Improve cmake #69
Closed
Improve cmake #69
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 7 commits
December 13, 2022 15:29
Up to now all tests were built automatically when building with cmake. As tests are not required when just building the library a new cmake flag BUILD_TESTING is introduced. Once set the test binaries are build and can be executed using ctest.
The last test depends on the execution of the previos test_vector* tests as these tests create data, which is hashed and compared to an existing hash value. This change adds a dependency for hashes on the test_vector* tests, so that the test hashes is executed after all of these test_vector tests have been successfully executed.
Compile the libraries with Position Independent Executable (PIE) enabled.
The Address SANitzier and the Undefined Behaviour SANitizer are standard tools of modern compilers to ensure quality of software components. To make sure that dilithium does not contain bugs new build types to execute the tests with ASAN and UBSAN are added. ASAN and UBSAN can be enabled setting CMAKE_BUILD_TYPE. E.g. cmake -DCMAKE_BUILD_TYPE=ASAN ...
Previously it was not possible to use cmake to generate rules for
installing the library/ies and the header file.
This change adds instructions to install the libraries and the header
file and to create cmake files so that dilithium can be easily be used
in other projects.
For using libdilithium in a cmake-based project you can use the following lines:
- `find_package(dilithium 3.1 REQUIRED)`
- ` target_link_libraries(${TARGET} PRIVATE dilithium2_ref dilithium3_ref
dilithium5_ref aes256ctr_ref fips202_ref)`
- Additionally the header file needs to be included in the source file `extern
"C" { #include <dilithium-3.1/api.h> }`
Enable stack canaries to mitigate buffer overflows on the stack.
If target_compile_definition is using PUBLIC or INTERFACE the used compile flags are added to the cmake target installed on the host. If multiple static libraries for the different dilithium forms are linked the warnings shown below are emitted by the compiler. [22/258] Building CXX object tests/unit/CMakeFiles/...... <command-line>: warning: "DILITHIUM_MODE" redefined <command-line>: note: this is the location of the previous definition <command-line>: warning: "DILITHIUM_MODE" redefined <command-line>: note: this is the location of the previous definition These warning can be omitted when the compile definitions are set to PRIVATE.
wusto
added a commit
to bmwcarit/MoCOCrW
that referenced
this pull request
Jan 11, 2023
This commit adds dilithium as algorithm for signing and verification. As openssl is not supporting dilithium at the moment, the reference implementation from the NIST PQC is used (see https://github.com/pq-crystals/dilithium/). The crystalls dilithium libraries without avx support are used. The current version of MoCOCrW uses a EVP_PKEY centric implementation for asymmetric cryptographic operations. To avoid changes on the existing classes the relevant classes are cloned for dilithium. Functionality is added or removed wherever necessary. But the changes were done with the plan in mind, to be able to change back to the EVP_PKEY centric implementation once openssl supports dilithium. The new dilithium feature is OPTIONAL. To compile MoCOCrW with dilithium support specify -DDILITHIUM_ENABLED when invoking cmake. You have to make sure, that the static libraries created by libdilithium (https://github.com/pq-crystals/dilithium) can be found the linker. Additionally the compiler needs access to "api.h" from libdilithium. To be compliant to the current implementation an additional function to retrieve the public key from the private key for dilithium is added to libdilithium (pq-crystals/dilithium#68). This one is required for compilation. If you have problems compiling and installing libdillithium there is another PR which enhances cmake for libdilithium (pq-crystals/dilithium#69). The following openssl functions are required for the implementation and were consequently added: * d2i_X509_PUBKEY (reading ASN.1 pubkey structures) * X509_PUBKEY_free (freeing the memory) * ASN1_INTEGER_get_int64 (modern function for ASN1_INTEGER_get) * d2i_PKCS8_PRIV_KEY_INFO (reading RFC 5958 DER data) * PKCS8_PRIV_KEY_INFO_free (free it)
|
The cmake files have been removed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
cmake is currently in a quite rudimentary state.
This set of commits tries to improve the maturity of cmake for the ref-folder:
The CMakeLists.txt for avx2 is not changed.