lib/softoken/config.mk
author Robert Relyea <rrelyea@redhat.com>
Tue, 07 Sep 2021 16:18:08 -0700
changeset 16027 4b8ce96413381293f42c8034ab4976e2aa9af247
parent 15921 40edc4f4c1170398c1409a2c04a79fb59fe65df7
permissions -rw-r--r--
Bug 1729550 NSS needs FiPS 140-3 version indicators. 1. This patch adds a new command, validation, which dumps the validation objects ina given token. It defaults to the softoken. 2. It sets up the infrastructure to allow creation at init time of token specific objects (like validation objects and profile objects) by: 2a. factoring out the code to get the next available object handle to a new function call sftk_getNextHandle(). 2b. The object freelists are now initialized before SFTK_SlotInit, so that SFTK_SlotInit can initialize these new token objects. 2c. A new staticly defined session is created to hand these object on. 2c1. sftk_NewSession and sftk_FreeSession has the initialization and clearing functions factored out from the actual space freeing clearing so they can be used on this staticly allocated session. (NOTE: NSS has two ways it handles this internally: use of Init/New Clear/Free functions as in this patch, or the use of a bool called 'FreeIt' added to the original function. There is no technical reason for why I used Init/New other than I didn't have to go change all the places the currently call them. These are internal private functions, so it's ok to change their signatures. 2c2. The static sessions are initialized on freed when the slot is created and destroyed. 3. For fips slot the validation object is created. The version number is selected at compile time with a build time environment variable. If no version number is provided, a default version number (related to the NSS version) is selected as well as the string 'unvalidated'. 4. The NSS spefic defines for Validation objects are defined in the NSS vendor space (until PKCS #11 v3.2 comes out with the official values). Differential Revision: https://phabricator.services.mozilla.com/D124951

#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)

EXTRA_LIBS += \
	$(CRYPTOLIB) \
	$(NULL)

# can't do this in manifest.mn because OS_TARGET isn't defined there.
ifeq (,$(filter-out WIN%,$(OS_TARGET)))

ifdef NS_USE_GCC
EXTRA_SHARED_LIBS += \
	-L$(SQLITE_LIB_DIR) \
	-l$(SQLITE_LIB_NAME) \
	-L$(NSSUTIL_LIB_DIR) \
	-lnssutil3 \
	-L$(NSPR_LIB_DIR) \
	-lplc4 \
	-lplds4 \
	-lnspr4 \
	$(NULL)
else # ! NS_USE_GCC

EXTRA_SHARED_LIBS += \
	$(SQLITE_LIB_DIR)/$(SQLITE_LIB_NAME).lib \
	$(NSSUTIL_LIB_DIR)/nssutil3.lib \
	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
	$(NULL)
endif # NS_USE_GCC

else

# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
EXTRA_SHARED_LIBS += \
	-L$(SQLITE_LIB_DIR) \
	-l$(SQLITE_LIB_NAME) \
	-L$(NSSUTIL_LIB_DIR) \
	-lnssutil3 \
	-L$(NSPR_LIB_DIR) \
	-lplc4 \
	-lplds4 \
	-lnspr4 \
	$(NULL)
endif

ifeq ($(OS_TARGET),AIX)
OS_LIBS += -lpthread
endif

ifdef NSS_ENABLE_FIPS_INDICATORS
DEFINES += -DNSS_ENABLE_FIPS_INDICATORS
endif

ifdef NSS_FIPS_MODULE_ID
DEFINES += -DNSS_FIPS_MODULE_ID=\"${NSS_FIPS_MODULE_ID}\"
endif