}
-my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir)
+my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe)
= check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET",
- "FIPS_LIBDIR");
+ "FIPSLIB_D", "FIPS_SHA1_EXE");
-if (exists $ENV{"FIPS_PREMAIN_DSO"})
+if (exists $ENV{"PREMAIN_DSO_EXE"})
{
- $fips_premain_dso = $ENV{"FIPS_PREMAIN_DSO"};
+ $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"};
}
else
{
$fips_premain_dso = "";
}
-check_hash("fips_premain.c");
-check_hash("fipscanister.o");
+check_hash($sha1_exe, "fips_premain.c");
+check_hash($sha1_exe, "fipscanister.o");
print "Integrity check OK\n";
sub check_hash
{
- my ($filename) = @_;
+ my ($sha1_exe, $filename) = @_;
my ($hashfile, $hashval);
open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1";
$hashfile = <IN>;
close IN;
- $hashval = `${fips_libdir}/fips_standalone_sha1.exe ${fips_libdir}/$filename`;
+ $hashval = `$sha1_exe ${fips_libdir}/$filename`;
chomp $hashfile;
chomp $hashval;
$hashfile =~ s/^.*=\s+//;
if ($fips_sha1_exe_path eq "")
{
$fips_sha1_exe_path =
- "fips-1.0${o}sha${o}fips_sha1_standalone$exep";
+ "fips-1.0${o}sha${o}fips_standalone_sha1$exep";
}
if ($fips_premain_dso_exe_path eq "")
ASM=$bin_dir$asm
MKCANISTER=$mkcanister
-######################################################
-# You should not need to touch anything below this point
-######################################################
-
-E_EXE=openssl
-SSL=$ssl
-CRYPTO=$crypto
-
# FIPS validated module and support file locations
E_PREMAIN_DSO=fips_premain_dso
FIPS_SHA1_EXE=$fips_sha1_exe_path
PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=openssl
+SSL=$ssl
+CRYPTO=$crypto
+
# BIN_D - Binary output directory
# TEST_D - Binary test file output directory
# LIB_D - library output directory
{
$rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
"\$(O_CRYPTO)",$crypto,$shlib, "\$(SO_CRYPTO)",
- "0xFB00000", "\$(PREMAIN_DSO_EXE)",
- "\$(FIPS_PREMAIN_SRC)");
+ "0xFB00000");
}
else
{
sub do_lib_rule
{
- local($objs,$target,$name,$shlib,$ign,$base_addr, $fips_get_sig, $fips_premain_src)=@_;
+ local($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
local($ret,$Name);
$taget =~ s/\//$o/g if $o ne '/';
local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
$ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib';
$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
- $ex.=" ms${o}_chkstk.o" if $fips && $target =~ /O_CRYPTO/;
- if (defined $fips_get_sig)
+ if ($fips && $target =~ /O_CRYPTO/)
{
+ $ex.=" ms${o}_chkstk.o";
$ret.="$target: $objs $fips_get_sig\n";
$ret.="\tSET FIPS_LINK=\$(LINK)\n";
$ret.="\tSET FIPS_CC=\$(CC)\n";
$ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
- $ret.="\tSET FIPS_PREMAIN_DSO=$fips_get_sig\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
$ret.="\tSET FIPS_TARGET=$target\n";
- $ret.="\tSET FIPS_LIBDIR=\$(FIPSLIB_D)\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
$ret.="\t\$(FIPSLINK) \$(MLFLAGS) $base_arg $efile$target ";
$ret.="/def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs ";
$ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
$ret.="\tSET FIPS_LINK=\$(LINK)\n";
$ret.="\tSET FIPS_CC=\$(CC)\n";
$ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
- $ret.="\tSET FIPS_PREMAIN_DSO=\n";
+ $ret.="\tSET PREMAIN_DSO_EXE=\n";
$ret.="\tSET FIPS_TARGET=$target\n";
- $ret.="\tSET FIPS_LIBDIR=\$(FIPSLIB_D)\n";
+ $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+ $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
$ret.=" \$(FIPSLINK) \$(LFLAGS) $efile$target @<<\n";
$ret.=" \$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
}
projects / openssl / commitdiff