CMake Build Support (johnpatek#2)

johnpatek · web-flow · commit 081937bc94c2 · 2025-03-16T14:47:00.000-05:00
* added CMakeLists.txt to build on Linux and Windows
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -0,0 +1,122 @@
+cmake_minimum_required(VERSION 3.15)
+
+project(cpp-xml-security)
+
+find_package(Threads REQUIRED)
+find_package(XercesC REQUIRED)
+find_package(OpenSSL REQUIRED)
+
+# Define variables that control feature detection
+include(CheckIncludeFile)
+include(CheckSymbolExists)
+include(CheckCXXSourceCompiles)
+
+
+if(NOT WIN32)
+  if(OPENSSL_FOUND)
+    include_directories(${OPENSSL_INCLUDE_DIR})
+    set(CMAKE_REQUIRED_LIBRARIES OpenSSL::Crypto OpenSSL::SSL)
+    set(XSEC_HAVE_OPENSSL 1)
+    set(XSEC_OPENSSL_HAVE_AES 1)
+    set(XSEC_OPENSSL_HAVE_GCM 1)
+    set(XSEC_OPENSSL_HAVE_EC 1)
+    set(XSEC_OPENSSL_HAVE_SHA2 1)
+    set(XSEC_OPENSSL_HAVE_MGF1 1)
+  else()
+    set(XSEC_HAVE_OPENSSL 0)
+    set(XSEC_OPENSSL_HAVE_AES 0)
+    set(XSEC_OPENSSL_HAVE_GCM 0)
+    set(XSEC_OPENSSL_cHAVE_EC 0)
+    set(XSEC_OPENSSL_HAVE_SHA2 0)
+    set(XSEC_OPENSSL_HAVE_MGF1 0)
+  endif()
+
+  # Check for getcwd(NULL, 0)
+  check_symbol_exists(getcwd "unistd.h" XSEC_HAVE_GETCWD_DYN)
+
+  # Check for EVP_CIPHER_CTX_set_padding
+  check_symbol_exists(EVP_CIPHER_CTX_set_padding "openssl/evp.h" XSEC_OPENSSL_CANSET_PADDING)
+
+  # Check if OpenSSL has const input buffers
+  check_symbol_exists(X509_get_serialNumber "openssl/x509.h" XSEC_OPENSSL_CONST_BUFFERS)
+  check_symbol_exists(d2i_X509 "openssl/x509.h" XSEC_OPENSSL_D2IX509_CONST_BUFFER)
+
+  # Check if OpenSSL has CRYPTO_cleanup_all_ex_data
+  check_symbol_exists(CRYPTO_cleanup_all_ex_data "openssl/crypto.h" XSEC_OPENSSL_HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
+
+  # Generate the configured header
+  configure_file(
+    ${CMAKE_CURRENT_SOURCE_DIR}/xsec/framework/XSECConfig.hpp.cmake.in
+    ${CMAKE_CURRENT_BINARY_DIR}/xsec/framework/XSECConfig.hpp
+  )
+
+  # Ensure the generated header is in the include path
+  include_directories(${CMAKE_CURRENT_BINARY_DIR}/xsec/framework)
+endif()
+
+set(CANON_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/canon)
+set(DSIG_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/dsig)
+set(ENC_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/enc)
+set(OPENSSL_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/enc/OpenSSL)
+set(XSCRYPT_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/enc/XSCrypt)
+set(FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/framework)
+set(SAMPLES_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/samples)
+set(TOOLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/tools)
+set(TRANSFORMERS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/transformers)
+set(UTILS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/utils)
+set(XENC_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/xenc)
+set(IMPL_DIR ${CMAKE_CURRENT_SOURCE_DIR}/xsec/xenc/impl)
+
+# Add source files
+file(
+  GLOB 
+  XSEC_SOURCES 
+  ${CANON_DIR}/*.cpp ${DSIG_DIR}/*.cpp ${ENC_DIR}/*.cpp ${OPENSSL_DIR}/*.cpp ${XSCRYPT_DIR}/*.cpp ${FRAMEWORK_DIR}/*.cpp ${TRANSFORMERS_DIR}/*.cpp ${UTILS_DIR}/*.cpp ${XENC_DIR}/*.cpp ${IMPL_DIR}/*.cpp)
+
+message(STATUS "xerces library: ${XercesC_LIBRARY}")
+# Add libxml-security-c
+if(WIN32)
+  add_library(xml-security-c-static STATIC ${XSEC_SOURCES})
+  add_library(xml-security-c-dynamic SHARED ${XSEC_SOURCES})
+  target_include_directories(
+    xml-security-c-static
+    PUBLIC
+    ${CMAKE_CURRENT_SOURCE_DIR} 
+    ${XercesC_INCLUDE_DIRS} 
+    ${OPENSSL_INCLUDE_DIR})
+  target_include_directories(
+    xml-security-c-dynamic
+    PUBLIC
+    ${CMAKE_CURRENT_SOURCE_DIR} 
+    ${XercesC_INCLUDE_DIRS} 
+    ${OPENSSL_INCLUDE_DIR})
+  target_link_libraries(xml-security-c-static PUBLIC ${XercesC_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} OpenSSL::Crypto OpenSSL::SSL)  
+  target_link_libraries(xml-security-c-dynamic PUBLIC ${XercesC_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} OpenSSL::Crypto OpenSSL::SSL)  
+  set_target_properties(xml-security-c-static PROPERTIES OUTPUT_NAME xml-security-c)
+  set_target_properties(xml-security-c-dynamic PROPERTIES OUTPUT_NAME xml-security-c)
+else()
+  add_library(xml-security-c SHARED ${XSEC_SOURCES})
+  target_include_directories(
+    xml-security-c 
+    PUBLIC
+    ${CMAKE_CURRENT_SOURCE_DIR} 
+    ${XercesC_INCLUDE_DIRS} 
+    ${OPENSSL_INCLUDE_DIR})
+  target_link_libraries(xml-security-c PUBLIC ${XercesC_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} OpenSSL::Crypto OpenSSL::SSL)  
+endif()
+
+if(OPENSSL_FOUND)
+  if(WIN32)
+    target_compile_definitions(xml-security-c-static PUBLIC XSEC_HAVE_OPENSSL=1 XSEC_BUILDING_LIBRARY=1)
+    target_compile_definitions(xml-security-c-dynamic PUBLIC XSEC_HAVE_OPENSSL=1 XSEC_BUILDING_LIBRARY=1)
+  else()
+    target_compile_definitions(xml-security-c PUBLIC XSEC_HAVE_OPENSSL=1 XSEC_OPENSSL_HAVE_AES=1 XSEC_OPENSSL_HAVE_GCM=1 XSEC_OPENSSL_HAVE_EC=1 XSEC_OPENSSL_HAVE_SHA2=1 XSEC_OPENSSL_HAVE_MGF1=1)
+  endif()
+endif()
+
+add_executable(xsec-xtest ${TOOLS_DIR}/xtest/xtest.cpp)
+if(WIN32)
+  target_link_libraries(xsec-xtest xml-security-c-static)
+else()
+  target_link_libraries(xsec-xtest xml-security-c)
+endif()
diff --git a/xsec/framework/XSECConfig.hpp.cmake.in b/xsec/framework/XSECConfig.hpp.cmake.in
@@ -0,0 +1,55 @@
+/**
+ * copyright(c) 2025 John R Patek Sr
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ * xsec/framework/XSECConfig.hpp. Generated by CMake.  
+ *
+ */
+
+/* Define if OpenSSL is in use. */
+#cmakedefine01 XSEC_HAVE_OPENSSL
+
+/* Define to 1 if getcwd(NULL, 0) works. */
+#cmakedefine01 XSEC_HAVE_GETCWD_DYN
+
+/* Define to 1 if OpenSSL has EVP_CIPHER_CTX_set_padding. */
+#cmakedefine01 XSEC_OPENSSL_CANSET_PADDING
+
+/* Define to 1 if OpenSSL uses const input buffers. */
+#cmakedefine01 XSEC_OPENSSL_CONST_BUFFERS
+
+/* Define to 1 if OpenSSL X509 API has const input buffer. */
+#cmakedefine01 XSEC_OPENSSL_D2IX509_CONST_BUFFER
+
+/* Define to 1 if OpenSSL has full AES support. */
+#cmakedefine01 XSEC_OPENSSL_HAVE_AES
+
+/* Define to 1 if OpenSSL has GCM support. */
+#cmakedefine01 XSEC_OPENSSL_HAVE_GCM
+
+/* Define to 1 if OpenSSL has CRYPTO_cleanup_all_ex_data. */
+#cmakedefine01 XSEC_OPENSSL_HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
+
+/* Define to 1 if OpenSSL has EC support. */
+#cmakedefine01 XSEC_OPENSSL_HAVE_EC
+
+/* Define to 1 if OpenSSL has SHA2 support. */
+#cmakedefine01 XSEC_OPENSSL_HAVE_SHA2
+
+#include <xsec/framework/XSECVersion.hpp>
diff --git a/xsec/tools/xtest/xtest.cpp b/xsec/tools/xtest/xtest.cpp
@@ -35,6 +35,7 @@
 
 #include <memory.h>
 #include <iostream>
+#include <memory>
 #include <stdlib.h>
 
 #include <xercesc/util/PlatformUtils.hpp>
@@ -69,6 +70,7 @@
 #include <xsec/enc/XSECCryptoSymmetricKey.hpp>
 #include <xsec/framework/XSECError.hpp>
 #include <xsec/framework/XSECProvider.hpp>
+#include <xsec/framework/XSECURIResolverXerces.hpp>
 #include <xsec/xenc/XENCCipher.hpp>
 #include <xsec/xenc/XENCEncryptedData.hpp>
 #include <xsec/xenc/XENCEncryptedKey.hpp>
@@ -433,6 +435,7 @@ void outputDoc(DOMImplementation * impl, DOMDocument * doc) {
 bool reValidateSig(DOMImplementation *impl, DOMDocument * inDoc, XSECCryptoKey *k) {
 
 	// Take a signature in DOM, serialise and re-validate
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
 
 	try {
 
@@ -486,6 +489,7 @@ bool reValidateSig(DOMImplementation *impl, DOMDocument * inDoc, XSECCryptoKey *
 		 */
 
 		XSECProvider prov;
+		prov.setDefaultURIResolver(resolver.get());
 		DSIGSignature * sig = prov.newSignatureFromDOM(doc);
 		sig->load();
 		sig->setSigningKey(k);
@@ -525,7 +529,7 @@ void unitTestEnvelopingSignature(DOMImplementation * impl) {
 	// This tests an enveloping signature as the root node
 
 	cerr << "Creating enveloping signature ... ";
-	
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
 	try {
 		
 		// Create a document
@@ -538,6 +542,7 @@ void unitTestEnvelopingSignature(DOMImplementation * impl) {
 		DSIGSignature *sig;
 		DOMElement *sigNode;
 		
+		prov.setDefaultURIResolver(resolver.get());
 		sig = prov.newSignature();
 		sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
 		sig->setPrettyPrint(true);
@@ -634,7 +639,7 @@ void unitTestBase64NodeSignature(DOMImplementation * impl) {
 	// This tests a normal signature with a reference to a Base64 element
 
 	cerr << "Creating a base64 Element reference ... ";
-	
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
 	try {
 		
 		// Create a document
@@ -647,6 +652,7 @@ void unitTestBase64NodeSignature(DOMImplementation * impl) {
 		DSIGSignature *sig;
 		DOMElement *sigNode;
 		
+		prov.setDefaultURIResolver(resolver.get());
 		sig = prov.newSignature();
 		sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
 		sig->setPrettyPrint(true);
@@ -745,7 +751,7 @@ void unitTestLongSHA(DOMImplementation * impl) {
 	// This tests an enveloping signature as the root node, using SHA224/256/384/512
 
 	cerr << "Creating long SHA references using HMAC... ";
-	
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
 	try {
 		
 		// Create a document
@@ -759,6 +765,7 @@ void unitTestLongSHA(DOMImplementation * impl) {
 		DOMElement *sigNode;
 		DSIGReference *ref[4];
 		
+		prov.setDefaultURIResolver(resolver.get());
 		sig = prov.newSignature();
 		sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
 		sig->setPrettyPrint(true);
@@ -935,7 +942,7 @@ void unitTestLongSHA(DOMImplementation * impl) {
 void unitTestSig(DOMImplementation * impl, XSECCryptoKey * k, const XMLCh * AlgURI) {
 
 	// Given a specific RSA/EC key and particular algorithm URI, sign and validate a document
-
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
 	try {
 		
 		// Create a document
@@ -948,6 +955,7 @@ void unitTestSig(DOMImplementation * impl, XSECCryptoKey * k, const XMLCh * AlgU
 		DSIGSignature *sig;
 		DOMElement *sigNode;
 		
+		prov.setDefaultURIResolver(resolver.get());
 		sig = prov.newSignature();
 		sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
 		sig->setPrettyPrint(true);
@@ -1143,12 +1151,14 @@ void testSignature(DOMImplementation *impl) {
 	DOMElement *sigNode;
 	int refCount;
 
+	std::unique_ptr<XSECURIResolver> resolver(new XSECURIResolverXerces());
+
 	try {
 		
 		/*
 		 * Now we have a document, create a signature for it.
 		 */
-		
+		prov.setDefaultURIResolver(resolver.get());
 		sig = prov.newSignature();
 		sig->setDSIGNSPrefix(MAKE_UNICODE_STRING("ds"));
 		sig->setPrettyPrint(true);
@@ -1608,15 +1618,15 @@ void unitTestElementContentEncrypt(DOMImplementation *impl, XSECCryptoKey * key,
 	// Create and execute cipher
 
 	XSECProvider prov;
-	XENCCipher * cipher;
+	std::unique_ptr<XENCCipher> cipher;
 
 	try {
 		
 		/*
 		 * Now we have a document, find the data node.
 		 */
 
-		cipher = prov.newCipher(doc);
+		cipher.reset(prov.newCipher(doc));
 		cipher->setXENCNSPrefix(MAKE_UNICODE_STRING("xenc"));
 		cipher->setPrettyPrint(true);
 
@@ -2394,40 +2404,40 @@ int main(int argc, char **argv) {
 
 	while (paramCount < argc) {
 
-		if (_stricmp(argv[paramCount], "--help") == 0 || _stricmp(argv[paramCount], "-h") == 0) {
+		if (strcmp(argv[paramCount], "--help") == 0 || strcmp(argv[paramCount], "-h") == 0) {
 			printUsage();
 			exit(0);
 		}
-		else if (_stricmp(argv[paramCount], "--print-docs") == 0 || _stricmp(argv[paramCount], "-p") == 0) {
+		else if (strcmp(argv[paramCount], "--print-docs") == 0 || strcmp(argv[paramCount], "-p") == 0) {
 			g_printDocs = true;
 			paramCount++;
 		}
 
-		else if (_stricmp(argv[paramCount], "--signature-only") == 0 || _stricmp(argv[paramCount], "-s") == 0) {
+		else if (strcmp(argv[paramCount], "--signature-only") == 0 || strcmp(argv[paramCount], "-s") == 0) {
 			doEncryptionTest = false;
 			doEncryptionUnitTests = false;
 			doSignatureUnitTests = false;
 			paramCount++;
 		}
-		else if (_stricmp(argv[paramCount], "--encryption-only") == 0 || _stricmp(argv[paramCount], "-e") == 0) {
+		else if (strcmp(argv[paramCount], "--encryption-only") == 0 || strcmp(argv[paramCount], "-e") == 0) {
 			doSignatureTest = false;
 			doEncryptionUnitTests = false;
 			doSignatureUnitTests = false;
 			paramCount++;
 		}
-		else if (_stricmp(argv[paramCount], "--encryption-unit-only") == 0 || _stricmp(argv[paramCount], "-u") == 0) {
+		else if (strcmp(argv[paramCount], "--encryption-unit-only") == 0 || strcmp(argv[paramCount], "-u") == 0) {
 			doEncryptionTest = false;
 			doSignatureTest = false;
 			doSignatureUnitTests = false;
 			paramCount++;
 		}
-		else if (_stricmp(argv[paramCount], "--signature-unit-only") == 0 || _stricmp(argv[paramCount], "-t") == 0) {
+		else if (strcmp(argv[paramCount], "--signature-unit-only") == 0 || strcmp(argv[paramCount], "-t") == 0) {
 			doEncryptionTest = false;
 			doSignatureTest = false;
 			doEncryptionUnitTests = false;
 			paramCount++;
 		}
-        else if (_stricmp(argv[paramCount], "--no-gcm") == 0) {
+        else if (strcmp(argv[paramCount], "--no-gcm") == 0) {
             g_testGCM = false;
             paramCount++;
         }
