yubico-piv-tool-2.2.0/0000775000175000017500000000000013766610740013546 5ustar aveenaveenyubico-piv-tool-2.2.0/common/0000775000175000017500000000000013766610642015037 5ustar aveenaveenyubico-piv-tool-2.2.0/common/util.c0000664000175000017500000004147413766610642016172 0ustar aveenaveen /* * Copyright (c) 2014-2020 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include #include #include #include #ifdef _WIN32 #include #endif #include #include #include #include #include "openssl-compat.h" #include "ykpiv.h" #include "util.h" FILE *open_file(const char *file_name, enum file_mode mode) { FILE *file; const char *mod; if(!strcmp(file_name, "-")) { file = (mode == INPUT_TEXT || mode == INPUT_BIN) ? stdin : stdout; } else { switch (mode) { case INPUT_TEXT: mod = "r"; break; case INPUT_BIN: mod = "rb"; break; case OUTPUT_TEXT: mod = "w"; break; case OUTPUT_BIN: mod = "wb"; break; default: fprintf(stderr, "Invalid file mode.\n"); return NULL; break; } file = fopen(file_name, mod); if(!file) { fprintf(stderr, "Failed opening '%s'!\n", file_name); return NULL; } } return file; } unsigned char get_algorithm(EVP_PKEY *key) { int type = EVP_PKEY_base_id(key); int size = EVP_PKEY_bits(key); switch(type) { case EVP_PKEY_RSA: { if(size == 2048) { return YKPIV_ALGO_RSA2048; } else if(size == 1024) { return YKPIV_ALGO_RSA1024; } else { fprintf(stderr, "Unusable RSA key of %d bits, only 1024 and 2048 are supported.\n", size); return 0; } } case EVP_PKEY_EC: { if(size == 256) { return YKPIV_ALGO_ECCP256; } else if(size == 384) { return YKPIV_ALGO_ECCP384; } else { fprintf(stderr, "Unusable EC key of %d bits, only 256 and 384 are supported.\n", size); return 0; } } default: fprintf(stderr, "Unknown algorithm %d.\n", type); return 0; } } char *string_parser(char *str_orig, char delimiter, char *str_found) { char escape_char = '\\'; int f = 0; char *p = str_orig; while (*p == delimiter) { p++; } for (; *p; p++) { if (*p != delimiter) { str_found[f++] = *p; } else if (*p == delimiter) { if ((*(p - 1) == escape_char && *(p - 2) == escape_char)) { // The escape_char before the delimiter is escaped => the delimiter is still in effect str_found[f - 1] = '\0'; return ++p; } else if (*(p - 1) == escape_char && *(p - 2) != escape_char) { // the delimiter is escaped str_found[f - 1] = delimiter; } else { // nothing is escaped str_found[f] = '\0'; return ++p; } } } str_found[f] = '\0'; return NULL; } X509_NAME *parse_name(const char *orig_name) { char name[1025] = {0}; char part[1025] = {0}; X509_NAME *parsed = NULL; char *ptr = name; if(strlen(orig_name) > 1024) { fprintf(stderr, "Name is too long!\n"); return NULL; } strcpy(name, orig_name); if(*name != '/' || name[strlen(name)-1] != '/') { fprintf(stderr, "Name does not start or does not end with '/'!\n"); return NULL; } parsed = X509_NAME_new(); if(!parsed) { fprintf(stderr, "Failed to allocate memory\n"); return NULL; } while((ptr = string_parser(ptr, '/', part))) { char *key; char *value; char *equals = strchr(part, '='); if(!equals) { fprintf(stderr, "The part '%s' doesn't seem to contain a =.\n", part); goto parse_err; } *equals++ = '\0'; value = equals; key = part; if(!key) { fprintf(stderr, "Malformed name (%s)\n", part); goto parse_err; } if(!value) { fprintf(stderr, "Malformed name (%s)\n", part); goto parse_err; } if(!X509_NAME_add_entry_by_txt(parsed, key, MBSTRING_UTF8, (unsigned char*)value, -1, -1, 0)) { fprintf(stderr, "Failed adding %s=%s to name.\n", key, value); goto parse_err; } } return parsed; parse_err: X509_NAME_free(parsed); return NULL; } size_t read_data(unsigned char *buf, size_t len, FILE* input, enum enum_format format) { char raw_buf[YKPIV_OBJ_MAX_SIZE * 2 + 1] = {0}; size_t raw_len = fread(raw_buf, 1, sizeof(raw_buf), input); switch(format) { case format_arg_hex: if(raw_len > 0 && raw_buf[raw_len - 1] == '\n') { raw_len -= 1; } if(ykpiv_hex_decode(raw_buf, raw_len, buf, &len) != YKPIV_OK) { return 0; } return len; case format_arg_base64: { int read; BIO *b64 = BIO_new(BIO_f_base64()); BIO *bio = BIO_new_mem_buf(raw_buf, raw_len); BIO_push(b64, bio); read = BIO_read(b64, buf, len); BIO_free_all(b64); if(read <= 0) { return 0; } else { return (size_t)read; } } break; case format_arg_binary: if(raw_len > len) { return 0; } memcpy(buf, raw_buf, raw_len); return raw_len; case format__NULL: default: return 0; } } void dump_data(const unsigned char *buf, unsigned int len, FILE *output, bool space, enum enum_format format) { switch(format) { case format_arg_hex: { char tmp[YKPIV_OBJ_MAX_SIZE * 3 + 1] = {0}; unsigned int i; unsigned int step = 2; if(space) step += 1; if(len > YKPIV_OBJ_MAX_SIZE) { return; } for (i = 0; i < len; i++) { sprintf(tmp + i * step, "%02x%s", buf[i], space == true ? " " : ""); } fprintf(output, "%s\n", tmp); } return; case format_arg_base64: { BIO *b64 = BIO_new(BIO_f_base64()); BIO *bio = BIO_new_fp(output, BIO_NOCLOSE); BIO_push(b64, bio); if(BIO_write(b64, buf, (int)len) <= 0) { fprintf(stderr, "Failed to write data in base64 format\n"); } BIO_flush(b64); BIO_free_all(b64); } return; case format_arg_binary: fwrite(buf, 1, len, output); return; case format__NULL: default: return; } } unsigned long get_length_size(unsigned long length) { if (length < 0x80) { return 1; } else if (length < 0x100) { return 2; } else { return 3; } } unsigned long set_length(unsigned char *buffer, unsigned long length) { if(length < 0x80) { *buffer++ = length; return 1; } else if(length < 0x100) { *buffer++ = 0x81; *buffer++ = length; return 2; } else { *buffer++ = 0x82; *buffer++ = (length >> 8) & 0xff; *buffer++ = length & 0xff; return 3; } } unsigned long get_length(const unsigned char *buffer, const unsigned char *end, unsigned long *len) { if(buffer + 1 <= end && buffer[0] < 0x80) { *len = buffer[0]; return buffer + 1 + *len <= end ? 1 : 0; } else if(buffer + 2 <= end && buffer[0] == 0x81) { *len = buffer[1]; return buffer + 2 + *len <= end ? 2 : 0; } else if(buffer + 3 <= end && buffer[0] == 0x82) { size_t tmp = buffer[1]; *len = (tmp << 8) + buffer[2]; return buffer + 3 + *len <= end ? 3 : 0; } *len = 0; return 0; } int get_curve_name(int key_algorithm) { if(key_algorithm == YKPIV_ALGO_ECCP256) { return NID_X9_62_prime256v1; } else if(key_algorithm == YKPIV_ALGO_ECCP384) { return NID_secp384r1; } return 0; } int get_slot_hex(enum enum_slot slot_enum) { int slot = -1; switch (slot_enum) { case slot_arg_9a: slot = 0x9a; break; case slot_arg_9c: case slot_arg_9d: case slot_arg_9e: slot = 0x9c + ((int)slot_enum - (int)slot_arg_9c); break; case slot_arg_82: case slot_arg_83: case slot_arg_84: case slot_arg_85: case slot_arg_86: case slot_arg_87: case slot_arg_88: case slot_arg_89: case slot_arg_8a: case slot_arg_8b: case slot_arg_8c: case slot_arg_8d: case slot_arg_8e: case slot_arg_8f: case slot_arg_90: case slot_arg_91: case slot_arg_92: case slot_arg_93: case slot_arg_94: case slot_arg_95: slot = 0x82 + ((int)slot_enum - (int)slot_arg_82); break; case slot_arg_f9: slot = 0xf9; break; case slot__NULL: default: slot = -1; } return slot; } bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len) { int real_len = BN_num_bytes(bn); if(real_len > element_len) { return false; } memset(in_ptr, 0, (size_t)(element_len - real_len)); in_ptr += element_len - real_len; BN_bn2bin(bn, in_ptr); return true; } bool prepare_rsa_signature(const unsigned char *in, unsigned int in_len, unsigned char *out, unsigned int *out_len, int nid) { X509_SIG *digestInfo; X509_ALGOR *algor; ASN1_OCTET_STRING *digest; unsigned char data[1024] = {0}; if(in_len > sizeof(data)) return false; memcpy(data, in, in_len); digestInfo = X509_SIG_new(); X509_SIG_getm(digestInfo, &algor, &digest); algor->algorithm = OBJ_nid2obj(nid); if(X509_ALGOR_set0(algor, OBJ_nid2obj(nid), V_ASN1_NULL, NULL) == 0) { fprintf(stderr, "Failed to set X509 Algorithm\n"); X509_SIG_free(digestInfo); return false; } ASN1_STRING_set(digest, data, in_len); *out_len = (unsigned int)i2d_X509_SIG(digestInfo, &out); X509_SIG_free(digestInfo); return true; } bool read_pw(const char *name, char *pwbuf, size_t pwbuflen, int verify, int stdin_input) { #define READ_PW_PROMPT_BASE "Enter %s: " char prompt[sizeof(READ_PW_PROMPT_BASE) + 32] = {0}; int ret; if (pwbuflen < 1) { fprintf(stderr, "Failed to read %s: buffer too small.", name); return false; } if(stdin_input) { fprintf(stdout, "%s\n", name); if(fgets(pwbuf, pwbuflen, stdin)) { if(pwbuf[strlen(pwbuf) - 1] == '\n') { pwbuf[strlen(pwbuf) - 1] = '\0'; } return true; } else { return false; } } ret = snprintf(prompt, sizeof(prompt), READ_PW_PROMPT_BASE, name); if (ret < 0 || ret >= sizeof(prompt)) { fprintf(stderr, "Failed to read %s: snprintf failed.\n", name); return false; } if (0 != EVP_read_pw_string(pwbuf, pwbuflen-1, prompt, verify)) { fprintf(stderr, "Retrieving %s failed.\n", name); return false; } return true; } static unsigned const char sha1oid[] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 }; static unsigned const char sha256oid[] = { 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; static unsigned const char sha384oid[] = { 0x30, 0x41, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30 }; static unsigned const char sha512oid[] = { 0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 }; const EVP_MD *get_hash(enum enum_hash hash, const unsigned char **oid, size_t *oid_len) { switch(hash) { case hash_arg_SHA1: if(oid) { *oid = sha1oid; *oid_len = sizeof(sha1oid); } return EVP_sha1(); case hash_arg_SHA256: if(oid) { *oid = sha256oid; *oid_len = sizeof(sha256oid); } return EVP_sha256(); case hash_arg_SHA384: if(oid) { *oid = sha384oid; *oid_len = sizeof(sha384oid); } return EVP_sha384(); case hash_arg_SHA512: if(oid) { *oid = sha512oid; *oid_len = sizeof(sha512oid); } return EVP_sha512(); case hash__NULL: default: return NULL; } } int get_hashnid(enum enum_hash hash, unsigned char algorithm) { switch(algorithm) { case YKPIV_ALGO_RSA1024: case YKPIV_ALGO_RSA2048: switch(hash) { case hash_arg_SHA1: return NID_sha1WithRSAEncryption; case hash_arg_SHA256: return NID_sha256WithRSAEncryption; case hash_arg_SHA384: return NID_sha384WithRSAEncryption; case hash_arg_SHA512: return NID_sha512WithRSAEncryption; case hash__NULL: default: return 0; } case YKPIV_ALGO_ECCP256: case YKPIV_ALGO_ECCP384: switch(hash) { case hash_arg_SHA1: return NID_ecdsa_with_SHA1; case hash_arg_SHA256: return NID_ecdsa_with_SHA256; case hash_arg_SHA384: return NID_ecdsa_with_SHA384; case hash_arg_SHA512: return NID_ecdsa_with_SHA512; case hash__NULL: default: return 0; } default: return 0; } } unsigned char get_piv_algorithm(enum enum_algorithm algorithm) { switch(algorithm) { case algorithm_arg_RSA2048: return YKPIV_ALGO_RSA2048; case algorithm_arg_RSA1024: return YKPIV_ALGO_RSA1024; case algorithm_arg_ECCP256: return YKPIV_ALGO_ECCP256; case algorithm_arg_ECCP384: return YKPIV_ALGO_ECCP384; case algorithm__NULL: default: return 0; } } unsigned char get_pin_policy(enum enum_pin_policy policy) { switch(policy) { case pin_policy_arg_never: return YKPIV_PINPOLICY_NEVER; case pin_policy_arg_once: return YKPIV_PINPOLICY_ONCE; case pin_policy_arg_always: return YKPIV_PINPOLICY_ALWAYS; case pin_policy__NULL: default: return 0; } } unsigned char get_touch_policy(enum enum_touch_policy policy) { switch(policy) { case touch_policy_arg_never: return YKPIV_TOUCHPOLICY_NEVER; case touch_policy_arg_always: return YKPIV_TOUCHPOLICY_ALWAYS; case touch_policy_arg_cached: return YKPIV_TOUCHPOLICY_CACHED; case touch_policy__NULL: default: return 0; } } int SSH_write_X509(FILE *fp, X509 *x) { EVP_PKEY *pkey = NULL; int ret = 0; pkey = X509_get_pubkey(x); if (pkey == NULL) { return ret; } switch (EVP_PKEY_base_id(pkey)) { case EVP_PKEY_RSA: { RSA *rsa; unsigned char n[256] = {0}; const BIGNUM *bn_n; char rsa_id[] = "\x00\x00\x00\x07ssh-rsa"; char rsa_f4[] = "\x00\x00\x00\x03\x01\x00\x01"; rsa = EVP_PKEY_get1_RSA(pkey); if(rsa == NULL) { break; } RSA_get0_key(rsa, &bn_n, NULL, NULL); if (!set_component(n, bn_n, RSA_size(rsa))) { break; } uint32_t bytes = BN_num_bytes(bn_n); char len_buf[5] = {0}; int len = 4; len_buf[0] = (bytes >> 24) & 0x000000ff; len_buf[1] = (bytes << 16) & 0x000000ff; len_buf[2] = (bytes >> 8) & 0x000000ff; len_buf[3] = (bytes) & 0x000000ff; if (n[0] >= 0x80) { // High bit set, need an extra byte len++; len_buf[3]++; len_buf[4] = 0; } fprintf(fp, "ssh-rsa "); BIO *b64 = BIO_new(BIO_f_base64()); BIO *bio = BIO_new_fp(fp, BIO_NOCLOSE); BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); BIO_push(b64, bio); if(BIO_write(b64, rsa_id, sizeof(rsa_id) - 1) <= 0 ) { fprintf(stderr, "Failed to write RSA ID\n"); BIO_free_all(b64); break; } if(BIO_write(b64, rsa_f4, sizeof(rsa_f4) - 1) <= 0) { fprintf(stderr, "Failed to write RSA f4\n"); BIO_free_all(b64); break; } if(BIO_write(b64, len_buf, len) <= 0) { fprintf(stderr, "Failed to write RSA length\n"); BIO_free_all(b64); break; } if(BIO_write(b64, n, RSA_size(rsa)) <= 0) { fprintf(stderr, "Failed to write RSA n component\n"); BIO_free_all(b64); break; } BIO_flush(b64); BIO_free_all(b64); ret = 1; } break; case EVP_PKEY_EC: break; } EVP_PKEY_free(pkey); return ret; } bool is_rsa_key_algorithm(unsigned char algo) { if(algo == YKPIV_ALGO_RSA1024 || algo == YKPIV_ALGO_RSA2048) { return true; } return false; } bool is_ec_key_algorithm(unsigned char algo) { if(algo == YKPIV_ALGO_ECCP256 || algo == YKPIV_ALGO_ECCP384) { return true; } return false; } yubico-piv-tool-2.2.0/common/CMakeLists.txt0000664000175000017500000000342013766610642017576 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. message("common/CMakeList.txt") include(${CMAKE_SOURCE_DIR}/cmake/openssl.cmake) find_libcrypto() set ( SOURCE util.c openssl-compat.c ) include_directories(${CMAKE_SOURCE_DIR}/lib) set (CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC") add_library (ykpivcommon STATIC ${SOURCE}) set_target_properties (ykpivcommon PROPERTIES COMPILE_FLAGS "-DSTATIC " ) target_link_libraries (ykpivcommon ykpiv_static ${LIBCRYPTO_LDFLAGS}) yubico-piv-tool-2.2.0/common/util.h0000664000175000017500000000540713766610642016173 0ustar aveenaveen /* * Copyright (c) 2014-2017,2019-2020 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef YUBICO_PIV_TOOL_INTERNAL_H #define YUBICO_PIV_TOOL_INTERNAL_H #include #include #include "../tool/cmdline.h" enum file_mode { INPUT_TEXT, OUTPUT_TEXT, INPUT_BIN, OUTPUT_BIN, }; size_t read_data(unsigned char*, size_t, FILE*, enum enum_format); void dump_data(unsigned const char*, unsigned int, FILE*, bool, enum enum_format); unsigned long get_length_size(unsigned long); unsigned long set_length(unsigned char*, unsigned long); unsigned long get_length(const unsigned char*, const unsigned char*, unsigned long*); int get_curve_name(int); X509_NAME *parse_name(const char*); unsigned char get_algorithm(EVP_PKEY*); FILE *open_file(const char *file_name, enum file_mode mode); int get_slot_hex(enum enum_slot slot_enum); bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len); bool prepare_rsa_signature(const unsigned char*, unsigned int, unsigned char*, unsigned int*, int); bool read_pw(const char*, char*, size_t, int, int); const EVP_MD *get_hash(enum enum_hash, const unsigned char**, size_t*); int get_hashnid(enum enum_hash, unsigned char); unsigned char get_piv_algorithm(enum enum_algorithm); unsigned char get_pin_policy(enum enum_pin_policy); unsigned char get_touch_policy(enum enum_touch_policy); int SSH_write_X509(FILE *fp, X509 *x); bool is_rsa_key_algorithm(unsigned char); bool is_ec_key_algorithm(unsigned char); #endif yubico-piv-tool-2.2.0/common/openssl-compat.h0000664000175000017500000000524313766610642020160 0ustar aveenaveen/* * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #ifndef LIBCRYPTO_COMPAT_H #define LIBCRYPTO_COMPAT_H #include #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) #include #include #include #include #include #include #include #include int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, ASN1_OCTET_STRING **pdigest); int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); #if (LIBRESSL_VERSION_NUMBER < 0x2070500fL) RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey); EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey); #endif #if (LIBRESSL_VERSION_NUMBER > 0L) && (LIBRESSL_VERSION_NUMBER < 0x31000000L) #define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9) #define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10) #define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)(md)) #define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)(l)) int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md); int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *f, int fl, int rsa_len, const unsigned char *p, int pl, const EVP_MD *md, const EVP_MD *mgf1md); #endif #endif /* OPENSSL_VERSION_NUMBER || LIBRESSL_VERSION_NUMBER */ #endif /* LIBCRYPTO_COMPAT_H */ yubico-piv-tool-2.2.0/common/openssl-compat.c0000664000175000017500000002676313766610642020165 0ustar aveenaveen/* * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #include "openssl-compat.h" int make_iso_compilers_happy; #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) #include #include void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, ASN1_OCTET_STRING **pdigest) { if (palg) *palg = sig->algor; if (pdigest) *pdigest = sig->digest; } #if (LIBRESSL_VERSION_NUMBER < 0x2070000fL) int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) { /* If the fields n and e in r are NULL, the corresponding input * parameters MUST be non-NULL for n and e. d may be * left NULL (in case only the public key is used). */ if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL)) return 0; if (n != NULL) { BN_free(r->n); r->n = n; } if (e != NULL) { BN_free(r->e); r->e = e; } if (d != NULL) { BN_free(r->d); r->d = d; } return 1; } void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { if (n != NULL) *n = r->n; if (e != NULL) *e = r->e; if (d != NULL) *d = r->d; } void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) { if (p != NULL) *p = r->p; if (q != NULL) *q = r->q; } void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) { if (dmp1 != NULL) *dmp1 = r->dmp1; if (dmq1 != NULL) *dmq1 = r->dmq1; if (iqmp != NULL) *iqmp = r->iqmp; } int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) { if (r == NULL || s == NULL) return 0; BN_clear_free(sig->r); BN_clear_free(sig->s); sig->r = r; sig->s = s; return 1; } void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) { if (pr != NULL) *pr = sig->r; if (ps != NULL) *ps = sig->s; } RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { return NULL; } return pkey->pkey.rsa; } EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { return NULL; } return pkey->pkey.ec; } #endif #if (LIBRESSL_VERSION_NUMBER > 0L) && (LIBRESSL_VERSION_NUMBER < 0x3010000fL) static inline unsigned int constant_time_msb(unsigned int a) { return 0 - (a >> (sizeof(a) * 8 - 1)); } static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) { return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b))); } static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b) { return (unsigned char)(constant_time_lt(a, b)); } static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) { return ~constant_time_lt(a, b); } static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b) { return (unsigned char)(constant_time_ge(a, b)); } static inline unsigned int constant_time_is_zero(unsigned int a) { return constant_time_msb(~a & (a - 1)); } static inline unsigned char constant_time_is_zero_8(unsigned int a) { return (unsigned char)(constant_time_is_zero(a)); } static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) { return constant_time_is_zero(a ^ b); } static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) { return (unsigned char)(constant_time_eq(a, b)); } static inline unsigned int constant_time_eq_int(int a, int b) { return constant_time_eq((unsigned)(a), (unsigned)(b)); } static inline unsigned char constant_time_eq_int_8(int a, int b) { return constant_time_eq_8((unsigned)(a), (unsigned)(b)); } static inline unsigned int constant_time_select(unsigned int mask, unsigned int a, unsigned int b) { return (mask & a) | (~mask & b); } static inline unsigned char constant_time_select_8(unsigned char mask, unsigned char a, unsigned char b) { return (unsigned char)(constant_time_select(mask, a, b)); } static inline int constant_time_select_int(unsigned int mask, int a, int b) { return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); } static inline void err_clear_last_constant_time(int clear) { } static inline void freezero(void *p, size_t s) { memset(p, 0, s); free(p); } static int timingsafe_memcmp(const void *b1, const void *b2, size_t len) { const unsigned char *p1 = b1, *p2 = b2; size_t i; int res = 0, done = 0; for (i = 0; i < len; i++) { /* lt is -1 if p1[i] < p2[i]; else 0. */ int lt = (p1[i] - p2[i]) >> CHAR_BIT; /* gt is -1 if p1[i] > p2[i]; else 0. */ int gt = (p2[i] - p1[i]) >> CHAR_BIT; /* cmp is 1 if p1[i] > p2[i]; -1 if p1[i] < p2[i]; else 0. */ int cmp = lt - gt; /* set res = cmp if !done. */ res |= cmp & ~done; /* set done if p1[i] != p2[i]. */ done |= lt | gt; } return (res); } static inline void RSAerror(int err) { } int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { int i, emlen = tlen - 1; unsigned char *db, *seed; unsigned char *dbmask = NULL; unsigned char seedmask[EVP_MAX_MD_SIZE] = {0}; int mdlen, dbmask_len = 0; int rv = 0; if (md == NULL) md = EVP_sha1(); if (mgf1md == NULL) mgf1md = md; if ((mdlen = EVP_MD_size(md)) <= 0) goto err; if (flen > emlen - 2 * mdlen - 1) { RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } if (emlen < 2 * mdlen + 1) { RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); goto err; } to[0] = 0; seed = to + 1; db = to + mdlen + 1; if (!EVP_Digest((void *)param, plen, db, NULL, md, NULL)) goto err; memset(db + mdlen, 0, emlen - flen - 2 * mdlen - 1); db[emlen - flen - mdlen - 1] = 0x01; memcpy(db + emlen - flen - mdlen, from, flen); if(RAND_bytes(seed, mdlen) <= 0) { goto err; } dbmask_len = emlen - mdlen; if ((dbmask = malloc(dbmask_len)) == NULL) { RSAerror(ERR_R_MALLOC_FAILURE); goto err; } if (PKCS1_MGF1(dbmask, dbmask_len, seed, mdlen, mgf1md) < 0) goto err; for (i = 0; i < dbmask_len; i++) db[i] ^= dbmask[i]; if (PKCS1_MGF1(seedmask, mdlen, db, dbmask_len, mgf1md) < 0) goto err; for (i = 0; i < mdlen; i++) seed[i] ^= seedmask[i]; rv = 1; err: memset(seedmask, 0, sizeof(seedmask)); freezero(dbmask, dbmask_len); return rv; } int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *from, int flen, int num, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { int i, dblen = 0, mlen = -1, one_index = 0, msg_index; unsigned int good = 0, found_one_byte, mask; const unsigned char *maskedseed, *maskeddb; unsigned char seed[EVP_MAX_MD_SIZE]={0}, phash[EVP_MAX_MD_SIZE]={0}; unsigned char *db = NULL, *em = NULL; int mdlen; if (md == NULL) md = EVP_sha1(); if (mgf1md == NULL) mgf1md = md; if ((mdlen = EVP_MD_size(md)) <= 0) return -1; if (tlen <= 0 || flen <= 0) return -1; /* * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective * of the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ if (num < flen || num < 2 * mdlen + 2) { RSAerror(RSA_R_OAEP_DECODING_ERROR); return -1; } dblen = num - mdlen - 1; if ((db = malloc(dblen)) == NULL) { RSAerror(ERR_R_MALLOC_FAILURE); goto cleanup; } if ((em = malloc(num)) == NULL) { RSAerror(ERR_R_MALLOC_FAILURE); goto cleanup; } /* * Caller is encouraged to pass zero-padded message created with * BN_bn2binpad. Trouble is that since we can't read out of |from|'s * bounds, it's impossible to have an invariant memory access pattern * in case |from| was not zero-padded in advance. */ for (from += flen, em += num, i = 0; i < num; i++) { mask = ~constant_time_is_zero(flen); flen -= 1 & mask; from -= 1 & mask; *--em = *from & mask; } from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ good = constant_time_is_zero(from[0]); maskedseed = from + 1; maskeddb = from + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; for (i = 0; i < mdlen; i++) seed[i] ^= maskedseed[i]; if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md)) goto cleanup; for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; if (!EVP_Digest((void *)param, plen, phash, NULL, md, NULL)) goto cleanup; good &= constant_time_is_zero(timingsafe_memcmp(db, phash, mdlen)); found_one_byte = 0; for (i = mdlen; i < dblen; i++) { /* * Padding consists of a number of 0-bytes, followed by a 1. */ unsigned int equals1 = constant_time_eq(db[i], 1); unsigned int equals0 = constant_time_is_zero(db[i]); one_index = constant_time_select_int(~found_one_byte & equals1, i, one_index); found_one_byte |= equals1; good &= (found_one_byte | equals0); } good &= found_one_byte; /* * At this point |good| is zero unless the plaintext was valid, * so plaintext-awareness ensures timing side-channels are no longer a * concern. */ msg_index = one_index + 1; mlen = dblen - msg_index; /* * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); /* * Even though we can't fake result's length, we can pretend copying * |tlen| bytes where |mlen| bytes would be real. The last |tlen| of * |dblen| bytes are viewed as a circular buffer starting at |tlen|-|mlen'|, * where |mlen'| is the "saturated" |mlen| value. Deducing information * about failure or |mlen| would require an attacker to observe * memory access patterns with byte granularity *as it occurs*. It * should be noted that failure is indistinguishable from normal * operation if |tlen| is fixed by protocol. */ tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); msg_index = constant_time_select_int(good, msg_index, dblen - tlen); mlen = dblen - msg_index; for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { unsigned int equals = constant_time_eq(i, mlen); from -= dblen & equals; /* if (i == mlen) rewind */ mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ to[i] = constant_time_select_8(mask, from[i], to[i]); } /* * To avoid chosen ciphertext attacks, the error message should not * reveal which kind of decoding error happened. */ RSAerror(RSA_R_OAEP_DECODING_ERROR); err_clear_last_constant_time(1 & good); cleanup: memset(seed, 0, sizeof(seed)); freezero(db, dblen); freezero(em, num); return constant_time_select_int(good, mlen, -1); } #endif #endif /* OPENSSL_VERSION_NUMBER || LIBRESSL_VERSION_NUMBER */ yubico-piv-tool-2.2.0/cmake/0000775000175000017500000000000013766610642014627 5ustar aveenaveenyubico-piv-tool-2.2.0/cmake/check.cmake0000664000175000017500000000714713766610642016717 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. macro (find_check) if(WIN32) if(NOT check_FOUND) find_package(check CONFIG PATHS ${CHECK_PATH}) if(check_FOUND) set(LIBCHECK_LDFLAGS Check::check Check::checkShared) set(LIBCHECK_INCLUDE_DIRS ${CHECK_INCLUDE_DIR}) set(LIBCHECK_VERSION ${CHECK_VERSION}) set(LIBCHECK_LIBRARIES ${CHECK_LIBRARIES}) if(VERBOSE_CMAKE) message("check_FOUND: ${check_FOUND}") message("LIBCHECK_LDFLAGS: ${LIBCHECK_LDFLAGS}") message("LIBCHECK_INCLUDE_DIRS: ${LIBCHECK_INCLUDE_DIR}") message("LIBCHECK_VERSION: ${LIBCHECK_VERSION}") message("LIBCHECK_LIBRARIES: ${LIBCHECK_LIBRARIES}") endif(VERBOSE_CMAKE) else(check_FOUND) message(WARNING "'check' not found. Skipping testing...") set(SKIP_TESTS TRUE) endif(check_FOUND) endif(NOT check_FOUND) else(WIN32) if(NOT LIBCHECK_FOUND) pkg_check_modules(LIBCHECK REQUIRED check) if(LIBCHECK_FOUND) if(VERBOSE_CMAKE) message("LIBCHECK_FOUND: ${LIBCHECK_FOUND}") message("LIBCHECK_LIBRARIES: ${LIBCHECK_LIBRARIES}") message("LIBCHECK_LIBRARY_DIRS: ${LIBCHECK_LIBRARY_DIRS}") message("LIBCHECK_LDFLAGS: ${LIBCHECK_LDFLAGS}") message("LIBCHECK_LDFLAGS_OTHER: ${LIBCHECK_LDFLAGS_OTHER}") message("LIBCHECK_INCLUDE_DIRS: ${LIBCHECK_INCLUDE_DIRS}") message("LIBCHECK_CFLAGS: ${LIBCHECK_CFLAGS}") message("LIBCHECK_CFLAGS_OTHER: ${LIBCHECK_CFLAGS_OTHER}") message("LIBCHECK_VERSION: ${LIBCHECK_VERSION}") message("LIBCHECK_INCLUDEDIR: ${LIBCHECK_INCLUDEDIR}") message("LIBCHECK_LIBDIR: ${LIBCHECK_LIBDIR}") endif(VERBOSE_CMAKE) else(LIBCHECK_FOUND) message (WARNING "'check' not found. Skipping testing...") set(SKIP_TESTS TRUE) endif(LIBCHECK_FOUND) endif(NOT LIBCHECK_FOUND) endif(WIN32) include_directories(${LIBCHECK_INCLUDE_DIRS}) endmacro()yubico-piv-tool-2.2.0/cmake/Findcodecov.cmake0000664000175000017500000002325613766610642020064 0ustar aveenaveen# This file is part of CMake-codecov. # # Copyright (c) # 2015-2020 RWTH Aachen University, Federal Republic of Germany # # See the LICENSE file in the package base directory for details # # Written by Alexander Haase, alexander.haase@rwth-aachen.de # # Add an option to choose, if coverage should be enabled or not. If enabled # marked targets will be build with coverage support and appropriate targets # will be added. If disabled coverage will be ignored for *ALL* targets. option(ENABLE_COVERAGE "Enable coverage build." OFF) set(COVERAGE_FLAG_CANDIDATES # gcc and clang "-O0 -g -fprofile-arcs -ftest-coverage" # gcc and clang fallback "-O0 -g --coverage" ) # Add coverage support for target ${TNAME} and register target for coverage # evaluation. If coverage is disabled or not supported, this function will # simply do nothing. # # Note: This function is only a wrapper to define this function always, even if # coverage is not supported by the compiler or disabled. This function must # be defined here, because the module will be exited, if there is no coverage # support by the compiler or it is disabled by the user. function (add_coverage TNAME) # only add coverage for target, if coverage is support and enabled. if (ENABLE_COVERAGE) foreach (TNAME ${ARGV}) add_coverage_target(${TNAME}) endforeach () endif () endfunction (add_coverage) # Add global target to gather coverage information after all targets have been # added. Other evaluation functions could be added here, after checks for the # specific module have been passed. # # Note: This function is only a wrapper to define this function always, even if # coverage is not supported by the compiler or disabled. This function must # be defined here, because the module will be exited, if there is no coverage # support by the compiler or it is disabled by the user. function (coverage_evaluate) # add lcov evaluation if (LCOV_FOUND) lcov_capture_initial() lcov_capture() endif (LCOV_FOUND) endfunction () # Exit this module, if coverage is disabled. add_coverage is defined before this # return, so this module can be exited now safely without breaking any build- # scripts. if (NOT ENABLE_COVERAGE) return() endif () # Find the required flags foreach language. set(CMAKE_REQUIRED_QUIET_SAVE ${CMAKE_REQUIRED_QUIET}) set(CMAKE_REQUIRED_QUIET ${codecov_FIND_QUIETLY}) get_property(ENABLED_LANGUAGES GLOBAL PROPERTY ENABLED_LANGUAGES) foreach (LANG ${ENABLED_LANGUAGES}) # Coverage flags are not dependent on language, but the used compiler. So # instead of searching flags foreach language, search flags foreach compiler # used. set(COMPILER ${CMAKE_${LANG}_COMPILER_ID}) if (NOT COVERAGE_${COMPILER}_FLAGS) foreach (FLAG ${COVERAGE_FLAG_CANDIDATES}) if(NOT CMAKE_REQUIRED_QUIET) message(STATUS "Try ${COMPILER} code coverage flag = [${FLAG}]") endif() set(CMAKE_REQUIRED_FLAGS "${FLAG}") unset(COVERAGE_FLAG_DETECTED CACHE) if (${LANG} STREQUAL "C") include(CheckCCompilerFlag) check_c_compiler_flag("${FLAG}" COVERAGE_FLAG_DETECTED) elseif (${LANG} STREQUAL "CXX") include(CheckCXXCompilerFlag) check_cxx_compiler_flag("${FLAG}" COVERAGE_FLAG_DETECTED) elseif (${LANG} STREQUAL "Fortran") # CheckFortranCompilerFlag was introduced in CMake 3.x. To be # compatible with older Cmake versions, we will check if this # module is present before we use it. Otherwise we will define # Fortran coverage support as not available. include(CheckFortranCompilerFlag OPTIONAL RESULT_VARIABLE INCLUDED) if (INCLUDED) check_fortran_compiler_flag("${FLAG}" COVERAGE_FLAG_DETECTED) elseif (NOT CMAKE_REQUIRED_QUIET) message("-- Performing Test COVERAGE_FLAG_DETECTED") message("-- Performing Test COVERAGE_FLAG_DETECTED - Failed" " (Check not supported)") endif () endif() if (COVERAGE_FLAG_DETECTED) set(COVERAGE_${COMPILER}_FLAGS "${FLAG}" CACHE STRING "${COMPILER} flags for code coverage.") mark_as_advanced(COVERAGE_${COMPILER}_FLAGS) break() else () message(WARNING "Code coverage is not available for ${COMPILER}" " compiler. Targets using this compiler will be " "compiled without it.") endif () endforeach () endif () endforeach () set(CMAKE_REQUIRED_QUIET ${CMAKE_REQUIRED_QUIET_SAVE}) # Helper function to get the language of a source file. function (codecov_lang_of_source FILE RETURN_VAR) # Usually, only the last extension of the file should be checked, to avoid # template files (i.e. *.t.cpp) are checked with the full file extension. # However, this feature requires CMake 3.14 or later. set(EXT_COMP "LAST_EXT") if(${CMAKE_VERSION} VERSION_LESS "3.14.0") set(EXT_COMP "EXT") endif() get_filename_component(FILE_EXT "${FILE}" ${EXT_COMP}) string(TOLOWER "${FILE_EXT}" FILE_EXT) string(SUBSTRING "${FILE_EXT}" 1 -1 FILE_EXT) get_property(ENABLED_LANGUAGES GLOBAL PROPERTY ENABLED_LANGUAGES) foreach (LANG ${ENABLED_LANGUAGES}) list(FIND CMAKE_${LANG}_SOURCE_FILE_EXTENSIONS "${FILE_EXT}" TEMP) if (NOT ${TEMP} EQUAL -1) set(${RETURN_VAR} "${LANG}" PARENT_SCOPE) return() endif () endforeach() set(${RETURN_VAR} "" PARENT_SCOPE) endfunction () # Helper function to get the relative path of the source file destination path. # This path is needed by FindGcov and FindLcov cmake files to locate the # captured data. function (codecov_path_of_source FILE RETURN_VAR) string(REGEX MATCH "TARGET_OBJECTS:([^ >]+)" _source ${FILE}) # If expression was found, SOURCEFILE is a generator-expression for an # object library. Currently we found no way to call this function automatic # for the referenced target, so it must be called in the directoryso of the # object library definition. if (NOT "${_source}" STREQUAL "") set(${RETURN_VAR} "" PARENT_SCOPE) return() endif () string(REPLACE "${CMAKE_CURRENT_BINARY_DIR}/" "" FILE "${FILE}") if(IS_ABSOLUTE ${FILE}) file(RELATIVE_PATH FILE ${CMAKE_CURRENT_SOURCE_DIR} ${FILE}) endif() # get the right path for file string(REPLACE ".." "__" PATH "${FILE}") set(${RETURN_VAR} "${PATH}" PARENT_SCOPE) endfunction() # Add coverage support for target ${TNAME} and register target for coverage # evaluation. function(add_coverage_target TNAME) # Check if all sources for target use the same compiler. If a target uses # e.g. C and Fortran mixed and uses different compilers (e.g. clang and # gfortran) this can trigger huge problems, because different compilers may # use different implementations for code coverage. get_target_property(TSOURCES ${TNAME} SOURCES) set(TARGET_COMPILER "") set(ADDITIONAL_FILES "") foreach (FILE ${TSOURCES}) # If expression was found, FILE is a generator-expression for an object # library. Object libraries will be ignored. string(REGEX MATCH "TARGET_OBJECTS:([^ >]+)" _file ${FILE}) if ("${_file}" STREQUAL "") codecov_lang_of_source(${FILE} LANG) if (LANG) list(APPEND TARGET_COMPILER ${CMAKE_${LANG}_COMPILER_ID}) list(APPEND ADDITIONAL_FILES "${FILE}.gcno") list(APPEND ADDITIONAL_FILES "${FILE}.gcda") endif () endif () endforeach () list(REMOVE_DUPLICATES TARGET_COMPILER) list(LENGTH TARGET_COMPILER NUM_COMPILERS) if (NUM_COMPILERS GREATER 1) message(WARNING "Can't use code coverage for target ${TNAME}, because " "it will be compiled by incompatible compilers. Target will be " "compiled without code coverage.") return() elseif (NUM_COMPILERS EQUAL 0) message(WARNING "Can't use code coverage for target ${TNAME}, because " "it uses an unknown compiler. Target will be compiled without " "code coverage.") return() elseif (NOT DEFINED "COVERAGE_${TARGET_COMPILER}_FLAGS") # A warning has been printed before, so just return if flags for this # compiler aren't available. return() endif() # enable coverage for target set_property(TARGET ${TNAME} APPEND_STRING PROPERTY COMPILE_FLAGS " ${COVERAGE_${TARGET_COMPILER}_FLAGS}") set_property(TARGET ${TNAME} APPEND_STRING PROPERTY LINK_FLAGS " ${COVERAGE_${TARGET_COMPILER}_FLAGS}") # Add gcov files generated by compiler to clean target. set(CLEAN_FILES "") foreach (FILE ${ADDITIONAL_FILES}) codecov_path_of_source(${FILE} FILE) list(APPEND CLEAN_FILES "CMakeFiles/${TNAME}.dir/${FILE}") endforeach() if(${CMAKE_VERSION} VERSION_LESS "3.15.0") set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES "${CLEAN_FILES}") else() set_directory_properties(PROPERTIES ADDITIONAL_CLEAN_FILES "${CLEAN_FILES}") endif() add_gcov_target(${TNAME}) add_lcov_target(${TNAME}) endfunction(add_coverage_target) # Include modules for parsing the collected data and output it in a readable # format (like gcov and lcov). find_package(Gcov) find_package(Lcov)yubico-piv-tool-2.2.0/cmake/FindGcov.cmake0000664000175000017500000001372413766610642017337 0ustar aveenaveen# This file is part of CMake-codecov. # # Copyright (c) # 2015-2020 RWTH Aachen University, Federal Republic of Germany # # See the LICENSE file in the package base directory for details # # Written by Alexander Haase, alexander.haase@rwth-aachen.de # # include required Modules include(FindPackageHandleStandardArgs) # Search for gcov binary. set(CMAKE_REQUIRED_QUIET_SAVE ${CMAKE_REQUIRED_QUIET}) set(CMAKE_REQUIRED_QUIET ${codecov_FIND_QUIETLY}) get_property(ENABLED_LANGUAGES GLOBAL PROPERTY ENABLED_LANGUAGES) foreach (LANG ${ENABLED_LANGUAGES}) # Gcov evaluation is dependent on the used compiler. Check gcov support for # each compiler that is used. If gcov binary was already found for this # compiler, do not try to find it again. if (NOT GCOV_${CMAKE_${LANG}_COMPILER_ID}_BIN) get_filename_component(COMPILER_PATH "${CMAKE_${LANG}_COMPILER}" PATH) if ("${CMAKE_${LANG}_COMPILER_ID}" STREQUAL "GNU") # Some distributions like OSX (homebrew) ship gcov with the compiler # version appended as gcov-x. To find this binary we'll build the # suggested binary name with the compiler version. string(REGEX MATCH "^[0-9]+" GCC_VERSION "${CMAKE_${LANG}_COMPILER_VERSION}") find_program(GCOV_BIN NAMES gcov-${GCC_VERSION} gcov HINTS ${COMPILER_PATH}) elseif ("${CMAKE_${LANG}_COMPILER_ID}" MATCHES "^(Apple)?Clang$") # Some distributions like Debian ship llvm-cov with the compiler # version appended as llvm-cov-x.y. To find this binary we'll build # the suggested binary name with the compiler version. string(REGEX MATCH "^[0-9]+.[0-9]+" LLVM_VERSION "${CMAKE_${LANG}_COMPILER_VERSION}") # llvm-cov prior version 3.5 seems to be not working with coverage # evaluation tools, but these versions are compatible with the gcc # gcov tool. if(LLVM_VERSION VERSION_GREATER 3.4) find_program(LLVM_COV_BIN NAMES "llvm-cov-${LLVM_VERSION}" "llvm-cov" HINTS ${COMPILER_PATH}) mark_as_advanced(LLVM_COV_BIN) if (LLVM_COV_BIN) find_program(LLVM_COV_WRAPPER "llvm-cov-wrapper" PATHS ${CMAKE_MODULE_PATH}) if (LLVM_COV_WRAPPER) set(GCOV_BIN "${LLVM_COV_WRAPPER}" CACHE FILEPATH "") # set additional parameters set(GCOV_${CMAKE_${LANG}_COMPILER_ID}_ENV "LLVM_COV_BIN=${LLVM_COV_BIN}" CACHE STRING "Environment variables for llvm-cov-wrapper.") mark_as_advanced(GCOV_${CMAKE_${LANG}_COMPILER_ID}_ENV) endif () endif () endif () if (NOT GCOV_BIN) # Fall back to gcov binary if llvm-cov was not found or is # incompatible. This is the default on OSX, but may crash on # recent Linux versions. find_program(GCOV_BIN gcov HINTS ${COMPILER_PATH}) endif () endif () if (GCOV_BIN) set(GCOV_${CMAKE_${LANG}_COMPILER_ID}_BIN "${GCOV_BIN}" CACHE STRING "${LANG} gcov binary.") if (NOT CMAKE_REQUIRED_QUIET) message("-- Found gcov evaluation for " "${CMAKE_${LANG}_COMPILER_ID}: ${GCOV_BIN}") endif() unset(GCOV_BIN CACHE) endif () endif () endforeach () # Add a new global target for all gcov targets. This target could be used to # generate the gcov files for the whole project instead of calling -gcov # for each target. if (NOT TARGET gcov) add_custom_target(gcov) endif (NOT TARGET gcov) # This function will add gcov evaluation for target . Only sources of # this target will be evaluated and no dependencies will be added. It will call # Gcov on any source file of once and store the gcov file in the same # directory. function (add_gcov_target TNAME) get_target_property(TBIN_DIR ${TNAME} BINARY_DIR) set(TDIR ${TBIN_DIR}/CMakeFiles/${TNAME}.dir) # We don't have to check, if the target has support for coverage, thus this # will be checked by add_coverage_target in Findcoverage.cmake. Instead we # have to determine which gcov binary to use. get_target_property(TSOURCES ${TNAME} SOURCES) set(SOURCES "") set(TCOMPILER "") foreach (FILE ${TSOURCES}) codecov_path_of_source(${FILE} FILE) if (NOT "${FILE}" STREQUAL "") codecov_lang_of_source(${FILE} LANG) if (NOT "${LANG}" STREQUAL "") list(APPEND SOURCES "${FILE}") set(TCOMPILER ${CMAKE_${LANG}_COMPILER_ID}) endif () endif () endforeach () # If no gcov binary was found, coverage data can't be evaluated. if (NOT GCOV_${TCOMPILER}_BIN) message(WARNING "No coverage evaluation binary found for ${TCOMPILER}.") return() endif () set(GCOV_BIN "${GCOV_${TCOMPILER}_BIN}") set(GCOV_ENV "${GCOV_${TCOMPILER}_ENV}") set(BUFFER "") set(NULL_DEVICE "/dev/null") if(WIN32) set(NULL_DEVICE "NUL") endif() foreach(FILE ${SOURCES}) get_filename_component(FILE_PATH "${TDIR}/${FILE}" PATH) # call gcov add_custom_command(OUTPUT ${TDIR}/${FILE}.gcov COMMAND ${GCOV_ENV} ${GCOV_BIN} -p ${TDIR}/${FILE}.gcno > ${NULL_DEVICE} DEPENDS ${TNAME} ${TDIR}/${FILE}.gcno WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} ) list(APPEND BUFFER ${TDIR}/${FILE}.gcov) endforeach() # add target for gcov evaluation of add_custom_target(${TNAME}-gcov DEPENDS ${BUFFER}) # add evaluation target to the global gcov target. add_dependencies(gcov ${TNAME}-gcov) endfunction (add_gcov_target)yubico-piv-tool-2.2.0/cmake/options.cmake0000664000175000017500000000753513766610642017336 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #These are the Variables that can be overridden with the command line arguments in the form: # cmake -DVARIABLE1=VALUE1 -DVARIABLE2=VALUE2 include(GNUInstallDirs) option(BUILD_ONLY_LIB "Build only the library" OFF) option(BUILD_STATIC_LIB "Buid static libraries" ON) option(ENABLE_HARDWARE_TESTS "Enable/disable tests that require a YubiKey to be plugged in" OFF) option(VERBOSE_CMAKE "Prints out trace messages when running the cmake script" OFF) option(SUPRESS_MSVC_WARNINGS "Suppresses a lot of the warnings when compiling with MSVC" ON) option(GENERATE_MAN_PAGES "Generate man pages for the command line tool" ON) option(OPENSSL_STATIC_LINK "Statically link to OpenSSL" OFF) option(ENABLE_COVERAGE "Enable/disable codecov evaluation" OFF) set(YKCS11_DBG "0" CACHE STRING "Enable/disable YKCS11 debug messages. Possible values is 0 through 9") set(BACKEND "check" CACHE STRING "use specific backend/linkage; 'pcsc', 'macscard' or'winscard'") set(PCSC_LIB "" CACHE STRING "Name of custom PCSC lib") set(PCSC_DIR "" CACHE STRING "Path to custom PCSC lib dir (use with PCSC_LIB") set(GETOPT_LIB_DIR "" CACHE STRING "Path to look for getopt libraries") set(GETOPT_INCLUDE_DIR "" CACHE STRING "Path to look for getopt.h file") set(CHECK_PATH "" CACHE STRING "Path to look for 'check', the test framework for C. If 'check' is not found, tests are skipped") set(OPENSSL_PKG_PATH "" CACHE STRING "Path to be prepended to 'PKG_CONFIG_PATH' evironment variable to look for libcrypto library") set(PCSCLITE_PKG_PATH "" CACHE STRING "Path to be prepended to 'PKG_CONFIG_PATH' environment variable to look for pcsc-lite library") # Set various install paths if (NOT DEFINED YKPIV_INSTALL_LIB_DIR) set(YKPIV_INSTALL_LIB_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}" CACHE PATH "Installation directory for libraries") endif () if (NOT DEFINED YKPIV_INSTALL_INC_DIR) set(YKPIV_INSTALL_INC_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR}" CACHE PATH "Installation directory for headers") endif () if (NOT DEFINED YKPIV_INSTALL_BIN_DIR) set(YKPIV_INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}" CACHE PATH "Installation directory for executables") endif () if (NOT DEFINED YKPIV_INSTALL_MAN_DIR) set(YKPIV_INSTALL_MAN_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_MANDIR}" CACHE PATH "Installation directory for manual pages") endif () if (NOT DEFINED YKPIV_INSTALL_PKGCONFIG_DIR) set(YKPIV_INSTALL_PKGCONFIG_DIR "${YKPIV_INSTALL_LIB_DIR}/pkgconfig" CACHE PATH "Installation directory for pkgconfig (.pc) files") endif () yubico-piv-tool-2.2.0/cmake/help2man.cmake0000664000175000017500000000344113766610642017341 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. find_program (HELP2MAN_LOCATION help2man) IF (NOT HELP2MAN_LOCATION) message (FATAL_ERROR "Cannot find help2man. Please install it.") ENDIF () MACRO (add_help2man_manpage file command) add_custom_command (OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/${file} COMMAND ${HELP2MAN_LOCATION} ARGS -s1 -N -o ${CMAKE_CURRENT_SOURCE_DIR}/${file} ./${command} DEPENDS ${command} COMMENT "Building manpage for ${command}") ENDMACRO ()yubico-piv-tool-2.2.0/cmake/gengetopt.cmake0000664000175000017500000000437113766610642017632 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. macro (find_gengetopt) if (NOT GENGETOPT_EXECUTABLE) find_program (GENGETOPT_EXECUTABLE gengetopt) if (NOT GENGETOPT_EXECUTABLE) message (FATAL_ERROR "gengetopt not found. Aborting...") endif () endif () add_definitions (-DPACKAGE="yubico-piv-tool") add_definitions (-DVERSION="${yubico_piv_tool_VERSION_MAJOR}.${yubico_piv_tool_VERSION_MINOR}.${yubico_piv_tool_VERSION_PATCH}") endmacro () macro (add_gengetopt_files _basename) find_gengetopt () set (_ggo_extra_input ${ARGV}) set (_ggo_c ${CMAKE_CURRENT_SOURCE_DIR}/${_basename}.c) set (_ggo_h ${CMAKE_CURRENT_SOURCE_DIR}/${_basename}.h) set (_ggo_g ${CMAKE_CURRENT_SOURCE_DIR}/${_basename}.ggo) execute_process( COMMAND gengetopt --conf-parser -i ${_ggo_g} --output-dir ${CMAKE_CURRENT_SOURCE_DIR} ) set (GGO_C ${_ggo_c}) set (GGO_H ${_ggo_h}) endmacro (add_gengetopt_files)yubico-piv-tool-2.2.0/cmake/openssl.cmake0000664000175000017500000001053513766610642017320 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. macro (find_libcrypto) if(WIN32 OR OPENSSL_STATIC_LINK) if(NOT OpenSSL_FOUND) if(OPENSSL_STATIC_LINK) set(OPENSSL_USE_STATIC_LIBS TRUE) #Need to be set so that find_package would find the static library endif(OPENSSL_STATIC_LINK) find_package(OpenSSL REQUIRED) if(OpenSSL_FOUND) set(LIBCRYPTO_LDFLAGS OpenSSL::Crypto) if(NOT WIN32) set(LIBCRYPTO_LDFLAGS ${LIBCRYPTO_LDFLAGS}) endif(NOT WIN32) set(LIBCRYPTO_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR}) set(LIBCRYPTO_VERSION ${OPENSSL_VERSION}) set(LIBCRYPTO_LIBRARIES ${LIBCRYPTO_LIBRARIES} ${OPENSSL_LIBRARIES}) if(VERBOSE_CMAKE) message("OPENSSL_FOUND: ${OPENSSL_FOUND}") message("LIBCRYPTO_LDFLAGS: ${LIBCRYPTO_LDFLAGS}") message("LIBCRYPTO_INCLUDE_DIRS: ${LIBCRYPTO_INCLUDE_DIRS}") message("LIBCRYPTO_VERSION: ${LIBCRYPTO_VERSION}") message("LIBCRYPTO_LIBRARIES: ${LIBCRYPTO_LIBRARIES}") endif(VERBOSE_CMAKE) else(OpenSSL_FOUND) message (FATAL_ERROR "static libcrypto not found. Aborting...") endif(OpenSSL_FOUND) endif(NOT OpenSSL_FOUND) else(WIN32 OR OPENSSL_STATIC_LINK) if(NOT LIBCRYPTO_FOUND) set(ENV{PKG_CONFIG_PATH} "${OPENSSL_PKG_PATH}:$ENV{PKG_CONFIG_PATH}") pkg_check_modules(LIBCRYPTO REQUIRED libcrypto) if(LIBCRYPTO_FOUND) if(VERBOSE_CMAKE) message("LIBCRYPTO_FOUND: ${LIBCRYPTO_FOUND}") message("LIBCRYPTO_LIBRARIES: ${LIBCRYPTO_LIBRARIES}") message("LIBCRYPTO_LIBRARY_DIRS: ${LIBCRYPTO_LIBRARY_DIRS}") message("LIBCRYPTO_LDFLAGS: ${LIBCRYPTO_LDFLAGS}") message("LIBCRYPTO_LDFLAGS_OTHER: ${LIBCRYPTO_LDFLAGS_OTHER}") message("LIBCRYPTO_INCLUDE_DIRS: ${LIBCRYPTO_INCLUDE_DIRS}") message("LIBCRYPTO_CFLAGS: ${LIBCRYPTO_CFLAGS}") message("LIBCRYPTO_CFLAGS_OTHER: ${LIBCRYPTO_CFLAGS_OTHER}") message("LIBCRYPTO_VERSION: ${LIBCRYPTO_VERSION}") message("LIBCRYPTO_INCLUDEDIR: ${LIBCRYPTO_INCLUDEDIR}") message("LIBCRYPTO_LIBDIR: ${LIBCRYPTO_LIBDIR}") endif(VERBOSE_CMAKE) else(LIBCRYPTO_FOUND) message (FATAL_ERROR "libcrypto not found. Aborting...") endif(LIBCRYPTO_FOUND) set(OPENSSL_VERSION ${LIBCRYPTO_VERSION}) endif(NOT LIBCRYPTO_FOUND) endif(WIN32 OR OPENSSL_STATIC_LINK) message(" OpenSSL version: ${OPENSSL_VERSION}") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${LIBCRYPTO_CFLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${LIBCRYPTO_CFLAGS}") link_directories(${LIBCRYPTO_LIBRARY_DIRS}) include_directories(${LIBCRYPTO_INCLUDE_DIRS}) endmacro()yubico-piv-tool-2.2.0/cmake/FindLcov.cmake0000664000175000017500000003321613766610642017342 0ustar aveenaveen# This file is part of CMake-codecov. # # Copyright (c) # 2015-2020 RWTH Aachen University, Federal Republic of Germany # # See the LICENSE file in the package base directory for details # # Written by Alexander Haase, alexander.haase@rwth-aachen.de # # configuration set(LCOV_DATA_PATH "${CMAKE_BINARY_DIR}/lcov/data") set(LCOV_DATA_PATH_INIT "${LCOV_DATA_PATH}/init") set(LCOV_DATA_PATH_CAPTURE "${LCOV_DATA_PATH}/capture") set(LCOV_HTML_PATH "${CMAKE_BINARY_DIR}/lcov/html") # Search for Gcov which is used by Lcov. find_package(Gcov) # This function will add lcov evaluation for target . Only sources of # this target will be evaluated and no dependencies will be added. It will call # geninfo on any source file of once and store the info file in the same # directory. # # Note: This function is only a wrapper to define this function always, even if # coverage is not supported by the compiler or disabled. This function must # be defined here, because the module will be exited, if there is no coverage # support by the compiler or it is disabled by the user. function (add_lcov_target TNAME) if (LCOV_FOUND) # capture initial coverage data lcov_capture_initial_tgt(${TNAME}) # capture coverage data after execution lcov_capture_tgt(${TNAME}) endif () endfunction (add_lcov_target) # include required Modules include(FindPackageHandleStandardArgs) # Search for required lcov binaries. find_program(LCOV_BIN lcov) find_program(GENINFO_BIN geninfo) find_program(GENHTML_BIN genhtml) find_package_handle_standard_args(lcov REQUIRED_VARS LCOV_BIN GENINFO_BIN GENHTML_BIN ) # enable genhtml C++ demangeling, if c++filt is found. set(GENHTML_CPPFILT_FLAG "") find_program(CPPFILT_BIN c++filt) if (NOT CPPFILT_BIN STREQUAL "") set(GENHTML_CPPFILT_FLAG "--demangle-cpp") endif (NOT CPPFILT_BIN STREQUAL "") # enable no-external flag for lcov, if available. if (GENINFO_BIN AND NOT DEFINED GENINFO_EXTERN_FLAG) set(FLAG "") execute_process(COMMAND ${GENINFO_BIN} --help OUTPUT_VARIABLE GENINFO_HELP) string(REGEX MATCH "external" GENINFO_RES "${GENINFO_HELP}") if (GENINFO_RES) set(FLAG "--no-external") endif () set(GENINFO_EXTERN_FLAG "${FLAG}" CACHE STRING "Geninfo flag to exclude system sources.") endif () # If Lcov was not found, exit module now. if (NOT LCOV_FOUND) return() endif (NOT LCOV_FOUND) # Create directories to be used. file(MAKE_DIRECTORY ${LCOV_DATA_PATH_INIT}) file(MAKE_DIRECTORY ${LCOV_DATA_PATH_CAPTURE}) set(LCOV_REMOVE_PATTERNS "") # This function will merge lcov files to a single target file. Additional lcov # flags may be set with setting LCOV_EXTRA_FLAGS before calling this function. function (lcov_merge_files OUTFILE ...) # Remove ${OUTFILE} from ${ARGV} and generate lcov parameters with files. list(REMOVE_AT ARGV 0) # Generate merged file. string(REPLACE "${CMAKE_BINARY_DIR}/" "" FILE_REL "${OUTFILE}") add_custom_command(OUTPUT "${OUTFILE}.raw" COMMAND cat ${ARGV} > ${OUTFILE}.raw DEPENDS ${ARGV} COMMENT "Generating ${FILE_REL}" ) add_custom_command(OUTPUT "${OUTFILE}" COMMAND ${LCOV_BIN} --quiet -a ${OUTFILE}.raw --output-file ${OUTFILE} --base-directory ${PROJECT_SOURCE_DIR} ${LCOV_EXTRA_FLAGS} COMMAND ${LCOV_BIN} --quiet -r ${OUTFILE} ${LCOV_REMOVE_PATTERNS} --output-file ${OUTFILE} ${LCOV_EXTRA_FLAGS} DEPENDS ${OUTFILE}.raw COMMENT "Post-processing ${FILE_REL}" ) endfunction () # Add a new global target to generate initial coverage reports for all targets. # This target will be used to generate the global initial info file, which is # used to gather even empty report data. if (NOT TARGET lcov-capture-init) add_custom_target(lcov-capture-init) set(LCOV_CAPTURE_INIT_FILES "" CACHE INTERNAL "") endif (NOT TARGET lcov-capture-init) # This function will add initial capture of coverage data for target , # which is needed to get also data for objects, which were not loaded at # execution time. It will call geninfo for every source file of once and # store the info file in the same directory. function (lcov_capture_initial_tgt TNAME) # We don't have to check, if the target has support for coverage, thus this # will be checked by add_coverage_target in Findcoverage.cmake. Instead we # have to determine which gcov binary to use. get_target_property(TSOURCES ${TNAME} SOURCES) set(SOURCES "") set(TCOMPILER "") foreach (FILE ${TSOURCES}) codecov_path_of_source(${FILE} FILE) if (NOT "${FILE}" STREQUAL "") codecov_lang_of_source(${FILE} LANG) if (NOT "${LANG}" STREQUAL "") list(APPEND SOURCES "${FILE}") set(TCOMPILER ${CMAKE_${LANG}_COMPILER_ID}) endif () endif () endforeach () # If no gcov binary was found, coverage data can't be evaluated. if (NOT GCOV_${TCOMPILER}_BIN) message(WARNING "No coverage evaluation binary found for ${TCOMPILER}.") return() endif () set(GCOV_BIN "${GCOV_${TCOMPILER}_BIN}") set(GCOV_ENV "${GCOV_${TCOMPILER}_ENV}") get_target_property(TBIN_DIR ${TNAME} BINARY_DIR) set(TDIR ${TBIN_DIR}/CMakeFiles/${TNAME}.dir) set(GENINFO_FILES "") foreach(FILE ${SOURCES}) # generate empty coverage files set(OUTFILE "${TDIR}/${FILE}.info.init") list(APPEND GENINFO_FILES ${OUTFILE}) add_custom_command(OUTPUT ${OUTFILE} COMMAND ${GCOV_ENV} ${GENINFO_BIN} --quiet --base-directory ${PROJECT_SOURCE_DIR} --initial --gcov-tool ${GCOV_BIN} --output-filename ${OUTFILE} ${GENINFO_EXTERN_FLAG} ${TDIR}/${FILE}.gcno DEPENDS ${TNAME} COMMENT "Capturing initial coverage data for ${FILE}" ) endforeach() # Concatenate all files generated by geninfo to a single file per target. set(OUTFILE "${LCOV_DATA_PATH_INIT}/${TNAME}.info") set(LCOV_EXTRA_FLAGS "--initial") lcov_merge_files("${OUTFILE}" ${GENINFO_FILES}) add_custom_target(${TNAME}-capture-init ALL DEPENDS ${OUTFILE}) # add geninfo file generation to global lcov-geninfo target add_dependencies(lcov-capture-init ${TNAME}-capture-init) set(LCOV_CAPTURE_INIT_FILES "${LCOV_CAPTURE_INIT_FILES}" "${OUTFILE}" CACHE INTERNAL "" ) endfunction (lcov_capture_initial_tgt) # This function will generate the global info file for all targets. It has to be # called after all other CMake functions in the root CMakeLists.txt file, to get # a full list of all targets that generate coverage data. function (lcov_capture_initial) # Skip this function (and do not create the following targets), if there are # no input files. if ("${LCOV_CAPTURE_INIT_FILES}" STREQUAL "") return() endif () # Add a new target to merge the files of all targets. set(OUTFILE "${LCOV_DATA_PATH_INIT}/all_targets.info") lcov_merge_files("${OUTFILE}" ${LCOV_CAPTURE_INIT_FILES}) add_custom_target(lcov-geninfo-init ALL DEPENDS ${OUTFILE} lcov-capture-init ) endfunction (lcov_capture_initial) # Add a new global target to generate coverage reports for all targets. This # target will be used to generate the global info file. if (NOT TARGET lcov-capture) add_custom_target(lcov-capture) set(LCOV_CAPTURE_FILES "" CACHE INTERNAL "") endif (NOT TARGET lcov-capture) # This function will add capture of coverage data for target , which is # needed to get also data for objects, which were not loaded at execution time. # It will call geninfo for every source file of once and store the info # file in the same directory. function (lcov_capture_tgt TNAME) # We don't have to check, if the target has support for coverage, thus this # will be checked by add_coverage_target in Findcoverage.cmake. Instead we # have to determine which gcov binary to use. get_target_property(TSOURCES ${TNAME} SOURCES) set(SOURCES "") set(TCOMPILER "") foreach (FILE ${TSOURCES}) codecov_path_of_source(${FILE} FILE) if (NOT "${FILE}" STREQUAL "") codecov_lang_of_source(${FILE} LANG) if (NOT "${LANG}" STREQUAL "") list(APPEND SOURCES "${FILE}") set(TCOMPILER ${CMAKE_${LANG}_COMPILER_ID}) endif () endif () endforeach () # If no gcov binary was found, coverage data can't be evaluated. if (NOT GCOV_${TCOMPILER}_BIN) message(WARNING "No coverage evaluation binary found for ${TCOMPILER}.") return() endif () set(GCOV_BIN "${GCOV_${TCOMPILER}_BIN}") set(GCOV_ENV "${GCOV_${TCOMPILER}_ENV}") get_target_property(TBIN_DIR ${TNAME} BINARY_DIR) set(TDIR ${TBIN_DIR}/CMakeFiles/${TNAME}.dir) set(GENINFO_FILES "") foreach(FILE ${SOURCES}) # Generate coverage files. If no .gcda file was generated during # execution, the empty coverage file will be used instead. set(OUTFILE "${TDIR}/${FILE}.info") list(APPEND GENINFO_FILES ${OUTFILE}) # Create an empty .gcda file, so the target capture file can have a dependency on it. # The capture file will only use this .gcda if it has a non-zero size (test -s). add_custom_command(OUTPUT "${TDIR}/${FILE}.gcda" COMMAND "${CMAKE_COMMAND}" -E touch "${TDIR}/${FILE}.gcda" ) add_custom_command(OUTPUT ${OUTFILE} COMMAND test -s "${TDIR}/${FILE}.gcda" && ${GCOV_ENV} ${GENINFO_BIN} --quiet --base-directory ${PROJECT_SOURCE_DIR} --gcov-tool ${GCOV_BIN} --output-filename ${OUTFILE} ${GENINFO_EXTERN_FLAG} ${TDIR}/${FILE}.gcda || cp ${OUTFILE}.init ${OUTFILE} DEPENDS ${TNAME} ${TNAME}-capture-init "${TDIR}/${FILE}.gcda" COMMENT "Capturing coverage data for ${FILE}" ) endforeach() # Concatenate all files generated by geninfo to a single file per target. set(OUTFILE "${LCOV_DATA_PATH_CAPTURE}/${TNAME}.info") lcov_merge_files("${OUTFILE}" ${GENINFO_FILES}) add_custom_target(${TNAME}-geninfo DEPENDS ${OUTFILE}) # add geninfo file generation to global lcov-capture target add_dependencies(lcov-capture ${TNAME}-geninfo) set(LCOV_CAPTURE_FILES "${LCOV_CAPTURE_FILES}" "${OUTFILE}" CACHE INTERNAL "" ) # Add target for generating html output for this target only. file(MAKE_DIRECTORY ${LCOV_HTML_PATH}/${TNAME}) add_custom_target(${TNAME}-genhtml COMMAND ${GENHTML_BIN} --quiet --sort --prefix ${PROJECT_SOURCE_DIR} --baseline-file ${LCOV_DATA_PATH_INIT}/${TNAME}.info --output-directory ${LCOV_HTML_PATH}/${TNAME} --title "${CMAKE_PROJECT_NAME} - target ${TNAME}" ${GENHTML_CPPFILT_FLAG} ${OUTFILE} DEPENDS ${TNAME}-geninfo ${TNAME}-capture-init ) endfunction (lcov_capture_tgt) # This function will generate the global info file for all targets. It has to be # called after all other CMake functions in the root CMakeLists.txt file, to get # a full list of all targets that generate coverage data. function (lcov_capture) # Skip this function (and do not create the following targets), if there are # no input files. if ("${LCOV_CAPTURE_FILES}" STREQUAL "") return() endif () # Add a new target to merge the files of all targets. set(OUTFILE "${LCOV_DATA_PATH_CAPTURE}/all_targets.info") lcov_merge_files("${OUTFILE}" ${LCOV_CAPTURE_FILES}) add_custom_target(lcov-geninfo DEPENDS ${OUTFILE} lcov-capture) # Add a new global target for all lcov targets. This target could be used to # generate the lcov html output for the whole project instead of calling # -geninfo and -genhtml for each target. It will also be # used to generate a html site for all project data together instead of one # for each target. if (NOT TARGET lcov) file(MAKE_DIRECTORY ${LCOV_HTML_PATH}/all_targets) add_custom_target(lcov COMMAND ${GENHTML_BIN} --quiet --sort --baseline-file ${LCOV_DATA_PATH_INIT}/all_targets.info --output-directory ${LCOV_HTML_PATH}/all_targets --title "${CMAKE_PROJECT_NAME}" --prefix "${PROJECT_SOURCE_DIR}" ${GENHTML_CPPFILT_FLAG} ${OUTFILE} DEPENDS lcov-geninfo-init lcov-geninfo ) endif () endfunction (lcov_capture) # Add a new global target to generate the lcov html report for the whole project # instead of calling -genhtml for each target (to create an own report # for each target). Instead of the lcov target it does not require geninfo for # all targets, so you have to call -geninfo to generate the info files # the targets you'd like to have in your report or lcov-geninfo for generating # info files for all targets before calling lcov-genhtml. file(MAKE_DIRECTORY ${LCOV_HTML_PATH}/selected_targets) if (NOT TARGET lcov-genhtml) add_custom_target(lcov-genhtml COMMAND ${GENHTML_BIN} --quiet --output-directory ${LCOV_HTML_PATH}/selected_targets --title \"${CMAKE_PROJECT_NAME} - targets `find ${LCOV_DATA_PATH_CAPTURE} -name \"*.info\" ! -name \"all_targets.info\" -exec basename {} .info \\\;`\" --prefix ${PROJECT_SOURCE_DIR} --sort ${GENHTML_CPPFILT_FLAG} `find ${LCOV_DATA_PATH_CAPTURE} -name \"*.info\" ! -name \"all_targets.info\"` ) endif (NOT TARGET lcov-genhtml)yubico-piv-tool-2.2.0/cmake/pcscd.cmake0000664000175000017500000001310613766610642016726 0ustar aveenaveen# Copyright (c) 2020 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. set(BACKEND_ARG_CHECK "check") set(BACKEND_ARG_PCSC "pcsc") set(BACKEND_ARG_MAC "macscard") set(BACKEND_ARG_WIN "winscard") macro (find_pcscd) if(VERBOSE_CMAKE) message("BACKEND: ${BACKEND}") endif(VERBOSE_CMAKE) if(${BACKEND} STREQUAL ${BACKEND_ARG_CHECK}) if(${CMAKE_SYSTEM_NAME} MATCHES "(D|d)arwin") message("Detected Mac: selecting ${BACKEND_ARG_MAC} backend") set(BACKEND ${BACKEND_ARG_MAC}) elseif(${CMAKE_SYSTEM_NAME} MATCHES "(W|w)in") message("Detected Windows: selecting ${BACKEND_ARG_WIN} backend") set(BACKEND ${BACKEND_ARG_WIN}) else() message("Detected neither Mac nor Windows: selecting ${BACKEND_ARG_PCSC} backend") set(BACKEND ${BACKEND_ARG_PCSC}) endif() endif(${BACKEND} STREQUAL ${BACKEND_ARG_CHECK}) if(${BACKEND} STREQUAL ${BACKEND_ARG_MAC}) message("Checking for PCSC with Mac linkage") find_file(PCSC_WINSCARD_H_FOUND PCSC/winscard.h) if(PCSC_WINSCARD_H_FOUND) set(HAVE_PCSC_WINSCARD_H ON) set(PCSC_MACOSX_LIBS "-Wl,-framework -Wl,PCSC") set(PCSC_LIBRARIES ${PCSC_MACOSX_LIBS}) message("PCSC_WINSCARD_H_FOUND: ${PCSC_WINSCARD_H_FOUND}") message("HAVE_PCSC_WINSCARD_H: ${HAVE_PCSC_WINSCARD_H}") message("PCSC_MACOSX_LIBS: ${PCSC_MACOSX_LIBS}") else(PCSC_WINSCARD_H_FOUND) message(FATAL_ERROR "cannot find Mac PCSC library/headers") endif() endif(${BACKEND} STREQUAL ${BACKEND_ARG_MAC}) if(${BACKEND} STREQUAL ${BACKEND_ARG_WIN}) message("Checking for winscard with Windows linkage") set(PCSC_WIN_LIBS "winscard.lib") set(PCSC_LIBRARIES ${PCSC_WIN_LIBS}) message("WINSCARD_H_FOUND: ${WINSCARD_H_FOUND}") message("PCSC_WIN_LIBS: ${PCSC_WIN_LIBS}") endif(${BACKEND} STREQUAL ${BACKEND_ARG_WIN}) if(${BACKEND} STREQUAL ${BACKEND_ARG_PCSC}) set(ENV{PKG_CONFIG_PATH} "${PCSCLITE_PKG_PATH}:$ENV{PKG_CONFIG_PATH}") pkg_check_modules(PCSC REQUIRED libpcsclite) if(PCSC_FOUND) set(PCSC_LIBRARIES ${PCSC_LDFLAGS}) if(VERBOSE_CMAKE) message("PCSC_FOUND: ${PCSC_FOUND}") message("PCSC_LIBRARY_DIRS: ${PCSC_LIBRARY_DIRS}") message("PCSC_LDFLAGS: ${PCSC_LDFLAGS}") message("PCSC_LDFLAGS_OTHER: ${PCSC_LDFLAGS_OTHER}") message("PCSC_INCLUDE_DIRS: ${PCSC_INCLUDE_DIRS}") message("PCSC_CFLAGS_OTHER: ${PCSC_CFLAGS_OTHER}") message("PCSC_VERSION: ${PCSC_VERSION}") message("PCSC_INCLUDEDIR: ${PCSC_INCLUDEDIR}") message("PCSC_LIBDIR: ${PCSC_LIBDIR}") endif(VERBOSE_CMAKE) else(PCSC_FOUND) message (FATAL_ERROR "pcscd not found. Aborting...") endif(PCSC_FOUND) endif() if(${PCSC_LIB} NOT STREQUAL "") message("Checking for PCSC with custom lib") find_file(PCSC_WINSCARD_H_FOUND PCSC/winscard.h) if(${PCSC_DIR} NOT STREQUAL "") set(PCSC_CUSTOM_LIBS "-Wl,-L${PCSC_DIR} -Wl,-l${PCSC_LIB} -Wl,-rpath,${PCSC_DIR}") else(${PCSC_DIR} NOT STREQUAL "") set(PCSC_CUSTOM_LIBS "-Wl,-l${PCSC_LIB}") endif(${PCSC_DIR} NOT STREQUAL "") set(CMAKE_C_FLAGS ${PCSC_CFLAGS} ${CMAKE_C_FLAGS}) set(PCSC_LIBRARIES ${PCSC_LIBRARIES} ${PCSC_CUSTOM_LIBS}) unset(PCSC_MACOSX_LIBS) unset(PCSC_WIN_LIBS) unset(PCSC_LIBS) endif(${PCSC_LIB} NOT STREQUAL "") string(REPLACE ";" " " PCSC_CFLAGS "${PCSC_CFLAGS}") if(${BACKEND} STREQUAL ${BACKEND_ARG_PCSC} OR ${BACKEND} STREQUAL ${BACKEND_ARG_WIN} OR ${BACKEND} STREQUAL ${BACKEND_ARG_MAC} OR ${PCSC_LIB} NOT STREQUAL "") set(BACKEND_PCSC ON) else() message (FATAL_ERROR "cannot find PCSC library") endif() message("PCSC_LIBRARIES: ${PCSC_LIBRARIES}") message("PCSC_CFLAGS: ${PCSC_CFLAGS}") message("BACKEND_PCSC: ${BACKEND_PCSC}") message("HAVE_PCSC_WINSCARD_H: ${HAVE_PCSC_WINSCARD_H}") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${PCSC_CFLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${PCSC_CFLAGS}") link_directories(${PCSC_LIBRARY_DIRS}) endmacro()yubico-piv-tool-2.2.0/lib/0000775000175000017500000000000013766610730014313 5ustar aveenaveenyubico-piv-tool-2.2.0/lib/ykpiv-config.h0000664000175000017500000000671313766610730017100 0ustar aveenaveen/* * Copyright (c) 2014-2016,2020 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef YKPIV_VERSION_H #define YKPIV_VERSION_H #ifdef __cplusplus extern "C" { #endif /** * YKPIV_VERSION_STRING * * Pre-processor symbol with a string that describe the header file * version number. Used together with ykneomgr_check_version() to verify * header file and run-time library consistency. */ #define YKPIV_VERSION_STRING "2.2.0" /** * YKPIV_VERSION_NUMBER * * Pre-processor symbol with a hexadecimal value describing the header * file version number. For example, when the header version is 1.2.3 * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ /* #undef YKPIV_VERSION_NUMBER */ /** * YKPIV_VERSION_MAJOR * * Pre-processor symbol with a decimal value that describe the major * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 1. */ #define YKPIV_VERSION_MAJOR /** * YKPIV_VERSION_MINOR * * Pre-processor symbol with a decimal value that describe the minor * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 2. */ #define YKPIV_VERSION_MINOR /** * YKPIV_VERSION_PATCH * * Pre-processor symbol with a decimal value that describe the patch * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 3. */ #define YKPIV_VERSION_PATCH /** * _WIN32 * * Pre-processor symbol that describes the Windows system architecture. */ /* #undef _WIN32 */ /** * BACKEND_PCSC * * Pre-processor symbol that describes the available PCSC backend. * If PCSC was not found on the system, some functionality will be missing. */ #define BACKEND_PCSC ON /** * HAVE_PCSC_WINSCARD_H * * Pre-processor symbol indicating whether the file PCSC/winscard.h * exists on the system or not. */ /* #undef HAVE_PCSC_WINSCARD_H */ const char *ykpiv_check_version (const char *req_version); #ifdef __cplusplus } #endif #endif yubico-piv-tool-2.2.0/lib/ykpiv.h0000664000175000017500000006273713766610642015647 0ustar aveenaveen/* * Copyright (c) 2014-2020 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /** * @mainpage * * See ykpiv.h * * @file ykpiv.h * libykpiv API */ #ifndef YKPIV_H #define YKPIV_H #include #include #include #include "ykpiv-config.h" #ifdef __cplusplus extern "C" { #endif typedef struct ykpiv_state ykpiv_state; typedef enum { YKPIV_OK = 0, YKPIV_MEMORY_ERROR = -1, YKPIV_PCSC_ERROR = -2, YKPIV_SIZE_ERROR = -3, YKPIV_APPLET_ERROR = -4, YKPIV_AUTHENTICATION_ERROR = -5, YKPIV_RANDOMNESS_ERROR = -6, YKPIV_GENERIC_ERROR = -7, YKPIV_KEY_ERROR = -8, YKPIV_PARSE_ERROR = -9, YKPIV_WRONG_PIN = -10, YKPIV_INVALID_OBJECT = -11, YKPIV_ALGORITHM_ERROR = -12, YKPIV_PIN_LOCKED = -13, YKPIV_ARGUMENT_ERROR = -14, //i.e. invalid input argument YKPIV_RANGE_ERROR = -15, //i.e. value range error YKPIV_NOT_SUPPORTED = -16 } ykpiv_rc; typedef void* (*ykpiv_pfn_alloc)(void* alloc_data, size_t size); typedef void* (*ykpiv_pfn_realloc)(void* alloc_data, void* address, size_t size); typedef void (*ykpiv_pfn_free)(void* alloc_data, void* address); typedef struct ykpiv_allocator { ykpiv_pfn_alloc pfn_alloc; ykpiv_pfn_realloc pfn_realloc; ykpiv_pfn_free pfn_free; void * alloc_data; } ykpiv_allocator; const char *ykpiv_strerror(ykpiv_rc err); const char *ykpiv_strerror_name(ykpiv_rc err); ykpiv_rc ykpiv_init(ykpiv_state **state, int verbose); ykpiv_rc ykpiv_init_with_allocator(ykpiv_state **state, int verbose, const ykpiv_allocator *allocator); ykpiv_rc ykpiv_done(ykpiv_state *state); ykpiv_rc ykpiv_validate(ykpiv_state *state, const char *wanted); ykpiv_rc ykpiv_connect(ykpiv_state *state, const char *wanted); ykpiv_rc ykpiv_list_readers(ykpiv_state *state, char *readers, size_t *len); ykpiv_rc ykpiv_disconnect(ykpiv_state *state); ykpiv_rc ykpiv_transfer_data(ykpiv_state *state, const unsigned char *templ, const unsigned char *in_data, long in_len, unsigned char *out_data, unsigned long *out_len, int *sw); ykpiv_rc ykpiv_authenticate(ykpiv_state *state, const unsigned char *key); ykpiv_rc ykpiv_set_mgmkey(ykpiv_state *state, const unsigned char *new_key); ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len, unsigned char *hex_out, size_t *out_len); ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in, size_t in_len, unsigned char *sign_out, size_t *out_len, unsigned char algorithm, unsigned char key); ykpiv_rc ykpiv_decipher_data(ykpiv_state *state, const unsigned char *enc_in, size_t in_len, unsigned char *enc_out, size_t *out_len, unsigned char algorithm, unsigned char key); ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len); ykpiv_rc ykpiv_verify(ykpiv_state *state, const char *pin, int *tries); ykpiv_rc ykpiv_change_pin(ykpiv_state *state, const char * current_pin, size_t current_pin_len, const char * new_pin, size_t new_pin_len, int *tries); ykpiv_rc ykpiv_change_puk(ykpiv_state *state, const char * current_puk, size_t current_puk_len, const char * new_puk, size_t new_puk_len, int *tries); ykpiv_rc ykpiv_unblock_pin(ykpiv_state *state, const char * puk, size_t puk_len, const char * new_pin, size_t new_pin_len, int *tries); ykpiv_rc ykpiv_fetch_object(ykpiv_state *state, int object_id, unsigned char *data, unsigned long *len); ykpiv_rc ykpiv_set_mgmkey2(ykpiv_state *state, const unsigned char *new_key, const unsigned char touch); ykpiv_rc ykpiv_save_object(ykpiv_state *state, int object_id, unsigned char *indata, size_t len); ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, unsigned char algorithm, const unsigned char *p, size_t p_len, const unsigned char *q, size_t q_len, const unsigned char *dp, size_t dp_len, const unsigned char *dq, size_t dq_len, const unsigned char *qinv, size_t qinv_len, const unsigned char *ec_data, unsigned char ec_data_len, const unsigned char pin_policy, const unsigned char touch_policy); ykpiv_rc ykpiv_attest(ykpiv_state *state, const unsigned char key, unsigned char *data, size_t *data_len); ykpiv_rc ykpiv_get_metadata(ykpiv_state *state, const unsigned char key, unsigned char *data, size_t *data_len); /** * Return the number of PIN attempts remaining before PIN is locked. * * **NOTE:** If PIN is already verified, calling ykpiv_get_pin_retries() will unverify the PIN. * * @param state State handle from ykpiv_init() * @param tries [out] Number of attempts remaining * * @return Error code */ ykpiv_rc ykpiv_get_pin_retries(ykpiv_state *state, int *tries); /** * Set number of attempts before locking for PIN and PUK codes. * * **NOTE:** If either \p pin_tries or \p puk_tries is 0, ykpiv_set_pin_retries() immediately returns YKPIV_OK. * * @param state State handle from ykpiv_init() * @param pin_tries Number of attempts to permit for PIN code * @param puk_tries Number of attempts to permit for PUK code * * @return Error code */ ykpiv_rc ykpiv_set_pin_retries(ykpiv_state *state, int pin_tries, int puk_tries); /** * Variant of ykpiv_connect() that accepts a card context obtained externally. * * Not for generic use. Use ykpiv_connect() instead. * * @param state State handle * @param context Card context returned from SCardConnect() or equivalent. * @param card Card ID returned from SCardConnect() or equivalent. * * @return Error code */ ykpiv_rc ykpiv_connect_with_external_card(ykpiv_state *state, uintptr_t context, uintptr_t card); /** * Variant of ykpiv_done() for external cards connected with ykpiv_connect_with_external_card() * * Card is not disconnected, unlike with normal calls to ykpiv_done(). * * @param state State handle * * @return Error code */ ykpiv_rc ykpiv_done_with_external_card(ykpiv_state *state); /** * Variant of ykpiv_verify() that optionally selects the PIV applet first. * * @param state State handle * @param pin PIN code to verify with * @param pin_len Length of \p pin * @param tries [out] Number of attempts remaining (if non-NULL) * @param force_select Whether to select the PIV applet before verifying. * * @return Error code */ ykpiv_rc ykpiv_verify_select(ykpiv_state *state, const char *pin, const size_t pin_len, int *tries, bool force_select); /** * Get serial number * * The card must be connected to call this function. * * @param state [in] State handle * @param p_serial [out] uint32 to store retrieved serial number * * @return ykpiv_rc error code * */ ykpiv_rc ykpiv_get_serial(ykpiv_state *state, uint32_t* p_serial); //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //// //// //// High-level Util API //// //// //// Util api always allocates data on your behalf, if data = 0, *data != 0, //// or data_len = 0 an invalid parameter will be returned; to free data, call //// ykpiv_util_free(). //// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// typedef uint32_t ykpiv_devmodel; /** * Card identifier */ #define YKPIV_CARDID_SIZE 16 typedef struct { uint8_t data[YKPIV_CARDID_SIZE]; } ykpiv_cardid; /** * Card Capability */ #define YKPIV_CCCID_SIZE 14 typedef struct { uint8_t data[YKPIV_CCCID_SIZE]; } ykpiv_cccid; #pragma pack(push, 1) typedef struct _ykpiv_key { uint8_t slot; uint16_t cert_len; uint8_t cert[1]; } ykpiv_key; typedef struct _ykpiv_container { wchar_t name[40]; uint8_t slot; uint8_t key_spec; uint16_t key_size_bits; uint8_t flags; uint8_t pin_id; uint8_t associated_echd_container; uint8_t cert_fingerprint[20]; } ykpiv_container; #pragma pack(pop) typedef enum { YKPIV_CONFIG_MGM_INVALID = -1, YKPIV_CONFIG_MGM_MANUAL = 0, YKPIV_CONFIG_MGM_DERIVED = 1, YKPIV_CONFIG_MGM_PROTECTED = 2 } ykpiv_config_mgm_type; #pragma pack(push, 1) typedef struct _ykpiv_config { uint8_t puk_blocked; uint8_t puk_noblock_on_upgrade; uint32_t pin_last_changed; ykpiv_config_mgm_type mgm_type; uint8_t mgm_key[24]; } ykpiv_config; typedef struct _ykpiv_mgm { uint8_t data[24]; } ykpiv_mgm; #pragma pack(pop) typedef struct _ykpiv_metadata { uint8_t algorithm; uint8_t pin_policy; uint8_t touch_policy; uint8_t origin; size_t pubkey_len; uint8_t pubkey[512]; } ykpiv_metadata; /** * Free allocated data * * Frees a buffer previously allocated by one of the other \p ykpiv_util functions. * * @param state State handle * @param data Buffer previously allocated by a \p ykpiv_util function * * @return ypiv_rc error code */ ykpiv_rc ykpiv_util_free(ykpiv_state *state, void *data); /** * Returns a list of all saved certificates. * * \p data should be freed with \p ykpiv_util_free() after use. * * @param state State handle * @param key_count [out] Number of certificates returned * @param data [out] Set to a dynamically allocated list of certificates. * @param data_len [out] Set to size of \p data in bytes * * @return Error code */ ykpiv_rc ykpiv_util_list_keys(ykpiv_state *state, uint8_t *key_count, ykpiv_key **data, size_t *data_len); /** * Read a certificate stored in the given slot * * \p data should be freed with \p ykpiv_util_free() after use. * * @param state State handle * @param slot Slot to read from * @param data Pointer to buffer to store the read data * @param data_len Pointer to size of input buffer, in bytes. Update to length of read data after call. * * @return Error code */ ykpiv_rc ykpiv_util_read_cert(ykpiv_state *state, uint8_t slot, uint8_t **data, size_t *data_len); /** * Write a certificate to a given slot * * \p certinfo should be \p YKPIV_CERTINFO_UNCOMPRESSED for uncompressed certificates, which is the most * common case, or \p YKPIV_CERTINFO_GZIP if the certificate in \p data is already compressed with gzip. * * @param state State handle * @param slot Slot to write to * @param data Buffer of data to write * @param data_len Number of bytes to write * @param certinfo Hint about type of certificate. Use the \p YKPIV_CERTINFO* defines. * * @return Error code */ ykpiv_rc ykpiv_util_write_cert(ykpiv_state *state, uint8_t slot, uint8_t *data, size_t data_len, uint8_t certinfo); /** * Delete the certificate stored in the given slot * * @param state State handle * @param slot Slot to delete certificate from * * @return Error code */ ykpiv_rc ykpiv_util_delete_cert(ykpiv_state *state, uint8_t slot); /** * Generate key in given slot with specified parameters * * \p modulus, \p exp, and \p point should be freed with \p ykpiv_util_free() after use. * * If algorithm is RSA1024 or RSA2048, the modulus, modulus_len, exp, and exp_len output parameters must be supplied. They are filled with with public modulus (big-endian), its size, the public exponent (big-endian), and its size respectively. * * If algorithm is ECCP256 or ECCP384, the point and point_len output parameters must be supplied. They are filled with the public point (uncompressed octet-string encoded per SEC1 section 2.3.4) * * If algorithm is ECCP256, the curve is always ANSI X9.62 Prime 256v1 * * If algorithm is ECCP384, the curve is always secp384r1 * * @param state State handle * @param slot Slot to generate key in * @param algorithm Key algorithm, specified as one of the \p YKPIV_ALGO_* options * @param pin_policy Per-slot PIN policy, specified as one of the \p YKPIV_PINPOLICY_* options * @param touch_policy Per-slot touch policy, specified as one of the \p YKPIV_TOUCHPOLICY_* options. * @param modulus [out] RSA public modulus (RSA-only) * @param modulus_len [out] Size of \p modulus (RSA-only) * @param exp [out] RSA public exponent (RSA-only) * @param exp_len [out] Size of \p exp (RSA-only) * @param point [out] Public curve point (ECC-only) * @param point_len [out] Size of \p point (ECC-only) * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_generate_key(ykpiv_state *state, uint8_t slot, uint8_t algorithm, uint8_t pin_policy, uint8_t touch_policy, uint8_t **modulus, size_t *modulus_len, uint8_t **exp, size_t *exp_len, uint8_t **point, size_t *point_len); /** * Get current PIV applet administration configuration state * * @param state State handle * @param config [out] ykpiv_config struct filled with current applet data * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_get_config(ykpiv_state *state, ykpiv_config *config); /** * Set last pin changed time to current time * * The applet must be authenticated to call this function * * @param state State handle * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_set_pin_last_changed(ykpiv_state *state); /** * Get Derived MGM key * * @param state State handle * @param pin PIN used to derive mgm key * @param pin_len Length of pin in bytes * @param mgm [out] Protected MGM key * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_get_derived_mgm(ykpiv_state *state, const uint8_t *pin, const size_t pin_len, ykpiv_mgm *mgm); /** * Get Protected MGM key * * The user pin must be verified to call this function * * @param state State handle * @param mgm [out] Protected MGM key * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_get_protected_mgm(ykpiv_state *state, ykpiv_mgm *mgm); /** * Set Protected MGM key * * The applet must be authenticated and the user pin verified to call this function * * If \p mgm is NULL or \p mgm.data is all zeroes, generate MGM, otherwise set specified key. * * @param state State handle * @param mgm [in, out] Input: NULL or new MGM key. Output: Generated MGM key * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_set_protected_mgm(ykpiv_state *state, ykpiv_mgm *mgm); /** * Reset PIV applet * * The user PIN and PUK must be blocked to call this function. * * @param state State handle * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_reset(ykpiv_state *state); /** * Get card identifier * * Gets the card identifier from the Cardholder Unique Identifier (CHUID). * * ID can be set with \p ykpiv_util_set_cardid(). * * @param state State handle * @param cardid [out] Unique Card ID stored in the CHUID * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_get_cardid(ykpiv_state *state, ykpiv_cardid *cardid); /** * Set card identifier * * Set the card identifier in the Cardholder Unique Identifier (CHUID). * * The card must be authenticated to call this function. * * See also: \p ykpiv_util_set_cccid() * * @param state State handle * @param cardid Unique Card ID to set. If NULL, randomly generate. * * @return ypiv_rc error code * */ ykpiv_rc ykpiv_util_set_cardid(ykpiv_state *state, const ykpiv_cardid *cardid); /** * Get card capabilities identifier * * Gets the card identifier from the Card Capability Container (CCC). * * ID can be set with \p ykpiv_util_set_cccid(). * * @param state State handle * @param ccc [out] Unique Card ID stored in the CCC * * @return ykpiv_rc error code */ ykpiv_rc ykpiv_util_get_cccid(ykpiv_state *state, ykpiv_cccid *ccc); /** * Set card capabilities identifier * * Sets the card identifier in the Card Capability Container (CCC). * * The card must be authenticated to call this function. * * See also: \p ykpiv_util_set_cardid() * * @param state state * @param ccc Unique Card ID to set. If NULL, randomly generate. * * @return ykpiv_rc error code * */ ykpiv_rc ykpiv_util_set_cccid(ykpiv_state *state, const ykpiv_cccid *ccc); /** * Get device model * * The card must be connected to call this function. * * @param state State handle * * @return Device model * */ ykpiv_devmodel ykpiv_util_devicemodel(ykpiv_state *state); /** * Block PUK * * Utility function to block the PUK. * * To set the PUK blocked flag in the admin data, the applet must be authenticated. * * @param state State handle * * @return Error code * */ ykpiv_rc ykpiv_util_block_puk(ykpiv_state *state); /** * Object ID of given slot. * * @param slot Key slot */ uint32_t ykpiv_util_slot_object(uint8_t slot); ykpiv_rc ykpiv_util_read_mscmap(ykpiv_state *state, ykpiv_container **containers, size_t *n_containers); ykpiv_rc ykpiv_util_write_mscmap(ykpiv_state *state, ykpiv_container *containers, size_t n_containers); ykpiv_rc ykpiv_util_read_msroots(ykpiv_state *state, uint8_t **data, size_t *data_len); ykpiv_rc ykpiv_util_write_msroots(ykpiv_state *state, uint8_t *data, size_t data_len); ykpiv_rc ykpiv_util_parse_metadata(uint8_t *data, size_t data_len, ykpiv_metadata *metadata); //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //// //// //// Defines //// //// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////// #define YKPIV_ALGO_TAG 0x80 #define YKPIV_ALGO_3DES 0x03 #define YKPIV_ALGO_RSA1024 0x06 #define YKPIV_ALGO_RSA2048 0x07 #define YKPIV_ALGO_ECCP256 0x11 #define YKPIV_ALGO_ECCP384 0x14 #define YKPIV_KEY_AUTHENTICATION 0x9a #define YKPIV_KEY_CARDMGM 0x9b #define YKPIV_KEY_SIGNATURE 0x9c #define YKPIV_KEY_KEYMGM 0x9d #define YKPIV_KEY_CARDAUTH 0x9e #define YKPIV_KEY_RETIRED1 0x82 #define YKPIV_KEY_RETIRED2 0x83 #define YKPIV_KEY_RETIRED3 0x84 #define YKPIV_KEY_RETIRED4 0x85 #define YKPIV_KEY_RETIRED5 0x86 #define YKPIV_KEY_RETIRED6 0x87 #define YKPIV_KEY_RETIRED7 0x88 #define YKPIV_KEY_RETIRED8 0x89 #define YKPIV_KEY_RETIRED9 0x8a #define YKPIV_KEY_RETIRED10 0x8b #define YKPIV_KEY_RETIRED11 0x8c #define YKPIV_KEY_RETIRED12 0x8d #define YKPIV_KEY_RETIRED13 0x8e #define YKPIV_KEY_RETIRED14 0x8f #define YKPIV_KEY_RETIRED15 0x90 #define YKPIV_KEY_RETIRED16 0x91 #define YKPIV_KEY_RETIRED17 0x92 #define YKPIV_KEY_RETIRED18 0x93 #define YKPIV_KEY_RETIRED19 0x94 #define YKPIV_KEY_RETIRED20 0x95 #define YKPIV_KEY_ATTESTATION 0xf9 #define YKPIV_OBJ_CAPABILITY 0x5fc107 #define YKPIV_OBJ_CHUID 0x5fc102 #define YKPIV_OBJ_AUTHENTICATION 0x5fc105 /* cert for 9a key */ #define YKPIV_OBJ_FINGERPRINTS 0x5fc103 #define YKPIV_OBJ_SECURITY 0x5fc106 #define YKPIV_OBJ_FACIAL 0x5fc108 #define YKPIV_OBJ_PRINTED 0x5fc109 #define YKPIV_OBJ_SIGNATURE 0x5fc10a /* cert for 9c key */ #define YKPIV_OBJ_KEY_MANAGEMENT 0x5fc10b /* cert for 9d key */ #define YKPIV_OBJ_CARD_AUTH 0x5fc101 /* cert for 9e key */ #define YKPIV_OBJ_DISCOVERY 0x7e #define YKPIV_OBJ_KEY_HISTORY 0x5fc10c #define YKPIV_OBJ_IRIS 0x5fc121 #define YKPIV_OBJ_BITGT 0x7f61 #define YKPIV_OBJ_SM_SIGNER 0x5fc122 #define YKPIV_OBJ_PC_REF_DATA 0x5fc123 #define YKPIV_OBJ_RETIRED1 0x5fc10d #define YKPIV_OBJ_RETIRED2 0x5fc10e #define YKPIV_OBJ_RETIRED3 0x5fc10f #define YKPIV_OBJ_RETIRED4 0x5fc110 #define YKPIV_OBJ_RETIRED5 0x5fc111 #define YKPIV_OBJ_RETIRED6 0x5fc112 #define YKPIV_OBJ_RETIRED7 0x5fc113 #define YKPIV_OBJ_RETIRED8 0x5fc114 #define YKPIV_OBJ_RETIRED9 0x5fc115 #define YKPIV_OBJ_RETIRED10 0x5fc116 #define YKPIV_OBJ_RETIRED11 0x5fc117 #define YKPIV_OBJ_RETIRED12 0x5fc118 #define YKPIV_OBJ_RETIRED13 0x5fc119 #define YKPIV_OBJ_RETIRED14 0x5fc11a #define YKPIV_OBJ_RETIRED15 0x5fc11b #define YKPIV_OBJ_RETIRED16 0x5fc11c #define YKPIV_OBJ_RETIRED17 0x5fc11d #define YKPIV_OBJ_RETIRED18 0x5fc11e #define YKPIV_OBJ_RETIRED19 0x5fc11f #define YKPIV_OBJ_RETIRED20 0x5fc120 #define YKPIV_OBJ_ATTESTATION 0x5fff01 #define YKPIV_OBJ_MAX_SIZE 3072 #define YKPIV_INS_VERIFY 0x20 #define YKPIV_INS_CHANGE_REFERENCE 0x24 #define YKPIV_INS_RESET_RETRY 0x2c #define YKPIV_INS_GENERATE_ASYMMETRIC 0x47 #define YKPIV_INS_AUTHENTICATE 0x87 #define YKPIV_INS_GET_DATA 0xcb #define YKPIV_INS_PUT_DATA 0xdb #define YKPIV_INS_SELECT_APPLICATION 0xa4 #define YKPIV_INS_GET_RESPONSE_APDU 0xc0 /* sw is status words, see NIST special publication 800-73-4, section 5.6 */ #define SW_SUCCESS 0x9000 #define SW_ERR_SECURITY_STATUS 0x6982 #define SW_ERR_AUTH_BLOCKED 0x6983 #define SW_ERR_CONDITIONS_OF_USE 0x6985 #define SW_ERR_INCORRECT_PARAM 0x6a80 #define SW_ERR_FILE_NOT_FOUND 0x6a82 #define SW_ERR_REFERENCE_NOT_FOUND 0x6a88 /* this is a custom sw for yubikey */ #define SW_ERR_INCORRECT_SLOT 0x6b00 #define SW_ERR_NOT_SUPPORTED 0x6d00 /* Yubico vendor specific instructions */ #define YKPIV_INS_SET_MGMKEY 0xff #define YKPIV_INS_IMPORT_KEY 0xfe #define YKPIV_INS_GET_VERSION 0xfd #define YKPIV_INS_RESET 0xfb #define YKPIV_INS_SET_PIN_RETRIES 0xfa #define YKPIV_INS_ATTEST 0xf9 #define YKPIV_INS_GET_SERIAL 0xf8 #define YKPIV_INS_GET_METADATA 0xf7 #define YKPIV_PINPOLICY_TAG 0xaa #define YKPIV_PINPOLICY_DEFAULT 0 #define YKPIV_PINPOLICY_NEVER 1 #define YKPIV_PINPOLICY_ONCE 2 #define YKPIV_PINPOLICY_ALWAYS 3 #define YKPIV_TOUCHPOLICY_TAG 0xab #define YKPIV_TOUCHPOLICY_DEFAULT 0 #define YKPIV_TOUCHPOLICY_NEVER 1 #define YKPIV_TOUCHPOLICY_ALWAYS 2 #define YKPIV_TOUCHPOLICY_CACHED 3 #define YKPIV_METADATA_ALGORITHM_TAG 0x01 // See values for YKPIV_ALGO_TAG #define YKPIV_METADATA_POLICY_TAG 0x02 // Two bytes, see values for YKPIV_PINPOLICY_TAG and YKPIV_TOUCHPOLICY_TAG #define YKPIV_METADATA_ORIGIN_TAG 0x03 #define YKPIV_METADATA_ORIGIN_GENERATED 0x01 #define YKPIV_METADATA_ORIGIN_IMPORTED 0x02 #define YKPIV_METADATA_PUBKEY_TAG 0x04 // RSA: DER-encoded sequence N, E; EC: Uncompressed EC point X, Y #define YKPIV_IS_EC(a) ((a == YKPIV_ALGO_ECCP256 || a == YKPIV_ALGO_ECCP384)) #define YKPIV_IS_RSA(a) ((a == YKPIV_ALGO_RSA1024 || a == YKPIV_ALGO_RSA2048)) #define YKPIV_MIN_PIN_LEN 6 #define YKPIV_MAX_PIN_LEN 8 #define YKPIV_MGM_KEY_LEN 48 #define YKPIV_RETRIES_DEFAULT 3 #define YKPIV_RETRIES_MAX 0xff #define YKPIV_CERTINFO_UNCOMPRESSED 0 #define YKPIV_CERTINFO_GZIP 1 #define YKPIV_ATR_NEO_R3 "\x3b\xfc\x13\x00\x00\x81\x31\xfe\x15\x59\x75\x62\x69\x6b\x65\x79\x4e\x45\x4f\x72\x33\xe1" #define YKPIV_ATR_NEO_R3_NFC "\x3b\x8c\x80\x01\x59\x75\x62\x69\x6b\x65\x79\x4e\x45\x4f\x72\x33\x58" #define YKPIV_ATR_YK4 "\x3b\xf8\x13\x00\x00\x81\x31\xfe\x15\x59\x75\x62\x69\x6b\x65\x79\x34\xd4" #define YKPIV_ATR_YK5_P1 "\x3b\xf8\x13\x00\x00\x81\x31\xfe\x15\x01\x59\x75\x62\x69\x4b\x65\x79\xc1" #define YKPIV_ATR_YK5 "\x3b\xfd\x13\x00\x00\x81\x31\xfe\x15\x80\x73\xc0\x21\xc0\x57\x59\x75\x62\x69\x4b\x65\x79\x40" #define YKPIV_ATR_YK5_NFC "\x3b\x8d\x80\x01\x80\x73\xc0\x21\xc0\x57\x59\x75\x62\x69\x4b\x65\x79\xf9" #define DEVTYPE_UNKNOWN 0x00000000 #define DEVTYPE_NEO 0x4E450000 //"NE" #define DEVTYPE_YK 0x594B0000 //"YK" #define DEVTYPE_NEOr3 (DEVTYPE_NEO | 0x00007233) //"r3" #define DEVTYPE_YK4 (DEVTYPE_YK | 0x00000034) // "4" #define DEVTYPE_YK5 (DEVTYPE_YK | 0x00000035) // "5" #define DEVYTPE_YK5 DEVTYPE_YK5 // Keep old typo for backwards compatibility #ifdef __cplusplus } #endif #endif yubico-piv-tool-2.2.0/lib/Doxyfile0000664000175000017500000032175313766610642016036 0ustar aveenaveen# Doxyfile 1.8.13 # This file describes the settings to be used by the documentation system # doxygen (www.doxygen.org) for a project. # # All text after a double hash (##) is considered a comment and is placed in # front of the TAG it is preceding. # # All text after a single hash (#) is considered a comment and will be ignored. # The format is: # TAG = value [value, ...] # For lists, items can also be appended using: # TAG += value [value, ...] # Values that contain spaces should be placed between quotes (\" \"). #--------------------------------------------------------------------------- # Project related configuration options #--------------------------------------------------------------------------- # This tag specifies the encoding used for all characters in the config file # that follow. The default is UTF-8 which is also the encoding used for all text # before the first occurrence of this tag. Doxygen uses libiconv (or the iconv # built into libc) for the transcoding. See http://www.gnu.org/software/libiconv # for the list of possible encodings. # The default value is: UTF-8. DOXYFILE_ENCODING = UTF-8 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded by # double-quotes, unless you are using Doxywizard) that should identify the # project for which the documentation is generated. This name is used in the # title of most generated pages and in a few other places. # The default value is: My Project. PROJECT_NAME = "libykpiv" # The PROJECT_NUMBER tag can be used to enter a project or revision number. This # could be handy for archiving the generated documentation or if some version # control system is used. PROJECT_NUMBER = # Using the PROJECT_BRIEF tag one can provide an optional one line description # for a project that appears at the top of each page and should give viewer a # quick idea about the purpose of the project. Keep the description short. PROJECT_BRIEF = # With the PROJECT_LOGO tag one can specify a logo or an icon that is included # in the documentation. The maximum height of the logo should not exceed 55 # pixels and the maximum width should not exceed 200 pixels. Doxygen will copy # the logo to the output directory. PROJECT_LOGO = # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path # into which the generated documentation will be written. If a relative path is # entered, it will be relative to the location where doxygen was started. If # left blank the current directory will be used. OUTPUT_DIRECTORY = doxygen-doc # If the CREATE_SUBDIRS tag is set to YES then doxygen will create 4096 sub- # directories (in 2 levels) under the output directory of each output format and # will distribute the generated files over these directories. Enabling this # option can be useful when feeding doxygen a huge amount of source files, where # putting all generated files in the same directory would otherwise causes # performance problems for the file system. # The default value is: NO. CREATE_SUBDIRS = NO # If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII # characters to appear in the names of generated files. If set to NO, non-ASCII # characters will be escaped, for example _xE3_x81_x84 will be used for Unicode # U+3044. # The default value is: NO. ALLOW_UNICODE_NAMES = NO # The OUTPUT_LANGUAGE tag is used to specify the language in which all # documentation generated by doxygen is written. Doxygen will use this # information to generate all constant output in the proper language. # Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese, # Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States), # Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian, # Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages), # Korean, Korean-en (Korean with English messages), Latvian, Lithuanian, # Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian, # Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish, # Ukrainian and Vietnamese. # The default value is: English. OUTPUT_LANGUAGE = English # If the BRIEF_MEMBER_DESC tag is set to YES, doxygen will include brief member # descriptions after the members that are listed in the file and class # documentation (similar to Javadoc). Set to NO to disable this. # The default value is: YES. BRIEF_MEMBER_DESC = YES # If the REPEAT_BRIEF tag is set to YES, doxygen will prepend the brief # description of a member or function before the detailed description # # Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the # brief descriptions will be completely suppressed. # The default value is: YES. REPEAT_BRIEF = YES # This tag implements a quasi-intelligent brief description abbreviator that is # used to form the text in various listings. Each string in this list, if found # as the leading text of the brief description, will be stripped from the text # and the result, after processing the whole list, is used as the annotated # text. Otherwise, the brief description is used as-is. If left blank, the # following values are used ($name is automatically replaced with the name of # the entity):The $name class, The $name widget, The $name file, is, provides, # specifies, contains, represents, a, an and the. ABBREVIATE_BRIEF = "The $name class" \ "The $name widget" \ "The $name file" \ is \ provides \ specifies \ contains \ represents \ a \ an \ the # If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then # doxygen will generate a detailed section even if there is only a brief # description. # The default value is: NO. ALWAYS_DETAILED_SEC = NO # If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all # inherited members of a class in the documentation of that class as if those # members were ordinary class members. Constructors, destructors and assignment # operators of the base classes will not be shown. # The default value is: NO. INLINE_INHERITED_MEMB = NO # If the FULL_PATH_NAMES tag is set to YES, doxygen will prepend the full path # before files name in the file list and in the header files. If set to NO the # shortest path that makes the file name unique will be used # The default value is: YES. FULL_PATH_NAMES = YES # The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path. # Stripping is only done if one of the specified strings matches the left-hand # part of the path. The tag can be used to show relative paths in the file list. # If left blank the directory from which doxygen is run is used as the path to # strip. # # Note that you can specify absolute paths here, but also relative paths, which # will be relative from the directory where doxygen is started. # This tag requires that the tag FULL_PATH_NAMES is set to YES. STRIP_FROM_PATH = # The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the # path mentioned in the documentation of a class, which tells the reader which # header file to include in order to use a class. If left blank only the name of # the header file containing the class definition is used. Otherwise one should # specify the list of include paths that are normally passed to the compiler # using the -I flag. STRIP_FROM_INC_PATH = # If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but # less readable) file names. This can be useful is your file systems doesn't # support long names like on DOS, Mac, or CD-ROM. # The default value is: NO. SHORT_NAMES = NO # If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the # first line (until the first dot) of a Javadoc-style comment as the brief # description. If set to NO, the Javadoc-style will behave just like regular Qt- # style comments (thus requiring an explicit @brief command for a brief # description.) # The default value is: NO. JAVADOC_AUTOBRIEF = NO # If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first # line (until the first dot) of a Qt-style comment as the brief description. If # set to NO, the Qt-style will behave just like regular Qt-style comments (thus # requiring an explicit \brief command for a brief description.) # The default value is: NO. QT_AUTOBRIEF = NO # The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a # multi-line C++ special comment block (i.e. a block of //! or /// comments) as # a brief description. This used to be the default behavior. The new default is # to treat a multi-line C++ comment block as a detailed description. Set this # tag to YES if you prefer the old behavior instead. # # Note that setting this tag to YES also means that rational rose comments are # not recognized any more. # The default value is: NO. MULTILINE_CPP_IS_BRIEF = NO # If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the # documentation from any documented member that it re-implements. # The default value is: YES. INHERIT_DOCS = YES # If the SEPARATE_MEMBER_PAGES tag is set to YES then doxygen will produce a new # page for each member. If set to NO, the documentation of a member will be part # of the file/class/namespace that contains it. # The default value is: NO. SEPARATE_MEMBER_PAGES = NO # The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen # uses this value to replace tabs by spaces in code fragments. # Minimum value: 1, maximum value: 16, default value: 4. TAB_SIZE = 4 # This tag can be used to specify a number of aliases that act as commands in # the documentation. An alias has the form: # name=value # For example adding # "sideeffect=@par Side Effects:\n" # will allow you to put the command \sideeffect (or @sideeffect) in the # documentation, which will result in a user-defined paragraph with heading # "Side Effects:". You can put \n's in the value part of an alias to insert # newlines. ALIASES = # This tag can be used to specify a number of word-keyword mappings (TCL only). # A mapping has the form "name=value". For example adding "class=itcl::class" # will allow you to use the command class in the itcl::class meaning. TCL_SUBST = # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources # only. Doxygen will then generate output that is more tailored for C. For # instance, some of the names that are used will be different. The list of all # members will be omitted, etc. # The default value is: NO. OPTIMIZE_OUTPUT_FOR_C = YES # Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or # Python sources only. Doxygen will then generate output that is more tailored # for that language. For instance, namespaces will be presented as packages, # qualified scopes will look different, etc. # The default value is: NO. OPTIMIZE_OUTPUT_JAVA = NO # Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran # sources. Doxygen will then generate output that is tailored for Fortran. # The default value is: NO. OPTIMIZE_FOR_FORTRAN = NO # Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL # sources. Doxygen will then generate output that is tailored for VHDL. # The default value is: NO. OPTIMIZE_OUTPUT_VHDL = NO # Doxygen selects the parser to use depending on the extension of the files it # parses. With this tag you can assign which parser to use for a given # extension. Doxygen has a built-in mapping, but you can override or extend it # using this tag. The format is ext=language, where ext is a file extension, and # language is one of the parsers supported by doxygen: IDL, Java, Javascript, # C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran: # FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran: # Fortran. In the later case the parser tries to guess whether the code is fixed # or free formatted code, this is the default for Fortran type files), VHDL. For # instance to make doxygen treat .inc files as Fortran files (default is PHP), # and .f files as C (default is Fortran), use: inc=Fortran f=C. # # Note: For files without extension you can use no_extension as a placeholder. # # Note that for custom extensions you also need to set FILE_PATTERNS otherwise # the files are not read by doxygen. EXTENSION_MAPPING = # If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments # according to the Markdown format, which allows for more readable # documentation. See http://daringfireball.net/projects/markdown/ for details. # The output of markdown processing is further processed by doxygen, so you can # mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in # case of backward compatibilities issues. # The default value is: YES. MARKDOWN_SUPPORT = YES # When the TOC_INCLUDE_HEADINGS tag is set to a non-zero value, all headings up # to that level are automatically included in the table of contents, even if # they do not have an id attribute. # Note: This feature currently applies only to Markdown headings. # Minimum value: 0, maximum value: 99, default value: 0. # This tag requires that the tag MARKDOWN_SUPPORT is set to YES. TOC_INCLUDE_HEADINGS = 0 # When enabled doxygen tries to link words that correspond to documented # classes, or namespaces to their corresponding documentation. Such a link can # be prevented in individual cases by putting a % sign in front of the word or # globally by setting AUTOLINK_SUPPORT to NO. # The default value is: YES. AUTOLINK_SUPPORT = YES # If you use STL classes (i.e. std::string, std::vector, etc.) but do not want # to include (a tag file for) the STL sources as input, then you should set this # tag to YES in order to let doxygen match functions declarations and # definitions whose arguments contain STL classes (e.g. func(std::string); # versus func(std::string) {}). This also make the inheritance and collaboration # diagrams that involve STL classes more complete and accurate. # The default value is: NO. BUILTIN_STL_SUPPORT = NO # If you use Microsoft's C++/CLI language, you should set this option to YES to # enable parsing support. # The default value is: NO. CPP_CLI_SUPPORT = NO # Set the SIP_SUPPORT tag to YES if your project consists of sip (see: # http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen # will parse them like normal C++ but will assume all classes use public instead # of private inheritance when no explicit protection keyword is present. # The default value is: NO. SIP_SUPPORT = NO # For Microsoft's IDL there are propget and propput attributes to indicate # getter and setter methods for a property. Setting this option to YES will make # doxygen to replace the get and set methods by a property in the documentation. # This will only work if the methods are indeed getting or setting a simple # type. If this is not the case, or you want to show the methods anyway, you # should set this option to NO. # The default value is: YES. IDL_PROPERTY_SUPPORT = YES # If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC # tag is set to YES then doxygen will reuse the documentation of the first # member in the group (if any) for the other members of the group. By default # all members of a group must be documented explicitly. # The default value is: NO. DISTRIBUTE_GROUP_DOC = NO # If one adds a struct or class to a group and this option is enabled, then also # any nested class or struct is added to the same group. By default this option # is disabled and one has to add nested compounds explicitly via \ingroup. # The default value is: NO. GROUP_NESTED_COMPOUNDS = NO # Set the SUBGROUPING tag to YES to allow class member groups of the same type # (for instance a group of public functions) to be put as a subgroup of that # type (e.g. under the Public Functions section). Set it to NO to prevent # subgrouping. Alternatively, this can be done per class using the # \nosubgrouping command. # The default value is: YES. SUBGROUPING = YES # When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions # are shown inside the group in which they are included (e.g. using \ingroup) # instead of on a separate page (for HTML and Man pages) or section (for LaTeX # and RTF). # # Note that this feature does not work in combination with # SEPARATE_MEMBER_PAGES. # The default value is: NO. INLINE_GROUPED_CLASSES = NO # When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions # with only public data fields or simple typedef fields will be shown inline in # the documentation of the scope in which they are defined (i.e. file, # namespace, or group documentation), provided this scope is documented. If set # to NO, structs, classes, and unions are shown on a separate page (for HTML and # Man pages) or section (for LaTeX and RTF). # The default value is: NO. INLINE_SIMPLE_STRUCTS = NO # When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or # enum is documented as struct, union, or enum with the name of the typedef. So # typedef struct TypeS {} TypeT, will appear in the documentation as a struct # with name TypeT. When disabled the typedef will appear as a member of a file, # namespace, or class. And the struct will be named TypeS. This can typically be # useful for C code in case the coding convention dictates that all compound # types are typedef'ed and only the typedef is referenced, never the tag name. # The default value is: NO. TYPEDEF_HIDES_STRUCT = YES # The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This # cache is used to resolve symbols given their name and scope. Since this can be # an expensive process and often the same symbol appears multiple times in the # code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small # doxygen will become slower. If the cache is too large, memory is wasted. The # cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range # is 0..9, the default is 0, corresponding to a cache size of 2^16=65536 # symbols. At the end of a run doxygen will report the cache usage and suggest # the optimal cache size from a speed point of view. # Minimum value: 0, maximum value: 9, default value: 0. LOOKUP_CACHE_SIZE = 0 #--------------------------------------------------------------------------- # Build related configuration options #--------------------------------------------------------------------------- # If the EXTRACT_ALL tag is set to YES, doxygen will assume all entities in # documentation are documented, even if no documentation was available. Private # class members and static file members will be hidden unless the # EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES. # Note: This will also disable the warnings about undocumented members that are # normally produced when WARNINGS is set to YES. # The default value is: NO. EXTRACT_ALL = NO # If the EXTRACT_PRIVATE tag is set to YES, all private members of a class will # be included in the documentation. # The default value is: NO. EXTRACT_PRIVATE = NO # If the EXTRACT_PACKAGE tag is set to YES, all members with package or internal # scope will be included in the documentation. # The default value is: NO. EXTRACT_PACKAGE = NO # If the EXTRACT_STATIC tag is set to YES, all static members of a file will be # included in the documentation. # The default value is: NO. EXTRACT_STATIC = NO # If the EXTRACT_LOCAL_CLASSES tag is set to YES, classes (and structs) defined # locally in source files will be included in the documentation. If set to NO, # only classes defined in header files are included. Does not have any effect # for Java sources. # The default value is: YES. EXTRACT_LOCAL_CLASSES = NO # This flag is only useful for Objective-C code. If set to YES, local methods, # which are defined in the implementation section but not in the interface are # included in the documentation. If set to NO, only methods in the interface are # included. # The default value is: NO. EXTRACT_LOCAL_METHODS = NO # If this flag is set to YES, the members of anonymous namespaces will be # extracted and appear in the documentation as a namespace called # 'anonymous_namespace{file}', where file will be replaced with the base name of # the file that contains the anonymous namespace. By default anonymous namespace # are hidden. # The default value is: NO. EXTRACT_ANON_NSPACES = NO # If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all # undocumented members inside documented classes or files. If set to NO these # members will be included in the various overviews, but no documentation # section is generated. This option has no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_MEMBERS = NO # If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all # undocumented classes that are normally visible in the class hierarchy. If set # to NO, these classes will be included in the various overviews. This option # has no effect if EXTRACT_ALL is enabled. # The default value is: NO. HIDE_UNDOC_CLASSES = NO # If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend # (class|struct|union) declarations. If set to NO, these declarations will be # included in the documentation. # The default value is: NO. HIDE_FRIEND_COMPOUNDS = NO # If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any # documentation blocks found inside the body of a function. If set to NO, these # blocks will be appended to the function's detailed documentation block. # The default value is: NO. HIDE_IN_BODY_DOCS = NO # The INTERNAL_DOCS tag determines if documentation that is typed after a # \internal command is included. If the tag is set to NO then the documentation # will be excluded. Set it to YES to include the internal documentation. # The default value is: NO. INTERNAL_DOCS = NO # If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file # names in lower-case letters. If set to YES, upper-case letters are also # allowed. This is useful if you have classes or files whose names only differ # in case and if your file system supports case sensitive file names. Windows # and Mac users are advised to set this option to NO. # The default value is: system dependent. CASE_SENSE_NAMES = NO # If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with # their full class and namespace scopes in the documentation. If set to YES, the # scope will be hidden. # The default value is: NO. HIDE_SCOPE_NAMES = NO # If the HIDE_COMPOUND_REFERENCE tag is set to NO (default) then doxygen will # append additional text to a page's title, such as Class Reference. If set to # YES the compound reference will be hidden. # The default value is: NO. HIDE_COMPOUND_REFERENCE= NO # If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of # the files that are included by a file in the documentation of that file. # The default value is: YES. SHOW_INCLUDE_FILES = YES # If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each # grouped member an include statement to the documentation, telling the reader # which file to include in order to use the member. # The default value is: NO. SHOW_GROUPED_MEMB_INC = NO # If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include # files with double quotes in the documentation rather than with sharp brackets. # The default value is: NO. FORCE_LOCAL_INCLUDES = NO # If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the # documentation for inline members. # The default value is: YES. INLINE_INFO = YES # If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the # (detailed) documentation of file and class members alphabetically by member # name. If set to NO, the members will appear in declaration order. # The default value is: YES. SORT_MEMBER_DOCS = YES # If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief # descriptions of file, namespace and class members alphabetically by member # name. If set to NO, the members will appear in declaration order. Note that # this will also influence the order of the classes in the class list. # The default value is: NO. SORT_BRIEF_DOCS = NO # If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the # (brief and detailed) documentation of class members so that constructors and # destructors are listed first. If set to NO the constructors will appear in the # respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS. # Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief # member documentation. # Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting # detailed member documentation. # The default value is: NO. SORT_MEMBERS_CTORS_1ST = NO # If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy # of group names into alphabetical order. If set to NO the group names will # appear in their defined order. # The default value is: NO. SORT_GROUP_NAMES = NO # If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by # fully-qualified names, including namespaces. If set to NO, the class list will # be sorted only by class name, not including the namespace part. # Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. # Note: This option applies only to the class list, not to the alphabetical # list. # The default value is: NO. SORT_BY_SCOPE_NAME = NO # If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper # type resolution of all parameters of a function it will reject a match between # the prototype and the implementation of a member function even if there is # only one candidate or it is obvious which candidate to choose by doing a # simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still # accept a match between prototype and implementation in such cases. # The default value is: NO. STRICT_PROTO_MATCHING = NO # The GENERATE_TODOLIST tag can be used to enable (YES) or disable (NO) the todo # list. This list is created by putting \todo commands in the documentation. # The default value is: YES. GENERATE_TODOLIST = YES # The GENERATE_TESTLIST tag can be used to enable (YES) or disable (NO) the test # list. This list is created by putting \test commands in the documentation. # The default value is: YES. GENERATE_TESTLIST = YES # The GENERATE_BUGLIST tag can be used to enable (YES) or disable (NO) the bug # list. This list is created by putting \bug commands in the documentation. # The default value is: YES. GENERATE_BUGLIST = YES # The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or disable (NO) # the deprecated list. This list is created by putting \deprecated commands in # the documentation. # The default value is: YES. GENERATE_DEPRECATEDLIST= YES # The ENABLED_SECTIONS tag can be used to enable conditional documentation # sections, marked by \if ... \endif and \cond # ... \endcond blocks. ENABLED_SECTIONS = # The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the # initial value of a variable or macro / define can have for it to appear in the # documentation. If the initializer consists of more lines than specified here # it will be hidden. Use a value of 0 to hide initializers completely. The # appearance of the value of individual variables and macros / defines can be # controlled using \showinitializer or \hideinitializer command in the # documentation regardless of this setting. # Minimum value: 0, maximum value: 10000, default value: 30. MAX_INITIALIZER_LINES = 30 # Set the SHOW_USED_FILES tag to NO to disable the list of files generated at # the bottom of the documentation of classes and structs. If set to YES, the # list will mention the files that were used to generate the documentation. # The default value is: YES. SHOW_USED_FILES = YES # Set the SHOW_FILES tag to NO to disable the generation of the Files page. This # will remove the Files entry from the Quick Index and from the Folder Tree View # (if specified). # The default value is: YES. SHOW_FILES = YES # Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces # page. This will remove the Namespaces entry from the Quick Index and from the # Folder Tree View (if specified). # The default value is: YES. SHOW_NAMESPACES = YES # The FILE_VERSION_FILTER tag can be used to specify a program or script that # doxygen should invoke to get the current version for each file (typically from # the version control system). Doxygen will invoke the program by executing (via # popen()) the command command input-file, where command is the value of the # FILE_VERSION_FILTER tag, and input-file is the name of an input file provided # by doxygen. Whatever the program writes to standard output is used as the file # version. For an example see the documentation. FILE_VERSION_FILTER = # The LAYOUT_FILE tag can be used to specify a layout file which will be parsed # by doxygen. The layout file controls the global structure of the generated # output files in an output format independent way. To create the layout file # that represents doxygen's defaults, run doxygen with the -l option. You can # optionally specify a file name after the option, if omitted DoxygenLayout.xml # will be used as the name of the layout file. # # Note that if you run doxygen from a directory containing a file called # DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE # tag is left empty. LAYOUT_FILE = # The CITE_BIB_FILES tag can be used to specify one or more bib files containing # the reference definitions. This must be a list of .bib files. The .bib # extension is automatically appended if omitted. This requires the bibtex tool # to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info. # For LaTeX the style of the bibliography can be controlled using # LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the # search path. See also \cite for info how to create references. CITE_BIB_FILES = #--------------------------------------------------------------------------- # Configuration options related to warning and progress messages #--------------------------------------------------------------------------- # The QUIET tag can be used to turn on/off the messages that are generated to # standard output by doxygen. If QUIET is set to YES this implies that the # messages are off. # The default value is: NO. QUIET = NO # The WARNINGS tag can be used to turn on/off the warning messages that are # generated to standard error (stderr) by doxygen. If WARNINGS is set to YES # this implies that the warnings are on. # # Tip: Turn warnings on while writing the documentation. # The default value is: YES. WARNINGS = YES # If the WARN_IF_UNDOCUMENTED tag is set to YES then doxygen will generate # warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag # will automatically be disabled. # The default value is: YES. WARN_IF_UNDOCUMENTED = YES # If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for # potential errors in the documentation, such as not documenting some parameters # in a documented function, or documenting parameters that don't exist or using # markup commands wrongly. # The default value is: YES. WARN_IF_DOC_ERROR = YES # This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that # are documented, but have no documentation for their parameters or return # value. If set to NO, doxygen will only warn about wrong or incomplete # parameter documentation, but not about the absence of documentation. # The default value is: NO. WARN_NO_PARAMDOC = NO # If the WARN_AS_ERROR tag is set to YES then doxygen will immediately stop when # a warning is encountered. # The default value is: NO. WARN_AS_ERROR = NO # The WARN_FORMAT tag determines the format of the warning messages that doxygen # can produce. The string should contain the $file, $line, and $text tags, which # will be replaced by the file and line number from which the warning originated # and the warning text. Optionally the format may contain $version, which will # be replaced by the version of the file (if it could be obtained via # FILE_VERSION_FILTER) # The default value is: $file:$line: $text. WARN_FORMAT = "$file:$line: $text" # The WARN_LOGFILE tag can be used to specify a file to which warning and error # messages should be written. If left blank the output is written to standard # error (stderr). WARN_LOGFILE = #--------------------------------------------------------------------------- # Configuration options related to the input files #--------------------------------------------------------------------------- # The INPUT tag is used to specify the files and/or directories that contain # documented source files. You may enter file names like myfile.cpp or # directories like /usr/src/myproject. Separate the files or directories with # spaces. See also FILE_PATTERNS and EXTENSION_MAPPING # Note: If this tag is empty the current directory is searched. INPUT = lib # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses # libiconv (or the iconv built into libc) for the transcoding. See the libiconv # documentation (see: http://www.gnu.org/software/libiconv) for the list of # possible encodings. # The default value is: UTF-8. INPUT_ENCODING = UTF-8 # If the value of the INPUT tag contains directories, you can use the # FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and # *.h) to filter out the source-files in the directories. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # read by doxygen. # # If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cpp, # *.c++, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, # *.hh, *.hxx, *.hpp, *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, # *.m, *.markdown, *.md, *.mm, *.dox, *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, # *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf and *.qsf. FILE_PATTERNS = *.c \ *.cc \ *.cxx \ *.cpp \ *.c++ \ *.java \ *.ii \ *.ixx \ *.ipp \ *.i++ \ *.inl \ *.idl \ *.ddl \ *.odl \ *.h \ *.hh \ *.hxx \ *.hpp \ *.h++ \ *.cs \ *.d \ *.php \ *.php4 \ *.php5 \ *.phtml \ *.inc \ *.m \ *.markdown \ *.md \ *.mm \ *.dox \ *.py \ *.pyw \ *.f90 \ *.f95 \ *.f03 \ *.f08 \ *.f \ *.for \ *.tcl \ *.vhd \ *.vhdl \ *.ucf \ *.qsf # The RECURSIVE tag can be used to specify whether or not subdirectories should # be searched for input files as well. # The default value is: NO. RECURSIVE = NO # The EXCLUDE tag can be used to specify files and/or directories that should be # excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. # # Note that relative paths are relative to the directory from which doxygen is # run. EXCLUDE = internal.h internal.c # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded # from the input. # The default value is: NO. EXCLUDE_SYMLINKS = NO # If the value of the INPUT tag contains directories, you can use the # EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude # certain files from those directories. # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories for example use the pattern */test/* EXCLUDE_PATTERNS = # The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names # (namespaces, classes, functions, etc.) that should be excluded from the # output. The symbol name can be a fully qualified name, a word, or if the # wildcard * is used, a substring. Examples: ANamespace, AClass, # AClass::ANamespace, ANamespace::*Test # # Note that the wildcards are matched against the file with absolute path, so to # exclude all test directories use the pattern */test/* EXCLUDE_SYMBOLS = # The EXAMPLE_PATH tag can be used to specify one or more files or directories # that contain example code fragments that are included (see the \include # command). EXAMPLE_PATH = # If the value of the EXAMPLE_PATH tag contains directories, you can use the # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and # *.h) to filter out the source-files in the directories. If left blank all # files are included. EXAMPLE_PATTERNS = * # If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be # searched for input files to be used with the \include or \dontinclude commands # irrespective of the value of the RECURSIVE tag. # The default value is: NO. EXAMPLE_RECURSIVE = NO # The IMAGE_PATH tag can be used to specify one or more files or directories # that contain images that are to be included in the documentation (see the # \image command). IMAGE_PATH = # The INPUT_FILTER tag can be used to specify a program that doxygen should # invoke to filter for each input file. Doxygen will invoke the filter program # by executing (via popen()) the command: # # # # where is the value of the INPUT_FILTER tag, and is the # name of an input file. Doxygen will then use the output that the filter # program writes to standard output. If FILTER_PATTERNS is specified, this tag # will be ignored. # # Note that the filter must not add or remove lines; it is applied before the # code is scanned, but not when the output code is generated. If lines are added # or removed, the anchors will not be placed correctly. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # properly processed by doxygen. INPUT_FILTER = # The FILTER_PATTERNS tag can be used to specify filters on a per file pattern # basis. Doxygen will compare the file name with each pattern and apply the # filter if there is a match. The filters are a list of the form: pattern=filter # (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how # filters are used. If the FILTER_PATTERNS tag is empty or if none of the # patterns match the file name, INPUT_FILTER is applied. # # Note that for custom extensions or not directly supported extensions you also # need to set EXTENSION_MAPPING for the extension otherwise the files are not # properly processed by doxygen. FILTER_PATTERNS = # If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using # INPUT_FILTER) will also be used to filter the input files that are used for # producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES). # The default value is: NO. FILTER_SOURCE_FILES = NO # The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file # pattern. A pattern will override the setting for FILTER_PATTERN (if any) and # it is also possible to disable source filtering for a specific pattern using # *.ext= (so without naming a filter). # This tag requires that the tag FILTER_SOURCE_FILES is set to YES. FILTER_SOURCE_PATTERNS = # If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that # is part of the input, its contents will be placed on the main page # (index.html). This can be useful if you have a project on for instance GitHub # and want to reuse the introduction page also for the doxygen output. USE_MDFILE_AS_MAINPAGE = #--------------------------------------------------------------------------- # Configuration options related to source browsing #--------------------------------------------------------------------------- # If the SOURCE_BROWSER tag is set to YES then a list of source files will be # generated. Documented entities will be cross-referenced with these sources. # # Note: To get rid of all source code in the generated output, make sure that # also VERBATIM_HEADERS is set to NO. # The default value is: NO. SOURCE_BROWSER = NO # Setting the INLINE_SOURCES tag to YES will include the body of functions, # classes and enums directly into the documentation. # The default value is: NO. INLINE_SOURCES = NO # Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any # special comment blocks from generated source code fragments. Normal C, C++ and # Fortran comments will always remain visible. # The default value is: YES. STRIP_CODE_COMMENTS = YES # If the REFERENCED_BY_RELATION tag is set to YES then for each documented # function all documented functions referencing it will be listed. # The default value is: NO. REFERENCED_BY_RELATION = NO # If the REFERENCES_RELATION tag is set to YES then for each documented function # all documented entities called/used by that function will be listed. # The default value is: NO. REFERENCES_RELATION = NO # If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set # to YES then the hyperlinks from functions in REFERENCES_RELATION and # REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will # link to the documentation. # The default value is: YES. REFERENCES_LINK_SOURCE = YES # If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the # source code will show a tooltip with additional information such as prototype, # brief description and links to the definition and documentation. Since this # will make the HTML file larger and loading of large files a bit slower, you # can opt to disable this feature. # The default value is: YES. # This tag requires that the tag SOURCE_BROWSER is set to YES. SOURCE_TOOLTIPS = YES # If the USE_HTAGS tag is set to YES then the references to source code will # point to the HTML generated by the htags(1) tool instead of doxygen built-in # source browser. The htags tool is part of GNU's global source tagging system # (see http://www.gnu.org/software/global/global.html). You will need version # 4.8.6 or higher. # # To use it do the following: # - Install the latest version of global # - Enable SOURCE_BROWSER and USE_HTAGS in the config file # - Make sure the INPUT points to the root of the source tree # - Run doxygen as normal # # Doxygen will invoke htags (and that will in turn invoke gtags), so these # tools must be available from the command line (i.e. in the search path). # # The result: instead of the source browser generated by doxygen, the links to # source code will now point to the output of htags. # The default value is: NO. # This tag requires that the tag SOURCE_BROWSER is set to YES. USE_HTAGS = NO # If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a # verbatim copy of the header file for each class for which an include is # specified. Set to NO to disable this. # See also: Section \class. # The default value is: YES. VERBATIM_HEADERS = YES #--------------------------------------------------------------------------- # Configuration options related to the alphabetical class index #--------------------------------------------------------------------------- # If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all # compounds will be generated. Enable this if the project contains a lot of # classes, structs, unions or interfaces. # The default value is: YES. ALPHABETICAL_INDEX = YES # The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in # which the alphabetical index list will be split. # Minimum value: 1, maximum value: 20, default value: 5. # This tag requires that the tag ALPHABETICAL_INDEX is set to YES. COLS_IN_ALPHA_INDEX = 5 # In case all classes in a project start with a common prefix, all classes will # be put under the same header in the alphabetical index. The IGNORE_PREFIX tag # can be used to specify a prefix (or a list of prefixes) that should be ignored # while generating the index headers. # This tag requires that the tag ALPHABETICAL_INDEX is set to YES. IGNORE_PREFIX = #--------------------------------------------------------------------------- # Configuration options related to the HTML output #--------------------------------------------------------------------------- # If the GENERATE_HTML tag is set to YES, doxygen will generate HTML output # The default value is: YES. GENERATE_HTML = YES # The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a # relative path is entered the value of OUTPUT_DIRECTORY will be put in front of # it. # The default directory is: html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_OUTPUT = html # The HTML_FILE_EXTENSION tag can be used to specify the file extension for each # generated HTML page (for example: .htm, .php, .asp). # The default value is: .html. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FILE_EXTENSION = .html # The HTML_HEADER tag can be used to specify a user-defined HTML header file for # each generated HTML page. If the tag is left blank doxygen will generate a # standard header. # # To get valid HTML the header file that includes any scripts and style sheets # that doxygen needs, which is dependent on the configuration options used (e.g. # the setting GENERATE_TREEVIEW). It is highly recommended to start with a # default header using # doxygen -w html new_header.html new_footer.html new_stylesheet.css # YourConfigFile # and then modify the file new_header.html. See also section "Doxygen usage" # for information on how to generate the default header that doxygen normally # uses. # Note: The header is subject to change so you typically have to regenerate the # default header when upgrading to a newer version of doxygen. For a description # of the possible markers and block names see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_HEADER = # The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each # generated HTML page. If the tag is left blank doxygen will generate a standard # footer. See HTML_HEADER for more information on how to generate a default # footer and what special commands can be used inside the footer. See also # section "Doxygen usage" for information on how to generate the default footer # that doxygen normally uses. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_FOOTER = # The HTML_STYLESHEET tag can be used to specify a user-defined cascading style # sheet that is used by each HTML page. It can be used to fine-tune the look of # the HTML output. If left blank doxygen will generate a default style sheet. # See also section "Doxygen usage" for information on how to generate the style # sheet that doxygen normally uses. # Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as # it is more robust and this tag (HTML_STYLESHEET) will in the future become # obsolete. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_STYLESHEET = # The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined # cascading style sheets that are included after the standard style sheets # created by doxygen. Using this option one can overrule certain style aspects. # This is preferred over using HTML_STYLESHEET since it does not replace the # standard style sheet and is therefore more robust against future updates. # Doxygen will copy the style sheet files to the output directory. # Note: The order of the extra style sheet files is of importance (e.g. the last # style sheet in the list overrules the setting of the previous ones in the # list). For an example see the documentation. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_STYLESHEET = # The HTML_EXTRA_FILES tag can be used to specify one or more extra images or # other source files which should be copied to the HTML output directory. Note # that these files will be copied to the base HTML output directory. Use the # $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these # files. In the HTML_STYLESHEET file, use the file name only. Also note that the # files will be copied as-is; there are no commands or markers available. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_EXTRA_FILES = # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen # will adjust the colors in the style sheet and background images according to # this color. Hue is specified as an angle on a colorwheel, see # http://en.wikipedia.org/wiki/Hue for more information. For instance the value # 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300 # purple, and 360 is red again. # Minimum value: 0, maximum value: 359, default value: 220. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_HUE = 220 # The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors # in the HTML output. For a value of 0 the output will use grayscales only. A # value of 255 will produce the most vivid colors. # Minimum value: 0, maximum value: 255, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_SAT = 100 # The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the # luminance component of the colors in the HTML output. Values below 100 # gradually make the output lighter, whereas values above 100 make the output # darker. The value divided by 100 is the actual gamma applied, so 80 represents # a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not # change the gamma. # Minimum value: 40, maximum value: 240, default value: 80. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_COLORSTYLE_GAMMA = 80 # If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML # page will contain the date and time when the page was generated. Setting this # to YES can help to show when doxygen was last run and thus if the # documentation is up to date. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_TIMESTAMP = NO # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_DYNAMIC_SECTIONS = NO # With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries # shown in the various tree structured indices initially; the user can expand # and collapse entries dynamically later on. Doxygen will expand the tree to # such a level that at most the specified number of entries are visible (unless # a fully collapsed tree already exceeds this amount). So setting the number of # entries 1 will produce a full collapsed tree by default. 0 is a special value # representing an infinite number of entries and will result in a full expanded # tree by default. # Minimum value: 0, maximum value: 9999, default value: 100. # This tag requires that the tag GENERATE_HTML is set to YES. HTML_INDEX_NUM_ENTRIES = 100 # If the GENERATE_DOCSET tag is set to YES, additional index files will be # generated that can be used as input for Apple's Xcode 3 integrated development # environment (see: http://developer.apple.com/tools/xcode/), introduced with # OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a # Makefile in the HTML output directory. Running make will produce the docset in # that directory and running make install will install the docset in # ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at # startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html # for more information. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_DOCSET = NO # This tag determines the name of the docset feed. A documentation feed provides # an umbrella under which multiple documentation sets from a single provider # (such as a company or product suite) can be grouped. # The default value is: Doxygen generated docs. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_FEEDNAME = "Doxygen generated docs" # This tag specifies a string that should uniquely identify the documentation # set bundle. This should be a reverse domain-name style string, e.g. # com.mycompany.MyDocSet. Doxygen will append .docset to the name. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_BUNDLE_ID = org.doxygen.Project # The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify # the documentation publisher. This should be a reverse domain-name style # string, e.g. com.mycompany.MyDocSet.documentation. # The default value is: org.doxygen.Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_ID = org.doxygen.Publisher # The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher. # The default value is: Publisher. # This tag requires that the tag GENERATE_DOCSET is set to YES. DOCSET_PUBLISHER_NAME = Publisher # If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three # additional HTML index files: index.hhp, index.hhc, and index.hhk. The # index.hhp is a project file that can be read by Microsoft's HTML Help Workshop # (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on # Windows. # # The HTML Help Workshop contains a compiler that can convert all HTML output # generated by doxygen into a single compiled HTML file (.chm). Compiled HTML # files are now used as the Windows 98 help format, and will replace the old # Windows help format (.hlp) on all Windows platforms in the future. Compressed # HTML files also contain an index, a table of contents, and you can search for # words in the documentation. The HTML workshop also contains a viewer for # compressed HTML files. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_HTMLHELP = NO # The CHM_FILE tag can be used to specify the file name of the resulting .chm # file. You can add a path in front of the file if the result should not be # written to the html output directory. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_FILE = # The HHC_LOCATION tag can be used to specify the location (absolute path # including file name) of the HTML help compiler (hhc.exe). If non-empty, # doxygen will try to run the HTML help compiler on the generated index.hhp. # The file has to be specified with full path. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. HHC_LOCATION = # The GENERATE_CHI flag controls if a separate .chi index file is generated # (YES) or that it should be included in the master .chm file (NO). # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. GENERATE_CHI = NO # The CHM_INDEX_ENCODING is used to encode HtmlHelp index (hhk), content (hhc) # and project file content. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. CHM_INDEX_ENCODING = # The BINARY_TOC flag controls whether a binary table of contents is generated # (YES) or a normal table of contents (NO) in the .chm file. Furthermore it # enables the Previous and Next buttons. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. BINARY_TOC = NO # The TOC_EXPAND flag can be set to YES to add extra items for group members to # the table of contents of the HTML help documentation and to the tree view. # The default value is: NO. # This tag requires that the tag GENERATE_HTMLHELP is set to YES. TOC_EXPAND = NO # If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and # QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that # can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help # (.qch) of the generated HTML documentation. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_QHP = NO # If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify # the file name of the resulting .qch file. The path specified is relative to # the HTML output folder. # This tag requires that the tag GENERATE_QHP is set to YES. QCH_FILE = # The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help # Project output. For more information please see Qt Help Project / Namespace # (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace). # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_NAMESPACE = org.doxygen.Project # The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt # Help Project output. For more information please see Qt Help Project / Virtual # Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual- # folders). # The default value is: doc. # This tag requires that the tag GENERATE_QHP is set to YES. QHP_VIRTUAL_FOLDER = doc # If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom # filter to add. For more information please see Qt Help Project / Custom # Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- # filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_NAME = # The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the # custom filter to add. For more information please see Qt Help Project / Custom # Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- # filters). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_CUST_FILTER_ATTRS = # The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this # project's filter section matches. Qt Help Project / Filter Attributes (see: # http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes). # This tag requires that the tag GENERATE_QHP is set to YES. QHP_SECT_FILTER_ATTRS = # The QHG_LOCATION tag can be used to specify the location of Qt's # qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the # generated .qhp file. # This tag requires that the tag GENERATE_QHP is set to YES. QHG_LOCATION = # If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be # generated, together with the HTML files, they form an Eclipse help plugin. To # install this plugin and make it available under the help contents menu in # Eclipse, the contents of the directory containing the HTML and XML files needs # to be copied into the plugins directory of eclipse. The name of the directory # within the plugins directory should be the same as the ECLIPSE_DOC_ID value. # After copying Eclipse needs to be restarted before the help appears. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_ECLIPSEHELP = NO # A unique identifier for the Eclipse help plugin. When installing the plugin # the directory name containing the HTML and XML files should also have this # name. Each documentation set should have its own identifier. # The default value is: org.doxygen.Project. # This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES. ECLIPSE_DOC_ID = org.doxygen.Project # If you want full control over the layout of the generated HTML pages it might # be necessary to disable the index and replace it with your own. The # DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top # of each HTML page. A value of NO enables the index and the value YES disables # it. Since the tabs in the index contain the same information as the navigation # tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. DISABLE_INDEX = NO # The GENERATE_TREEVIEW tag is used to specify whether a tree-like index # structure should be generated to display hierarchical information. If the tag # value is set to YES, a side panel will be generated containing a tree-like # index structure (just like the one that is generated for HTML Help). For this # to work a browser that supports JavaScript, DHTML, CSS and frames is required # (i.e. any modern browser). Windows users are probably better off using the # HTML help feature. Via custom style sheets (see HTML_EXTRA_STYLESHEET) one can # further fine-tune the look of the index. As an example, the default style # sheet generated by doxygen has an example that shows how to put an image at # the root of the tree instead of the PROJECT_NAME. Since the tree basically has # the same information as the tab index, you could consider setting # DISABLE_INDEX to YES when enabling this option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. GENERATE_TREEVIEW = YES # The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that # doxygen will group on one line in the generated HTML documentation. # # Note that a value of 0 will completely suppress the enum values from appearing # in the overview section. # Minimum value: 0, maximum value: 20, default value: 4. # This tag requires that the tag GENERATE_HTML is set to YES. ENUM_VALUES_PER_LINE = 4 # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used # to set the initial width (in pixels) of the frame in which the tree is shown. # Minimum value: 0, maximum value: 1500, default value: 250. # This tag requires that the tag GENERATE_HTML is set to YES. TREEVIEW_WIDTH = 250 # If the EXT_LINKS_IN_WINDOW option is set to YES, doxygen will open links to # external symbols imported via tag files in a separate window. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. EXT_LINKS_IN_WINDOW = NO # Use this tag to change the font size of LaTeX formulas included as images in # the HTML documentation. When you change the font size after a successful # doxygen run you need to manually remove any form_*.png images from the HTML # output directory to force them to be regenerated. # Minimum value: 8, maximum value: 50, default value: 10. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_FONTSIZE = 10 # Use the FORMULA_TRANPARENT tag to determine whether or not the images # generated for formulas are transparent PNGs. Transparent PNGs are not # supported properly for IE 6.0, but are supported on all modern browsers. # # Note that when changing this option you need to delete any form_*.png files in # the HTML output directory before the changes have effect. # The default value is: YES. # This tag requires that the tag GENERATE_HTML is set to YES. FORMULA_TRANSPARENT = YES # Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see # http://www.mathjax.org) which uses client side Javascript for the rendering # instead of using pre-rendered bitmaps. Use this if you do not have LaTeX # installed or if you want to formulas look prettier in the HTML output. When # enabled you may also need to install MathJax separately and configure the path # to it using the MATHJAX_RELPATH option. # The default value is: NO. # This tag requires that the tag GENERATE_HTML is set to YES. USE_MATHJAX = NO # When MathJax is enabled you can set the default output format to be used for # the MathJax output. See the MathJax site (see: # http://docs.mathjax.org/en/latest/output.html) for more details. # Possible values are: HTML-CSS (which is slower, but has the best # compatibility), NativeMML (i.e. MathML) and SVG. # The default value is: HTML-CSS. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_FORMAT = HTML-CSS # When MathJax is enabled you need to specify the location relative to the HTML # output directory using the MATHJAX_RELPATH option. The destination directory # should contain the MathJax.js script. For instance, if the mathjax directory # is located at the same level as the HTML output directory, then # MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax # Content Delivery Network so you can quickly see the result without installing # MathJax. However, it is strongly recommended to install a local copy of # MathJax from http://www.mathjax.org before deployment. # The default value is: http://cdn.mathjax.org/mathjax/latest. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest # The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax # extension names that should be enabled during MathJax rendering. For example # MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_EXTENSIONS = # The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces # of code that will be used on startup of the MathJax code. See the MathJax site # (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an # example see the documentation. # This tag requires that the tag USE_MATHJAX is set to YES. MATHJAX_CODEFILE = # When the SEARCHENGINE tag is enabled doxygen will generate a search box for # the HTML output. The underlying search engine uses javascript and DHTML and # should work on any modern browser. Note that when using HTML help # (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET) # there is already a search function so this one should typically be disabled. # For large projects the javascript based search engine can be slow, then # enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to # search using the keyboard; to jump to the search box use + S # (what the is depends on the OS and browser, but it is typically # , /