RFC5649"] = True
- else:
- if verbose:
- print("can't compile OpenSSL RFC 5649")
-
- # no check for OpenSSL raw PSS support
- condvals["RAWPSS"] = True
- # no check for OpenSSL AES GCM
- condvals["AESGCM"] = True
-
- # configure CppUnit
- if want_tests:
- condvals["TESTS"] = True
- cppunit_path = os.path.abspath(cppunit_path)
- cppunit_inc = os.path.join(cppunit_path, "include")
- if not os.path.exists(os.path.join(cppunit_inc, "cppunit\\Test.h")):
- print("can't find CppUnit headers", file=sys.stderr)
- sys.exit(1)
- varvals["CUINCPATH"] = cppunit_inc
- cppunit_lib = os.path.join(cppunit_path, "lib")
- if not os.path.exists(os.path.join(cppunit_lib, "cppunit.lib")):
- cppunit_lib = cppunit_path
- if not os.path.exists(os.path.join(cppunit_lib, "cppunit.lib")):
- print("can't find CppUnit library", file=sys.stderr)
- sys.exit(1)
- if enable_debug:
- if not os.path.exists(os.path.join(cppunit_lib, "cppunitd.lib")):
- print("can't find debug CppUnit library", file=sys.stderr)
- sys.exit(1)
- varvals["CULIBPATH"] = cppunit_lib
-
- # misc
- if enable_non_paged:
- condvals["NONPAGE"] = True
-
-def kw(path):
- """escape spaces"""
- if re.search(r' ', path):
- return '"' + path + '"'
- else:
- return path
-
-def setupfile(filename):
- """setup files with condition stacks and variable expansions"""
- cond = "@@@"
- conds = []
- passing = True
- passes = []
- filein = open(filename + ".in", "r")
- fileout = open(filename, "w")
-
- for line in filein:
- line = line.rstrip("\r\n")
- cif = re.match(r'@IF (.*)', line)
- if cif:
- conds.append(cond)
- passes.append(passing)
- cond = cif.group(1)
- if condvals.get(cond):
- # do nothing
- pass
- else:
- passing = False
- continue
- celse = re.match(r'@ELSE (.*)', line)
- if celse:
- if cond != celse.group(1):
- raise SyntaxError("@ELSE " + celse.group(1) +
- " mismatch in " + filename)
- if condvals.get(cond):
- passing = False
- else:
- if len(passes) > 0:
- passing = passes[-1]
- else:
- passing = True
- continue
- cend = re.match(r'@END (.*)', line)
- if cend:
- if cond != cend.group(1):
- raise SyntaxError("@END " + cend.group(1) +
- " mismatch in " + filename)
- cond = conds.pop()
- if len(passes) > 0:
- passing = passes.pop()
- else:
- passing = True
- continue
- if not passing:
- continue
- while True:
- vm = re.match(r'([^@]*)@([^@ ]*)@(.*)', line)
- if vm:
- if vm.group(2) in varnames:
- if varvals.get(vm.group(2)):
- val = kw(varvals[vm.group(2)])
- else:
- val = ""
- line = vm.group(1) + val + vm.group(3)
- continue
- else:
- raise SyntaxError("unknown control @" + vm.group(2) +
- "@ in " + filename)
- break
- print(line, file=fileout)
- if verbose:
- print("Setting up " + filename)
- filein.close()
- fileout.close()
-
-def main(args):
- """run it"""
-
- # no arguments -> usage
- if len(args) <= 1:
- for line in usage:
- print(line)
- sys.exit(1)
-
- parseargs(args[1:])
-
- if want_help:
- dohelp()
- if want_clean:
- doclean()
- if want_unknown:
- dounknown()
- if not toolset:
- dodetectvisualstudio()
- if not toolset:
- print("Build skipped. To build, this file needs to run from VS command prompt.")
- sys.exit(1)
-
- varvals["PLATFORMTOOLSET"] = toolset
-
- # status before config
- if verbose:
- if enable_keep:
- print("keep: enabled")
- else:
- print("keep: disabled")
- if platform == 64:
- print("64bit: enabled")
- else:
- print("64bit: disabled")
- if enable_debug:
- print("debug: enabled")
- else:
- print("debug: disabled")
- if enable_ecc:
- print("ecc: enabled")
- else:
- print("ecc: disabled")
- if enable_gost:
- print("gost: enabled")
- else:
- print("gost: disabled")
- if enable_non_paged:
- print("non-paged-memory: enabled")
- else:
- print("non-paged-memory: disabled")
- print("crypto-backend: " + crypto_backend)
- if crypto_backend == "botan":
- print("botan-path: " + botan_path)
- if enable_debug:
- print("debug-botan-path: " + debug_botan_path)
- else:
- print("openssl-path: " + openssl_path)
- if enable_debug:
- print("debug-openssl-path: " + debug_openssl_path)
- if want_tests:
- print("cppunit-path: " + cppunit_path)
- print("toolset: "+toolset)
-
-
- doconfig()
-
- # status after config
- if verbose:
- print("Configuration Status")
- print("\tconditions:")
- for name in condnames:
- if condvals.get(name):
- print("\t\t" + name + " is true")
- else:
- print("\t\t" + name + " is false")
- print("\tsubstitutions:")
- for name in varnames:
- if varvals.get(name):
- print("\t\t" + name + '-> "' + varvals[name] + '"')
- print()
-
- for filename in filelist:
- setupfile(filename)
-
- # clean test file
- if not enable_keep:
- docleantest()
-
- print("Configured.")
- sys.exit(0)
-
-main(sys.argv)
-
-# Notes: Unix configure.ac options
-# --enable-64bit supported
-# --enable-ecc supported
-# --enable-gost supported
-# --enable-non-paged-memory supported
-# --enable-visibility (enforced by DLLs)
-# --with-crypto-backend supported
-# --with-botan supported (Release and Debug)
-# --with-openssl supported (Release and Debug)
-# --with-migrate (useless as SoftHSMv1 is not supported)
-# --with-objectstore-backend-db (TODO)
-# --with-sqlite3 (useless until objectstore backend can be chosen)