Skip to content

Commit

Permalink
Allow the user to build oqs-provider as a static library.
Browse files Browse the repository at this point in the history 
This commit removes the `SHARED` argument of the `add_library`.
By doing so, we let the user choose the build type of library.

By default, CMake will build a static library. Thus, [`BUILD_SHARED_LIBS`]
must be used to switch to a shared library.

`oqs-provider` as a static library allows us to use the provider without
having to store its shared library somewhere. In addition, it happens that
some operating systems prohibit the use of `dlopen`/`dlsym`.

To load `oqs-provider` when it is embedded into a library of a binary, one
can use the [`OSSL_PROVIDER_add_builtin`] API from OpenSSL 3.

[`BUILD_SHARED_LIBS`]: https://cmake.org/cmake/help/latest/variable/BUILD_SHARED_LIBS.html
[`OSSL_PROVIDER_add_builtin`]: https://www.openssl.org/docs/man3.1/man3/OSSL_PROVIDER_add_builtin.html
  • Loading branch information
thb-sb committed Jun 29, 2023
1 parent 6b34839 commit d813109
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 20 deletions.
28 changes: 14 additions & 14 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:
equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ]
steps:
- run:
name: Clone and build OpenSSL(3)
name: Clone and build OpenSSL(3)
command: |
git clone --branch master git://git.openssl.org/openssl.git openssl &&
cd openssl && ./config --prefix=$(echo $(pwd)/../.local) && make -j 18 && make install_sw && cd ..
Expand All @@ -69,11 +69,11 @@ jobs:
- run:
name: Run tests (with encodings, positive and negative test)
command: |
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
else
cat log
fi
- run:
Expand All @@ -88,10 +88,10 @@ jobs:
name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON, with encodings, positive and negative test)
command: |
./scripts/runtests_encodings.sh -V
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
else
cat log
fi
Expand Down Expand Up @@ -120,7 +120,7 @@ jobs:
git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git &&
export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build &&
cmake -GNinja -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install &&
cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV"
cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV"
- when:
condition:
not:
Expand Down Expand Up @@ -158,11 +158,11 @@ jobs:
- run:
name: Run tests (with encodings)
command: |
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
else
cat log
fi
Expand Down Expand Up @@ -194,21 +194,21 @@ workflows:
name: ubuntu-focal
context: openquantumsafe
IMAGE: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF -DBUILD_SHARED_LIBS=ON
OPENSSL_PREINSTALL: openssl@1
- ubuntu:
name: ubuntu-jammy
context: openquantumsafe
IMAGE: openquantumsafe/ci-ubuntu-jammy:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD -DBUILD_SHARED_LIBS=ON
OPENSSL_PREINSTALL: openssl@3
- macOS:
name: macOS-noopenssl
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF -DBUILD_SHARED_LIBS=ON
OPENSSL_PREINSTALL: openssl
- macOS:
name: macOS-shared
CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF
CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF -DBUILD_SHARED_LIBS=ON
OPENSSL_PREINSTALL: openssl@3
on-main-branch:
when:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/windows.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ jobs:
if: steps.cache-openssl32.outputs.cache-hit != 'true'
run: bash -c "./config --prefix=/opt/openssl32 ${{ matrix.platform.config }} && perl configdata.pm --dump && make $MAKE_PARAMS && make install_sw"
working-directory: openssl
- name: Check OpenSSL install3
- name: Check OpenSSL install3
run: dir c:\cygwin\opt\openssl32
- name: Save OpenSSL
id: cache-openssl-save
Expand All @@ -79,7 +79,7 @@ jobs:
c:\cygwin\opt\openssl32
key: ${{ runner.os }}-cygwinopenssl32
- name: build oqs-provider
run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B _build && cd _build && ninja && cd .."
run: bash -c "git config --global --add safe.directory $(cygpath -u $PWD) && liboqs_DIR='${{ env.IP }}' cmake -GNinja -DBUILD_SHARED_LIBS=ON -DCMAKE_C_COMPILER=gcc -DOPENSSL_ROOT_DIR=/opt/openssl32 -S . -B _build && cd _build && ninja && cd .."
- name: Adapt oqsprovider.dll name
run: bash -c "cp oqsprovider-1.dll oqsprovider.dll"
working-directory: _build/bin
Expand Down Expand Up @@ -190,7 +190,7 @@ jobs:
key: ${{ runner.os }}-msvcopenssl32
- name: build oqs-provider
run: |
cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build
cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS="/wd5105" -DBUILD_SHARED_LIBS=ON -DOPENSSL_ROOT_DIR="c:\openssl32" -Dliboqs_DIR="c:\liboqs\lib\cmake\liboqs" -S . -B _build
cd _build
ninja
- name: Run tests
Expand Down
2 changes: 1 addition & 1 deletion oqsprov/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ set(PROVIDER_SOURCE_FILES
set(PROVIDER_HEADER_FILES
oqs_prov.h oqs_endecoder_local.h
)
add_library(oqsprovider SHARED ${PROVIDER_SOURCE_FILES})
add_library(oqsprovider ${PROVIDER_SOURCE_FILES})
if (USE_ENCODING_LIB)
add_dependencies(oqsprovider encoder)
endif()
Expand Down
4 changes: 2 additions & 2 deletions scripts/fullbuild.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,9 +107,9 @@ if [ ! -f "_build/lib/oqsprovider.$SHLIBEXT" ]; then
BUILD_TYPE=""
# for omitting public key in private keys add -DNOPUBKEY_IN_PRIVKEY=ON
if [ -z "$OPENSSL_INSTALL" ]; then
cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE -S . -B _build && cmake --build _build
cmake -DOPENSSL_ROOT_DIR=$(pwd)/.local $BUILD_TYPE -S . -B _build -DBUILD_SHARED_LIBS=ON && cmake --build _build
else
cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE -S . -B _build && cmake --build _build
cmake -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL $BUILD_TYPE -S . -B _build -DBUILD_SHARED_LIBS=ON && cmake --build _build
fi
if [ $? -ne 0 ]; then
echo "provider build failed. Exiting."
Expand Down

0 comments on commit d813109

Please sign in to comment.