diff options
Diffstat (limited to '')
-rw-r--r-- | windows/build.ps1 | 241 | ||||
-rw-r--r-- | windows/const.ps1 | 43 | ||||
-rwxr-xr-x | windows/cygwin.gpg | bin | 0 -> 2193 bytes | |||
-rwxr-xr-x | windows/cygwin.ps1 | 70 | ||||
-rw-r--r-- | windows/libressl.gpg | bin | 0 -> 16425 bytes | |||
-rw-r--r-- | windows/release.ps1 | 98 |
6 files changed, 452 insertions, 0 deletions
diff --git a/windows/build.ps1 b/windows/build.ps1 new file mode 100644 index 0000000..4c3a969 --- /dev/null +++ b/windows/build.ps1 @@ -0,0 +1,241 @@ +# Copyright (c) 2021-2022 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. +# SPDX-License-Identifier: BSD-2-Clause + +param( + [string]$CMakePath = "C:\Program Files\CMake\bin\cmake.exe", + [string]$GitPath = "C:\Program Files\Git\bin\git.exe", + [string]$SevenZPath = "C:\Program Files\7-Zip\7z.exe", + [string]$GPGPath = "C:\Program Files (x86)\GnuPG\bin\gpg.exe", + [string]$WinSDK = "", + [string]$Config = "Release", + [string]$Arch = "x64", + [string]$Type = "dynamic", + [string]$Fido2Flags = "" +) + +$ErrorActionPreference = "Stop" +[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + +. "$PSScriptRoot\const.ps1" + +Function ExitOnError() { + if ($LastExitCode -ne 0) { + throw "A command exited with status $LastExitCode" + } +} + +Function GitClone(${REPO}, ${BRANCH}, ${DIR}) { + Write-Host "Cloning ${REPO}..." + & $Git -c advice.detachedHead=false clone --quiet --depth=1 ` + --branch "${BRANCH}" "${REPO}" "${DIR}" + Write-Host "${REPO}'s ${BRANCH} HEAD is:" + & $Git -C "${DIR}" show -s HEAD +} + +# Find Git. +$Git = $(Get-Command git -ErrorAction Ignore | ` + Select-Object -ExpandProperty Source) +if ([string]::IsNullOrEmpty($Git)) { + $Git = $GitPath +} +if (-Not (Test-Path $Git)) { + throw "Unable to find Git at $Git" +} + +# Find CMake. +$CMake = $(Get-Command cmake -ErrorAction Ignore | ` + Select-Object -ExpandProperty Source) +if ([string]::IsNullOrEmpty($CMake)) { + $CMake = $CMakePath +} +if (-Not (Test-Path $CMake)) { + throw "Unable to find CMake at $CMake" +} + +# Find 7z. +$SevenZ = $(Get-Command 7z -ErrorAction Ignore | ` + Select-Object -ExpandProperty Source) +if ([string]::IsNullOrEmpty($SevenZ)) { + $SevenZ = $SevenZPath +} +if (-Not (Test-Path $SevenZ)) { + throw "Unable to find 7z at $SevenZ" +} + +# Find GPG. +$GPG = $(Get-Command gpg -ErrorAction Ignore | ` + Select-Object -ExpandProperty Source) +if ([string]::IsNullOrEmpty($GPG)) { + $GPG = $GPGPath +} +if (-Not (Test-Path $GPG)) { + throw "Unable to find GPG at $GPG" +} + +# Override CMAKE_SYSTEM_VERSION if $WinSDK is set. +if (-Not ([string]::IsNullOrEmpty($WinSDK))) { + $CMAKE_SYSTEM_VERSION = "-DCMAKE_SYSTEM_VERSION='$WinSDK'" +} else { + $CMAKE_SYSTEM_VERSION = '' +} + +Write-Host "WinSDK: $WinSDK" +Write-Host "Config: $Config" +Write-Host "Arch: $Arch" +Write-Host "Type: $Type" +Write-Host "Git: $Git" +Write-Host "CMake: $CMake" +Write-Host "7z: $SevenZ" +Write-Host "GPG: $GPG" + +# Create build directories. +New-Item -Type Directory "${BUILD}" -Force +New-Item -Type Directory "${BUILD}\${Arch}" -Force +New-Item -Type Directory "${BUILD}\${Arch}\${Type}" -Force +New-Item -Type Directory "${STAGE}\${LIBRESSL}" -Force +New-Item -Type Directory "${STAGE}\${LIBCBOR}" -Force +New-Item -Type Directory "${STAGE}\${ZLIB}" -Force + +# Create output directories. +New-Item -Type Directory "${OUTPUT}" -Force +New-Item -Type Directory "${OUTPUT}\${Arch}" -Force +New-Item -Type Directory "${OUTPUT}\${Arch}\${Type}" -force + +# Fetch and verify dependencies. +Push-Location ${BUILD} +try { + if (-Not (Test-Path .\${LIBRESSL})) { + if (-Not (Test-Path .\${LIBRESSL}.tar.gz -PathType leaf)) { + Invoke-WebRequest ${LIBRESSL_URL}/${LIBRESSL}.tar.gz ` + -OutFile .\${LIBRESSL}.tar.gz + } + if (-Not (Test-Path .\${LIBRESSL}.tar.gz.asc -PathType leaf)) { + Invoke-WebRequest ${LIBRESSL_URL}/${LIBRESSL}.tar.gz.asc ` + -OutFile .\${LIBRESSL}.tar.gz.asc + } + + Copy-Item "$PSScriptRoot\libressl.gpg" -Destination "${BUILD}" + & $GPG --list-keys + & $GPG --quiet --no-default-keyring --keyring ./libressl.gpg ` + --verify .\${LIBRESSL}.tar.gz.asc .\${LIBRESSL}.tar.gz + if ($LastExitCode -ne 0) { + throw "GPG signature verification failed" + } + & $SevenZ e .\${LIBRESSL}.tar.gz + & $SevenZ x .\${LIBRESSL}.tar + Remove-Item -Force .\${LIBRESSL}.tar + } + if (-Not (Test-Path .\${LIBCBOR})) { + GitClone "${LIBCBOR_GIT}" "${LIBCBOR_BRANCH}" ".\${LIBCBOR}" + } + if (-Not (Test-Path .\${ZLIB})) { + GitClone "${ZLIB_GIT}" "${ZLIB_BRANCH}" ".\${ZLIB}" + } +} catch { + throw "Failed to fetch and verify dependencies" +} finally { + Pop-Location +} + +# Build LibreSSL. +Push-Location ${STAGE}\${LIBRESSL} +try { + & $CMake ..\..\..\${LIBRESSL} -A "${Arch}" ` + -DBUILD_SHARED_LIBS="${SHARED}" -DLIBRESSL_TESTS=OFF ` + -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG}" ` + -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE}" ` + -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; ` + ExitOnError + & $CMake --build . --config ${Config} --verbose; ExitOnError + & $CMake --build . --config ${Config} --target install --verbose; ` + ExitOnError +} catch { + throw "Failed to build LibreSSL" +} finally { + Pop-Location +} + +# Build libcbor. +Push-Location ${STAGE}\${LIBCBOR} +try { + & $CMake ..\..\..\${LIBCBOR} -A "${Arch}" ` + -DWITH_EXAMPLES=OFF ` + -DBUILD_SHARED_LIBS="${SHARED}" ` + -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG}" ` + -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE}" ` + -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; ` + ExitOnError + & $CMake --build . --config ${Config} --verbose; ExitOnError + & $CMake --build . --config ${Config} --target install --verbose; ` + ExitOnError +} catch { + throw "Failed to build libcbor" +} finally { + Pop-Location +} + +# Build zlib. +Push-Location ${STAGE}\${ZLIB} +try { + & $CMake ..\..\..\${ZLIB} -A "${Arch}" ` + -DBUILD_SHARED_LIBS="${SHARED}" ` + -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG}" ` + -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE}" ` + -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; ` + ExitOnError + & $CMake --build . --config ${Config} --verbose; ExitOnError + & $CMake --build . --config ${Config} --target install --verbose; ` + ExitOnError + # Patch up zlib's various names. + if ("${Type}" -eq "Dynamic") { + ((Get-ChildItem -Path "${PREFIX}/lib") -Match "zlib[d]?.lib") | + Copy-Item -Destination "${PREFIX}/lib/zlib1.lib" -Force + ((Get-ChildItem -Path "${PREFIX}/bin") -Match "zlibd1.dll") | + Copy-Item -Destination "${PREFIX}/bin/zlib1.dll" -Force + } else { + ((Get-ChildItem -Path "${PREFIX}/lib") -Match "zlibstatic[d]?.lib") | + Copy-item -Destination "${PREFIX}/lib/zlib1.lib" -Force + } +} catch { + throw "Failed to build zlib" +} finally { + Pop-Location +} + +# Build libfido2. +Push-Location ${STAGE} +try { + & $CMake ..\..\.. -A "${Arch}" ` + -DCMAKE_BUILD_TYPE="${Config}" ` + -DBUILD_SHARED_LIBS="${SHARED}" ` + -DCBOR_INCLUDE_DIRS="${PREFIX}\include" ` + -DCBOR_LIBRARY_DIRS="${PREFIX}\lib" ` + -DCBOR_BIN_DIRS="${PREFIX}\bin" ` + -DZLIB_INCLUDE_DIRS="${PREFIX}\include" ` + -DZLIB_LIBRARY_DIRS="${PREFIX}\lib" ` + -DZLIB_BIN_DIRS="${PREFIX}\bin" ` + -DCRYPTO_INCLUDE_DIRS="${PREFIX}\include" ` + -DCRYPTO_LIBRARY_DIRS="${PREFIX}\lib" ` + -DCRYPTO_BIN_DIRS="${PREFIX}\bin" ` + -DCMAKE_C_FLAGS_DEBUG="${CFLAGS_DEBUG} ${Fido2Flags}" ` + -DCMAKE_C_FLAGS_RELEASE="${CFLAGS_RELEASE} ${Fido2Flags}" ` + -DCMAKE_INSTALL_PREFIX="${PREFIX}" "${CMAKE_SYSTEM_VERSION}"; ` + ExitOnError + & $CMake --build . --config ${Config} --verbose; ExitOnError + & $CMake --build . --config ${Config} --target regress --verbose; ` + ExitOnError + & $CMake --build . --config ${Config} --target install --verbose; ` + ExitOnError + # Copy DLLs. + if ("${SHARED}" -eq "ON") { + "cbor.dll", "crypto-49.dll", "zlib1.dll" | ` + %{ Copy-Item "${PREFIX}\bin\$_" ` + -Destination "examples\${Config}" } + } +} catch { + throw "Failed to build libfido2" +} finally { + Pop-Location +} diff --git a/windows/const.ps1 b/windows/const.ps1 new file mode 100644 index 0000000..31426e9 --- /dev/null +++ b/windows/const.ps1 @@ -0,0 +1,43 @@ +# Copyright (c) 2021 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. +# SPDX-License-Identifier: BSD-2-Clause + +# LibreSSL coordinates. +New-Variable -Name 'LIBRESSL_URL' ` + -Value 'https://fastly.cdn.openbsd.org/pub/OpenBSD/LibreSSL' ` + -Option Constant +New-Variable -Name 'LIBRESSL' -Value 'libressl-3.5.3' -Option Constant + +# libcbor coordinates. +New-Variable -Name 'LIBCBOR' -Value 'libcbor-0.9.0' -Option Constant +New-Variable -Name 'LIBCBOR_BRANCH' -Value 'v0.9.0' -Option Constant +New-Variable -Name 'LIBCBOR_GIT' -Value 'https://github.com/pjk/libcbor' ` + -Option Constant + +# zlib coordinates. +New-Variable -Name 'ZLIB' -Value 'zlib-1.2.12' -Option Constant +New-Variable -Name 'ZLIB_BRANCH' -Value 'v1.2.12' -Option Constant +New-Variable -Name 'ZLIB_GIT' -Value 'https://github.com/madler/zlib' ` + -Option Constant + +# Work directories. +New-Variable -Name 'BUILD' -Value "$PSScriptRoot\..\build" -Option Constant +New-Variable -Name 'OUTPUT' -Value "$PSScriptRoot\..\output" -Option Constant + +# Prefixes. +New-Variable -Name 'STAGE' -Value "${BUILD}\${Arch}\${Type}" -Option Constant +New-Variable -Name 'PREFIX' -Value "${OUTPUT}\${Arch}\${Type}" -Option Constant + +# Build flags. +if ("${Type}" -eq "dynamic") { + New-Variable -Name 'RUNTIME' -Value '/MD' -Option Constant + New-Variable -Name 'SHARED' -Value 'ON' -Option Constant +} else { + New-Variable -Name 'RUNTIME' -Value '/MT' -Option Constant + New-Variable -Name 'SHARED' -Value 'OFF' -Option Constant +} +New-Variable -Name 'CFLAGS_DEBUG' -Value "${RUNTIME}d /Zi /guard:cf /sdl" ` + -Option Constant +New-Variable -Name 'CFLAGS_RELEASE' -Value "${RUNTIME} /Zi /guard:cf /sdl" ` + -Option Constant diff --git a/windows/cygwin.gpg b/windows/cygwin.gpg Binary files differnew file mode 100755 index 0000000..1e87237 --- /dev/null +++ b/windows/cygwin.gpg diff --git a/windows/cygwin.ps1 b/windows/cygwin.ps1 new file mode 100755 index 0000000..0681830 --- /dev/null +++ b/windows/cygwin.ps1 @@ -0,0 +1,70 @@ +# Copyright (c) 2021 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. +# SPDX-License-Identifier: BSD-2-Clause + +param( + [string]$GPGPath = "C:\Program Files (x86)\GnuPG\bin\gpg.exe", + [string]$Config = "Release" +) + +$ErrorActionPreference = "Stop" +[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + +# Cygwin coordinates. +$URL = 'https://www.cygwin.com' +$Setup = 'setup-x86_64.exe' +$Mirror = 'https://mirrors.kernel.org/sourceware/cygwin/' +$Packages = 'gcc-core,pkg-config,cmake,make,libcbor-devel,libssl-devel,zlib-devel' + +# Work directories. +$Cygwin = "$PSScriptRoot\..\cygwin" +$Root = "${Cygwin}\root" + +# Find GPG. +$GPG = $(Get-Command gpg -ErrorAction Ignore | ` + Select-Object -ExpandProperty Source) +if ([string]::IsNullOrEmpty($GPG)) { + $GPG = $GPGPath +} +if (-Not (Test-Path $GPG)) { + throw "Unable to find GPG at $GPG" +} + +Write-Host "Config: $Config" +Write-Host "GPG: $GPG" + +# Create work directories. +New-Item -Type Directory "${Cygwin}" -Force +New-Item -Type Directory "${Root}" -Force + +# Fetch and verify Cygwin. +try { + if (-Not (Test-Path ${Cygwin}\${Setup} -PathType leaf)) { + Invoke-WebRequest ${URL}/${Setup} ` + -OutFile ${Cygwin}\${Setup} + } + if (-Not (Test-Path ${Cygwin}\${Setup}.sig -PathType leaf)) { + Invoke-WebRequest ${URL}/${Setup}.sig ` + -OutFile ${Cygwin}\${Setup}.sig + } + & $GPG --list-keys + & $GPG --quiet --no-default-keyring ` + --keyring ${PSScriptRoot}/cygwin.gpg ` + --verify ${Cygwin}\${Setup}.sig ${Cygwin}\${Setup} + if ($LastExitCode -ne 0) { + throw "GPG signature verification failed" + } +} catch { + throw "Failed to fetch and verify Cygwin" +} + +# Bootstrap Cygwin. +Start-Process "${Cygwin}\${Setup}" -Wait -NoNewWindow ` + -ArgumentList "-dnNOqW -s ${Mirror} -R ${Root} -P ${Packages}" + +# Build libfido2. +$Env:PATH = "${Root}\bin\;" + $Env:PATH +cmake "-DCMAKE_BUILD_TYPE=${Config}" -B "build-${Config}" +make -C "build-${Config}" +make -C "build-${Config}" regress diff --git a/windows/libressl.gpg b/windows/libressl.gpg Binary files differnew file mode 100644 index 0000000..87d5dad --- /dev/null +++ b/windows/libressl.gpg diff --git a/windows/release.ps1 b/windows/release.ps1 new file mode 100644 index 0000000..423ec20 --- /dev/null +++ b/windows/release.ps1 @@ -0,0 +1,98 @@ +# Copyright (c) 2021-2022 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. +# SPDX-License-Identifier: BSD-2-Clause + +$ErrorActionPreference = "Stop" +$Architectures = @('x64', 'Win32', 'ARM64', 'ARM') +$InstallPrefixes = @('Win64', 'Win32', 'ARM64', 'ARM') +$Types = @('dynamic', 'static') +$Config = 'Release' +$LibCrypto = '49' +$SDK = '143' + +. "$PSScriptRoot\const.ps1" + +foreach ($Arch in $Architectures) { + foreach ($Type in $Types) { + ./build.ps1 -Arch ${Arch} -Type ${Type} -Config ${Config} + } +} + +foreach ($InstallPrefix in $InstallPrefixes) { + foreach ($Type in $Types) { + New-Item -Type Directory ` + "${OUTPUT}/pkg/${InstallPrefix}/${Config}/v${SDK}/${Type}" + } +} + +Function Package-Headers() { + Copy-Item "${OUTPUT}\x64\dynamic\include" -Destination "${OUTPUT}\pkg" ` + -Recurse -ErrorAction Stop +} + +Function Package-Dynamic(${SRC}, ${DEST}) { + Copy-Item "${SRC}\bin\cbor.dll" "${DEST}" + Copy-Item "${SRC}\lib\cbor.lib" "${DEST}" + Copy-Item "${SRC}\bin\zlib1.dll" "${DEST}" + Copy-Item "${SRC}\lib\zlib1.lib" "${DEST}" + Copy-Item "${SRC}\bin\crypto-${LibCrypto}.dll" "${DEST}" + Copy-Item "${SRC}\lib\crypto-${LibCrypto}.lib" "${DEST}" + Copy-Item "${SRC}\bin\fido2.dll" "${DEST}" + Copy-Item "${SRC}\lib\fido2.lib" "${DEST}" +} + +Function Package-Static(${SRC}, ${DEST}) { + Copy-Item "${SRC}/lib/cbor.lib" "${DEST}" + Copy-Item "${SRC}/lib/zlib1.lib" "${DEST}" + Copy-Item "${SRC}/lib/crypto-${LibCrypto}.lib" "${DEST}" + Copy-Item "${SRC}/lib/fido2_static.lib" "${DEST}/fido2.lib" +} + +Function Package-PDBs(${SRC}, ${DEST}) { + Copy-Item "${SRC}\${LIBRESSL}\crypto\crypto_obj.dir\${Config}\crypto_obj.pdb" ` + "${DEST}\crypto-${LibCrypto}.pdb" + Copy-Item "${SRC}\${LIBCBOR}\src\cbor.dir\${Config}\vc${SDK}.pdb" ` + "${DEST}\cbor.pdb" + Copy-Item "${SRC}\${ZLIB}\zlib.dir\${Config}\vc${SDK}.pdb" ` + "${DEST}\zlib1.pdb" + Copy-Item "${SRC}\src\fido2_shared.dir\${Config}\vc${SDK}.pdb" ` + "${DEST}\fido2.pdb" +} + +Function Package-StaticPDBs(${SRC}, ${DEST}) { + Copy-Item "${SRC}\${LIBRESSL}\crypto\crypto_obj.dir\${Config}\crypto_obj.pdb" ` + "${DEST}\crypto-${LibCrypto}.pdb" + Copy-Item "${SRC}\${LIBCBOR}\src\${Config}\cbor.pdb" ` + "${DEST}\cbor.pdb" + Copy-Item "${SRC}\${ZLIB}\${Config}\zlibstatic.pdb" ` + "${DEST}\zlib1.pdb" + Copy-Item "${SRC}\src\${Config}\fido2_static.pdb" ` + "${DEST}\fido2.pdb" +} + +Function Package-Tools(${SRC}, ${DEST}) { + Copy-Item "${SRC}\tools\${Config}\fido2-assert.exe" ` + "${DEST}\fido2-assert.exe" + Copy-Item "${SRC}\tools\${Config}\fido2-cred.exe" ` + "${DEST}\fido2-cred.exe" + Copy-Item "${SRC}\tools\${Config}\fido2-token.exe" ` + "${DEST}\fido2-token.exe" +} + +Package-Headers + +for ($i = 0; $i -lt $Architectures.Length; $i++) { + $Arch = $Architectures[$i] + $InstallPrefix = $InstallPrefixes[$i] + Package-Dynamic "${OUTPUT}\${Arch}\dynamic" ` + "${OUTPUT}\pkg\${InstallPrefix}\${Config}\v${SDK}\dynamic" + Package-PDBs "${BUILD}\${Arch}\dynamic" ` + "${OUTPUT}\pkg\${InstallPrefix}\${Config}\v${SDK}\dynamic" + Package-Tools "${BUILD}\${Arch}\dynamic" ` + "${OUTPUT}\pkg\${InstallPrefix}\${Config}\v${SDK}\dynamic" + Package-Static "${OUTPUT}\${Arch}\static" ` + "${OUTPUT}\pkg\${InstallPrefix}\${Config}\v${SDK}\static" + Package-StaticPDBs "${BUILD}\${Arch}\static" ` + "${OUTPUT}\pkg\${InstallPrefix}\${Config}\v${SDK}\static" +} |