1 # Copyright (c) 2018-2021 Yubico AB. All rights reserved.
2 # Use of this source code is governed by a BSD-style
3 # license that can be found in the LICENSE file.
5 # detect AppleClang; needs to come before project()
6 cmake_policy(SET CMP0025 NEW)
9 cmake_minimum_required(VERSION 3.0)
10 # Set PIE flags for POSITION_INDEPENDENT_CODE targets, added in CMake 3.14.
12 cmake_policy(SET CMP0083 NEW)
15 include(CheckCCompilerFlag)
16 include(CheckFunctionExists)
17 include(CheckLibraryExists)
18 include(CheckSymbolExists)
19 include(CheckIncludeFiles)
20 include(CheckTypeSize)
21 include(GNUInstallDirs)
22 include(CheckPIESupported OPTIONAL RESULT_VARIABLE CHECK_PIE_SUPPORTED)
23 if(CHECK_PIE_SUPPORTED)
24 check_pie_supported(LANGUAGES C)
27 set(CMAKE_POSITION_INDEPENDENT_CODE ON)
28 set(CMAKE_COLOR_MAKEFILE OFF)
29 set(CMAKE_VERBOSE_MAKEFILE ON)
33 set(FIDO_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}.${FIDO_PATCH})
35 option(BUILD_EXAMPLES "Build example programs" ON)
36 option(BUILD_MANPAGES "Build man pages" ON)
37 option(BUILD_SHARED_LIBS "Build the shared library" ON)
38 option(BUILD_STATIC_LIBS "Build the static library" ON)
39 option(BUILD_TOOLS "Build tool programs" ON)
40 option(FUZZ "Enable fuzzing instrumentation" OFF)
41 option(LIBFUZZER "Build libfuzzer harnesses" OFF)
42 option(USE_HIDAPI "Use hidapi as the HID backend" OFF)
43 option(USE_WINHELLO "Abstract Windows Hello as a FIDO device" ON)
44 option(NFC_LINUX "Enable NFC support on Linux" ON)
46 add_definitions(-D_FIDO_MAJOR=${FIDO_MAJOR})
47 add_definitions(-D_FIDO_MINOR=${FIDO_MINOR})
48 add_definitions(-D_FIDO_PATCH=${FIDO_PATCH})
50 if(CYGWIN OR MSYS OR MINGW)
55 add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600)
59 set(CMAKE_INSTALL_NAME_DIR
60 "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}")
64 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_POSIX_C_SOURCE=200809L")
65 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_BSD_SOURCE")
67 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DARWIN_C_SOURCE")
68 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__STDC_WANT_LIB_EXT1__=1")
69 elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux")
70 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_GNU_SOURCE")
71 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DEFAULT_SOURCE")
72 elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR
73 CMAKE_SYSTEM_NAME STREQUAL "MidnightBSD")
74 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__BSD_VISIBLE=1")
75 elseif(CMAKE_SYSTEM_NAME STREQUAL "NetBSD")
76 set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_NETBSD_SOURCE")
78 set(FIDO_CFLAGS "${FIDO_CFLAGS} -std=c99")
79 set(CMAKE_C_FLAGS "${FIDO_CFLAGS} ${CMAKE_C_FLAGS}")
82 check_c_compiler_flag("-Wshorten-64-to-32" HAVE_SHORTEN_64_TO_32)
83 check_c_compiler_flag("-Werror -fstack-protector-all" HAVE_STACK_PROTECTOR_ALL)
85 check_include_files(cbor.h HAVE_CBOR_H)
86 check_include_files(endian.h HAVE_ENDIAN_H)
87 check_include_files(err.h HAVE_ERR_H)
88 check_include_files(openssl/opensslv.h HAVE_OPENSSLV_H)
89 check_include_files(signal.h HAVE_SIGNAL_H)
90 check_include_files(sys/random.h HAVE_SYS_RANDOM_H)
91 check_include_files(unistd.h HAVE_UNISTD_H)
93 check_symbol_exists(arc4random_buf stdlib.h HAVE_ARC4RANDOM_BUF)
94 check_symbol_exists(clock_gettime time.h HAVE_CLOCK_GETTIME)
95 check_symbol_exists(explicit_bzero string.h HAVE_EXPLICIT_BZERO)
96 check_symbol_exists(freezero stdlib.h HAVE_FREEZERO)
97 check_symbol_exists(getline stdio.h HAVE_GETLINE)
98 check_symbol_exists(getopt unistd.h HAVE_GETOPT)
99 check_symbol_exists(getpagesize unistd.h HAVE_GETPAGESIZE)
100 check_symbol_exists(getrandom sys/random.h HAVE_GETRANDOM)
101 check_symbol_exists(memset_s string.h HAVE_MEMSET_S)
102 check_symbol_exists(readpassphrase readpassphrase.h HAVE_READPASSPHRASE)
103 check_symbol_exists(recallocarray stdlib.h HAVE_RECALLOCARRAY)
104 check_symbol_exists(strlcat string.h HAVE_STRLCAT)
105 check_symbol_exists(strlcpy string.h HAVE_STRLCPY)
106 check_symbol_exists(strsep string.h HAVE_STRSEP)
107 check_symbol_exists(sysconf unistd.h HAVE_SYSCONF)
108 check_symbol_exists(timespecsub sys/time.h HAVE_TIMESPECSUB)
109 check_symbol_exists(timingsafe_bcmp string.h HAVE_TIMINGSAFE_BCMP)
111 set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
112 try_compile(HAVE_POSIX_IOCTL
113 "${CMAKE_CURRENT_BINARY_DIR}/posix_ioctl_check.o"
114 "${CMAKE_CURRENT_SOURCE_DIR}/openbsd-compat/posix_ioctl_check.c"
115 COMPILE_DEFINITIONS "-Werror -Woverflow -Wsign-conversion")
117 list(APPEND CHECK_VARIABLES
144 foreach(v ${CHECK_VARIABLES})
146 add_definitions(-D${v})
150 if(HAVE_EXPLICIT_BZERO AND NOT LIBFUZZER)
151 add_definitions(-DHAVE_EXPLICIT_BZERO)
155 add_definitions(-DHAVE_DEV_URANDOM)
159 if((NOT CBOR_INCLUDE_DIRS) OR (NOT CBOR_LIBRARY_DIRS) OR
160 (NOT CBOR_BIN_DIRS) OR (NOT CRYPTO_INCLUDE_DIRS) OR
161 (NOT CRYPTO_LIBRARY_DIRS) OR (NOT CRYPTO_BIN_DIRS) OR
162 (NOT ZLIB_INCLUDE_DIRS) OR (NOT ZLIB_LIBRARY_DIRS) OR
164 message(FATAL_ERROR "please define "
165 "{CBOR,CRYPTO,ZLIB}_{INCLUDE,LIBRARY,BIN}_DIRS when "
166 "building under msvc")
168 set(CBOR_LIBRARIES cbor)
169 set(ZLIB_LIBRARIES zlib)
170 set(CRYPTO_LIBRARIES crypto-47)
171 set(MSVC_DISABLED_WARNINGS_LIST
172 "C4152" # nonstandard extension used: function/data pointer
173 # conversion in expression;
174 "C4200" # nonstandard extension used: zero-sized array in
176 "C4201" # nonstandard extension used: nameless struct/union;
177 "C4204" # nonstandard extension used: non-constant aggregate
179 "C4706" # assignment within conditional expression;
180 "C4996" # The POSIX name for this item is deprecated. Instead,
181 # use the ISO C and C++ conformant name;
182 "C6287" # redundant code: the left and right subexpressions are identical
184 # The construction in the following 3 lines was taken from LibreSSL's
186 string(REPLACE "C" " -wd" MSVC_DISABLED_WARNINGS_STR
187 ${MSVC_DISABLED_WARNINGS_LIST})
188 string(REGEX REPLACE "[/-]W[1234][ ]?" "" CMAKE_C_FLAGS ${CMAKE_C_FLAGS})
189 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -MP -W4 -WX ${MSVC_DISABLED_WARNINGS_STR}")
190 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} /Od /Z7 /guard:cf /sdl /RTCcsu")
191 set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} /Zi /guard:cf /sdl")
193 add_definitions(-DUSE_WINHELLO)
197 include(FindPkgConfig)
198 pkg_search_module(CBOR libcbor)
199 pkg_search_module(CRYPTO libcrypto)
200 pkg_search_module(ZLIB zlib)
202 if(NOT CBOR_FOUND AND NOT HAVE_CBOR_H)
203 message(FATAL_ERROR "could not find libcbor")
205 if(NOT CRYPTO_FOUND AND NOT HAVE_OPENSSLV_H)
206 message(FATAL_ERROR "could not find libcrypto")
209 message(FATAL_ERROR "could not find zlib")
212 set(CBOR_LIBRARIES "cbor")
213 set(CRYPTO_LIBRARIES "crypto")
215 if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
216 pkg_search_module(UDEV libudev REQUIRED)
217 set(UDEV_NAME "udev")
218 # If using hidapi, use hidapi-hidraw.
219 set(HIDAPI_SUFFIX -hidraw)
220 if(NOT HAVE_CLOCK_GETTIME)
221 # Look for clock_gettime in librt.
222 check_library_exists(rt clock_gettime "time.h"
224 if (HAVE_CLOCK_GETTIME)
225 add_definitions(-DHAVE_CLOCK_GETTIME)
226 set(BASE_LIBRARIES ${BASE_LIBRARIES} rt)
234 # MinGW is stuck with a flavour of C89.
235 add_definitions(-DFIDO_NO_DIAGNOSTIC)
236 add_definitions(-DWC_ERR_INVALID_CHARS=0x80)
237 add_compile_options(-Wno-unused-parameter)
241 add_definitions(-DUSE_HIDAPI)
242 pkg_search_module(HIDAPI hidapi${HIDAPI_SUFFIX} REQUIRED)
243 set(HIDAPI_LIBRARIES hidapi${HIDAPI_SUFFIX})
247 add_definitions(-DNFC_LINUX)
252 add_definitions(-DUSE_WINHELLO)
255 set(USE_WINHELLO OFF)
258 add_compile_options(-Wall)
259 add_compile_options(-Wextra)
260 add_compile_options(-Werror)
261 add_compile_options(-Wshadow)
262 add_compile_options(-Wcast-qual)
263 add_compile_options(-Wwrite-strings)
264 add_compile_options(-Wmissing-prototypes)
265 add_compile_options(-Wbad-function-cast)
266 add_compile_options(-pedantic)
267 add_compile_options(-pedantic-errors)
270 add_compile_options(-Wno-type-limits)
271 add_compile_options(-Wno-cast-function-type)
273 if(HAVE_SHORTEN_64_TO_32)
274 add_compile_options(-Wshorten-64-to-32)
276 if(HAVE_STACK_PROTECTOR_ALL)
277 add_compile_options(-fstack-protector-all)
280 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -g2")
281 set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fno-omit-frame-pointer")
282 set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -D_FORTIFY_SOURCE=2")
284 if(CRYPTO_VERSION VERSION_GREATER_EQUAL 3.0)
285 add_definitions(-DOPENSSL_API_COMPAT=0x10100000L)
289 add_definitions(-DFIDO_FUZZ)
293 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
297 # Avoid https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425
298 if(CMAKE_COMPILER_IS_GNUCC)
299 add_compile_options(-Wno-unused-result)
302 # Decide which keyword to use for thread-local storage.
303 if(CMAKE_COMPILER_IS_GNUCC OR
304 CMAKE_C_COMPILER_ID STREQUAL "Clang" OR
305 CMAKE_C_COMPILER_ID STREQUAL "AppleClang")
308 set(TLS "__declspec(thread)")
310 add_definitions(-DTLS=${TLS})
313 if(APPLE AND (CMAKE_C_COMPILER_ID STREQUAL "Clang" OR
314 CMAKE_C_COMPILER_ID STREQUAL "AppleClang"))
316 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
317 " -exported_symbols_list ${CMAKE_CURRENT_SOURCE_DIR}/src/export.llvm")
321 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
322 " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/fuzz/export.gnu")
324 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
325 " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/src/export.gnu")
328 string(CONCAT CMAKE_SHARED_LINKER_FLAGS
329 ${CMAKE_SHARED_LINKER_FLAGS}
330 " -Wl,-z,noexecstack -Wl,-z,relro,-z,now")
331 string(CONCAT CMAKE_EXE_LINKER_FLAGS
332 ${CMAKE_EXE_LINKER_FLAGS}
333 " -Wl,-z,noexecstack -Wl,-z,relro,-z,now")
335 file(STRINGS fuzz/wrapped.sym WRAPPED_SYMBOLS)
336 foreach(s ${WRAPPED_SYMBOLS})
337 string(CONCAT CMAKE_SHARED_LINKER_FLAGS
338 ${CMAKE_SHARED_LINKER_FLAGS}
344 string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS}
345 " /def:\"${CMAKE_CURRENT_SOURCE_DIR}/src/export.msvc\"")
348 include_directories(${CMAKE_SOURCE_DIR}/src)
349 include_directories(${CBOR_INCLUDE_DIRS})
350 include_directories(${CRYPTO_INCLUDE_DIRS})
351 include_directories(${HIDAPI_INCLUDE_DIRS})
352 include_directories(${UDEV_INCLUDE_DIRS})
353 include_directories(${ZLIB_INCLUDE_DIRS})
355 link_directories(${CBOR_LIBRARY_DIRS})
356 link_directories(${CRYPTO_LIBRARY_DIRS})
357 link_directories(${HIDAPI_LIBRARY_DIRS})
358 link_directories(${UDEV_LIBRARY_DIRS})
359 link_directories(${ZLIB_LIBRARY_DIRS})
361 message(STATUS "BASE_LIBRARIES: ${BASE_LIBRARIES}")
362 message(STATUS "BUILD_EXAMPLES: ${BUILD_EXAMPLES}")
363 message(STATUS "BUILD_MANPAGES: ${BUILD_MANPAGES}")
364 message(STATUS "BUILD_SHARED_LIBS: ${BUILD_SHARED_LIBS}")
365 message(STATUS "BUILD_STATIC_LIBS: ${BUILD_STATIC_LIBS}")
366 message(STATUS "BUILD_TOOLS: ${BUILD_TOOLS}")
367 message(STATUS "CBOR_INCLUDE_DIRS: ${CBOR_INCLUDE_DIRS}")
368 message(STATUS "CBOR_LIBRARIES: ${CBOR_LIBRARIES}")
369 message(STATUS "CBOR_LIBRARY_DIRS: ${CBOR_LIBRARY_DIRS}")
370 message(STATUS "CBOR_VERSION: ${CBOR_VERSION}")
371 message(STATUS "CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}")
372 message(STATUS "CMAKE_C_COMPILER: ${CMAKE_C_COMPILER}")
373 message(STATUS "CMAKE_C_COMPILER_ID: ${CMAKE_C_COMPILER_ID}")
374 message(STATUS "CMAKE_C_FLAGS: ${CMAKE_C_FLAGS}")
375 message(STATUS "CMAKE_INSTALL_LIBDIR: ${CMAKE_INSTALL_LIBDIR}")
376 message(STATUS "CMAKE_INSTALL_PREFIX: ${CMAKE_INSTALL_PREFIX}")
377 message(STATUS "CMAKE_SYSTEM_NAME: ${CMAKE_SYSTEM_NAME}")
378 message(STATUS "CMAKE_SYSTEM_VERSION: ${CMAKE_SYSTEM_VERSION}")
379 message(STATUS "CRYPTO_INCLUDE_DIRS: ${CRYPTO_INCLUDE_DIRS}")
380 message(STATUS "CRYPTO_LIBRARIES: ${CRYPTO_LIBRARIES}")
381 message(STATUS "CRYPTO_LIBRARY_DIRS: ${CRYPTO_LIBRARY_DIRS}")
382 message(STATUS "CRYPTO_VERSION: ${CRYPTO_VERSION}")
383 message(STATUS "FIDO_VERSION: ${FIDO_VERSION}")
384 message(STATUS "FUZZ: ${FUZZ}")
385 message(STATUS "ZLIB_INCLUDE_DIRS: ${ZLIB_INCLUDE_DIRS}")
386 message(STATUS "ZLIB_LIBRARIES: ${ZLIB_LIBRARIES}")
387 message(STATUS "ZLIB_LIBRARY_DIRS: ${ZLIB_LIBRARY_DIRS}")
388 message(STATUS "ZLIB_VERSION: ${ZLIB_VERSION}")
390 message(STATUS "HIDAPI_INCLUDE_DIRS: ${HIDAPI_INCLUDE_DIRS}")
391 message(STATUS "HIDAPI_LIBRARIES: ${HIDAPI_LIBRARIES}")
392 message(STATUS "HIDAPI_LIBRARY_DIRS: ${HIDAPI_LIBRARY_DIRS}")
393 message(STATUS "HIDAPI_VERSION: ${HIDAPI_VERSION}")
395 message(STATUS "LIBFUZZER: ${LIBFUZZER}")
396 message(STATUS "TLS: ${TLS}")
397 message(STATUS "UDEV_INCLUDE_DIRS: ${UDEV_INCLUDE_DIRS}")
398 message(STATUS "UDEV_LIBRARIES: ${UDEV_LIBRARIES}")
399 message(STATUS "UDEV_LIBRARY_DIRS: ${UDEV_LIBRARY_DIRS}")
400 message(STATUS "UDEV_RULES_DIR: ${UDEV_RULES_DIR}")
401 message(STATUS "UDEV_VERSION: ${UDEV_VERSION}")
402 message(STATUS "USE_HIDAPI: ${USE_HIDAPI}")
403 message(STATUS "USE_WINHELLO: ${USE_WINHELLO}")
404 message(STATUS "NFC_LINUX: ${NFC_LINUX}")
418 if(CMAKE_BUILD_TYPE STREQUAL "Debug" AND NOT FUZZ)
425 if(CMAKE_SYSTEM_NAME STREQUAL "Linux")