mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-17 20:42:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9760 from ronald-cron-arm/tf-psa-crypto-cmake

Browse Source 
Finalize the integration of the TF-PSA-Crypto build system into the Mbed TLS one
This commit is contained in:
Ronald Cron 2024-11-15 17:05:16 +00:00 committed by GitHub
commit fee08b45e2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
35 changed files with 716 additions and 713 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
CMakeLists.txt
View File

@ -13,7 +13,7 @@
# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling
# CMake in order to avoid target name clashes, via the use of
# MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the
# mbedtls, mbedx509, mbedcrypto and apidoc targets.
# mbedtls, mbedx509, tfpsacrypto and mbedtls-apidoc targets.
#
# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here
@ -100,14 +100,6 @@ option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto")
if (USE_STATIC_MBEDTLS_LIBRARY)
set(mbedcrypto_static_target ${mbedcrypto_target})
endif()
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
string(APPEND mbedcrypto_static_target "_static")
endif()
# Warning string - created as a list for compatibility with CMake 2.8
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
@ -328,6 +320,27 @@ function(set_msvc_base_compile_options target)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_msvc_base_compile_options)
function(set_config_files_compile_definitions target)
# Pass-through MBEDTLS_CONFIG_FILE, MBEDTLS_USER_CONFIG_FILE,
# TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
endif()
endfunction(set_config_files_compile_definitions)
if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP)
set(CMAKE_CXX_STANDARD 11)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
@ -348,8 +361,38 @@ add_subdirectory(framework)
add_subdirectory(include)
set(TF_PSA_CRYPTO_TARGET_PREFIX ${MBEDTLS_TARGET_PREFIX} CACHE STRING "")
set(TF_PSA_CRYPTO_FATAL_WARNINGS ${MBEDTLS_FATAL_WARNINGS} CACHE BOOL "")
set(USE_STATIC_TF_PSA_CRYPTO_LIBRARY ${USE_STATIC_MBEDTLS_LIBRARY} CACHE BOOL "")
set(USE_SHARED_TF_PSA_CRYPTO_LIBRARY ${USE_SHARED_MBEDTLS_LIBRARY} CACHE BOOL "")
add_subdirectory(tf-psa-crypto)
set(tfpsacrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto")
if (USE_STATIC_MBEDTLS_LIBRARY)
set(tfpsacrypto_static_target ${tfpsacrypto_target})
endif()
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
string(APPEND tfpsacrypto_static_target "_static")
endif()
set(tf_psa_crypto_library_targets
${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto
${TF_PSA_CRYPTO_TARGET_PREFIX}builtin
${TF_PSA_CRYPTO_TARGET_PREFIX}everest
${TF_PSA_CRYPTO_TARGET_PREFIX}p256m)
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
list(APPEND tf_psa_crypto_library_targets
${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto_static
${TF_PSA_CRYPTO_TARGET_PREFIX}builtin_static)
endif()
foreach(target IN LISTS tf_psa_crypto_library_targets)
if(NOT TARGET ${target})
message(FATAL_ERROR "TF-PSA-Crypto target ${target} does not exist.")
endif()
endforeach(target)
add_subdirectory(library)
add_subdirectory(pkgconfig)
@ -359,7 +402,7 @@ add_subdirectory(pkgconfig)
# and programs. This shared test code is compiled and linked to test suites and
# programs objects as a set of compiled objects. The compiled objects are NOT
# built into a library that the test suite and program objects would link
# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries.
# against as they link against the tfpsacrypto, mbedx509 and mbedtls libraries.
# The reason is that such library is expected to have mutual dependencies with
# the aforementioned libraries and that there is as of today no portable way of
# handling such dependencies (only toolchain specific solutions).
@ -369,54 +412,6 @@ add_subdirectory(pkgconfig)
# to define the test executables.
#
if(ENABLE_TESTING OR ENABLE_PROGRAMS)
file(GLOB MBEDTLS_TEST_FILES
${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c
${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c)
add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
set_base_compile_options(mbedtls_test)
if(GEN_FILES)
add_custom_command(
OUTPUT
${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h
WORKING_DIRECTORY
${CMAKE_CURRENT_SOURCE_DIR}/tests
COMMAND
"${MBEDTLS_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py"
"--output"
"${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py
)
add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h)
add_custom_command(
OUTPUT
${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h
WORKING_DIRECTORY
${CMAKE_CURRENT_SOURCE_DIR}/tests
COMMAND
"${MBEDTLS_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py"
"--output"
"${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py
)
add_custom_target(test_certs_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h)
add_dependencies(mbedtls_test test_keys_header test_certs_header)
endif()
target_include_directories(mbedtls_test
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/everest/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src)
# Request C11, needed for memory poisoning tests
set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11)
file(GLOB MBEDTLS_TEST_HELPER_FILES
${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c)
add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES})
@ -431,19 +426,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS)
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/everest/include)
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(mbedtls_test
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
target_compile_definitions(mbedtls_test_helpers
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(mbedtls_test
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
target_compile_definitions(mbedtls_test_helpers
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(mbedtls_test_helpers)
endif()
if(ENABLE_PROGRAMS)
@ -453,7 +436,7 @@ if(ENABLE_PROGRAMS)
add_subdirectory(programs)
endif()
ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc
ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}mbedtls-apidoc
COMMAND doxygen mbedtls.doxyfile
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
@ -463,8 +446,7 @@ if(ENABLE_TESTING)
add_subdirectory(tests)
# additional convenience targets for Unix only
if(UNIX)
if(UNIX AND (NOT MBEDTLS_AS_SUBPROJECT))
# For coverage testing:
# 1. Build with:
# cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make
@ -483,7 +465,7 @@ if(ENABLE_TESTING)
COMMAND rm -f memcheck.log
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
)
endif(UNIX)
endif()
# Make scripts needed for testing available in an out-of-source build.
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})

6
README.md
View File

@ -40,7 +40,7 @@ There are currently three active build systems used within Mbed TLS releases:
The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`.
The Make and CMake build systems create three libraries: libmbedcrypto/libtfpsacrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto/libtfpsacrypto, and libmbedx509 depends on libmbedcrypto/libtfpsacrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`.
### Tool versions
@ -200,7 +200,7 @@ CMake projects. You can include Mbed TLS's CMake targets yourself with:
If prompted, set `MbedTLS_DIR` to `${YOUR_MBEDTLS_INSTALL_DIR}/cmake`. This
creates the following targets:
- `MbedTLS::mbedcrypto` (Crypto library)
- `MbedTLS::tfpsacrypto` (Crypto library)
- `MbedTLS::mbedtls` (TLS library)
- `MbedTLS::mbedx509` (X509 library)
@ -210,7 +210,7 @@ You can then use these directly through `target_link_libraries()`:
target_link_libraries(xyz
PUBLIC MbedTLS::mbedtls
MbedTLS::mbedcrypto
MbedTLS::tfpsacrypto
MbedTLS::mbedx509)
This will link the Mbed TLS libraries to your library or application, and add

38
library/CMakeLists.txt
View File

@ -156,7 +156,7 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
set_base_compile_options(${mbedx509_static_target})
target_compile_options(${mbedx509_static_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${tfpsacrypto_static_target})
add_library(${mbedtls_static_target} STATIC ${src_tls})
set_base_compile_options(${mbedtls_static_target})
@ -170,7 +170,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
set_base_compile_options(${mbedx509_target})
target_compile_options(${mbedx509_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${mbedx509_target} PROPERTIES VERSION 4.0.0 SOVERSION 7)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${tfpsacrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls})
set_base_compile_options(${mbedtls_target})
@ -192,15 +192,7 @@ foreach(target IN LISTS target_libraries)
PRIVATE ${MBEDTLS_DIR}/library/
${MBEDTLS_DIR}/tf-psa-crypto/core
${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src)
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(${target})
install(
TARGETS ${target}
EXPORT MbedTLSTargets
@ -216,3 +208,27 @@ add_custom_target(${lib_target} DEPENDS ${mbedx509_target} ${mbedtls_target})
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
add_dependencies(${lib_target} ${mbedx509_static_target} ${mbedtls_static_target})
endif()
foreach(target IN LISTS tf_psa_crypto_library_targets)
get_target_property(target_type ${target} TYPE)
if (target_type STREQUAL STATIC_LIBRARY)
add_custom_command(
TARGET ${mbedtls_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_FILE:${target}> ${CMAKE_BINARY_DIR}/library)
else()
add_custom_command(
TARGET ${mbedtls_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_FILE:${target}>
${CMAKE_BINARY_DIR}/library/$<TARGET_FILE_NAME:${target}>)
add_custom_command(
TARGET ${mbedtls_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_LINKER_FILE:${target}>
${CMAKE_BINARY_DIR}/library/$<TARGET_LINKER_FILE_NAME:${target}>)
endif()
endforeach(target)

2
pkgconfig/mbedcrypto.pc.in
View File

@ -7,4 +7,4 @@ Description: @PKGCONFIG_PROJECT_DESCRIPTION@
URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@
Version: @PROJECT_VERSION@
Cflags: -I"${includedir}"
Libs: -L"${libdir}" -lmbedcrypto
Libs: -L"${libdir}" -ltfpsacrypto -lbuiltin -leverest -lp256m

4
programs/aes/CMakeLists.txt
View File

@ -4,9 +4,9 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

4
programs/cipher/CMakeLists.txt
View File

@ -4,9 +4,9 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

2
programs/fuzz/CMakeLists.txt
View File

@ -28,7 +28,7 @@ add_dependencies(${programs_target} ${executables_with_common_c})
foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
set(exe_sources ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
set(exe_sources ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
if(NOT FUZZINGENGINE_LIB)
list(APPEND exe_sources onefile.c)
endif()

4
programs/hash/CMakeLists.txt
View File

@ -6,9 +6,9 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

6
programs/pkey/CMakeLists.txt
View File

@ -5,7 +5,7 @@ set(executables_mbedtls
add_dependencies(${programs_target} ${executables_mbedtls})
foreach(exe IN LISTS executables_mbedtls)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedtls_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
@ -34,9 +34,9 @@ set(executables_mbedcrypto
add_dependencies(${programs_target} ${executables_mbedcrypto})
foreach(exe IN LISTS executables_mbedcrypto)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

4
programs/psa/CMakeLists.txt
View File

@ -28,9 +28,9 @@ else()
endif()
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

4
programs/random/CMakeLists.txt
View File

@ -5,9 +5,9 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()

4
programs/ssl/CMakeLists.txt
View File

@ -38,7 +38,7 @@ foreach(exe IN LISTS executables)
${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.h
${CMAKE_CURRENT_BINARY_DIR}/../test/query_config.c)
endif()
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>
${extra_sources})
set_base_compile_options(${exe})
target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
@ -53,7 +53,7 @@ foreach(exe IN LISTS executables)
endforeach()
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(ssl_pthread_server)
target_include_directories(ssl_pthread_server PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})

6
programs/test/CMakeLists.txt
View File

@ -34,7 +34,7 @@ if(TEST_CPP)
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/drivers/builtin/include)
target_link_libraries(cpp_dummy_build ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(cpp_dummy_build ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
endif()
if(USE_SHARED_MBEDTLS_LIBRARY AND
@ -82,7 +82,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto)
${CMAKE_CURRENT_SOURCE_DIR}/query_config.h
${CMAKE_CURRENT_BINARY_DIR}/query_config.c)
endif()
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>
${extra_sources})
set_base_compile_options(${exe})
target_include_directories(${exe}
@ -102,7 +102,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto)
if (${exe_index} GREATER -1)
target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
else()
target_link_libraries(${exe} ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT})
endif()
endforeach()

2
programs/test/cmake_package/CMakeLists.txt
View File

@ -35,4 +35,4 @@ find_package(MbedTLS REQUIRED)
add_executable(cmake_package cmake_package.c)
target_link_libraries(cmake_package
MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509)
MbedTLS::tfpsacrypto MbedTLS::mbedtls MbedTLS::mbedx509)

2
programs/test/cmake_package_install/CMakeLists.txt
View File

@ -38,4 +38,4 @@ find_package(MbedTLS REQUIRED)
add_executable(cmake_package_install cmake_package_install.c)
target_link_libraries(cmake_package_install
MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509)
MbedTLS::tfpsacrypto MbedTLS::mbedtls MbedTLS::mbedx509)

2
programs/test/cmake_subproject/CMakeLists.txt
View File

@ -14,7 +14,7 @@ add_subdirectory(${MBEDTLS_DIR} build)
# Link against all the Mbed TLS libraries. Verifies that the targets have been
# created using the specified prefix
set(libs
subproject_test_mbedcrypto
subproject_test_tfpsacrypto
subproject_test_mbedx509
subproject_test_mbedtls
)

19
programs/test/dlopen.c
View File

@ -19,7 +19,8 @@
#define SO_SUFFIX ".so"
#endif
#define CRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX
#define MBEDCRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX
#define TFPSACRYPTO_SO_FILENAME "libtfpsacrypto" SO_SUFFIX
#define X509_SO_FILENAME "libmbedx509" SO_SUFFIX
#define TLS_SO_FILENAME "libmbedtls" SO_SUFFIX
@ -73,8 +74,16 @@ int main(void)
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_MD_C)
void *crypto_so = dlopen(CRYPTO_SO_FILENAME, RTLD_NOW);
CHECK_DLERROR("dlopen", CRYPTO_SO_FILENAME);
const char *crypto_so_filename = NULL;
void *crypto_so = dlopen(MBEDCRYPTO_SO_FILENAME, RTLD_NOW);
if (dlerror() == NULL) {
crypto_so_filename = MBEDCRYPTO_SO_FILENAME;
} else {
crypto_so = dlopen(TFPSACRYPTO_SO_FILENAME, RTLD_NOW);
CHECK_DLERROR("dlopen", TFPSACRYPTO_SO_FILENAME);
crypto_so_filename = TFPSACRYPTO_SO_FILENAME;
}
const int *(*md_list)(void) =
dlsym(crypto_so, "mbedtls_md_list");
CHECK_DLERROR("dlsym", "mbedtls_md_list");
@ -83,9 +92,9 @@ int main(void)
;
}
mbedtls_printf("dlopen(%s): %u hashes\n",
CRYPTO_SO_FILENAME, n);
crypto_so_filename, n);
dlclose(crypto_so);
CHECK_DLERROR("dlclose", CRYPTO_SO_FILENAME);
CHECK_DLERROR("dlclose", crypto_so_filename);
#endif /* MBEDTLS_MD_C */
return 0;

4
programs/util/CMakeLists.txt
View File

@ -1,5 +1,5 @@
set(libs
${mbedcrypto_target}
${tfpsacrypto_target}
${mbedx509_target}
)
@ -10,7 +10,7 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)

2
programs/x509/CMakeLists.txt
View File

@ -13,7 +13,7 @@ set(executables
add_dependencies(${programs_target} ${executables})
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(${exe})
target_link_libraries(${exe} ${libs} ${CMAKE_THREAD_LIBS_INIT})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)

3
tests/CMakeLists.txt
View File

@ -1,6 +1,5 @@
set(libs
${mbedtls_target}
${everest_target}
${CMAKE_THREAD_LIBS_INIT}
)
@ -155,7 +154,7 @@ function(add_test_suite suite_name)
)
add_executable(test_suite_${data_name} test_suite_${data_name}.c
$<TARGET_OBJECTS:mbedtls_test>
$<TARGET_OBJECTS:tf_psa_crypto_test>
$<TARGET_OBJECTS:mbedtls_test_helpers>)
set_base_compile_options(test_suite_${data_name})
target_compile_options(test_suite_${data_name} PRIVATE ${TEST_C_FLAGS})

2
tests/scripts/components-build-system.sh
View File

@ -20,7 +20,7 @@ component_test_cmake_shared () {
msg "build/test: cmake shared" # ~ 2min
cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On .
make
ldd programs/util/strerror | grep libmbedcrypto
ldd programs/util/strerror | grep libtfpsacrypto
make test
programs/test/dlopen_demo.sh
}

505
tf-psa-crypto/CMakeLists.txt
View File

@ -13,13 +13,19 @@
# - TF_PSA_CRYPTO_TARGET_PREFIX: CMake targets are designed to be alterable by
# calling CMake in order to avoid target name clashes, via the use of
# TF_PSA_CRYPTO_TARGET_PREFIX. The value of this variable is prefixed to the
# tfpsacrypto and apidoc targets.
# tfpsacrypto and tfpsacrypto-apidoc targets.
#
# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here
# until our infrastructure catches up.
cmake_minimum_required(VERSION 3.5.1)
include(CMakePackageConfigHelpers)
# Include convenience functions for printing properties and variables, like
# cmake_print_properties(), cmake_print_variables().
include(CMakePrintHelpers)
# https://cmake.org/cmake/help/latest/policy/CMP0011.html
# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
# policy setting is deprecated, and will be removed in future versions.
@ -31,28 +37,6 @@ cmake_policy(SET CMP0011 NEW)
# is deprecated and will be removed in future versions.
cmake_policy(SET CMP0012 NEW)
if(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR))
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${MBEDTLS_PYTHON_EXECUTABLE})
set(USE_STATIC_TF_PSA_CRYPTO_LIBRARY ${USE_STATIC_MBEDTLS_LIBRARY})
set(USE_SHARED_TF_PSA_CRYPTO_LIBRARY ${USE_SHARED_MBEDTLS_LIBRARY})
set(TF_PSA_CRYPTO_TARGET_PREFIX ${MBEDTLS_TARGET_PREFIX})
option(INSTALL_TF_PSA_CRYPTO_HEADERS "Install TF-PSA-Crypto headers." ${INSTALL_MBEDTLS_HEADERS})
# Set the project root directory.
set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR})
add_subdirectory(include)
add_subdirectory(core)
add_subdirectory(drivers)
if(ENABLE_TESTING)
enable_testing()
add_subdirectory(tests)
endif()
else(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR))
set(TF_PSA_CRYPTO_VERSION 0.1.0)
set(TF_PSA_CRYPTO_SOVERSION 0)
@ -68,6 +52,477 @@ else()
)
endif()
include(TF-PSA-Crypto.cmake)
include(GNUInstallDirs)
endif(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR))
# Determine if TF-PSA-Crypto is being built as a subproject using add_subdirectory()
if(NOT DEFINED TF_PSA_CRYPTO_AS_SUBPROJECT)
set(TF_PSA_CRYPTO_AS_SUBPROJECT ON)
if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)
set(TF_PSA_CRYPTO_AS_SUBPROJECT OFF)
endif()
endif()
# Set the project, Mbed TLS and framework root directory.
set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR})
set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/..)
set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../framework)
# Put the version numbers into relevant files
set(version_number_files
doxygen/input/doc_mainpage.h
doxygen/tfpsacrypto.doxyfile)
foreach(file ${version_number_files})
configure_file(${file}.in
${TF_PSA_CRYPTO_DIR}/${file})
endforeach(file)
ADD_CUSTOM_TARGET(${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto-apidoc
COMMAND doxygen tfpsacrypto.doxyfile
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
option(ENABLE_PROGRAMS "Build TF-PSA-Crypto programs." ON)
option(TF_PSA_CRYPTO_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
if(CMAKE_HOST_WIN32)
# N.B. The comment on the next line is significant! If you change it,
# edit the sed command in prepare_release.sh that modifies
# CMakeLists.txt.
option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development
else()
option(GEN_FILES "Generate the auto-generated files as needed" ON)
endif()
# Support for package config and install to be added later.
option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${TF_PSA_CRYPTO_AS_SUBPROJECT})
if (CMAKE_C_SIMULATE_ID)
set(COMPILER_ID ${CMAKE_C_SIMULATE_ID})
else()
set(COMPILER_ID ${CMAKE_C_COMPILER_ID})
endif(CMAKE_C_SIMULATE_ID)
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${COMPILER_ID}")
string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${COMPILER_ID}")
string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${COMPILER_ID}")
string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${COMPILER_ID}")
# the test suites currently have compile errors with MSVC
if(CMAKE_COMPILER_IS_MSVC)
option(ENABLE_TESTING "Build TF-PSA-Crypto tests." OFF)
else()
option(ENABLE_TESTING "Build TF-PSA-Crypto tests." ON)
endif()
option(USE_STATIC_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto static library." ON)
option(USE_SHARED_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
set(tfpsacrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto")
if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
set(tfpsacrypto_static_target ${tfpsacrypto_target})
endif()
if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
string(APPEND tfpsacrypto_static_target "_static")
endif()
# Warning string - created as a list for compatibility with CMake 2.8
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
"${CTR_DRBG_128_BIT_KEY_WARN_L1}"
"${CTR_DRBG_128_BIT_KEY_WARN_L2}"
"${CTR_DRBG_128_BIT_KEY_WARN_L3}"
"${WARNING_BORDER}")
# Python 3 is only needed here to check for configuration warnings.
if(NOT CMAKE_VERSION VERSION_LESS 3.15.0)
set(Python3_FIND_STRATEGY LOCATION)
find_package(Python3 COMPONENTS Interpreter)
if(Python3_Interpreter_FOUND)
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${Python3_EXECUTABLE})
endif()
else()
find_package(PythonInterp 3)
if(PYTHONINTERP_FOUND)
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
endif()
endif()
if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE)
# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
RESULT_VARIABLE result)
if(${result} EQUAL 0)
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
endif()
endif()
# We now potentially need to link all executables against PThreads, if available
set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
set(THREADS_PREFER_PTHREAD_FLAG TRUE)
find_package(Threads)
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
if(NOT TF_PSA_CRYPTO_AS_SUBPROJECT)
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg"
FORCE)
endif()
# Make TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE into PATHs
set(TF_PSA_CRYPTO_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto config file (overrides default).")
set(TF_PSA_CRYPTO_USER_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto user config file (appended to default).")
# Create a symbolic link from ${base_name} in the binary directory
# to the corresponding path in the source directory.
# Note: Copies the file(s) on Windows.
function(link_to_source base_name)
set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
# Linking to non-existent file is not desirable. At best you will have a
# dangling link, but when building in tree, this can create a symbolic link
# to itself.
if (EXISTS ${target} AND NOT EXISTS ${link})
if (CMAKE_HOST_UNIX)
execute_process(COMMAND ln -s ${target} ${link}
RESULT_VARIABLE result
ERROR_VARIABLE output)
if (NOT ${result} EQUAL 0)
message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
endif()
else()
if (IS_DIRECTORY ${target})
file(GLOB_RECURSE files FOLLOW_SYMLINKS LIST_DIRECTORIES false RELATIVE ${target} "${target}/*")
foreach(file IN LISTS files)
configure_file("${target}/${file}" "${link}/${file}" COPYONLY)
endforeach(file)
else()
configure_file(${target} ${link} COPYONLY)
endif()
endif()
endif()
endfunction(link_to_source)
# Get the filename without the final extension (i.e. convert "a.b.c" to "a.b")
function(get_name_without_last_ext dest_var full_name)
# Split into a list on '.' (but a cmake list is just a ';'-separated string)
string(REPLACE "." ";" ext_parts "${full_name}")
# Remove the last item if there are more than one
list(LENGTH ext_parts ext_parts_len)
if (${ext_parts_len} GREATER "1")
math(EXPR ext_parts_last_item "${ext_parts_len} - 1")
list(REMOVE_AT ext_parts ${ext_parts_last_item})
endif()
# Convert back to a string by replacing separators with '.'
string(REPLACE ";" "." no_ext_name "${ext_parts}")
# Copy into the desired variable
set(${dest_var} ${no_ext_name} PARENT_SCOPE)
endfunction(get_name_without_last_ext)
include(CheckCCompilerFlag)
set(CMAKE_C_EXTENSIONS OFF)
set(CMAKE_C_STANDARD 99)
function(set_base_compile_options target)
if(CMAKE_COMPILER_IS_GNU)
set_gnu_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_CLANG)
set_clang_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_IAR)
set_iar_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_MSVC)
set_msvc_base_compile_options(${target})
endif()
endfunction(set_base_compile_options)
function(set_gnu_base_compile_options target)
# some warnings we want are not available with old GCC versions
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
OUTPUT_VARIABLE GCC_VERSION)
target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes)
if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
target_compile_options(${target} PRIVATE -Wformat=2 -Wno-format-nonliteral)
endif()
if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
target_compile_options(${target} PRIVATE -Wvla)
endif()
if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
target_compile_options(${target} PRIVATE -Wlogical-op)
endif()
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
target_compile_options(${target} PRIVATE -Wshadow)
endif()
if (GCC_VERSION VERSION_GREATER 5.0)
CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
target_compile_options(${target} PRIVATE -Wformat-signedness)
endif()
endif()
if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
target_compile_options(${target} PRIVATE -Wformat-overflow=2 -Wformat-truncation)
endif()
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
# Old GCC versions hit a performance problem with test_suite_pkwrite
# "Private keey write check EC" tests when building with Asan+UBSan
# and -O3: those tests take more than 100x time than normal, with
# test_suite_pkwrite taking >3h on the CI. Observed with GCC 5.4 on
# Ubuntu 16.04 x86_64 and GCC 6.5 on Ubuntu 18.04 x86_64.
# GCC 7.5 and above on Ubuntu 18.04 appear fine.
# To avoid the performance problem, we use -O2 when GCC version is lower than 7.0.
# It doesn't slow down much even with modern compiler versions.
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all>)
if (GCC_VERSION VERSION_LESS 7.0)
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O2>)
else()
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O3>)
endif()
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
target_compile_options(${target} PRIVATE $<$<CONFIG:CheckFull>:-Os -Wcast-qual>)
if(TF_PSA_CRYPTO_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE -Werror)
endif(TF_PSA_CRYPTO_FATAL_WARNINGS)
endfunction(set_gnu_base_compile_options)
function(set_clang_base_compile_options target)
target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral)
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:MemSan>:-fsanitize=memory>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSAN "-fsanitize=memory")
target_compile_options(${target} PRIVATE $<$<CONFIG:MemSanDbg>:-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSANDBG "-fsanitize=memory")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE -Werror)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_clang_base_compile_options)
function(set_iar_base_compile_options target)
target_compile_options(${target} PRIVATE --warn_about_c_style_casts)
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-Ohz>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:--debug -On>)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE --warnings_are_errors)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_iar_base_compile_options)
function(set_msvc_base_compile_options target)
# Strictest warnings, UTF-8 source and execution charset
target_compile_options(${target} PRIVATE /W3 /utf-8)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE /WX)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_msvc_base_compile_options)
function(set_config_files_compile_definitions target)
# Pass-through MBEDTLS_CONFIG_FILE, MBEDTLS_USER_CONFIG_FILE,
# TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
endif()
endfunction(set_config_files_compile_definitions)
if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP)
set(CMAKE_CXX_STANDARD 11)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
set(CMAKE_CXX_EXTENSIONS OFF)
if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pedantic")
endif()
endif()
if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt")
message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.")
endif()
add_subdirectory(include)
add_subdirectory(core)
add_subdirectory(drivers)
add_subdirectory(pkgconfig)
#
# The C files in tests/src directory contain test code shared among test suites
# and programs. This shared test code is compiled and linked to test suites and
# programs objects as a set of compiled objects. The compiled objects are NOT
# built into a library that the test suite and program objects would link
# against as they link against the tfpsacrypto library. The reason is that such
# library is expected to have mutual dependencies with the aforementioned
# library and that there is as of today no portable way of handling such
# dependencies (only toolchain specific solutions).
#
# Thus the below definition of the `tf_psa_crypto_test` CMake library of
# objects target. This library of objects is used by tests and programs CMake
# files to define the test executables.
#
if(ENABLE_TESTING OR ENABLE_PROGRAMS)
file(GLOB MBEDTLS_TEST_FILES
${MBEDTLS_DIR}/tests/src/*.c
${MBEDTLS_DIR}/tests/src/drivers/*.c)
add_library(tf_psa_crypto_test OBJECT ${MBEDTLS_TEST_FILES})
set_base_compile_options(tf_psa_crypto_test)
if(GEN_FILES)
add_custom_command(
OUTPUT
${MBEDTLS_DIR}/tests/src/test_keys.h
WORKING_DIRECTORY
${MBEDTLS_DIR}/tests
COMMAND
"${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py"
"--output"
"${MBEDTLS_DIR}/tests/src/test_keys.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py
)
add_custom_target(tf_psa_crypto_test_keys_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_keys.h)
add_custom_command(
OUTPUT
${MBEDTLS_DIR}/tests/src/test_certs.h
WORKING_DIRECTORY
${MBEDTLS_DIR}/tests
COMMAND
"${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py"
"--output"
"${MBEDTLS_DIR}/tests/src/test_certs.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py
)
add_custom_target(tf_psa_crypto_test_certs_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_certs.h)
add_dependencies(tf_psa_crypto_test tf_psa_crypto_test_keys_header tf_psa_crypto_test_certs_header)
endif()
target_include_directories(tf_psa_crypto_test
PRIVATE ${MBEDTLS_DIR}/tests/include
PRIVATE ${MBEDTLS_DIR}/include
PRIVATE include
PRIVATE drivers/builtin/include
PRIVATE drivers/everest/include
PRIVATE core
PRIVATE drivers/builtin/src)
# Request C11, needed for memory poisoning tests
set_target_properties(tf_psa_crypto_test PROPERTIES C_STANDARD 11)
set_config_files_compile_definitions(tf_psa_crypto_test)
endif()
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
endif()
if(ENABLE_TESTING)
enable_testing()
add_subdirectory(tests)
# additional convenience targets for Unix only
if(UNIX AND (NOT TF_PSA_CRYPTO_AS_SUBPROJECT))
# For coverage testing:
# 1. Build with:
# cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make
# 2. Run the relevant tests for the part of the code you're interested in.
# For the reference coverage measurement, see
# tests/scripts/basic-build-test.sh
# 3. Run scripts/lcov.sh to generate an HTML report.
ADD_CUSTOM_TARGET(lcov
COMMAND ${MBEDTLS_DIR}/scripts/lcov.sh
)
ADD_CUSTOM_TARGET(memcheck
COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
COMMAND rm -f memcheck.log
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
)
endif()
# Make scripts needed for testing available in an out-of-source build.
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
link_to_source(scripts)
# Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
# keep things simple with the sed commands in the memcheck target.
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
endif()
endif()
if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
configure_package_config_file(
"cmake/TF-PSA-CryptoConfig.cmake.in"
"cmake/TF-PSA-CryptoConfig.cmake"
INSTALL_DESTINATION "cmake")
write_basic_package_version_file(
"cmake/TF-PSA-CryptoConfigVersion.cmake"
COMPATIBILITY SameMajorVersion
VERSION 0.1.0)
install(
FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfig.cmake"
"${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfigVersion.cmake"
DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto")
export(
EXPORT TF-PSA-CryptoTargets
NAMESPACE TF-PSA-Crypto::
FILE "cmake/TF-PSA-CryptoTargets.cmake")
install(
EXPORT TF-PSA-CryptoTargets
NAMESPACE TF-PSA-Crypto::
DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto"
FILE "TF-PSA-CryptoTargets.cmake")
if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15)
# Do not export the package by default
cmake_policy(SET CMP0090 NEW)
# Make this package visible to the system
export(PACKAGE TF-PSA-Crypto)
endif()
endif()

462
tf-psa-crypto/TF-PSA-Crypto.cmake
View File

@ -1,462 +0,0 @@
include(CMakePackageConfigHelpers)
include(GNUInstallDirs)
# Determine if TF-PSA-Crypto is being built as a subproject using add_subdirectory()
if(NOT DEFINED TF_PSA_CRYPTO_AS_SUBPROJECT)
set(TF_PSA_CRYPTO_AS_SUBPROJECT ON)
if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)
set(TF_PSA_CRYPTO_AS_SUBPROJECT OFF)
endif()
endif()
# Set the project, Mbed TLS and framework root directory.
set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR})
set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/..)
set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../framework)
# Put the version numbers into relevant files
set(version_number_files
doxygen/input/doc_mainpage.h
doxygen/tfpsacrypto.doxyfile)
foreach(file ${version_number_files})
configure_file(${file}.in
${TF_PSA_CRYPTO_DIR}/${file})
endforeach(file)
ADD_CUSTOM_TARGET(${TF_PSA_CRYPTO_TARGET_PREFIX}apidoc
COMMAND doxygen tfpsacrypto.doxyfile
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
option(ENABLE_PROGRAMS "Build TF-PSA-Crypto programs." ON)
option(TF_PSA_CRYPTO_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
if(CMAKE_HOST_WIN32)
# N.B. The comment on the next line is significant! If you change it,
# edit the sed command in prepare_release.sh that modifies
# CMakeLists.txt.
option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development
else()
option(GEN_FILES "Generate the auto-generated files as needed" ON)
endif()
# Support for package config and install to be added later.
option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${TF_PSA_CRYPTO_AS_SUBPROJECT})
if (CMAKE_C_SIMULATE_ID)
set(COMPILER_ID ${CMAKE_C_SIMULATE_ID})
else()
set(COMPILER_ID ${CMAKE_C_COMPILER_ID})
endif(CMAKE_C_SIMULATE_ID)
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${COMPILER_ID}")
string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${COMPILER_ID}")
string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${COMPILER_ID}")
string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${COMPILER_ID}")
# the test suites currently have compile errors with MSVC
if(CMAKE_COMPILER_IS_MSVC)
option(ENABLE_TESTING "Build TF-PSA-Crypto tests." OFF)
else()
option(ENABLE_TESTING "Build TF-PSA-Crypto tests." ON)
endif()
option(USE_STATIC_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto static library." ON)
option(USE_SHARED_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
set(mbedcrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}mbedcrypto")
if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
set(mbedcrypto_static_target ${mbedcrypto_target})
endif()
if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
string(APPEND mbedcrypto_static_target "_static")
endif()
# Warning string - created as a list for compatibility with CMake 2.8
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
"${CTR_DRBG_128_BIT_KEY_WARN_L1}"
"${CTR_DRBG_128_BIT_KEY_WARN_L2}"
"${CTR_DRBG_128_BIT_KEY_WARN_L3}"
"${WARNING_BORDER}")
# Python 3 is only needed here to check for configuration warnings.
if(NOT CMAKE_VERSION VERSION_LESS 3.15.0)
set(Python3_FIND_STRATEGY LOCATION)
find_package(Python3 COMPONENTS Interpreter)
if(Python3_Interpreter_FOUND)
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${Python3_EXECUTABLE})
endif()
else()
find_package(PythonInterp 3)
if(PYTHONINTERP_FOUND)
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
endif()
endif()
if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE)
# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
RESULT_VARIABLE result)
if(${result} EQUAL 0)
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
endif()
endif()
# We now potentially need to link all executables against PThreads, if available
set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
set(THREADS_PREFER_PTHREAD_FLAG TRUE)
find_package(Threads)
# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
if(NOT TF_PSA_CRYPTO_AS_SUBPROJECT)
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg"
FORCE)
endif()
# Make TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE into PATHs
set(TF_PSA_CRYPTO_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto config file (overrides default).")
set(TF_PSA_CRYPTO_USER_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto user config file (appended to default).")
# Create a symbolic link from ${base_name} in the binary directory
# to the corresponding path in the source directory.
# Note: Copies the file(s) on Windows.
function(link_to_source base_name)
set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
# Linking to non-existent file is not desirable. At best you will have a
# dangling link, but when building in tree, this can create a symbolic link
# to itself.
if (EXISTS ${target} AND NOT EXISTS ${link})
if (CMAKE_HOST_UNIX)
execute_process(COMMAND ln -s ${target} ${link}
RESULT_VARIABLE result
ERROR_VARIABLE output)
if (NOT ${result} EQUAL 0)
message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
endif()
else()
if (IS_DIRECTORY ${target})
file(GLOB_RECURSE files FOLLOW_SYMLINKS LIST_DIRECTORIES false RELATIVE ${target} "${target}/*")
foreach(file IN LISTS files)
configure_file("${target}/${file}" "${link}/${file}" COPYONLY)
endforeach(file)
else()
configure_file(${target} ${link} COPYONLY)
endif()
endif()
endif()
endfunction(link_to_source)
# Get the filename without the final extension (i.e. convert "a.b.c" to "a.b")
function(get_name_without_last_ext dest_var full_name)
# Split into a list on '.' (but a cmake list is just a ';'-separated string)
string(REPLACE "." ";" ext_parts "${full_name}")
# Remove the last item if there are more than one
list(LENGTH ext_parts ext_parts_len)
if (${ext_parts_len} GREATER "1")
math(EXPR ext_parts_last_item "${ext_parts_len} - 1")
list(REMOVE_AT ext_parts ${ext_parts_last_item})
endif()
# Convert back to a string by replacing separators with '.'
string(REPLACE ";" "." no_ext_name "${ext_parts}")
# Copy into the desired variable
set(${dest_var} ${no_ext_name} PARENT_SCOPE)
endfunction(get_name_without_last_ext)
include(CheckCCompilerFlag)
set(CMAKE_C_EXTENSIONS OFF)
set(CMAKE_C_STANDARD 99)
function(set_base_compile_options target)
if(CMAKE_COMPILER_IS_GNU)
set_gnu_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_CLANG)
set_clang_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_IAR)
set_iar_base_compile_options(${target})
elseif(CMAKE_COMPILER_IS_MSVC)
set_msvc_base_compile_options(${target})
endif()
endfunction(set_base_compile_options)
function(set_gnu_base_compile_options target)
# some warnings we want are not available with old GCC versions
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
OUTPUT_VARIABLE GCC_VERSION)
target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes)
if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
target_compile_options(${target} PRIVATE -Wformat=2 -Wno-format-nonliteral)
endif()
if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
target_compile_options(${target} PRIVATE -Wvla)
endif()
if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
target_compile_options(${target} PRIVATE -Wlogical-op)
endif()
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
target_compile_options(${target} PRIVATE -Wshadow)
endif()
if (GCC_VERSION VERSION_GREATER 5.0)
CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
target_compile_options(${target} PRIVATE -Wformat-signedness)
endif()
endif()
if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
target_compile_options(${target} PRIVATE -Wformat-overflow=2 -Wformat-truncation)
endif()
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
# Old GCC versions hit a performance problem with test_suite_pkwrite
# "Private keey write check EC" tests when building with Asan+UBSan
# and -O3: those tests take more than 100x time than normal, with
# test_suite_pkwrite taking >3h on the CI. Observed with GCC 5.4 on
# Ubuntu 16.04 x86_64 and GCC 6.5 on Ubuntu 18.04 x86_64.
# GCC 7.5 and above on Ubuntu 18.04 appear fine.
# To avoid the performance problem, we use -O2 when GCC version is lower than 7.0.
# It doesn't slow down much even with modern compiler versions.
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all>)
if (GCC_VERSION VERSION_LESS 7.0)
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O2>)
else()
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O3>)
endif()
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
target_compile_options(${target} PRIVATE $<$<CONFIG:CheckFull>:-Os -Wcast-qual>)
if(TF_PSA_CRYPTO_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE -Werror)
endif(TF_PSA_CRYPTO_FATAL_WARNINGS)
endfunction(set_gnu_base_compile_options)
function(set_clang_base_compile_options target)
target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral)
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
target_compile_options(${target} PRIVATE $<$<CONFIG:MemSan>:-fsanitize=memory>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSAN "-fsanitize=memory")
target_compile_options(${target} PRIVATE $<$<CONFIG:MemSanDbg>:-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSANDBG "-fsanitize=memory")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE -Werror)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_clang_base_compile_options)
function(set_iar_base_compile_options target)
target_compile_options(${target} PRIVATE --warn_about_c_style_casts)
target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-Ohz>)
target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:--debug -On>)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE --warnings_are_errors)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_iar_base_compile_options)
function(set_msvc_base_compile_options target)
# Strictest warnings, UTF-8 source and execution charset
target_compile_options(${target} PRIVATE /W3 /utf-8)
if(MBEDTLS_FATAL_WARNINGS)
target_compile_options(${target} PRIVATE /WX)
endif(MBEDTLS_FATAL_WARNINGS)
endfunction(set_msvc_base_compile_options)
if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP)
set(CMAKE_CXX_STANDARD 11)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
set(CMAKE_CXX_EXTENSIONS OFF)
if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pedantic")
endif()
endif()
if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt")
message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.")
endif()
add_subdirectory(include)
add_subdirectory(core)
add_subdirectory(drivers)
add_subdirectory(pkgconfig)
#
# The C files in tests/src directory contain test code shared among test suites
# and programs. This shared test code is compiled and linked to test suites and
# programs objects as a set of compiled objects. The compiled objects are NOT
# built into a library that the test suite and program objects would link
# against as they link against the tfpsacrypto library. The reason is that such
# library is expected to have mutual dependencies with the aforementioned
# library and that there is as of today no portable way of handling such
# dependencies (only toolchain specific solutions).
#
# Thus the below definition of the `mbedtls_test` CMake library of objects
# target. This library of objects is used by tests and programs CMake files
# to define the test executables.
#
if(ENABLE_TESTING OR ENABLE_PROGRAMS)
file(GLOB MBEDTLS_TEST_FILES
${MBEDTLS_DIR}/tests/src/*.c
${MBEDTLS_DIR}/tests/src/drivers/*.c)
add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
set_base_compile_options(mbedtls_test)
if(GEN_FILES)
add_custom_command(
OUTPUT
${MBEDTLS_DIR}/tests/src/test_keys.h
WORKING_DIRECTORY
${MBEDTLS_DIR}/tests
COMMAND
"${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py"
"--output"
"${MBEDTLS_DIR}/tests/src/test_keys.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py
)
add_custom_target(test_keys_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_keys.h)
add_custom_command(
OUTPUT
${MBEDTLS_DIR}/tests/src/test_certs.h
WORKING_DIRECTORY
${MBEDTLS_DIR}/tests
COMMAND
"${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
"${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py"
"--output"
"${MBEDTLS_DIR}/tests/src/test_certs.h"
DEPENDS
${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py
)
add_custom_target(test_certs_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_certs.h)
add_dependencies(mbedtls_test test_keys_header test_certs_header)
endif()
target_include_directories(mbedtls_test
PRIVATE ${MBEDTLS_DIR}/tests/include
PRIVATE ${MBEDTLS_DIR}/include
PRIVATE include
PRIVATE drivers/builtin/include
PRIVATE core
PRIVATE drivers/builtin/src)
# Request C11, needed for memory poisoning tests
set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11)
# Pass-through TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE
if(TF_PSA_CRYPTO_CONFIG_FILE)
target_compile_definitions(mbedtls_test
PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
target_compile_definitions(mbedtls_test
PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
endif()
endif()
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
endif()
if(ENABLE_TESTING)
enable_testing()
add_subdirectory(tests)
# additional convenience targets for Unix only
if(UNIX)
# For coverage testing:
# 1. Build with:
# cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make
# 2. Run the relevant tests for the part of the code you're interested in.
# For the reference coverage measurement, see
# tests/scripts/basic-build-test.sh
# 3. Run scripts/lcov.sh to generate an HTML report.
ADD_CUSTOM_TARGET(lcov
COMMAND ${MBEDTLS_DIR}/scripts/lcov.sh
)
ADD_CUSTOM_TARGET(memcheck
COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
COMMAND rm -f memcheck.log
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
)
endif(UNIX)
# Make scripts needed for testing available in an out-of-source build.
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
link_to_source(scripts)
# Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
# keep things simple with the sed commands in the memcheck target.
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
endif()
endif()
if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
configure_package_config_file(
"cmake/TF-PSA-CryptoConfig.cmake.in"
"cmake/TF-PSA-CryptoConfig.cmake"
INSTALL_DESTINATION "cmake")
write_basic_package_version_file(
"cmake/TF-PSA-CryptoConfigVersion.cmake"
COMPATIBILITY SameMajorVersion
VERSION 0.1.0)
install(
FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfig.cmake"
"${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfigVersion.cmake"
DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto")
export(
EXPORT MbedTLSTargets
NAMESPACE TF-PSA-Crypto::
FILE "cmake/TF-PSA-CryptoTargets.cmake")
install(
EXPORT MbedTLSTargets
NAMESPACE TF-PSA-Crypto::
DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto"
FILE "TF-PSA-CryptoTargets.cmake")
if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15)
# Do not export the package by default
cmake_policy(SET CMP0090 NEW)
# Make this package visible to the system
export(PACKAGE TF-PSA-Crypto)
endif()
endif()

84
tf-psa-crypto/core/CMakeLists.txt
View File

@ -68,66 +68,66 @@ if (NOT USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND NOT USE_SHARED_TF_PSA_CRYPTO_LIBRAR
message(FATAL_ERROR "Need to choose static or shared TF-PSA-Crypto build!")
endif(NOT USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND NOT USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
set(mbedcrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}mbedcrypto")
set(tfpsacrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}tfpsacrypto")
set(builtin_target "${TF_PSA_CRYPTO_TARGET_PREFIX}builtin")
if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
set(mbedcrypto_static_target ${mbedcrypto_target})
set(tfpsacrypto_static_target ${tfpsacrypto_target})
set(builtin_static_target ${builtin_target})
endif()
set(target_libraries ${mbedcrypto_target})
set(target_libraries ${tfpsacrypto_target})
if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
string(APPEND mbedcrypto_static_target "_static")
string(APPEND tfpsacrypto_static_target "_static")
string(APPEND builtin_static_target "_static")
list(APPEND target_libraries
${mbedcrypto_static_target})
${tfpsacrypto_static_target})
endif()
set(p256m_target "${TF_PSA_CRYPTO_TARGET_PREFIX}p256m")
set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest")
if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
set_base_compile_options(${mbedcrypto_static_target})
target_compile_options(${mbedcrypto_static_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
add_library(${tfpsacrypto_static_target} STATIC ${src_crypto})
set_base_compile_options(${tfpsacrypto_static_target})
target_compile_options(${tfpsacrypto_static_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${tfpsacrypto_static_target} PROPERTIES OUTPUT_NAME tfpsacrypto)
target_link_libraries(${tfpsacrypto_static_target} PUBLIC ${libs})
target_link_libraries(${mbedcrypto_static_target} PUBLIC ${builtin_static_target})
target_link_libraries(${tfpsacrypto_static_target} PUBLIC ${builtin_static_target})
if(TARGET ${everest_target})
target_link_libraries(${mbedcrypto_static_target} PUBLIC ${everest_target})
target_link_libraries(${tfpsacrypto_static_target} PUBLIC ${everest_target})
endif()
if(TARGET ${p256m_target})
target_link_libraries(${mbedcrypto_static_target} PUBLIC ${p256m_target})
target_link_libraries(${tfpsacrypto_static_target} PUBLIC ${p256m_target})
endif()
endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
add_library(${mbedcrypto_target} SHARED ${src_crypto})
set_base_compile_options(${mbedcrypto_target})
target_compile_options(${mbedcrypto_static_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
add_library(${tfpsacrypto_target} SHARED ${src_crypto})
set_base_compile_options(${tfpsacrypto_target})
target_compile_options(${tfpsacrypto_target} PRIVATE ${LIBS_C_FLAGS})
set_target_properties(${tfpsacrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16)
target_link_libraries(${tfpsacrypto_target} PUBLIC ${libs})
target_link_libraries(${mbedcrypto_target} PUBLIC ${builtin_target})
target_link_libraries(${tfpsacrypto_target} PUBLIC ${builtin_target})
if(TARGET ${everest_target})
target_link_libraries(${mbedcrypto_target} PUBLIC ${everest_target})
target_link_libraries(${tfpsacrypto_target} PUBLIC ${everest_target})
endif()
if(TARGET ${p256m_target})
target_link_libraries(${mbedcrypto_target} PUBLIC ${p256m_target})
target_link_libraries(${tfpsacrypto_target} PUBLIC ${p256m_target})
endif()
endif(USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
foreach(target IN LISTS target_libraries)
add_library(MbedTLS::${target} ALIAS ${target}) # add_subdirectory support
add_library(TF-PSA-Crypto::${target} ALIAS ${target}) # add_subdirectory support
# Include public header files include/, drivers/builtin/include/ and
# ${MBEDTLS_DIR}/include/ as we still need it. Include private header files
# from core/ and drivers/builtin/src/.
@ -140,15 +140,7 @@ foreach(target IN LISTS target_libraries)
${TF_PSA_CRYPTO_DIR}/drivers/builtin/src
# Needed to include psa_crypto_driver_wrappers.h
${CMAKE_CURRENT_BINARY_DIR})
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(${target})
install(
TARGETS ${target}
EXPORT MbedTLSTargets
@ -156,27 +148,11 @@ foreach(target IN LISTS target_libraries)
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(
TARGETS ${target}
EXPORT TF-PSA-CryptoTargets
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
endforeach(target)
if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
add_custom_command(
TARGET ${mbedcrypto_static_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_FILE:${mbedcrypto_static_target}> ${CMAKE_BINARY_DIR}/library)
endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
add_custom_command(
TARGET ${mbedcrypto_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_FILE:${mbedcrypto_target}>
${CMAKE_BINARY_DIR}/library/$<TARGET_FILE_NAME:${mbedcrypto_target}>)
add_custom_command(
TARGET ${mbedcrypto_target}
POST_BUILD
COMMAND ${CMAKE_COMMAND}
ARGS -E copy $<TARGET_LINKER_FILE:${mbedcrypto_target}>
${CMAKE_BINARY_DIR}/library/$<TARGET_LINKER_FILE_NAME:${mbedcrypto_target}>)
endif(USE_SHARED_TF_PSA_CRYPTO_LIBRARY)

21
tf-psa-crypto/drivers/builtin/CMakeLists.txt
View File

@ -69,7 +69,7 @@ endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
add_library(${builtin_target} SHARED ${src_builtin})
set_base_compile_options(${builtin_target})
target_compile_options(${builtin_static_target} PRIVATE ${LIBS_C_FLAGS})
target_compile_options(${builtin_target} PRIVATE ${LIBS_C_FLAGS})
target_link_libraries(${builtin_target} PUBLIC ${libs})
if(TARGET ${everest_target})
target_link_libraries(${builtin_target} PUBLIC ${everest_target})
@ -87,19 +87,7 @@ foreach (target IN LISTS target_libraries)
$<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include>
PRIVATE ${TF_PSA_CRYPTO_DIR}/core)
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
# This must be duplicated from library/CMakeLists.txt because
# everest is not directly linked against any mbedtls targets
# so does not inherit the compile definitions.
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(${target})
if(INSTALL_TF_PSA_CRYPTO_HEADERS)
@ -116,4 +104,9 @@ foreach (target IN LISTS target_libraries)
EXPORT MbedTLSTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(TARGETS ${target}
EXPORT TF-PSA-CryptoTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
endforeach(target)

19
tf-psa-crypto/drivers/everest/CMakeLists.txt
View File

@ -16,19 +16,7 @@ target_include_directories(${everest_target}
include/everest/kremlib
${MBEDTLS_DIR}/library
${TF_PSA_CRYPTO_DIR}/core)
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
# This must be duplicated from library/CMakeLists.txt because
# everest is not directly linked against any mbedtls targets
# so does not inherit the compile definitions.
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${everest_target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${everest_target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(${everest_target})
if(INSTALL_TF_PSA_CRYPTO_HEADERS)
@ -44,3 +32,8 @@ install(TARGETS ${everest_target}
EXPORT MbedTLSTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(TARGETS ${everest_target}
EXPORT TF-PSA-CryptoTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

19
tf-psa-crypto/drivers/p256-m/CMakeLists.txt
View File

@ -16,19 +16,7 @@ target_include_directories(${p256m_target}
$<INSTALL_INTERFACE:include>
PRIVATE ${MBEDTLS_DIR}/library/
${TF_PSA_CRYPTO_DIR}/core)
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
# This must be duplicated from library/CMakeLists.txt because
# p256m is not directly linked against any mbedtls targets
# so does not inherit the compile definitions.
if(MBEDTLS_CONFIG_FILE)
target_compile_definitions(${p256m_target}
PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
if(MBEDTLS_USER_CONFIG_FILE)
target_compile_definitions(${p256m_target}
PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
endif()
set_config_files_compile_definitions(${p256m_target})
if(INSTALL_TF_PSA_CRYPTO_HEADERS)
@ -44,3 +32,8 @@ install(TARGETS ${p256m_target}
EXPORT MbedTLSTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(TARGETS ${p256m_target}
EXPORT TF-PSA-CryptoTargets
DESTINATION ${CMAKE_INSTALL_LIBDIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

2
tf-psa-crypto/pkgconfig/tfpsacrypto.pc.in
View File

@ -7,4 +7,4 @@ Description: @PKGCONFIG_PROJECT_DESCRIPTION@
URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@
Version: @PROJECT_VERSION@
Cflags: -I"${includedir}"
Libs: -L"${libdir}" -lmbedcrypto -lbuiltin -leverest -lp256m
Libs: -L"${libdir}" -ltfpsacrypto -lbuiltin -leverest -lp256m

2
tf-psa-crypto/programs/test/cmake_package/CMakeLists.txt
View File

@ -32,4 +32,4 @@ find_package(TF-PSA-Crypto REQUIRED)
#
add_executable(cmake_package cmake_package.c)
target_link_libraries(cmake_package TF-PSA-Crypto::mbedcrypto)
target_link_libraries(cmake_package TF-PSA-Crypto::tfpsacrypto)

3
tf-psa-crypto/programs/test/cmake_subproject/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
build
Makefile
cmake_subproject

18
tf-psa-crypto/programs/test/cmake_subproject/CMakeLists.txt Normal file
View File

@ -0,0 +1,18 @@
cmake_minimum_required(VERSION 3.5.1)
# Test the target renaming support by adding a prefix to the targets built
set(TF_PSA_CRYPTO_TARGET_PREFIX subproject_test_)
# We use the parent TF-PSA-Crypto directory as the TF_PSA_CRYPTO_DIR for this
# test. Other projects that use TF-PSA-Crypto as a subproject are likely to
# add by their own relative paths.
set(TF_PSA_CRYPTO_DIR ../../../)
# Add TF-PSA-Crypto as a subdirectory.
add_subdirectory(${TF_PSA_CRYPTO_DIR} build)
# Link against all the TF-PSA-Crypto library. Verifies that the target has been
# created using the specified prefix
add_executable(cmake_subproject cmake_subproject.c)
target_link_libraries(cmake_subproject subproject_test_tfpsacrypto ${CMAKE_THREAD_LIBS_INIT})

19
tf-psa-crypto/programs/test/cmake_subproject/cmake_subproject.c Normal file
View File

@ -0,0 +1,19 @@
/*
* Simple program to test that CMake builds with TF-PSA-Crypto as a
* subdirectory work correctly.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <psa/crypto.h>
/* The main reason to build this is for testing the CMake build, so the program
* doesn't need to do very much. It calls a PSA cryptography API to ensure
* linkage works, but that is all. */
int main()
{
psa_crypto_init();
return 0;
}

0
tf-psa-crypto/programs/test/cmake_subproject/framework/.gitignore vendored Normal file
View File

6
tf-psa-crypto/tests/CMakeLists.txt
View File

@ -1,5 +1,5 @@
set(libs
${mbedcrypto_target}
${tfpsacrypto_target}
${CMAKE_THREAD_LIBS_INIT}
)
@ -287,13 +287,13 @@ function(add_test_suite suite_name)
${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function
${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function
${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function
${mbedcrypto_target}
${tfpsacrypto_target}
BYPRODUCTS
test_suite_${data_name}.datax
)
add_executable(test_suite_${data_name} test_suite_${data_name}.c
$<TARGET_OBJECTS:mbedtls_test>)
$<TARGET_OBJECTS:tf_psa_crypto_test>)
set_base_compile_options(test_suite_${data_name})
target_compile_options(test_suite_${data_name} PRIVATE ${TEST_C_FLAGS})
add_dependencies(test_suite_${data_name} ${dependency})

11
tf-psa-crypto/tests/scripts/components-build-system.sh
View File

@ -9,7 +9,7 @@
#### Build System Testing
################################################################
component_test_cmake_tf_psa_crypto_out_of_source () {
component_test_tf_psa_crypto_cmake_out_of_source () {
msg "build: cmake tf-psa-crypto 'out-of-source' build"
TF_PSA_CRYPTO_ROOT_DIR="$PWD"
mkdir "$OUT_OF_SOURCE_DIR"
@ -22,3 +22,12 @@ component_test_cmake_tf_psa_crypto_out_of_source () {
cd "$TF_PSA_CRYPTO_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
}
component_test_tf_psa_crypto_cmake_as_subdirectory () {
msg "build: cmake 'as-subdirectory' build"
cd programs/test/cmake_subproject
# Note: Explicitly generate files as these are turned off in releases
cmake -D GEN_FILES=ON .
make
./cmake_subproject
}