Merge branch 'opendnssec:develop' into fix_issue_655

.appveyor.yml

@@ -41,31 +41,42 @@ init:
     $env:RELEASE_DIR=Join-Path $env:BUILD_DIR "SoftHSMv2-$env:ENV_PLATFORM"
 
     $env:CONFIGURE_OPTIONS = "$env:CONFIGURE_OPTIONS with-crypto-backend=$env:CRYPTO_BACKEND with-$env:CRYPTO_BACKEND=$env:CRYPTO_PACKAGE_PATH\ with-cppunit=$env:CPPUNIT_PATH\"
+cache: 
+  - C:/Tools/vcpkg/installed/
 environment:
+  APPVEYOR_SAVE_CACHE_ON_ERROR: true
   matrix:
-  - CRYPTO_BACKEND: botan
-    ADDITIONAL_CONFIGURE_OPTIONS: disable-eddsa disable-gost with-crypto-backend=botan
   - CRYPTO_BACKEND: openssl
     ADDITIONAL_CONFIGURE_OPTIONS: disable-eddsa disable-gost with-crypto-backend=openssl
+    DB_BACKEND: OFF
+  - CRYPTO_BACKEND: openssl
+    ADDITIONAL_CONFIGURE_OPTIONS: disable-eddsa disable-gost with-crypto-backend=openssl
+    DB_BACKEND: ON
+  - CRYPTO_BACKEND: botan
+    ADDITIONAL_CONFIGURE_OPTIONS: disable-eddsa disable-gost with-crypto-backend=botan
+    DB_BACKEND: OFF
 install:
+# Update vcpkg
+- cd c:\tools\vcpkg
+- cmd: git fetch
+- cmd: bootstrap-vcpkg.bat
+- cmd: vcpkg update
+- cmd: vcpkg upgrade --no-dry-run
 - cmd: vcpkg install sqlite3:x86-windows
+- cmd: vcpkg install openssl-windows:x86-windows
 - cmd: vcpkg install openssl-windows:x64-windows
 - cmd: vcpkg install botan:x86-windows
 - cmd: vcpkg install cppunit:x86-windows
-- cmd: vcpkg install getopt-win32:x86-windows
-build_script:
 - cmd: vcpkg integrate install
-- cmd: cmake -DCMAKE_TOOLCHAIN_FILE=C:/Tools/vcpkg/scripts/buildsystems/vcpkg.cmake -DWITH_CRYPTO_BACKEND=%CRYPTO_BACKEND% -DBUILD_TESTS=OFF -DDISABLE_NON_PAGED_MEMORY=ON -DENABLE_GOST=OFF .
-- cmd: msbuild softhsm2.sln /p:Configuration="Release" /p:Platform="Win32" /p:PlatformToolset=v140 /target:Build
+build_script:
+- cmd: if exist "C:\projects\softhsmv2\build" rmdir /s /q C:\projects\softhsmv2\build
+- cmd: mkdir C:\projects\softhsmv2\build
+- cmd: cmake -Bbuild -DCMAKE_TOOLCHAIN_FILE=C:\Tools\vcpkg\scripts\buildsystems\vcpkg.cmake -DWITH_OBJECTSTORE_BACKEND_DB=%DB_BACKEND% -DWITH_CRYPTO_BACKEND=%CRYPTO_BACKEND% -DBUILD_TESTS=ON -DDISABLE_NON_PAGED_MEMORY=ON -DENABLE_GOST=OFF
+- cmd: cmake -Bbuild --build . --config RelWithDebInfo
+- cmd: ctest -Bbuild -C RelWithDebInfo --progress --verbose
+- cmd: cmake -Bbuild -DCMAKE_INSTALL_PREFIX=build/SoftHSMv2-$(Platform) -DCMAKE_INSTALL_CONFIG_NAME=RelWithDebInfo -P cmake_install.cmake
 - cmd: IF "%ENV_PLATFORM%"=="x86" ( CD win32\Release ) ELSE ( CD win32\x64\Release)
-- cmd: cryptotest.exe
-- cmd: datamgrtest.exe
-- cmd: handlemgrtest.exe
-- cmd: objstoretest.exe
-- cmd: p11test.exe
-- cmd: sessionmgrtest.exe
-- cmd: slotmgrtest.exe
-test: off
+test: on
 artifacts:
 - path: build/SoftHSMv2-$(Platform)
   name: SoftHSMv2-$(PACKAGE_VERSION_NAME)-$(Platform)

CMAKE-WIN-NOTES.md

@@ -0,0 +1,74 @@
+# Building SoftHSMv2 for Windows
+
+This document describes process of building both 32-bit and 64-bit versions of SoftHSMv2.
+
+## Required software
+
+- [Visual Studio](https://visualstudio.microsoft.com/vs/community/) (Community)
+- [C/C++ dependency manager from Microsoft](https://vcpkg.io/)
+- [CMake](https://cmake.org/)
+
+## Prepare working directories
+
+	set VCPKG_HOME=C:\Projects\vcpkg
+	set SOFTHSM_HOME=C:\Projects\SoftHSMv2
+	git clone https://github.com/opendnssec/SoftHSMv2.git %SOFTHSM_HOME%
+	git clone https://github.com/Microsoft/vcpkg.git %VCPKG_HOME%
+
+## Build dependencies
+
+	cd %VCPKG_HOME%
+	bootstrap-vcpkg.bat
+	git fetch
+	git checkout 2021.05.12
+
+	vcpkg install cppunit:x86-windows
+	vcpkg install cppunit:x86-windows-static
+	vcpkg install openssl-windows:x86-windows
+	vcpkg install botan:x86-windows
+	vcpkg install sqlite3:x86-windows
+
+	vcpkg install cppunit:x64-windows
+	vcpkg install cppunit:x64-windows-static
+	vcpkg install openssl-windows:x64-windows
+	vcpkg install botan:x64-windows
+	vcpkg install sqlite3:x64-windows
+
+	vcpkg integrate install
+
+## Configure SoftHSMv2
+
+Build can be configured using the following commands:
+
+	mkdir %SOFTHSM_HOME%\tmp32
+	cd %SOFTHSM_HOME%\tmp32
+	cmake .. -G "Visual Studio 15 2017" -A Win32 -DCMAKE_TOOLCHAIN_FILE=%VCPKG_HOME%\scripts\buildsystems\vcpkg.cmake -DCMAKE_INSTALL_PREFIX=%SOFTHSM_HOME%\out32 -DBUILD_TESTS=ON -DWITH_CRYPTO_BACKEND=openssl -DWITH_OBJECTSTORE_BACKEND_DB=OFF
+
+	mkdir %SOFTHSM_HOME%\tmp64
+	cd %SOFTHSM_HOME%\tmp64
+	cmake .. -G "Visual Studio 15 2017" -A x64 -DCMAKE_TOOLCHAIN_FILE=%VCPKG_HOME%\scripts\buildsystems\vcpkg.cmake -DCMAKE_INSTALL_PREFIX=%SOFTHSM_HOME%\out64 -DBUILD_TESTS=ON -DWITH_CRYPTO_BACKEND=botan -DWITH_OBJECTSTORE_BACKEND_DB=ON
+
+Some options (more can be found in CMakeLists.txt):
+
+	-DBUILD_TESTS=ON                Compile tests along with libraries
+	-DENABLE_EDDSA=ON               Enable support for EDDSA
+	-DWITH_MIGRATE=ON               Build migration tool
+	-DWITH_CRYPTO_BACKEND=          Select crypto backend (openssl|botan)
+	-DDISABLE_NON_PAGED_MEMORY=ON   Disable non-paged memory for secure storage
+	-DWITH_OBJECTSTORE_BACKEND_DB=ON	Enable sqlite3 data storage
+
+## Compile
+
+Compile the source code using the following command:
+
+	cmake --build . --config RelWithDebInfo
+
+## Test
+
+	ctest -C RelWithDebInfo --output-on-failure --progress --verbose
+
+## Install
+
+Install the library using the follow command:
+
+	cmake  -DCMAKE_INSTALL_CONFIG_NAME=RelWithDebInfo  -P cmake_install.cmake

CMakeLists.txt

@@ -1,5 +1,4 @@
-cmake_minimum_required(VERSION 3.5)
-
+cmake_minimum_required(VERSION 3.16)
 project(softhsm2 C CXX)
 
 # Build Options
@@ -8,8 +7,8 @@ option(DISABLE_NON_PAGED_MEMORY "Disable non-paged memory for secure storage" OF
 option(DISABLE_VISIBILITY "Disables and unsets -fvisibility=hidden" OFF)
 option(ENABLE_64bit "Enable 64-bit compiling" OFF)
 option(ENABLE_ECC "Enable support for ECC" ON)
-option(ENABLE_EDDSA "Enable support for EDDSA" OFF)
-option(ENABLE_GOST "Enable support for GOST" ON)
+option(ENABLE_EDDSA "Enable support for EDDSA" ON)
+option(ENABLE_GOST "Enable support for GOST" OFF)
 option(ENABLE_FIPS "Enable support for FIPS 140-2 mode" OFF)
 option(ENABLE_P11_KIT "Enable p11-kit integration" ON)
 option(ENABLE_PEDANTIC "Enable pedantic compile mode" OFF)
@@ -80,11 +79,37 @@ if(NOT CMAKE_BUILD_TYPE)
     set(CMAKE_BUILD_TYPE RelWithDebInfo CACHE STRING "Default build type for SoftHSMv2 project" FORCE)
 endif(NOT CMAKE_BUILD_TYPE)
 
+
+set(CMAKE_CXX_FLAGS_MAINTAINER "-Wall -Wabi" CACHE STRING
+ "Flags used by the C++ compiler during maintainer builds."
+  FORCE)
+set(CMAKE_C_FLAGS_MAINTAINER "-Wall -pedantic" CACHE STRING
+  "Flags used by the C compiler during maintainer builds."
+  FORCE)
+set(CMAKE_EXE_LINKER_FLAGS_MAINTAINER
+  "-Wl,--warn-unresolved-symbols,--warn-once" CACHE STRING
+  "Flags used for linking binaries during maintainer builds."
+  FORCE)
+set(CMAKE_SHARED_LINKER_FLAGS_MAINTAINER
+  "-Wl,--warn-unresolved-symbols,--warn-once" CACHE STRING
+  "Flags used by the shared libraries linker during maintainer builds."
+  FORCE)
+mark_as_advanced(
+  CMAKE_CXX_FLAGS_MAINTAINER
+  CMAKE_C_FLAGS_MAINTAINER
+  CMAKE_EXE_LINKER_FLAGS_MAINTAINER
+  CMAKE_SHARED_LINKER_FLAGS_MAINTAINER)
+
+set(CMAKE_BUILD_TYPE "${CMAKE_BUILD_TYPE}" CACHE STRING
+  "Choose the type of build, options are: None Debug Release RelWithDebInfo MinSizeRel Maintainer."
+  FORCE)
+
+
 message(STATUS "Build Configuration: ${CMAKE_BUILD_TYPE}")
 
 # Build Modules Path
 set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH}
-                      ${CMAKE_SOURCE_DIR}/modules
+                      ${CMAKE_SOURCE_DIR}/cmake/modules
                       )
 
 # Custom Modules
@@ -102,6 +127,7 @@ add_subdirectory(src)
 # p11-kit
 set(default_softhsm2_lib ${DEFAULT_PKCS11_LIB})
 configure_file(softhsm2.module.in softhsm2.module)
+
 if(ENABLE_P11_KIT)
     install(FILES ${PROJECT_BINARY_DIR}/softhsm2.module
             DESTINATION ${P11KIT_PATH}

Makefile.am

@@ -21,9 +21,9 @@ EXTRA_DIST =	$(srcdir)/CMakeLists.txt \
 		$(srcdir)/FIPS-NOTES.md \
 		$(srcdir)/LICENSE \
 		$(srcdir)/m4/*.m4 \
-		$(srcdir)/modules/*.cmake \
-		$(srcdir)/modules/tests/*.c \
-		$(srcdir)/modules/tests/*.cpp \
+		$(srcdir)/cmake/modules/*.cmake \
+		$(srcdir)/cmake/modules/tests/*.c \
+		$(srcdir)/cmake/modules/tests/*.cpp \
 		$(srcdir)/OSX-NOTES.md \
 		$(srcdir)/README.md \
 		$(srcdir)/win32/convarch/convarch.vcxproj.in \

modules/CompilerOptions.cmake → cmake/modules/CompilerOptions.cmake

@@ -1,3 +1,5 @@
+find_package(PkgConfig)
+
 include(CheckCXXCompilerFlag)
 include(CheckFunctionExists)
 include(CheckIncludeFiles)
@@ -117,6 +119,14 @@ else(DISABLE_NON_PAGED_MEMORY)
     endif(NOT "${MLOCK_SIZE}" STREQUAL "unlimited")
 endif(DISABLE_NON_PAGED_MEMORY)
 
+
+if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC")
+	# disable 
+    # C4996 warning for deprecated posix function name
+    # C4456 declaration of 'identifier' hides previous local declaration
+	set(COMPILE_OPTIONS "/MP;/W4;/wd4996;/wd4456")
+endif()
+
 # Check if -ldl exists (equivalent of acx_dlopen.m4)
 check_library_exists(dl dlopen "" HAVE_DLOPEN)
 check_function_exists(LoadLibrary HAVE_LOADLIBRARY)
@@ -150,8 +160,8 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
         message(FATAL_ERROR "Failed to find Botan!")
     endif()
 
-    set(CRYPTO_INCLUDES ${BOTAN_INCLUDE_DIRS})
-    set(CRYPTO_LIBS ${BOTAN_LIBRARIES})
+    set(CRYPTO_INCLUDES ${BOTAN_INCLUDE_DIR})
+    set(CRYPTO_LIBS ${BOTAN_LIBRARY})
     message(STATUS "Botan: Includes: ${CRYPTO_INCLUDES}")
     message(STATUS "Botan: Libs: ${CRYPTO_LIBS}")
 
@@ -167,7 +177,7 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
 
     # acx_botan_ecc.m4
     if(ENABLE_ECC)
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_botan_ecc.cpp)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_botan_ecc.cpp)
         try_run(RUN_ECC COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -188,7 +198,7 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
     # acx_botan_eddsa.m4
     if(ENABLE_EDDSA)
         # ED25519
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_botan_ed25519.cpp)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_botan_ed25519.cpp)
         try_run(RUN_ED25519 COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -208,7 +218,7 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
 
     # acx_botan_gost.m4
     if(ENABLE_GOST)
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_botan_gost.cpp)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_botan_gost.cpp)
         try_run(RUN_GOST COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -234,7 +244,7 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
     set(HAVE_AES_KEY_WRAP 1)
 
     # acx_botan_rfc5649.m4
-    set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_botan_rfc5649.cpp)
+    set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_botan_rfc5649.cpp)
     try_run(RUN_AES_KEY_WRAP_PAD COMPILE_RESULT
             "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
             LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -249,7 +259,7 @@ if(WITH_CRYPTO_BACKEND STREQUAL "botan")
     endif()
 
     # acx_botan_rawpss.m4
-    set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_botan_rawpss.cpp)
+    set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_botan_rawpss.cpp)
     try_run(RUN_RAWPSS COMPILE_RESULT
             "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
             LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -289,7 +299,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
 
     # acx_openssl_ecc.m4
     if(ENABLE_ECC)
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_ecc.c)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_ecc.c)
         try_run(RUN_ECC COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -310,7 +320,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
     # acx_openssl_eddsa.m4
     if(ENABLE_EDDSA)
         # ED25519
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_ed25519.c)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_ed25519.c)
         try_run(RUN_ED25519 COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -325,7 +335,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
             message(FATAL_ERROR ${error_msg})
         endif()
         # ED448
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_ed448.c)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_ed448.c)
         try_run(RUN_ED448 COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -344,7 +354,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
 
     # acx_openssl_gost.m4
     if(ENABLE_GOST)
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_gost.c)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_gost.c)
         try_run(RUN_GOST COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -364,7 +374,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
 
     # acx_openssl_fips.m4
     if(ENABLE_FIPS)
-        set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_fips.c)
+        set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_fips.c)
         try_run(RUN_FIPS COMPILE_RESULT
                 "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
                 LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -383,7 +393,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
     endif(ENABLE_FIPS)
 
     # acx_openssl_rfc3349
-    set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_rfc3394.c)
+    set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_rfc3394.c)
     try_run(RUN_AES_KEY_WRAP COMPILE_RESULT
             "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
             LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -398,7 +408,7 @@ elseif(WITH_CRYPTO_BACKEND STREQUAL "openssl")
     endif()
 
     # acx_openssl_rfc5649
-    set(testfile ${CMAKE_SOURCE_DIR}/modules/tests/test_openssl_rfc5649.c)
+    set(testfile ${CMAKE_SOURCE_DIR}/cmake/modules/tests/test_openssl_rfc5649.c)
     try_run(RUN_AES_KEY_WRAP_PAD COMPILE_RESULT
             "${CMAKE_BINARY_DIR}/prebuild_santity_tests" ${testfile}
             LINK_LIBRARIES ${CRYPTO_LIBS}
@@ -435,10 +445,6 @@ if(WITH_SQLITE3)
 
     check_include_files(sqlite3.h HAVE_SQLITE3_H)
     check_library_exists(sqlite3 sqlite3_prepare_v2 "" HAVE_LIBSQLITE3)
-    find_program(SQLITE3_COMMAND NAMES sqlite3)
-    if(SQLITE3_COMMAND MATCHES "-NOTFOUND")
-        message(FATAL_ERROR "SQLite3: Command was not found")
-    endif(SQLITE3_COMMAND MATCHES "-NOTFOUND")
 else(WITH_SQLITE3)
     message(STATUS "Not including SQLite3 in build")
 endif(WITH_SQLITE3)
@@ -476,14 +482,15 @@ endif(ENABLE_P11_KIT)
 
 if(BUILD_TESTS)
     # Find CppUnit (equivalent of acx_cppunit.m4)
-    set(CppUnit_FIND_QUIETLY ON)
+    set(CppUnit_FIND_QUIETLY OFF)
     include(FindCppUnit)
     if(NOT CPPUNIT_FOUND)
         message(FATAL_ERROR "Failed to find CppUnit!")
     endif(NOT CPPUNIT_FOUND)
 
     set(CPPUNIT_INCLUDES ${CPPUNIT_INCLUDE_DIR})
     set(CPPUNIT_LIBS ${CPPUNIT_LIBRARY})
+    set(CPPUNIT_LIBRARIES ${CPPUNIT_LIBRARIES})
     message(STATUS "CppUnit: Includes: ${CPPUNIT_INCLUDES}")
     message(STATUS "CppUnit: Libs: ${CPPUNIT_LIBS}")
 else(BUILD_TESTS)

modules/FindBotan.cmake → cmake/modules/FindBotan.cmake

@@ -15,12 +15,13 @@
 #
 # This file is in the public domain
 
-include(FindPkgConfig)
+find_package(Botan CONFIG)
 
 if(NOT BOTAN_FOUND)
-  pkg_check_modules(BOTAN botan-2)
+  pkg_check_modules(botan BOTAN_FOUND)
 endif()
 
+
 if(NOT BOTAN_FOUND)
   find_path(BOTAN_INCLUDE_DIRS NAMES botan/botan.h
       PATH_SUFFIXES botan-2