7a29c7be1e
Add optional ability to change key length at runtime via cli option. Include key length property in archive header. Fix header HMAC to include salt, nonce and key length properties. Retain backward compatibility to handle older format archives. Fix compilation of AES ASM code.
571 lines
13 KiB
Bash
Executable file
571 lines
13 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
usage() {
|
|
prog=$1
|
|
cat << _EOF
|
|
${prog} [<options>]
|
|
|
|
<options> can be one of the following:
|
|
|
|
--prefix=<val> The installation prefix (default: /usr).
|
|
--enable-debug Enable debug mode compilation (default: disabled).
|
|
--disable-allocator Disable use of internal memory allocator mechanism (default: enabled).
|
|
--enable-debug-stats Enable printing of some verbose debug info (default: disabled).
|
|
--with-libbsc=<path to libbsc source>
|
|
Enable support for libbsc (See: libbsc.com). Full path to the libbsc
|
|
source tree must be provided. It links the library statically.
|
|
--with-openssl=<path to OpenSSL installation tree> (Default: System)
|
|
This defaults to the system's OpenSSL library. You can use this option
|
|
if you want to use an alternate OpenSSL installation.
|
|
--with-zlib=<path to zlib installation tree> (Default: System)
|
|
Enable building against an alternate Zlib installation.
|
|
--with-bzlib=<path to Bzip2 library installation tree> (Default: System)
|
|
Enable building against an alternate Bzip2 and library installation.
|
|
--no-sse-detect Do NOT attempt to probe the system's SSE/AVX capability for build flags.
|
|
--no-1.3-archive-compat Disable compatibility with compressed archives created with Pcompress
|
|
version 1.3 (default: retain compatibility). Hash formats changed from
|
|
version 1.3 to 1.4 so this option is required if files created using
|
|
1.3 need to be decompressed by version 1.4 onwards.
|
|
--limit-key128 Limit key length to 128-bit encryption keys. Otherwise the default is to
|
|
use 256-bit keys changeable at runtime via the '-k <keylen>' option.
|
|
--help Display this help message.
|
|
|
|
_EOF
|
|
}
|
|
|
|
arg1=$1
|
|
debug=0
|
|
allocator=1
|
|
debug_stats=0
|
|
prefix=/usr
|
|
libbsc_dir=
|
|
libbsc_lib=
|
|
libbsclflags=
|
|
libbscwrapobj=
|
|
libbscgenopt=
|
|
libbsccppflags=
|
|
openssl_prefix=
|
|
openssl_libdir=
|
|
openssl_incdir=
|
|
libbz2_libdir=
|
|
libz_libdir=
|
|
sha256asmobjs=
|
|
sha256objs=
|
|
keylen=
|
|
yasm=yasm
|
|
keccak_srcs=
|
|
keccak_hdrs=
|
|
keccak_srcs_asm=
|
|
extra_opt_flags=
|
|
zlib_prefix=
|
|
bzlib_prefix=
|
|
sse_detect=1
|
|
sse_opt_flags="-msse2"
|
|
crypto_compat_objs='\$\(CRYPTO_COMPAT_OBJS\)'
|
|
crypto_compat_flags="-D__HASH_COMPATIBILITY_"
|
|
|
|
rm -rf ./buildtmp
|
|
mkdir ./buildtmp
|
|
|
|
# Try a simple compilation
|
|
cat << _EOF > tst.c
|
|
#include <stdio.h>
|
|
|
|
int
|
|
main(void)
|
|
{
|
|
long l;
|
|
printf("%lu\n", sizeof (l));
|
|
return (0);
|
|
}
|
|
_EOF
|
|
|
|
gcc tst.c -o tst
|
|
if [ $? -ne 0 ]
|
|
then
|
|
echo "ERROR:"
|
|
echo "Cannot compile a simple program. GCC 4.4 and above is required"
|
|
echo "to build this program. Please include installation bindir of GCC in the PATH."
|
|
echo ""
|
|
rm -f tst.c
|
|
exit 1
|
|
fi
|
|
|
|
# Check bitness of system/toolchain
|
|
bitness=`./tst`
|
|
if [ $bitness -lt 8 ]
|
|
then
|
|
# Hmmm maybe default compilation is 32-bit. Re-try with m64 flag.
|
|
gcc -m64 tst.c -o tst
|
|
if [ $? -ne 0 ]
|
|
then
|
|
rm -f tst tst.c
|
|
echo "ERROR:"
|
|
echo "Only 64-bit platforms are supported."
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
|
|
# If m64 compilation succeeds we assume platform to be 64-bit capable but
|
|
# explicit flag is reqd.
|
|
extra_opt_flags="-m64"
|
|
fi
|
|
rm -f tst tst.c
|
|
|
|
while [ "${arg1}" != "" ]
|
|
do
|
|
case "$arg1" in
|
|
--enable-debug) debug=1;;
|
|
--disable-allocator) allocator=0;;
|
|
--enable-debug-stats) debug_stats=1;;
|
|
--prefix=*)
|
|
pval=`echo ${arg1} | cut -f2 -d"="`
|
|
prefix=$pval
|
|
;;
|
|
--with-libbsc=*)
|
|
path=`echo ${arg1} | cut -f2 -d"="`
|
|
if [ -f ${path}/bsc.cpp -a -f ${path}/libbsc/libbsc.h ]
|
|
then
|
|
libbsc_dir="${path}"
|
|
libbsc_lib="${path}/libbsc.a"
|
|
libbsclflags='\$\(LIBBSCLFLAGS\)'
|
|
libbscwrapobj='\$\(LIBBSCWRAPOBJ\)'
|
|
libbscgenopt='\$\(LIBBSCGEN_OPT\)'
|
|
libbsccppflags='\$\(LIBBSCCPPFLAGS\)'
|
|
else
|
|
echo "Libbsc not found in ${path}, not enabling libbsc support.\n"
|
|
fi
|
|
;;
|
|
--with-openssl=*)
|
|
openssl_prefix=`echo ${arg1} | cut -f2 -d"="`
|
|
;;
|
|
--with-zlib=*)
|
|
zlib_prefix=`echo ${arg1} | cut -f2 -d"="`
|
|
;;
|
|
--with-bzlib=*)
|
|
bzlib_prefix=`echo ${arg1} | cut -f2 -d"="`
|
|
;;
|
|
--use-key256)
|
|
keylen='-DDEFAULT_KEYLEN=16'
|
|
;;
|
|
--no-sse-detect)
|
|
sse_detect=0
|
|
;;
|
|
--no-1.3-archive-compat)
|
|
crypto_compat_objs=""
|
|
crypto_compat_flags=""
|
|
;;
|
|
--help) usage $0;;
|
|
*)
|
|
echo "Unrecognized option: ${arg1}"
|
|
exit 1
|
|
;;
|
|
esac
|
|
shift
|
|
arg1=$1
|
|
done
|
|
|
|
if [ $debug -eq 1 ]
|
|
then
|
|
typ="DEBUG"
|
|
else
|
|
typ="RELEASE"
|
|
fi
|
|
|
|
OS=$(uname)
|
|
skeinblock='\$\(SKEIN_BLOCK_C\)'
|
|
if [ "$OS" = "Linux" ]
|
|
then
|
|
plat=$(uname -m)
|
|
elif [ "$OS" = "SunOS" ]
|
|
then
|
|
plat=$(isainfo -v)
|
|
else
|
|
echo "Unsupported OS: $OS"
|
|
exit 1
|
|
fi
|
|
|
|
# Check GCC version
|
|
vers=`gcc -dumpversion`
|
|
OIFS="$IFS"
|
|
IFS=.
|
|
set -- ${vers}
|
|
IFS="$OIFS"
|
|
|
|
if [ $1 -lt 4 -o $2 -lt 4 ]
|
|
then
|
|
echo "ERROR:"
|
|
echo "GCC version 4.4 or above is required."
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
|
|
# SSE Detection
|
|
if [ $sse_detect -eq 1 ]
|
|
then
|
|
gcc -o sse_level ./utils/sse_level.c ./utils/cpuid.c -I./utils
|
|
if [ $? -ne 0 ]
|
|
then
|
|
echo "ERROR:"
|
|
echo "Failed to build SSE detection utility."
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
sse_ver=`./sse_level`
|
|
if [ $? -ne 0 ]
|
|
then
|
|
rm -f sse_level
|
|
echo "ERROR:"
|
|
echo "SSE version detection utility. Try configuring with --no-sse-check option."
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
rm -f sse_level
|
|
sse_opt_flags="-m${sse_ver}"
|
|
fi
|
|
|
|
|
|
echo $plat | egrep 'x86_64|amd64' > /dev/null
|
|
if [ $? -eq 0 ]
|
|
then
|
|
skeinblock='\$\(SKEIN_BLOCK_ASM\)'
|
|
yasm=
|
|
|
|
#
|
|
# Detect Yasm
|
|
#
|
|
for bindir in /bin /usr/bin /usr/local/bin
|
|
do
|
|
if [ -x ${bindir}/yasm ]
|
|
then
|
|
# Get yasm version
|
|
yver=`${bindir}/yasm --version | head -1 | awk '{print $2}'`
|
|
_OIFS=$IFS; IFS="."; set -- ${yver}; IFS="$_OIFS"
|
|
major=$1
|
|
minor=$2
|
|
|
|
# Minimum yasm version 1.1
|
|
[ $major -lt 1 -o $minor -lt 1 ] && continue
|
|
yasm=${bindir}/yasm
|
|
sha256asmobjs='\$\(SHA2ASM_OBJS\)'
|
|
sha256objs='\$\(SHA2_OBJS\)'
|
|
fi
|
|
done
|
|
if [ "x${yasm}" = "x" ]
|
|
then
|
|
echo "Yasm version 1.1 or later is required to build on x64 platforms"
|
|
exit 1
|
|
fi
|
|
|
|
if [ $debug -eq 1 ]
|
|
then
|
|
keccak_srcs='\$\(KECCAK_SRC_OPT64\)'
|
|
keccak_hdrs='\$\(KECCAK_HDRS_OPT64\)'
|
|
else
|
|
keccak_srcs='\$\(KECCAK_SRC_OPT64_ASM1\)'
|
|
keccak_srcs_asm='\$\(KECCAK_SRC_OPT64_ASM2\)'
|
|
keccak_hdrs='\$\(KECCAK_HDRS_OPT64_ASM\)'
|
|
fi
|
|
else
|
|
keccak_srcs='\$\(KECCAK_SRC_OPT64\)'
|
|
fi
|
|
|
|
# Detect OpenSSL library
|
|
for lib in "${openssl_prefix}/lib64" "${openssl_prefix}/usr/lib64" \
|
|
"${openssl_prefix}/lib" "${openssl_prefix}/usr/lib" \
|
|
"${openssl_prefix}/ssl/lib64" "${openssl_prefix}/ssl/lib" \
|
|
"${openssl_prefix}/lib/x86_64-linux-gnu" \
|
|
"${openssl_prefix}/usr/lib/x86_64-linux-gnu"
|
|
do
|
|
if [ -d ${lib} ]
|
|
then
|
|
if [ -f "${lib}/libcrypto.so" -o -h "${lib}/libcrypto.so" ]
|
|
then
|
|
openssl_libdir="${lib}"
|
|
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.so)
|
|
break
|
|
else
|
|
if [ -f "${lib}/libcrypto.a" ]
|
|
then
|
|
openssl_libdir="${lib}"
|
|
(cd ./buildtmp; ln -s ${openssl_libdir}/libcrypto.a)
|
|
break
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [ "x${openssl_libdir}" = "x" ]
|
|
then
|
|
echo "ERROR: OpenSSL libraries not detected."
|
|
exit 1
|
|
fi
|
|
|
|
# Detect OpenSSL headers
|
|
for inc in "${openssl_prefix}/include" \
|
|
"${openssl_prefix}/usr/include" \
|
|
"${openssl_prefix}/ssl/include"
|
|
do
|
|
if [ -d ${inc} ]
|
|
then
|
|
if [ -f "${inc}/openssl/sha.h" ]
|
|
then
|
|
openssl_incdir=${inc}
|
|
break
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [ "x${openssl_incdir}" = "x" ]
|
|
then
|
|
echo "ERROR: OpenSSL header files not detected."
|
|
if [ "x${openssl_prefix}" = "x" ]
|
|
then
|
|
echo "Depending on your system you may need to install the openssl-devel or openssl-dev package."
|
|
fi
|
|
exit 1
|
|
fi
|
|
|
|
|
|
# Check for OpenSSL version
|
|
cat << __EOF > tst.c
|
|
#include <stdlib.h>
|
|
#include <openssl/opensslv.h>
|
|
|
|
int
|
|
main(void)
|
|
{
|
|
if (OPENSSL_VERSION_NUMBER < 0x0090805fL)
|
|
exit (1);
|
|
return (0);
|
|
}
|
|
__EOF
|
|
|
|
gcc ${extra_opt_flags} -I${openssl_incdir} -L${openssl_libdir} tst.c -o tst
|
|
if [ $? -ne 0 ]
|
|
then
|
|
echo "Unable to compile OpenSSL test program please check OpenSSL installation."
|
|
exit 1
|
|
fi
|
|
./tst
|
|
if [ $? -ne 0 ]
|
|
then
|
|
echo "OpenSSL version too old. At least version 0.9.8e is required.\n"
|
|
exit 1
|
|
fi
|
|
|
|
# Check for HMAC_CTX_copy function
|
|
cat << __EOF > tst.c
|
|
#include <stdlib.h>
|
|
#include <openssl/sha.h>
|
|
#include <openssl/rand.h>
|
|
#include <openssl/evp.h>
|
|
#include <openssl/hmac.h>
|
|
|
|
int
|
|
main(void)
|
|
{
|
|
unsigned char key[16];
|
|
HMAC_CTX *ctx = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
|
|
HMAC_CTX *ctx1 = (HMAC_CTX *)malloc(sizeof (HMAC_CTX));
|
|
|
|
HMAC_CTX_init(ctx);
|
|
HMAC_Init_ex(ctx, key, 16, EVP_sha256(), NULL);
|
|
HMAC_CTX_copy(ctx1, ctx);
|
|
|
|
return (0);
|
|
}
|
|
__EOF
|
|
|
|
gcc ${extra_opt_flags} -I${openssl_incdir} -L${openssl_libdir} -O0 -g tst.c -o tst -lcrypto >/dev/null 2>&1
|
|
if [ $? -ne 0 ]
|
|
then
|
|
openssl_incdir="${openssl_incdir} -D__OSSL_OLD__"
|
|
fi
|
|
|
|
rm -f tst*
|
|
openssl_libdir="${openssl_libdir},--enable-new-dtags"
|
|
|
|
# Detect other library packages
|
|
for libspec in "libbz2:${bzlib_prefix}" "libz:${zlib_prefix}"
|
|
do
|
|
_OIFS="$IFS"
|
|
IFS=":"
|
|
set -- ${libspec}
|
|
libname=$1
|
|
pref=$2
|
|
IFS="$_OIFS"
|
|
|
|
use_prefix="${pref}"
|
|
if [ "x${pref}" = "x" ]
|
|
then
|
|
use_prefix="$prefix"
|
|
fi
|
|
for lib in "${pref}/lib64" "${pref}/usr/lib64" "${pref}/lib" "${pref}/usr/lib" \
|
|
"${pref}/lib/x86_64-linux-gnu" "${pref}/usr/lib/x86_64-linux-gnu" \
|
|
"${pref}/local/lib64" "${pref}/usr/local/lib64" "${pref}/local/lib" "${pref}/usr/local/lib" \
|
|
"${pref}/local/lib/x86_64-linux-gnu" "${pref}/usr/local/lib/x86_64-linux-gnu" \
|
|
"${use_prefix}/lib64" "${use_prefix}/lib" "${use_prefix}/lib/x86_64-linux-gnu" \
|
|
"${use_prefix}/usr/lib/x86_64-linux-gnu"
|
|
do
|
|
if [ -d ${lib} ]
|
|
then
|
|
if [ -f "${lib}/${libname}.so" -o -h "${lib}/${libname}.so" ]
|
|
then
|
|
eval "${libname}_libdir=${lib},--enable-new-dtags"
|
|
(cd ./buildtmp; ln -s ${lib}/${libname}.so)
|
|
break
|
|
else
|
|
if [ -f "${lib}/${libname}.a" ]
|
|
then
|
|
eval "${libname}_libdir=${lib},--enable-new-dtags"
|
|
(cd ./buildtmp; ln -s ${lib}/${libname}.a)
|
|
break
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
done
|
|
|
|
if [ "x${libbz2_libdir}" = "x" ]
|
|
then
|
|
if [ "x$bzlib_prefix" = "x" ]
|
|
then
|
|
echo "ERROR: Libbz2 not detected."
|
|
echo " You may have to install libbz2-devel or libbz2-dev"
|
|
else
|
|
echo "ERROR: Bzip2 library not detected in given prefix."
|
|
fi
|
|
exit 1
|
|
fi
|
|
|
|
if [ "x${libz_libdir}" = "x" ]
|
|
then
|
|
if [ "x$zlib_prefix" = "x" ]
|
|
then
|
|
echo "ERROR: Zlib not detected."
|
|
echo " You may have to install libz-devel or libz-dev"
|
|
else
|
|
echo "ERROR: Zlib not detected in given prefix."
|
|
fi
|
|
exit 1
|
|
fi
|
|
|
|
libbz2_inc=
|
|
libz_inc=
|
|
# Detect other library headers
|
|
for hdr in "libbz2_inc:bzlib.h:${bzlib_prefix}" "libz_inc:zlib.h:${zlib_prefix}"
|
|
do
|
|
_OIFS="$IFS"
|
|
IFS=":"
|
|
set -- ${hdr}
|
|
var=$1
|
|
hdrf=$2
|
|
pref=$3
|
|
IFS="$_OIFS"
|
|
|
|
use_prefix="${pref}"
|
|
if [ "x${pref}" = "x" ]
|
|
then
|
|
use_prefix="$prefix"
|
|
fi
|
|
for inc in "${pref}/include" "${pref}/usr/include" \
|
|
"${pref}/local/include" "${pref}/usr/local/include" \
|
|
"${use_prefix}/include" "${use_prefix}/usr/include"
|
|
do
|
|
if [ -d ${inc} ]
|
|
then
|
|
if [ -f "${inc}/${hdrf}" ]
|
|
then
|
|
eval "${var}=\"-I${inc}\""
|
|
break
|
|
fi
|
|
fi
|
|
done
|
|
done
|
|
|
|
linkvar="LINK"
|
|
compilevar="COMPILE"
|
|
compilecppvar="COMPILE_cpp"
|
|
vecflagsvar="VEC_FLAGS"
|
|
loopoptflagsvar="LOOP_OPTFLAGS"
|
|
cppflagsvar="CPPFLAGS"
|
|
genoptvar="GEN_OPT"
|
|
noslabcppflagsvar="NO_SLAB_CPPFLAGS"
|
|
debugstatscppflagsvar="DEBUG_STATS_CPPFLAGS"
|
|
prefixvar="PREFIX"
|
|
skeinblockvar="SKEIN_BLOCK"
|
|
keylenvar="KEYLEN"
|
|
|
|
libbscdirvar="LIBBSCDIR"
|
|
libbsclibvar="LIBBSCLIB"
|
|
libbsclflagsvar="LIBBSCLFLAGS"
|
|
libbscwrapobjvar="LIBBSCWRAPOBJ"
|
|
libbscgenoptvar="LIBBSCGEN_OPT"
|
|
libbsccppflagsvar="LIBBSCCPPFLAGS"
|
|
sha256asmobjsvar="SHA2ASM_OBJS"
|
|
sha256objsvar="SHA2_OBJS"
|
|
yasmvar="YASM"
|
|
fptr_flag_var="FPTR_FLAG"
|
|
extra_opt_flags_var="EXTRA_OPT_FLAGS"
|
|
sse_opt_flags_var="SSE_OPT_FLAGS"
|
|
|
|
openssllibdirvar="OPENSSL_LIBDIR"
|
|
opensslincdirvar="OPENSSL_INCDIR"
|
|
libbz2libdirvar="LIBBZ2_DIR"
|
|
libzlibdirvar="LIBZ_DIR"
|
|
libbz2incvar="LIBBZ2_INC"
|
|
libzincvar="LIBZ_INC"
|
|
|
|
keccak_srcs_var="KECCAK_SRCS"
|
|
keccak_hdrs_var="KECCAK_HDRS"
|
|
keccak_srcs_asm_var="KECCAK_SRCS_ASM"
|
|
|
|
crypto_compat_objs_var="CRYPTO_COMPAT_OBJS"
|
|
crypto_compat_flags_var="COMPAT_CPPFLAGS"
|
|
|
|
noslabcppflagsval=
|
|
debugstatscppflagsval=
|
|
|
|
[ $allocator -eq 0 ] && noslabcppflagsval='\$\(NO_SLAB_CPPFLAGS\)'
|
|
[ $debug_stats -eq 1 ] && debugstatscppflagsval='\$\(DEBUG_STATS_CPPFLAGS\)'
|
|
|
|
cat Makefile.in | sed "
|
|
s#@${linkvar}@#\\\$\\(${typ}_${linkvar}\\)#g
|
|
s#@${compilevar}@#\\\$\\(${typ}_${compilevar}\\)#g
|
|
s#@${compilecppvar}@#\\\$\\(${typ}_${compilecppvar}\\)#g
|
|
s#@${vecflagsvar}@#\\\$\\(${typ}_${vecflagsvar}\\)#g
|
|
s#@${loopoptflagsvar}@#\\\$\\(${typ}_${loopoptflagsvar}\\)#g
|
|
s#@${cppflagsvar}@#\\\$\\(${typ}_${cppflagsvar}\\)#g
|
|
s#@${genoptvar}@#\\\$\\(${typ}_${genoptvar}\\)#g
|
|
s#@${fptr_flag_var}@#\\\$\\(${typ}_${fptr_flag_var}\\)#g
|
|
s#@${noslabcppflagsvar}@#${noslabcppflagsval}#g
|
|
s#@${debugstatscppflagsvar}@#${debugstatscppflagsval}#g
|
|
s#@${prefixvar}@#${prefix}#g
|
|
s#@${libbscdirvar}@#${libbsc_dir}#g
|
|
s#@${libbsclibvar}@#${libbsc_lib}#g
|
|
s#@${libbsclflagsvar}@#${libbsclflags}#g
|
|
s#@${libbscwrapobjvar}@#${libbscwrapobj}#g
|
|
s#@${libbscgenoptvar}@#${libbscgenopt}#g
|
|
s#@${libbsccppflagsvar}@#${libbsccppflags}#g
|
|
s#@${skeinblockvar}@#${skeinblock}#g
|
|
s#@${openssllibdirvar}@#${openssl_libdir}#g
|
|
s#@${opensslincdirvar}@#${openssl_incdir}#g
|
|
s#@${sha256asmobjsvar}@#${sha256asmobjs}#g
|
|
s#@${sha256objsvar}@#${sha256objs}#g
|
|
s#@${yasmvar}@#${yasm}#g
|
|
s#@${keylenvar}@#${keylen}#g
|
|
s#@${libbz2libdirvar}@#${libbz2_libdir}#g
|
|
s#@${libzlibdirvar}@#${libz_libdir}#g
|
|
s#@${libbz2incvar}@#${libbz2_inc}#g
|
|
s#@${libzincvar}@#${libz_inc}#g
|
|
s#@${keccak_srcs_var}@#${keccak_srcs}#g
|
|
s#@${keccak_hdrs_var}@#${keccak_hdrs}#g
|
|
s#@${keccak_srcs_var}@#${keccak_srcs}#g
|
|
s#@${keccak_srcs_asm_var}@#${keccak_srcs_asm}#g
|
|
s#@${extra_opt_flags_var}@#${extra_opt_flags}#g
|
|
s#@${sse_opt_flags_var}@#${sse_opt_flags}#g
|
|
s#@${crypto_compat_objs_var}@#${crypto_compat_objs}#g
|
|
s#@${crypto_compat_flags_var}@#${crypto_compat_flags}#g
|
|
" > Makefile
|
|
|