1 # Copyright (c) 2018-2022 Yubico AB. All rights reserved.
2 # Use of this source code is governed by a BSD-style
3 # license that can be found in the LICENSE file.
4 # SPDX-License-Identifier: BSD-2-Clause
6 # detect AppleClang; needs to come before project()
7 cmake_policy(SET CMP0025 NEW)
10 cmake_minimum_required(VERSION 3.0)
11 # Set PIE flags for POSITION_INDEPENDENT_CODE targets, added in CMake 3.14.
13 cmake_policy(SET CMP0083 NEW)
16 include(CheckCCompilerFlag)
17 include(CheckFunctionExists)
18 include(CheckLibraryExists)
19 include(CheckSymbolExists)
20 include(CheckIncludeFiles)
21 include(CheckTypeSize)
22 include(GNUInstallDirs)
23 include(CheckPIESupported OPTIONAL RESULT_VARIABLE CHECK_PIE_SUPPORTED)
24 if(CHECK_PIE_SUPPORTED)
25 check_pie_supported(LANGUAGES C)
28 set(CMAKE_POSITION_INDEPENDENT_CODE ON)
29 set(CMAKE_COLOR_MAKEFILE OFF)
30 set(CMAKE_VERBOSE_MAKEFILE ON)
34 set(FIDO_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}.${FIDO_PATCH})
36 option(BUILD_TESTS "Build the regress tests" ON)
37 option(BUILD_EXAMPLES "Build example programs" ON)
38 option(BUILD_MANPAGES "Build man pages" ON)
39 option(BUILD_SHARED_LIBS "Build a shared library" ON)
40 option(BUILD_STATIC_LIBS "Build a static library" ON)
41 option(BUILD_TOOLS "Build tool programs" ON)
42 option(FUZZ "Enable fuzzing instrumentation" OFF)
43 option(USE_HIDAPI "Use hidapi as the HID backend" OFF)
44 option(USE_PCSC "Enable experimental PCSC support" OFF)
45 option(USE_WINHELLO "Abstract Windows Hello as a FIDO device" ON)
46 option(NFC_LINUX "Enable NFC support on Linux" ON)
48 add_definitions(-D_FIDO_MAJOR=${FIDO_MAJOR})
49 add_definitions(-D_FIDO_MINOR=${FIDO_MINOR})
50 add_definitions(-D_FIDO_PATCH=${FIDO_PATCH})
53 set(_FIDO2_LIBRARY fido2_shared)
54 elseif(BUILD_STATIC_LIBS)
55 set(_FIDO2_LIBRARY fido2)
57 message(FATAL_ERROR "Nothing to build (BUILD_*_LIBS=OFF)")
60 if(CYGWIN OR MSYS OR MINGW)
65 add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600)
69 set(CMAKE_INSTALL_NAME_DIR
70 "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}")
74 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_POSIX_C_SOURCE=200809L")
75 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_BSD_SOURCE")
77 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DARWIN_C_SOURCE")
78 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__STDC_WANT_LIB_EXT1__=1")
79 elseif((CMAKE_SYSTEM_NAME STREQUAL "Linux") OR MINGW OR CYGWIN)
80 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_GNU_SOURCE")
81 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DEFAULT_SOURCE")
82 elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR
83 CMAKE_SYSTEM_NAME STREQUAL "MidnightBSD")
84 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__BSD_VISIBLE=1")
85 elseif(CMAKE_SYSTEM_NAME STREQUAL "NetBSD")
86 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_NETBSD_SOURCE")
88 set(FIDO_CFLAGS "${FIDO_CFLAGS} -std=c99")
89 set(CMAKE_C_FLAGS "${FIDO_CFLAGS} ${CMAKE_C_FLAGS}")
92 check_c_compiler_flag("-Wshorten-64-to-32" HAVE_SHORTEN_64_TO_32)
93 check_c_compiler_flag("-Werror -fstack-protector-all" HAVE_STACK_PROTECTOR_ALL)
95 check_include_files(cbor.h HAVE_CBOR_H)
96 check_include_files(endian.h HAVE_ENDIAN_H)
97 check_include_files(err.h HAVE_ERR_H)
98 check_include_files(openssl/opensslv.h HAVE_OPENSSLV_H)
99 check_include_files(signal.h HAVE_SIGNAL_H)
100 check_include_files(sys/random.h HAVE_SYS_RANDOM_H)
101 check_include_files(unistd.h HAVE_UNISTD_H)
103 check_symbol_exists(arc4random_buf stdlib.h HAVE_ARC4RANDOM_BUF)
104 check_symbol_exists(asprintf stdio.h HAVE_ASPRINTF)
105 check_symbol_exists(clock_gettime time.h HAVE_CLOCK_GETTIME)
106 check_symbol_exists(explicit_bzero string.h HAVE_EXPLICIT_BZERO)
107 check_symbol_exists(freezero stdlib.h HAVE_FREEZERO)
108 check_symbol_exists(getline stdio.h HAVE_GETLINE)
109 check_symbol_exists(getopt unistd.h HAVE_GETOPT)
110 check_symbol_exists(getpagesize unistd.h HAVE_GETPAGESIZE)
111 check_symbol_exists(getrandom sys/random.h HAVE_GETRANDOM)
112 check_symbol_exists(memset_s string.h HAVE_MEMSET_S)
113 check_symbol_exists(readpassphrase readpassphrase.h HAVE_READPASSPHRASE)
114 check_symbol_exists(recallocarray stdlib.h HAVE_RECALLOCARRAY)
115 check_symbol_exists(strlcat string.h HAVE_STRLCAT)
116 check_symbol_exists(strlcpy string.h HAVE_STRLCPY)
117 check_symbol_exists(strsep string.h HAVE_STRSEP)
118 check_symbol_exists(sysconf unistd.h HAVE_SYSCONF)
119 check_symbol_exists(timespecsub sys/time.h HAVE_TIMESPECSUB)
120 check_symbol_exists(timingsafe_bcmp string.h HAVE_TIMINGSAFE_BCMP)
122 set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
123 try_compile(HAVE_POSIX_IOCTL
124 "${CMAKE_CURRENT_BINARY_DIR}/posix_ioctl_check.o"
125 "${CMAKE_CURRENT_SOURCE_DIR}/openbsd-compat/posix_ioctl_check.c"
126 COMPILE_DEFINITIONS "-Werror -Woverflow -Wsign-conversion")
128 list(APPEND CHECK_VARIABLES
156 foreach(v ${CHECK_VARIABLES})
158 add_definitions(-D${v})
162 if(HAVE_EXPLICIT_BZERO AND NOT FUZZ)
163 add_definitions(-DHAVE_EXPLICIT_BZERO)
167 add_definitions(-DHAVE_DEV_URANDOM)
172 if((NOT CBOR_INCLUDE_DIRS) OR (NOT CBOR_LIBRARY_DIRS) OR
173 (NOT CRYPTO_INCLUDE_DIRS) OR (NOT CRYPTO_LIBRARY_DIRS) OR
174 (NOT ZLIB_INCLUDE_DIRS) OR (NOT ZLIB_LIBRARY_DIRS))
175 message(FATAL_ERROR "please define "
176 "{CBOR,CRYPTO,ZLIB}_{INCLUDE,LIBRARY}_DIRS when "
177 "building under msvc")
179 if(BUILD_TESTS AND BUILD_SHARED_LIBS AND
180 ((NOT CBOR_BIN_DIRS) OR (NOT ZLIB_BIN_DIRS) OR (NOT CRYPTO_BIN_DIRS)))
181 message(FATAL_ERROR "please define {CBOR,CRYPTO,ZLIB}_BIN_DIRS "
182 "when building tests")
184 if(NOT CBOR_LIBRARIES)
185 set(CBOR_LIBRARIES cbor)
187 if(NOT ZLIB_LIBRARIES)
188 set(ZLIB_LIBRARIES zlib1)
190 if(NOT CRYPTO_LIBRARIES)
191 set(CRYPTO_LIBRARIES crypto)
194 set(MSVC_DISABLED_WARNINGS_LIST
195 "C4152" # nonstandard extension used: function/data pointer
196 # conversion in expression;
197 "C4200" # nonstandard extension used: zero-sized array in
199 "C4201" # nonstandard extension used: nameless struct/union;
200 "C4204" # nonstandard extension used: non-constant aggregate
202 "C4706" # assignment within conditional expression;
203 "C4996" # The POSIX name for this item is deprecated. Instead,
204 # use the ISO C and C++ conformant name;
205 "C6287" # redundant code: the left and right subexpressions are identical
207 # The construction in the following 3 lines was taken from LibreSSL's
209 string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR
210 ${MSVC_DISABLED_WARNINGS_LIST})
211 string(REGEX REPLACE "[/-]W[1234][ ]?" "" CMAKE_C_FLAGS ${CMAKE_C_FLAGS})
212 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -MP -W4 -WX ${MSVC_DISABLED_WARNINGS_STR}")
213 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Od /Z7 /guard:cf /sdl /RTCcsu")
214 set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} /Zi /guard:cf /sdl")
216 add_definitions(-DUSE_WINHELLO)
220 include(FindPkgConfig)
221 pkg_search_module(CBOR libcbor)
222 pkg_search_module(CRYPTO libcrypto)
223 pkg_search_module(ZLIB zlib)
225 if(NOT CBOR_FOUND AND NOT HAVE_CBOR_H)
226 message(FATAL_ERROR "could not find libcbor")
228 if(NOT CRYPTO_FOUND AND NOT HAVE_OPENSSLV_H)
229 message(FATAL_ERROR "could not find libcrypto")
232 message(FATAL_ERROR "could not find zlib")
235 if(NOT CBOR_LIBRARIES)
236 set(CBOR_LIBRARIES "cbor")
238 if(NOT CRYPTO_LIBRARIES)
239 set(CRYPTO_LIBRARIES "crypto")
242 if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
243 pkg_search_module(UDEV libudev REQUIRED)
244 set(UDEV_NAME "udev")
245 # If using hidapi, use hidapi-hidraw.
246 set(HIDAPI_SUFFIX -hidraw)
247 if(NOT HAVE_CLOCK_GETTIME)
248 # Look for clock_gettime in librt.
249 check_library_exists(rt clock_gettime "time.h"
251 if (HAVE_CLOCK_GETTIME)
252 add_definitions(-DHAVE_CLOCK_GETTIME)
253 set(BASE_LIBRARIES ${BASE_LIBRARIES} rt)
261 # MinGW is stuck with a flavour of C89.
262 add_definitions(-DFIDO_NO_DIAGNOSTIC)
263 add_definitions(-DWC_ERR_INVALID_CHARS=0x80)
264 add_compile_options(-Wno-unused-parameter)
269 add_definitions(-DFIDO_FUZZ)
272 # If building with PCSC, look for pcsc-lite.
273 if(USE_PCSC AND NOT (APPLE OR CYGWIN OR MSYS OR MINGW))
274 pkg_search_module(PCSC libpcsclite REQUIRED)
275 set(PCSC_LIBRARIES pcsclite)
279 add_definitions(-DUSE_HIDAPI)
280 pkg_search_module(HIDAPI hidapi${HIDAPI_SUFFIX} REQUIRED)
281 set(HIDAPI_LIBRARIES hidapi${HIDAPI_SUFFIX})
285 add_definitions(-DUSE_NFC)
290 add_definitions(-DUSE_WINHELLO)
293 set(USE_WINHELLO OFF)
296 add_compile_options(-Wall)
297 add_compile_options(-Wextra)
298 add_compile_options(-Werror)
299 add_compile_options(-Wshadow)
300 add_compile_options(-Wcast-qual)
301 add_compile_options(-Wwrite-strings)
302 add_compile_options(-Wmissing-prototypes)
303 add_compile_options(-Wbad-function-cast)
304 add_compile_options(-Wimplicit-fallthrough)
305 add_compile_options(-pedantic)
306 add_compile_options(-pedantic-errors)
308 set(EXTRA_CFLAGS "-Wconversion -Wsign-conversion")
311 add_compile_options(-Wno-type-limits)
312 add_compile_options(-Wno-cast-function-type)
315 if(HAVE_SHORTEN_64_TO_32)
316 add_compile_options(-Wshorten-64-to-32)
319 if(HAVE_STACK_PROTECTOR_ALL)
320 add_compile_options(-fstack-protector-all)
323 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -g2")
324 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fno-omit-frame-pointer")
325 set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -D_FORTIFY_SOURCE=2")
327 if(CRYPTO_VERSION VERSION_GREATER_EQUAL 3.0)
328 add_definitions(-DOPENSSL_API_COMPAT=0x10100000L)
332 set(EXTRA_CFLAGS "${EXTRA_CFLAGS} -Wframe-larger-than=2047")
336 # Avoid https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425
337 if(CMAKE_COMPILER_IS_GNUCC)
338 add_compile_options(-Wno-unused-result)
341 # Decide which keyword to use for thread-local storage.
342 if(CMAKE_COMPILER_IS_GNUCC OR
343 CMAKE_C_COMPILER_ID STREQUAL "Clang" OR
344 CMAKE_C_COMPILER_ID STREQUAL "AppleClang")
347 set(TLS "__declspec(thread)")
349 add_definitions(-DTLS=${TLS})
352 add_definitions(-DUSE_PCSC)
356 if(APPLE AND (CMAKE_C_COMPILER_ID STREQUAL "Clang" OR
357 CMAKE_C_COMPILER_ID STREQUAL "AppleClang"))
359 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
360 " -exported_symbols_list ${CMAKE_CURRENT_SOURCE_DIR}/src/export.llvm")
364 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
365 " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/fuzz/export.gnu")
367 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
368 " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/src/export.gnu")
371 string(CONCAT CMAKE_SHARED_LINKER_FLAGS
372 ${CMAKE_SHARED_LINKER_FLAGS}
373 " -Wl,-z,noexecstack -Wl,-z,relro,-z,now")
374 string(CONCAT CMAKE_EXE_LINKER_FLAGS
375 ${CMAKE_EXE_LINKER_FLAGS}
376 " -Wl,-z,noexecstack -Wl,-z,relro,-z,now")
378 file(STRINGS fuzz/wrapped.sym WRAPPED_SYMBOLS)
379 foreach(s ${WRAPPED_SYMBOLS})
380 string(CONCAT CMAKE_SHARED_LINKER_FLAGS
381 ${CMAKE_SHARED_LINKER_FLAGS}
387 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
388 " /def:\"${CMAKE_CURRENT_SOURCE_DIR}/src/export.msvc\"")
391 include_directories(${PROJECT_SOURCE_DIR}/src)
392 include_directories(${CBOR_INCLUDE_DIRS})
393 include_directories(${CRYPTO_INCLUDE_DIRS})
394 include_directories(${HIDAPI_INCLUDE_DIRS})
395 include_directories(${PCSC_INCLUDE_DIRS})
396 include_directories(${UDEV_INCLUDE_DIRS})
397 include_directories(${ZLIB_INCLUDE_DIRS})
399 link_directories(${CBOR_LIBRARY_DIRS})
400 link_directories(${CRYPTO_LIBRARY_DIRS})
401 link_directories(${HIDAPI_LIBRARY_DIRS})
402 link_directories(${PCSC_LIBRARY_DIRS})
403 link_directories(${UDEV_LIBRARY_DIRS})
404 link_directories(${ZLIB_LIBRARY_DIRS})
406 message(STATUS "BASE_LIBRARIES: ${BASE_LIBRARIES}")
407 message(STATUS "BUILD_EXAMPLES: ${BUILD_EXAMPLES}")
408 message(STATUS "BUILD_MANPAGES: ${BUILD_MANPAGES}")
409 message(STATUS "BUILD_SHARED_LIBS: ${BUILD_SHARED_LIBS}")
410 message(STATUS "BUILD_STATIC_LIBS: ${BUILD_STATIC_LIBS}")
411 message(STATUS "BUILD_TOOLS: ${BUILD_TOOLS}")
412 message(STATUS "CBOR_INCLUDE_DIRS: ${CBOR_INCLUDE_DIRS}")
413 message(STATUS "CBOR_LIBRARIES: ${CBOR_LIBRARIES}")
414 message(STATUS "CBOR_LIBRARY_DIRS: ${CBOR_LIBRARY_DIRS}")
416 message(STATUS "CBOR_BIN_DIRS: ${CBOR_BIN_DIRS}")
418 message(STATUS "CBOR_VERSION: ${CBOR_VERSION}")
419 message(STATUS "CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}")
420 message(STATUS "CMAKE_C_COMPILER: ${CMAKE_C_COMPILER}")
421 message(STATUS "CMAKE_C_COMPILER_ID: ${CMAKE_C_COMPILER_ID}")
422 message(STATUS "CMAKE_C_FLAGS: ${CMAKE_C_FLAGS}")
423 message(STATUS "CMAKE_CROSSCOMPILING: ${CMAKE_CROSSCOMPILING}")
424 message(STATUS "CMAKE_GENERATOR_PLATFORM: ${CMAKE_GENERATOR_PLATFORM}")
425 message(STATUS "CMAKE_HOST_SYSTEM_NAME: ${CMAKE_HOST_SYSTEM_NAME}")
426 message(STATUS "CMAKE_HOST_SYSTEM_PROCESSOR: ${CMAKE_HOST_SYSTEM_PROCESSOR}")
427 message(STATUS "CMAKE_INSTALL_LIBDIR: ${CMAKE_INSTALL_LIBDIR}")
428 message(STATUS "CMAKE_INSTALL_PREFIX: ${CMAKE_INSTALL_PREFIX}")
429 message(STATUS "CMAKE_SYSTEM_NAME: ${CMAKE_SYSTEM_NAME}")
430 message(STATUS "CMAKE_SYSTEM_PROCESSOR: ${CMAKE_SYSTEM_PROCESSOR}")
431 message(STATUS "CMAKE_SYSTEM_VERSION: ${CMAKE_SYSTEM_VERSION}")
432 message(STATUS "CRYPTO_INCLUDE_DIRS: ${CRYPTO_INCLUDE_DIRS}")
433 message(STATUS "CRYPTO_LIBRARIES: ${CRYPTO_LIBRARIES}")
434 message(STATUS "CRYPTO_LIBRARY_DIRS: ${CRYPTO_LIBRARY_DIRS}")
436 message(STATUS "CRYPTO_BIN_DIRS: ${CRYPTO_BIN_DIRS}")
438 message(STATUS "CRYPTO_VERSION: ${CRYPTO_VERSION}")
439 message(STATUS "FIDO_VERSION: ${FIDO_VERSION}")
440 message(STATUS "FUZZ: ${FUZZ}")
442 message(STATUS "FUZZ_LDFLAGS: ${FUZZ_LDFLAGS}")
444 message(STATUS "ZLIB_INCLUDE_DIRS: ${ZLIB_INCLUDE_DIRS}")
445 message(STATUS "ZLIB_LIBRARIES: ${ZLIB_LIBRARIES}")
446 message(STATUS "ZLIB_LIBRARY_DIRS: ${ZLIB_LIBRARY_DIRS}")
448 message(STATUS "ZLIB_BIN_DIRS: ${ZLIB_BIN_DIRS}")
450 message(STATUS "ZLIB_VERSION: ${ZLIB_VERSION}")
452 message(STATUS "HIDAPI_INCLUDE_DIRS: ${HIDAPI_INCLUDE_DIRS}")
453 message(STATUS "HIDAPI_LIBRARIES: ${HIDAPI_LIBRARIES}")
454 message(STATUS "HIDAPI_LIBRARY_DIRS: ${HIDAPI_LIBRARY_DIRS}")
455 message(STATUS "HIDAPI_VERSION: ${HIDAPI_VERSION}")
457 message(STATUS "PCSC_INCLUDE_DIRS: ${PCSC_INCLUDE_DIRS}")
458 message(STATUS "PCSC_LIBRARIES: ${PCSC_LIBRARIES}")
459 message(STATUS "PCSC_LIBRARY_DIRS: ${PCSC_LIBRARY_DIRS}")
460 message(STATUS "PCSC_VERSION: ${PCSC_VERSION}")
461 message(STATUS "TLS: ${TLS}")
462 message(STATUS "UDEV_INCLUDE_DIRS: ${UDEV_INCLUDE_DIRS}")
463 message(STATUS "UDEV_LIBRARIES: ${UDEV_LIBRARIES}")
464 message(STATUS "UDEV_LIBRARY_DIRS: ${UDEV_LIBRARY_DIRS}")
465 message(STATUS "UDEV_RULES_DIR: ${UDEV_RULES_DIR}")
466 message(STATUS "UDEV_VERSION: ${UDEV_VERSION}")
467 message(STATUS "USE_HIDAPI: ${USE_HIDAPI}")
468 message(STATUS "USE_PCSC: ${USE_PCSC}")
469 message(STATUS "USE_WINHELLO: ${USE_WINHELLO}")
470 message(STATUS "NFC_LINUX: ${NFC_LINUX}")
476 add_subdirectory(src)
479 add_subdirectory(regress)
482 add_subdirectory(examples)
485 add_subdirectory(tools)
488 add_subdirectory(man)
493 add_subdirectory(fuzz)
495 if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
496 add_subdirectory(udev)