Rework how our providers are built

We put almost everything in these internal static libraries:

libcommon               Block building code that can be used by all
                        our implementations, legacy and non-legacy
                        alike.
libimplementations      All non-legacy algorithm implementations and
                        only them.  All the code that ends up here is
                        agnostic to the definitions of FIPS_MODE.
liblegacy               All legacy implementations.

libnonfips              Support code for the algorithm implementations.
                        Built with FIPS_MODE undefined.  Any code that
                        checks that FIPS_MODE isn't defined must end
                        up in this library.
libfips                 Support code for the algorithm implementations.
                        Built with FIPS_MODE defined.  Any code that
                        checks that FIPS_MODE is defined must end up
                        in this library.

The FIPS provider module is built from providers/fips/*.c and linked
with libimplementations, libcommon and libfips.

The Legacy provider module is built from providers/legacy/*.c and
linked with liblegacy, libcommon and libcrypto.
If module building is disabled, the object files from liblegacy and
libcommon are added to libcrypto and the Legacy provider becomes a
built-in provider.

The Default provider module is built-in, so it ends up being linked
with libimplementations, libcommon and libnonfips.  For libcrypto in
form of static library, the object files from those other libraries
are simply being added to libcrypto.

Reviewed-by: Matt Caswell <[email protected]>
(Merged from openssl#10088)

crypto/aes/build.info

@@ -62,8 +62,8 @@ ENDIF
 $COMMON=aes_misc.c aes_ecb.c $AESASM
 SOURCE[../../libcrypto]=$COMMON aes_cfb.c aes_ofb.c aes_ige.c aes_wrap.c
 DEFINE[../../libcrypto]=$AESDEF
-SOURCE[../../providers/fips]=$COMMON
-DEFINE[../../providers/fips]=$AESDEF
+SOURCE[../../providers/libfips.a]=$COMMON
+DEFINE[../../providers/libfips.a]=$AESDEF
 
 GENERATE[aes-ia64.s]=asm/aes-ia64.S
 

crypto/bn/build.info

@@ -109,8 +109,8 @@ $COMMON=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \
         bn_rsa_fips186_4.c $BNASM
 SOURCE[../../libcrypto]=$COMMON bn_print.c bn_err.c bn_depr.c bn_srp.c
 DEFINE[../../libcrypto]=$BNDEF
-SOURCE[../../providers/fips]=$COMMON
-DEFINE[../../providers/fips]=$BNDEF
+SOURCE[../../providers/libfips.a]=$COMMON
+DEFINE[../../providers/libfips.a]=$BNDEF
 
 INCLUDE[../../libcrypto]=../../crypto/include
 

crypto/buffer/build.info

@@ -1,3 +1,3 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=buffer.c buf_err.c
-SOURCE[../../providers/fips]=buffer.c
+SOURCE[../../providers/libfips.a]=buffer.c

crypto/build.info

@@ -63,7 +63,7 @@ $CORE_COMMON=provider_core.c provider_predefined.c \
         core_fetch.c core_algorithm.c core_namemap.c
 
 SOURCE[../libcrypto]=$CORE_COMMON provider_conf.c
-SOURCE[../providers/fips]=$CORE_COMMON
+SOURCE[../providers/libfips.a]=$CORE_COMMON
 
 # Central utilities
 $UTIL_COMMON=\
@@ -78,8 +78,8 @@ SOURCE[../libcrypto]=$UTIL_COMMON \
         o_fopen.c getenv.c o_init.c o_fips.c init.c trace.c provider.c \
         $UPLINKSRC
 DEFINE[../libcrypto]=$UTIL_DEFINE $UPLINKDEF
-SOURCE[../providers/fips]=$UTIL_COMMON
-DEFINE[../providers/fips]=$UTIL_DEFINE
+SOURCE[../providers/libfips.a]=$UTIL_COMMON
+DEFINE[../providers/libfips.a]=$UTIL_DEFINE
 
 
 DEPEND[info.o]=buildinf.h

crypto/cmac/build.info

@@ -3,4 +3,4 @@ LIBS=../../libcrypto
 $COMMON=cmac.c
 
 SOURCE[../../libcrypto]=$COMMON cm_ameth.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON

crypto/des/build.info

@@ -20,7 +20,7 @@ SOURCE[../../libcrypto]=$COMMON\
         ofb64ede.c ofb64enc.c ofb_enc.c \
         str2key.c  pcbc_enc.c qud_cksm.c rand_key.c \
         fcrypt.c xcbc_enc.c cbc_cksm.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON
 
 GENERATE[des_enc-sparc.S]=asm/des_enc.m4
 GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl

crypto/ec/build.info

@@ -57,8 +57,8 @@ $COMMON=ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \
 SOURCE[../../libcrypto]=$COMMON ec_ameth.c ec_pmeth.c ecx_meth.c ec_err.c \
                         ecdh_kdf.c eck_prn.c
 DEFINE[../../libcrypto]=$ECDEF
-SOURCE[../../providers/fips]=$COMMON
-DEFINE[../../providers/fips]=$ECDEF
+SOURCE[../../providers/libfips.a]=$COMMON
+DEFINE[../../providers/libfips.a]=$ECDEF
 
 GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl
 

crypto/evp/build.info

@@ -18,7 +18,7 @@ SOURCE[../../libcrypto]=$COMMON\
         e_chacha20_poly1305.c \
         pkey_mac.c exchange.c \
         legacy_sha.c legacy_md5_sha1.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON
 
 INCLUDE[e_aes.o]=.. ../modes
 INCLUDE[e_aes_cbc_hmac_sha1.o]=../modes

crypto/hmac/build.info

@@ -3,4 +3,4 @@ LIBS=../../libcrypto
 $COMMON=hmac.c
 
 SOURCE[../../libcrypto]=$COMMON hm_ameth.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON

crypto/lhash/build.info

@@ -1,5 +1,5 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=\
         lhash.c lh_stats.c
-SOURCE[../../providers/fips]=\
+SOURCE[../../providers/libfips.a]=\
         lhash.c

crypto/modes/build.info

@@ -54,8 +54,8 @@ SOURCE[../../libcrypto]=$COMMON \
         cts128.c ocb128.c siv128.c
 
 DEFINE[../../libcrypto]=$MODESDEF
-SOURCE[../../providers/fips]=$COMMON
-DEFINE[../../providers/fips]=$MODESDEF
+SOURCE[../../providers/libfips.a]=$COMMON
+DEFINE[../../providers/libfips.a]=$MODESDEF
 
 INCLUDE[gcm128.o]=..
 

crypto/property/build.info

@@ -1,4 +1,4 @@
 LIBS=../../libcrypto
 $COMMON=property_string.c property_parse.c property.c defn_cache.c
 SOURCE[../../libcrypto]=$COMMON property_err.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON

crypto/rand/build.info

@@ -4,4 +4,4 @@ $COMMON=rand_lib.c rand_crng_test.c rand_win.c rand_unix.c  rand_vms.c \
         drbg_lib.c drbg_ctr.c rand_vxworks.c drbg_hash.c drbg_hmac.c
 
 SOURCE[../../libcrypto]=$COMMON randfile.c rand_err.c rand_egd.c
-SOURCE[../../providers/fips]=$COMMON
+SOURCE[../../providers/libfips.a]=$COMMON

crypto/sha/build.info

@@ -76,8 +76,8 @@ ENDIF
 $COMMON=sha1dgst.c sha256.c sha512.c sha3.c $SHA1ASM $KECCAK1600ASM
 SOURCE[../../libcrypto]=$COMMON sha1_one.c
 DEFINE[../../libcrypto]=$SHA1DEF $KECCAK1600DEF
-SOURCE[../../providers/fips]= $COMMON
-DEFINE[../../providers/fips]= $SHA1DEF $KECCAK1600DEF
+SOURCE[../../providers/libfips.a]= $COMMON
+DEFINE[../../providers/libfips.a]= $SHA1DEF $KECCAK1600DEF
 
 GENERATE[sha1-586.s]=asm/sha1-586.pl
 DEPEND[sha1-586.s]=../perlasm/x86asm.pl

crypto/stack/build.info

@@ -1,3 +1,3 @@
 LIBS=../../libcrypto
 SOURCE[../../libcrypto]=stack.c
-SOURCE[../../providers/fips]=stack.c
+SOURCE[../../providers/libfips.a]=stack.c

providers/build.info

@@ -1,30 +1,150 @@
+# We place all implementations in static libraries, and then let the
+# provider mains pilfer what they want through symbol resolution when
+# linking.
+#
+# The non-legacy implementations (libimplementations) must be made FIPS
+# agnostic as much as possible, as well as the common building blocks
+# (libcommon).  The legacy implementations (liblegacy) will never be
+# part of the FIPS provider.
+#
+# If there is anything that isn't FIPS agnostic, it should be set aside
+# in its own source file, which is then included directly into other
+# static libraries geared for FIPS and non-FIPS providers, and built
+# separately.
+#
+# libcommon.a           Contains common building blocks, potentially
+#                       needed both by non-legacy and legacy code.
+#
+# libimplementations.a  Contains all non-legacy implementations.
+# liblegacy.a           Contains all legacy implementaions.
+#
+# libfips.a             Contains all things needed to support
+#                       FIPS implementations, such as code from
+#                       crypto/ and object files that contain
+#                       FIPS-specific code.  FIPS_MODE is defined
+#                       for this library.  The FIPS module uses
+#                       this.
+# libnonfips.a          Corresponds to libfips.a, but built with
+#                       FIPS_MODE undefined.  The default and legacy
+#                       providers use this.
+
 SUBDIRS=common default
 
 INCLUDE[../libcrypto]=common/include
 
+# Libraries we're dealing with
+$LIBCOMMON=libcommon.a
+$LIBIMPLEMENTATIONS=libimplementations.a
+$LIBLEGACY=liblegacy.a
+$LIBNONFIPS=libnonfips.a
+$LIBFIPS=libfips.a
+
+# Enough of our implementations include prov/ciphercommon.h (present in
+# providers/common/include), which includes crypto/ciphermode_platform.h
+# (present in include), which in turn may include very internal header
+# files in crypto/, so let's have a common include list for them all.
+$COMMON_INCLUDES=../crypto ../include common/include
+
+INCLUDE[$LIBCOMMON]=$COMMON_INCLUDES
+INCLUDE[$LIBIMPLEMENTATIONS]=.. $COMMON_INCLUDES default/include
+INCLUDE[$LIBLEGACY]=$COMMON_INCLUDES
+INCLUDE[$LIBNONFIPS]=$COMMON_INCLUDES
+INCLUDE[$LIBFIPS]=.. $COMMON_INCLUDES
+DEFINE[$LIBFIPS]=FIPS_MODE
+
+# Weak dependencies to provide library order information.
+# We make it weak so they aren't both used always; what is
+# actually used is determined by non-weak dependencies.
+DEPEND[$LIBIMPLEMENTATIONS]{weak}=$LIBFIPS $LIBNONFIPS
+DEPEND[$LIBCOMMON]{weak}=$LIBFIPS
+
+# Strong dependencies.  This ensures that any time libimplementations
+# is used, libcommon gets included as well.
+DEPEND[$LIBIMPLEMENTATIONS]=$LIBCOMMON
+DEPEND[$LIBNONFIPS]=../libcrypto
+# It's tempting to make libcommon depend on ../libcrypto.  However,
+# since the FIPS provider module must NOT depend on ../libcrypto, we
+# need to set that dependency up specifically for the final products
+# that use $LIBCOMMON or anything that depends on it.
+
+# Libraries common to all providers, must be built regardless
+LIBS{noinst}=$LIBCOMMON
+# Libraries that are common for all non-FIPS providers, must be built regardless
+LIBS{noinst}=$LIBNONFIPS $LIBIMPLEMENTATIONS
+
+#
+# Default provider stuff
+#
+# Because the default provider is built in, it means that libcrypto must
+# include all the object files that are needed (we do that indirectly,
+# by using the appropriate libraries as source).  Note that for shared
+# libraries, SOURCEd libraries are considered as if the where specified
+# with DEPEND.
+$DEFAULTGOAL=../libcrypto
+SOURCE[$DEFAULTGOAL]=$LIBIMPLEMENTATIONS $LIBNONFIPS
+
+LIBS=$DEFAULTGOAL
+
+#
+# FIPS provider stuff
+#
+# We define it this way to ensure that configdata.pm will have all the
+# necessary information even if we don't build the module.  This will allow
+# us to make all kinds of checks on the source, based on what we specify in
+# diverse build.info files.  libfips.a, fips.so and their sources aren't
+# built unless the proper LIBS or MODULES statement has been seen, so we
+# have those and only those within a condition.
+SUBDIRS=fips
+$FIPSGOAL=fips
+DEPEND[$FIPSGOAL]=$LIBIMPLEMENTATIONS $LIBFIPS
+INCLUDE[$FIPSGOAL]=../include
+IF[{- defined $target{shared_defflag} -}]
+  SOURCE[$FIPSGOAL]=fips.ld
+  GENERATE[fips.ld]=../util/providers.num
+ENDIF
+
 IF[{- !$disabled{fips} -}]
-  SUBDIRS=fips
-  MODULES=fips
-  IF[{- defined $target{shared_defflag} -}]
-    SOURCE[fips]=fips.ld
-    GENERATE[fips.ld]=../util/providers.num
-  ENDIF
-  INCLUDE[fips]=.. ../include common/include
-  DEFINE[fips]=FIPS_MODE
+  # This is the trigger to actually build the FIPS module.  Without these
+  # statements, the final build file will not have a trace of it.
+  MODULES=$FIPSGOAL
+  LIBS{noinst}=$LIBFIPS
 ENDIF
 
+#
+# Legacy provider stuff
+#
 IF[{- !$disabled{legacy} -}]
+  # The legacy implementation library
   SUBDIRS=legacy
+  LIBS{noinst}=$LIBLEGACY
+  DEPEND[$LIBLEGACY]=$LIBCOMMON $LIBNONFIPS
+
+  # The Legacy provider
   IF[{- $disabled{module} -}]
-    LIBS=../libcrypto
-    DEFINE[../libcrypto]=STATIC_LEGACY
+    # Become built in
+    # In this case, we need to do the same thing a for the default provider,
+    # and make the liblegacy object files end up in libcrypto.  We could also
+    # just say that for the built-in legacy, we put the source directly in
+    # libcrypto instead of going via liblegacy, but that makes writing the
+    # implementation specific build.info files harder to write, so we don't.
+    $LEGACYGOAL=../libcrypto
+    SOURCE[$LEGACYGOAL]=$LIBLEGACY
+    DEFINE[$LIBLEGACY]=STATIC_LEGACY
+    DEFINE[$LEGACYGOAL]=STATIC_LEGACY
   ELSE
-    MODULES=legacy
+    # Become a module
+    # In this case, we can work with dependencies
+    $LEGACYGOAL=legacy
+    MODULES=$LEGACYGOAL
+    DEPEND[$LEGACYGOAL]=$LIBLEGACY
     IF[{- defined $target{shared_defflag} -}]
       SOURCE[legacy]=legacy.ld
       GENERATE[legacy.ld]=../util/providers.num
     ENDIF
-    DEPEND[legacy]=../libcrypto
-    INCLUDE[legacy]=.. ../include common/include
   ENDIF
+
+  # Common things that are valid no matter what form the Legacy provider
+  # takes.
+  INCLUDE[$LEGACYGOAL]=../include common/include
 ENDIF
+

providers/common/build.info

@@ -1,5 +1,6 @@
 SUBDIRS=digests ciphers macs kdfs exchange keymgmt signature
-$COMMON=provider_util.c
 
-SOURCE[../../libcrypto]=$COMMON provider_err.c provlib.c
-SOURCE[../fips]=$COMMON
+SOURCE[../libcommon.a]=provider_err.c provlib.c
+$FIPSCOMMON=provider_util.c
+SOURCE[../libnonfips.a]=$FIPSCOMMON
+SOURCE[../libfips.a]=$FIPSCOMMON

providers/common/ciphers/build.info

@@ -1,21 +1,26 @@
-LIBS=../../../libcrypto
+# This source is common building blockss for all ciphers in all our providers.
+SOURCE[../../libcommon.a]=\
+        cipher_common.c cipher_common_hw.c block.c \
+        cipher_gcm.c cipher_gcm_hw.c \
+        cipher_ccm.c cipher_ccm_hw.c
+
+# These are our implementations
+$GOAL=../../libimplementations.a
 
 IF[{- !$disabled{des} -}]
   $COMMON_DES=cipher_tdes.c cipher_tdes_hw.c
 ENDIF
 
-$COMMON=cipher_common.c cipher_common_hw.c block.c \
+SOURCE[$GOAL]=\
         cipher_aes.c cipher_aes_hw.c \
         cipher_aes_xts.c cipher_aes_xts_hw.c \
-        cipher_gcm.c cipher_gcm_hw.c \
         cipher_aes_gcm.c cipher_aes_gcm_hw.c \
-        cipher_ccm.c cipher_ccm_hw.c \
         cipher_aes_ccm.c cipher_aes_ccm_hw.c \
         cipher_aes_wrp.c \
         $COMMON_DES
-
-SOURCE[../../../libcrypto]=$COMMON
-INCLUDE[../../../libcrypto]=. ../../../crypto
+# Because some default ciphers need it
+INCLUDE[$GOAL]=.
 
-SOURCE[../../fips]=$COMMON
-INCLUDE[../../fips]=. ../../../crypto
+# Finally, we have a few things that aren't FIPS agnostic
+SOURCE[../../libfips.a]=cipher_fips.c
+SOURCE[../../libnonfips.a]=cipher_fips.c

providers/common/ciphers/cipher_aes_xts.c

@@ -20,12 +20,6 @@
 #define AES_XTS_IV_BITS 128
 #define AES_XTS_BLOCK_BITS 8
 
-#ifdef FIPS_MODE
-static const int allow_insecure_decrypt = 0;
-#else
-static const int allow_insecure_decrypt = 1;
-#endif /* FIPS_MODE */
-
 /* forward declarations */
 static OSSL_OP_cipher_encrypt_init_fn aes_xts_einit;
 static OSSL_OP_cipher_decrypt_init_fn aes_xts_dinit;

providers/common/ciphers/cipher_aes_xts.h

@@ -10,6 +10,12 @@
 #include <openssl/aes.h>
 #include "internal/ciphers/ciphercommon.h"
 
+/*
+ * Available in cipher_fips.c, and compiled with different values depending
+ * on we're in the FIPS module or not.
+ */
+extern const int allow_insecure_decrypt;
+
 PROV_CIPHER_FUNC(void, xts_stream,
                  (const unsigned char *in, unsigned char *out, size_t len,
                   const AES_KEY *key1, const AES_KEY *key2,

providers/common/ciphers/cipher_fips.c

@@ -0,0 +1,16 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_aes_xts.h"
+
+#ifdef FIPS_MODE
+const int allow_insecure_decrypt = 0;
+#else
+const int allow_insecure_decrypt = 1;
+#endif /* FIPS_MODE */

providers/common/digests/build.info

@@ -1,5 +1,7 @@
-$COMMON=sha2_prov.c sha3_prov.c digest_common.c
+# This source is common for all digests in all our providers.
+SOURCE[../../libcommon.a]=digest_common.c
 
-SOURCE[../../../libcrypto]=$COMMON
-SOURCE[../../fips]=$COMMON
-SOURCE[../../legacy]= digest_common.c
+# These are our implementations
+$GOAL=../../libimplementations.a
+
+SOURCE[$GOAL]=sha2_prov.c sha3_prov.c