From 7d5419b6f1da6851f30cefe95d1d2b218b5198b2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 26 Jul 2024 17:11:40 +0200 Subject: [PATCH 01/19] Move test_suite_constant_time_hmac back to mbedtls Signed-off-by: Ronald Cron --- .../tests => tests}/suites/test_suite_constant_time_hmac.data | 0 .../tests => tests}/suites/test_suite_constant_time_hmac.function | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename {tf-psa-crypto/tests => tests}/suites/test_suite_constant_time_hmac.data (100%) rename {tf-psa-crypto/tests => tests}/suites/test_suite_constant_time_hmac.function (100%) diff --git a/tf-psa-crypto/tests/suites/test_suite_constant_time_hmac.data b/tests/suites/test_suite_constant_time_hmac.data similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_constant_time_hmac.data rename to tests/suites/test_suite_constant_time_hmac.data diff --git a/tf-psa-crypto/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function similarity index 100% rename from tf-psa-crypto/tests/suites/test_suite_constant_time_hmac.function rename to tests/suites/test_suite_constant_time_hmac.function From ac8dcb8966dd715e208b19661baedd2f12737489 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 24 Jul 2024 09:49:32 +0200 Subject: [PATCH 02/19] Remove dependency on mbedtls_test_helpers Remove dependency on mbedtls_test_helpers to build the crypto test suites. mbedtls_test_helpers is TLS specific. Signed-off-by: Ronald Cron --- tf-psa-crypto/tests/CMakeLists.txt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index 6224e5faff..e7800c9d2a 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -300,8 +300,7 @@ function(add_test_suite suite_name) ) add_executable(test_suite_${data_name} test_suite_${data_name}.c - $ - $) + $) add_dependencies(test_suite_${data_name} ${dependency}) target_link_libraries(test_suite_${data_name} ${libs}) # Include test-specific header files from ./include and private header From f8a3f28b6d21a2f959f425bffeb046749983b57c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 24 Jul 2024 08:42:32 +0200 Subject: [PATCH 03/19] CMake: Move library options to the top CMakeLists.txt Move library options to the top CMakeLists.txt. That way: - we will be able to set the TF-PSA-Crypto library options according to the Mbed TLS ones. - we can define the crypto library target names in the top CMakeLists.txt and not in the library one that is dedicated to the TLS and x509 libraries now. Signed-off-by: Ronald Cron --- CMakeLists.txt | 13 +++++++++++++ library/CMakeLists.txt | 13 ++----------- 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f05e1e3694..21c9925786 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -95,6 +95,19 @@ else() option(ENABLE_TESTING "Build Mbed TLS tests." ON) endif() +option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) +option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) + +set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") +if (USE_STATIC_MBEDTLS_LIBRARY) + set(mbedcrypto_static_target ${mbedcrypto_target}) +endif() +if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + string(APPEND mbedcrypto_static_target "_static") +endif() + # Warning string - created as a list for compatibility with CMake 2.8 set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n") set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n") diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 0f758223d4..24c4de6f18 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -1,8 +1,3 @@ -option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) -option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) -option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) -option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) - # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without # including the top level CMakeLists.txt. @@ -251,16 +246,13 @@ endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) set(mbedtls_target "${MBEDTLS_TARGET_PREFIX}mbedtls") set(mbedx509_target "${MBEDTLS_TARGET_PREFIX}mbedx509") -set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") set(mbedtls_target ${mbedtls_target} PARENT_SCOPE) set(mbedx509_target ${mbedx509_target} PARENT_SCOPE) -set(mbedcrypto_target ${mbedcrypto_target} PARENT_SCOPE) if (USE_STATIC_MBEDTLS_LIBRARY) - set(mbedtls_static_target ${mbedtls_target}) - set(mbedx509_static_target ${mbedx509_target}) - set(mbedcrypto_static_target ${mbedcrypto_target}) + set(mbedtls_static_target ${mbedtls_target}) + set(mbedx509_static_target ${mbedx509_target}) endif() set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) @@ -268,7 +260,6 @@ set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) string(APPEND mbedtls_static_target "_static") string(APPEND mbedx509_static_target "_static") - string(APPEND mbedcrypto_static_target "_static") list(APPEND target_libraries ${mbedcrypto_static_target} From ac01d6eb7c48816375a0d525a441015ed719e566 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 18 Jul 2024 11:34:55 +0200 Subject: [PATCH 04/19] CMake: Move build of legacy crypto modules to tf-psa-crypto Signed-off-by: Ronald Cron --- CMakeLists.txt | 3 + library/CMakeLists.txt | 111 +------------ tf-psa-crypto/drivers/CMakeLists.txt | 2 +- tf-psa-crypto/drivers/builtin/CMakeLists.txt | 161 +++++++++++++++++++ 4 files changed, 169 insertions(+), 108 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 21c9925786..a83721a9ae 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -101,11 +101,14 @@ option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") +set(builtin_target "${MBEDTLS_TARGET_PREFIX}builtin") if (USE_STATIC_MBEDTLS_LIBRARY) set(mbedcrypto_static_target ${mbedcrypto_target}) + set(builtin_static_target ${builtin_target}) endif() if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) string(APPEND mbedcrypto_static_target "_static") + string(APPEND builtin_static_target "_static") endif() # Warning string - created as a list for compatibility with CMake 2.8 diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 24c4de6f18..da635db832 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -6,62 +6,8 @@ if(NOT DEFINED MBEDTLS_DIR) endif() set(TF_PSA_CRYPTO_CORE_DIR ../tf-psa-crypto/core) -set(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR ../tf-psa-crypto/drivers/builtin/src) set(src_crypto - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aes.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aesni.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aesce.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aria.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/asn1parse.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/asn1write.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/base64.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_core.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_mod.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_mod_raw.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/block_cipher.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/camellia.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ccm.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/chacha20.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/chachapoly.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cipher.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cipher_wrap.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/constant_time.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cmac.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ctr_drbg.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/des.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/dhm.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecdh.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecdsa.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecjpake.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp_curves.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp_curves_new.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/entropy.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/entropy_poll.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/gcm.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/hkdf.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/hmac_drbg.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/lmots.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/lms.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/md.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/md5.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/memory_buffer_alloc.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/nist_kw.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/oid.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pem.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk_ecc.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk_wrap.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkcs12.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkcs5.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkparse.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkwrite.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/platform.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/platform_util.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/poly1305.c ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto.c ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_aead.c ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_cipher.c @@ -78,17 +24,6 @@ set(src_crypto ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_storage.c ${TF_PSA_CRYPTO_CORE_DIR}/psa_its_file.c ${TF_PSA_CRYPTO_CORE_DIR}/psa_util.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ripemd160.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/rsa.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/rsa_alt_helpers.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha1.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha256.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha512.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha3.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/threading.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/timing.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version.c - ${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c ) set(src_x509 @@ -125,42 +60,6 @@ set(src_tls ) if(GEN_FILES) - find_package(Perl REQUIRED) - - file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/include/mbedtls/*.h) - file(GLOB tls_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/*.h) - add_custom_command( - OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c - COMMAND - ${PERL_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl - ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/include/mbedtls - ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c - DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl - ${crypto_error_headers} - ${tls_error_headers} - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/error.fmt - ) - - add_custom_command( - OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c - COMMAND - ${PERL_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_features.pl - ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c - DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_features.pl - ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/mbedtls_config.h - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/version_features.fmt - ) - add_custom_command( OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/ssl_debug_helpers_generated.c @@ -188,8 +87,6 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja ) else() - link_to_source(${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c) - link_to_source(${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c) link_to_source(ssl_debug_helpers_generated.c) link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers.h) link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c) @@ -215,10 +112,6 @@ if(CMAKE_COMPILER_IS_MSVC) endif() endif() -if(WIN32) - set(libs ${libs} ws2_32 bcrypt) -endif(WIN32) - if(CMAKE_C_COMPILER_ID MATCHES "AppleClang") set(CMAKE_C_ARCHIVE_CREATE " Scr ") set(CMAKE_C_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") @@ -275,6 +168,8 @@ if(USE_STATIC_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${builtin_static_target}) + if(TARGET ${everest_target}) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${everest_target}) endif() @@ -298,6 +193,8 @@ if(USE_SHARED_MBEDTLS_LIBRARY) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${builtin_target}) + if(TARGET ${everest_target}) target_link_libraries(${mbedcrypto_target} PUBLIC ${everest_target}) endif() diff --git a/tf-psa-crypto/drivers/CMakeLists.txt b/tf-psa-crypto/drivers/CMakeLists.txt index 517b6dfd9f..3642e02deb 100644 --- a/tf-psa-crypto/drivers/CMakeLists.txt +++ b/tf-psa-crypto/drivers/CMakeLists.txt @@ -1,3 +1,3 @@ -add_subdirectory(builtin) add_subdirectory(everest) add_subdirectory(p256-m) +add_subdirectory(builtin) diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index febd4f0ab6..ab9895f3ac 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -1 +1,162 @@ add_subdirectory(src) + +file(GLOB src_builtin RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} src/*.c) +if(NOT "src/error.c" IN_LIST "${src_builtin}") + list(APPEND src_builtin src/error.c) +endif() +if(NOT "src/version_features.c" IN_LIST "${src_builtin}") + list(APPEND src_builtin src/version_features.c) +endif() + +if(GEN_FILES) + find_package(Perl REQUIRED) + + file(GLOB crypto_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/*.h) + file(GLOB tls_error_headers ${MBEDTLS_DIR}/include/mbedtls/*.h) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/src/error.c + COMMAND + ${PERL_EXECUTABLE} + ${MBEDTLS_DIR}/scripts/generate_errors.pl + ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls + ${MBEDTLS_DIR}/include/mbedtls + ${MBEDTLS_DIR}/scripts/data_files + ${CMAKE_CURRENT_BINARY_DIR}/src/error.c + DEPENDS + ${MBEDTLS_DIR}/scripts/generate_errors.pl + ${crypto_error_headers} + ${tls_error_headers} + ${MBEDTLS_DIR}/scripts/data_files/error.fmt + ) + + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/src/version_features.c + COMMAND + ${PERL_EXECUTABLE} + ${MBEDTLS_DIR}/scripts/generate_features.pl + ${MBEDTLS_DIR}/include/mbedtls + ${MBEDTLS_DIR}/scripts/data_files + ${CMAKE_CURRENT_BINARY_DIR}/src/version_features.c + DEPENDS + ${MBEDTLS_DIR}/scripts/generate_features.pl + ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h + ${MBEDTLS_DIR}/scripts/data_files/version_features.fmt + ) +else() + link_to_source(src/error.c) + link_to_source(src/version_features.c) +endif() + +if(CMAKE_COMPILER_IS_GNUCC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") +endif(CMAKE_COMPILER_IS_GNUCC) + +if(CMAKE_COMPILER_IS_CLANG) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") +endif(CMAKE_COMPILER_IS_CLANG) + +if(CMAKE_COMPILER_IS_MSVC) + option(MSVC_STATIC_RUNTIME "Build the libraries with /MT compiler flag" OFF) + if(MSVC_STATIC_RUNTIME) + foreach(flag_var + CMAKE_C_FLAGS CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE + CMAKE_C_FLAGS_MINSIZEREL CMAKE_C_FLAGS_RELWITHDEBINFO + CMAKE_C_FLAGS_CHECK) + string(REGEX REPLACE "/MD" "/MT" ${flag_var} "${${flag_var}}") + endforeach(flag_var) + endif() +endif() + +if(WIN32) + set(libs ${libs} ws2_32 bcrypt) +endif(WIN32) + +if(CMAKE_C_COMPILER_ID MATCHES "AppleClang") + set(CMAKE_C_ARCHIVE_CREATE " Scr ") + set(CMAKE_C_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") +endif() +if(CMAKE_CXX_COMPILER_ID MATCHES "AppleClang") + set(CMAKE_CXX_ARCHIVE_CREATE " Scr ") + set(CMAKE_CXX_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") +endif() + +if(LINK_WITH_PTHREAD) + set(libs ${libs} ${CMAKE_THREAD_LIBS_INIT}) +endif() + +set(builtin_target ${MBEDTLS_TARGET_PREFIX}builtin) +if (USE_STATIC_MBEDTLS_LIBRARY) + set(builtin_static_target ${builtin_target}) +endif() +set(target_libraries ${builtin_target}) +if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + string(APPEND builtin_static_target "_static") + list(APPEND target_libraries ${builtin_static_target}) +endif() + +set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") +set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + +if(USE_STATIC_MBEDTLS_LIBRARY) + add_library(${builtin_static_target} STATIC ${src_builtin}) + target_link_libraries(${builtin_static_target} PUBLIC ${libs}) + if(TARGET ${everest_target}) + target_link_libraries(${builtin_static_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${builtin_static_target} PUBLIC ${p256m_target}) + endif() +endif(USE_STATIC_MBEDTLS_LIBRARY) + +if(USE_SHARED_MBEDTLS_LIBRARY) + add_library(${builtin_target} SHARED ${src_builtin}) + target_link_libraries(${builtin_target} PUBLIC ${libs}) + if(TARGET ${everest_target}) + target_link_libraries(${builtin_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${builtin_target} PUBLIC ${p256m_target}) + endif() +endif(USE_SHARED_MBEDTLS_LIBRARY) + +foreach (target IN LISTS target_libraries) + target_include_directories(${target} + PUBLIC $ + $ + $ + $ + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../core) + + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + # This must be duplicated from library/CMakeLists.txt because + # everest is not directly linked against any mbedtls targets + # so does not inherit the compile definitions. + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() + + if(INSTALL_MBEDTLS_HEADERS) + + install(DIRECTORY include/mbedtls + DESTINATION include + FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ + DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ + GROUP_EXECUTE WORLD_READ WORLD_EXECUTE + FILES_MATCHING PATTERN "*.h") + + endif(INSTALL_MBEDTLS_HEADERS) + + install(TARGETS ${target} + EXPORT MbedTLSTargets + DESTINATION ${CMAKE_INSTALL_LIBDIR} + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) +endforeach(target) From e82ad15f5e95ee3b4c642fcb74eeb5d63de75168 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Jul 2024 12:01:43 +0200 Subject: [PATCH 05/19] CMake: Move build of the crypto library to tf-psa-crypto Signed-off-by: Ronald Cron --- CMakeLists.txt | 3 - library/CMakeLists.txt | 84 +------------ tf-psa-crypto/core/CMakeLists.txt | 187 +++++++++++++++++++++++++++++ tf-psa-crypto/tests/CMakeLists.txt | 2 +- 4 files changed, 192 insertions(+), 84 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a83721a9ae..21c9925786 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -101,14 +101,11 @@ option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") -set(builtin_target "${MBEDTLS_TARGET_PREFIX}builtin") if (USE_STATIC_MBEDTLS_LIBRARY) set(mbedcrypto_static_target ${mbedcrypto_target}) - set(builtin_static_target ${builtin_target}) endif() if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) string(APPEND mbedcrypto_static_target "_static") - string(APPEND builtin_static_target "_static") endif() # Warning string - created as a list for compatibility with CMake 2.8 diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index da635db832..007aa35707 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -5,27 +5,6 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() -set(TF_PSA_CRYPTO_CORE_DIR ../tf-psa-crypto/core) - -set(src_crypto - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_aead.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_cipher.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_client.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_ecp.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_ffdh.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_hash.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_mac.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_pake.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_rsa.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_se.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_slot_management.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_storage.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_its_file.c - ${TF_PSA_CRYPTO_CORE_DIR}/psa_util.c -) - set(src_x509 pkcs7.c x509.c @@ -72,24 +51,8 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_ssl_debug_helpers.py ${tls_error_headers} ) - - add_custom_command( - OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers.h - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c - COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py - ${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR} - DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja - ) else() link_to_source(ssl_debug_helpers_generated.c) - link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers.h) - link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c) endif() if(CMAKE_COMPILER_IS_GNUCC) @@ -129,10 +92,6 @@ if(LINK_WITH_PTHREAD) set(libs ${libs} ${CMAKE_THREAD_LIBS_INIT}) endif() -if(LINK_WITH_TRUSTED_STORAGE) - set(libs ${libs} trusted_storage) -endif() - if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) message(FATAL_ERROR "Need to choose static or shared mbedtls build!") endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) @@ -148,36 +107,18 @@ if (USE_STATIC_MBEDTLS_LIBRARY) set(mbedx509_static_target ${mbedx509_target}) endif() -set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) +set(target_libraries ${mbedx509_target} ${mbedtls_target}) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) string(APPEND mbedtls_static_target "_static") string(APPEND mbedx509_static_target "_static") list(APPEND target_libraries - ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target}) endif() -set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") -set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") - if(USE_STATIC_MBEDTLS_LIBRARY) - add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) - set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) - target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) - - target_link_libraries(${mbedcrypto_static_target} PUBLIC ${builtin_static_target}) - - if(TARGET ${everest_target}) - target_link_libraries(${mbedcrypto_static_target} PUBLIC ${everest_target}) - endif() - - if(TARGET ${p256m_target}) - target_link_libraries(${mbedcrypto_static_target} PUBLIC ${p256m_target}) - endif() - add_library(${mbedx509_static_target} STATIC ${src_x509}) set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) @@ -188,21 +129,6 @@ if(USE_STATIC_MBEDTLS_LIBRARY) endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) - set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) - add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16) - target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) - - target_link_libraries(${mbedcrypto_target} PUBLIC ${builtin_target}) - - if(TARGET ${everest_target}) - target_link_libraries(${mbedcrypto_target} PUBLIC ${everest_target}) - endif() - - if(TARGET ${p256m_target}) - target_link_libraries(${mbedcrypto_target} PUBLIC ${p256m_target}) - endif() - add_library(${mbedx509_target} SHARED ${src_x509}) set_target_properties(${mbedx509_target} PROPERTIES VERSION 4.0.0 SOVERSION 7) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) @@ -224,9 +150,7 @@ foreach(target IN LISTS target_libraries) $ PRIVATE ${MBEDTLS_DIR}/library/ ${MBEDTLS_DIR}/tf-psa-crypto/core - ${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src - # Needed to include psa_crypto_driver_wrappers.h - ${CMAKE_CURRENT_BINARY_DIR}/../tf-psa-crypto/core) + ${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE if(MBEDTLS_CONFIG_FILE) target_compile_definitions(${target} @@ -247,7 +171,7 @@ endforeach(target) set(lib_target "${MBEDTLS_TARGET_PREFIX}lib") -add_custom_target(${lib_target} DEPENDS ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) +add_custom_target(${lib_target} DEPENDS ${mbedx509_target} ${mbedtls_target}) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - add_dependencies(${lib_target} ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target}) + add_dependencies(${lib_target} ${mbedx509_static_target} ${mbedtls_static_target}) endif() diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index e69de29bb2..1e4a8c73b0 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -0,0 +1,187 @@ +set(src_crypto + psa_crypto.c + psa_crypto_aead.c + psa_crypto_cipher.c + psa_crypto_client.c + psa_crypto_driver_wrappers_no_static.c + psa_crypto_ecp.c + psa_crypto_ffdh.c + psa_crypto_hash.c + psa_crypto_mac.c + psa_crypto_pake.c + psa_crypto_rsa.c + psa_crypto_se.c + psa_crypto_slot_management.c + psa_crypto_storage.c + psa_its_file.c + psa_util.c +) + +if(GEN_FILES) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers_no_static.c + COMMAND + ${MBEDTLS_PYTHON_EXECUTABLE} + ${MBEDTLS_DIR}/scripts/generate_driver_wrappers.py + ${CMAKE_CURRENT_BINARY_DIR} + DEPENDS + ${MBEDTLS_DIR}/scripts/generate_driver_wrappers.py + ${MBEDTLS_DIR}/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja + ${MBEDTLS_DIR}/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja + ) +else() + link_to_source(psa_crypto_driver_wrappers.h) + link_to_source(psa_crypto_driver_wrappers_no_static.c) +endif() + +if(CMAKE_COMPILER_IS_GNUCC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") +endif(CMAKE_COMPILER_IS_GNUCC) + +if(CMAKE_COMPILER_IS_CLANG) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") +endif(CMAKE_COMPILER_IS_CLANG) + +if(CMAKE_COMPILER_IS_MSVC) + option(MSVC_STATIC_RUNTIME "Build the libraries with /MT compiler flag" OFF) + if(MSVC_STATIC_RUNTIME) + foreach(flag_var + CMAKE_C_FLAGS CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE + CMAKE_C_FLAGS_MINSIZEREL CMAKE_C_FLAGS_RELWITHDEBINFO + CMAKE_C_FLAGS_CHECK) + string(REGEX REPLACE "/MD" "/MT" ${flag_var} "${${flag_var}}") + endforeach(flag_var) + endif() +endif() + +if(CMAKE_C_COMPILER_ID MATCHES "AppleClang") + set(CMAKE_C_ARCHIVE_CREATE " Scr ") + set(CMAKE_C_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") +endif() +if(CMAKE_CXX_COMPILER_ID MATCHES "AppleClang") + set(CMAKE_CXX_ARCHIVE_CREATE " Scr ") + set(CMAKE_CXX_ARCHIVE_FINISH " -no_warning_for_no_symbols -c ") +endif() + +if(LINK_WITH_PTHREAD) + set(libs ${libs} ${CMAKE_THREAD_LIBS_INIT}) +endif() + +if(LINK_WITH_TRUSTED_STORAGE) + set(libs ${libs} trusted_storage) +endif() + +if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) + message(FATAL_ERROR "Need to choose static or shared mbedtls build!") +endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) + +set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") +set(builtin_target "${MBEDTLS_TARGET_PREFIX}builtin") + +if (USE_STATIC_MBEDTLS_LIBRARY) + set(mbedcrypto_static_target ${mbedcrypto_target}) + set(builtin_static_target ${builtin_target}) +endif() + +set(target_libraries ${mbedcrypto_target}) + +if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + string(APPEND mbedcrypto_static_target "_static") + string(APPEND builtin_static_target "_static") + + list(APPEND target_libraries + ${mbedcrypto_static_target}) +endif() + +set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") +set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + +if(USE_STATIC_MBEDTLS_LIBRARY) + add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) + set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) + + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${builtin_static_target}) + + if(TARGET ${everest_target}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${p256m_target}) + endif() +endif(USE_STATIC_MBEDTLS_LIBRARY) + +if(USE_SHARED_MBEDTLS_LIBRARY) + set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) + add_library(${mbedcrypto_target} SHARED ${src_crypto}) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16) + target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) + + target_link_libraries(${mbedcrypto_target} PUBLIC ${builtin_target}) + + if(TARGET ${everest_target}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${p256m_target}) + endif() +endif(USE_SHARED_MBEDTLS_LIBRARY) + +foreach(target IN LISTS target_libraries) + add_library(MbedTLS::${target} ALIAS ${target}) # add_subdirectory support + # Include public header files include/, drivers/builtin/include/ and + # ${MBEDTLS_DIR}/include/ as we still need it. Include private header files + # from core/ and drivers/builtin/src/. + target_include_directories(${target} + PUBLIC $ + $ + $ + $ + PRIVATE ${MBEDTLS_DIR}/tf-psa-crypto/core + ${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src + # Needed to include psa_crypto_driver_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}) + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() + install( + TARGETS ${target} + EXPORT MbedTLSTargets + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) +endforeach(target) + +if(USE_STATIC_MBEDTLS_LIBRARY) + add_custom_command( + TARGET ${mbedcrypto_static_target} + POST_BUILD + COMMAND ${CMAKE_COMMAND} + ARGS -E copy $ ${CMAKE_BINARY_DIR}/library) +endif(USE_STATIC_MBEDTLS_LIBRARY) + +if(USE_SHARED_MBEDTLS_LIBRARY) + add_custom_command( + TARGET ${mbedcrypto_target} + POST_BUILD + COMMAND ${CMAKE_COMMAND} + ARGS -E copy $ + ${CMAKE_BINARY_DIR}/library/$) + add_custom_command( + TARGET ${mbedcrypto_target} + POST_BUILD + COMMAND ${CMAKE_COMMAND} + ARGS -E copy $ + ${CMAKE_BINARY_DIR}/library/$) +endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index e7800c9d2a..88f12f8b57 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -294,7 +294,7 @@ function(add_test_suite suite_name) ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function - ${mbedtls_target} + ${mbedcrypto_target} BYPRODUCTS test_suite_${data_name}.datax ) From 69c489c25abbee299d5c96fe4a41ce564f5a5a57 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jul 2024 08:36:59 +0200 Subject: [PATCH 06/19] Move PSA drivers to drivers/builtin/src They were mistakenly moved to the core directory from the library directory. Signed-off-by: Ronald Cron --- library/Makefile | 18 +++++++++--------- tests/src/drivers/hash.c | 2 +- tests/src/drivers/test_driver_aead.c | 2 +- .../test_driver_asymmetric_encryption.c | 2 +- tests/src/drivers/test_driver_cipher.c | 2 +- tests/src/drivers/test_driver_key_agreement.c | 4 ++-- tests/src/drivers/test_driver_key_management.c | 6 +++--- tests/src/drivers/test_driver_mac.c | 2 +- tests/src/drivers/test_driver_pake.c | 2 +- tests/src/drivers/test_driver_signature.c | 6 +++--- tf-psa-crypto/core/CMakeLists.txt | 9 --------- .../builtin/src}/psa_crypto_aead.c | 0 .../builtin/src}/psa_crypto_aead.h | 0 .../builtin/src}/psa_crypto_cipher.c | 0 .../builtin/src}/psa_crypto_cipher.h | 0 .../builtin/src}/psa_crypto_ecp.c | 0 .../builtin/src}/psa_crypto_ecp.h | 0 .../builtin/src}/psa_crypto_ffdh.c | 0 .../builtin/src}/psa_crypto_ffdh.h | 0 .../builtin/src}/psa_crypto_hash.c | 0 .../builtin/src}/psa_crypto_hash.h | 0 .../builtin/src}/psa_crypto_mac.c | 0 .../builtin/src}/psa_crypto_mac.h | 0 .../builtin/src}/psa_crypto_pake.c | 0 .../builtin/src}/psa_crypto_pake.h | 0 .../builtin/src}/psa_crypto_rsa.c | 0 .../builtin/src}/psa_crypto_rsa.h | 0 .../{core => drivers/builtin/src}/psa_util.c | 0 .../builtin/src}/psa_util_internal.h | 0 29 files changed, 23 insertions(+), 32 deletions(-) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_aead.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_aead.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_cipher.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_cipher.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_ecp.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_ecp.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_ffdh.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_ffdh.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_hash.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_hash.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_mac.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_mac.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_pake.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_pake.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_rsa.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_crypto_rsa.h (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_util.c (100%) rename tf-psa-crypto/{core => drivers/builtin/src}/psa_util_internal.h (100%) diff --git a/library/Makefile b/library/Makefile index e9651580f9..96f454eac4 100644 --- a/library/Makefile +++ b/library/Makefile @@ -111,21 +111,12 @@ endif OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_aead.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_cipher.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_client.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_ecp.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_ffdh.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_hash.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_mac.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_pake.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_rsa.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_se.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_slot_management.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_storage.o \ $(TF_PSA_CRYPTO_CORE_PATH)/psa_its_file.o \ - $(TF_PSA_CRYPTO_CORE_PATH)/psa_util.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aes.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesni.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesce.o \ @@ -179,6 +170,15 @@ OBJS_CRYPTO= \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform_util.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/poly1305.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_aead.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_cipher.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_ecp.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_ffdh.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_hash.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_mac.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_pake.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_crypto_rsa.o \ + $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/psa_util.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ripemd160.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa.o \ $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa_alt_helpers.o \ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 2416ba8123..5d938ea579 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -13,7 +13,7 @@ #include "test/drivers/hash.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h" #endif mbedtls_test_driver_hash_hooks_t diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 080b4dba81..9c0677a7eb 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -16,7 +16,7 @@ #include "mbedtls/constant_time.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_aead.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.h" #endif mbedtls_test_driver_aead_hooks_t diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index 55e09b2f34..32644009e0 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -16,7 +16,7 @@ #include "test/drivers/key_management.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" #endif #define PSA_RSA_KEY_PAIR_MAX_SIZE \ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index ace0ed313d..136610b36b 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -19,7 +19,7 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_cipher.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.h" #endif #include diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 8a8e3a8074..b99d7cdba0 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -21,8 +21,8 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) #include "libtestdriver1/tf-psa-crypto/include/psa/crypto.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h" #endif mbedtls_test_driver_key_agreement_hooks_t diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index c0869f1291..337c254738 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -23,9 +23,9 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h" #endif #include diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index de43e49074..9b671b8676 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -13,7 +13,7 @@ #include "test/drivers/mac.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_mac.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.h" #endif mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks = diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c index 963110109a..bcef6b5f47 100644 --- a/tests/src/drivers/test_driver_pake.c +++ b/tests/src/drivers/test_driver_pake.c @@ -14,7 +14,7 @@ #include "string.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_pake.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.h" #endif mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks = diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 02c6298a29..92ec93becd 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -26,9 +26,9 @@ #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h" -#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h" +#include "libtestdriver1/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h" #endif #include diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index 1e4a8c73b0..c138ab3dc8 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -1,20 +1,11 @@ set(src_crypto psa_crypto.c - psa_crypto_aead.c - psa_crypto_cipher.c psa_crypto_client.c psa_crypto_driver_wrappers_no_static.c - psa_crypto_ecp.c - psa_crypto_ffdh.c - psa_crypto_hash.c - psa_crypto_mac.c - psa_crypto_pake.c - psa_crypto_rsa.c psa_crypto_se.c psa_crypto_slot_management.c psa_crypto_storage.c psa_its_file.c - psa_util.c ) if(GEN_FILES) diff --git a/tf-psa-crypto/core/psa_crypto_aead.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_aead.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.c diff --git a/tf-psa-crypto/core/psa_crypto_aead.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_aead.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_aead.h diff --git a/tf-psa-crypto/core/psa_crypto_cipher.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_cipher.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.c diff --git a/tf-psa-crypto/core/psa_crypto_cipher.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_cipher.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_cipher.h diff --git a/tf-psa-crypto/core/psa_crypto_ecp.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_ecp.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.c diff --git a/tf-psa-crypto/core/psa_crypto_ecp.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_ecp.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_ecp.h diff --git a/tf-psa-crypto/core/psa_crypto_ffdh.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_ffdh.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.c diff --git a/tf-psa-crypto/core/psa_crypto_ffdh.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_ffdh.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_ffdh.h diff --git a/tf-psa-crypto/core/psa_crypto_hash.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_hash.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.c diff --git a/tf-psa-crypto/core/psa_crypto_hash.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_hash.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_hash.h diff --git a/tf-psa-crypto/core/psa_crypto_mac.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_mac.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.c diff --git a/tf-psa-crypto/core/psa_crypto_mac.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_mac.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_mac.h diff --git a/tf-psa-crypto/core/psa_crypto_pake.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_pake.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.c diff --git a/tf-psa-crypto/core/psa_crypto_pake.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_pake.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_pake.h diff --git a/tf-psa-crypto/core/psa_crypto_rsa.c b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c similarity index 100% rename from tf-psa-crypto/core/psa_crypto_rsa.c rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.c diff --git a/tf-psa-crypto/core/psa_crypto_rsa.h b/tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h similarity index 100% rename from tf-psa-crypto/core/psa_crypto_rsa.h rename to tf-psa-crypto/drivers/builtin/src/psa_crypto_rsa.h diff --git a/tf-psa-crypto/core/psa_util.c b/tf-psa-crypto/drivers/builtin/src/psa_util.c similarity index 100% rename from tf-psa-crypto/core/psa_util.c rename to tf-psa-crypto/drivers/builtin/src/psa_util.c diff --git a/tf-psa-crypto/core/psa_util_internal.h b/tf-psa-crypto/drivers/builtin/src/psa_util_internal.h similarity index 100% rename from tf-psa-crypto/core/psa_util_internal.h rename to tf-psa-crypto/drivers/builtin/src/psa_util_internal.h From d3f717d5366902016e64628e7dde86719a79ee4b Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 25 Jul 2024 14:58:47 +0200 Subject: [PATCH 07/19] CMake: Move build of crypto test suites to tf-psa-crypto Signed-off-by: Ronald Cron --- CMakeLists.txt | 1 - tf-psa-crypto/CMakeLists.txt | 5 +++++ tf-psa-crypto/tests/CMakeLists.txt | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 21c9925786..d20dbfe735 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -430,7 +430,6 @@ if(ENABLE_TESTING) enable_testing() add_subdirectory(tests) - add_subdirectory(tf-psa-crypto/tests) # additional convenience targets for Unix only if(UNIX) diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index 1dc9f9f0db..3669da3ce5 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -38,3 +38,8 @@ endif() add_subdirectory(include) add_subdirectory(core) add_subdirectory(drivers) + +if(ENABLE_TESTING) + enable_testing() + add_subdirectory(tests) +endif() diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index 88f12f8b57..cf25c716fd 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -1,5 +1,5 @@ set(libs - ${mbedtls_target} + ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT} ) From 4c670fa98e5121af3d1fce2a582745ca25175c57 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 25 Jul 2024 09:22:39 +0200 Subject: [PATCH 08/19] cmake: Add TF_PSA_CRYPTO_DIR Signed-off-by: Ronald Cron --- tf-psa-crypto/CMakeLists.txt | 3 +++ tf-psa-crypto/core/CMakeLists.txt | 8 ++++---- tf-psa-crypto/drivers/builtin/CMakeLists.txt | 4 ++-- tf-psa-crypto/drivers/everest/CMakeLists.txt | 6 +++--- tf-psa-crypto/drivers/p256-m/CMakeLists.txt | 6 +++--- 5 files changed, 15 insertions(+), 12 deletions(-) diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index 3669da3ce5..6e9789a90b 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -35,6 +35,9 @@ if(LIB_INSTALL_DIR) set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") endif() +# Set the project root directory. +set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR}) + add_subdirectory(include) add_subdirectory(core) add_subdirectory(drivers) diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index c138ab3dc8..dfc292cc4a 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -129,11 +129,11 @@ foreach(target IN LISTS target_libraries) # from core/ and drivers/builtin/src/. target_include_directories(${target} PUBLIC $ - $ - $ + $ + $ $ - PRIVATE ${MBEDTLS_DIR}/tf-psa-crypto/core - ${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src + PRIVATE ${TF_PSA_CRYPTO_DIR}/core + ${TF_PSA_CRYPTO_DIR}/drivers/builtin/src # Needed to include psa_crypto_driver_wrappers.h ${CMAKE_CURRENT_BINARY_DIR}) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index ab9895f3ac..ed2c0f80d0 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -128,8 +128,8 @@ foreach (target IN LISTS target_libraries) PUBLIC $ $ $ - $ - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../core) + $ + PRIVATE ${TF_PSA_CRYPTO_DIR}/core) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE # This must be duplicated from library/CMakeLists.txt because diff --git a/tf-psa-crypto/drivers/everest/CMakeLists.txt b/tf-psa-crypto/drivers/everest/CMakeLists.txt index 4958a79162..82a85974ff 100644 --- a/tf-psa-crypto/drivers/everest/CMakeLists.txt +++ b/tf-psa-crypto/drivers/everest/CMakeLists.txt @@ -8,13 +8,13 @@ add_library(${everest_target} target_include_directories(${everest_target} PUBLIC $ $ - $ - $ + $ + $ $ PRIVATE include/everest include/everest/kremlib ${MBEDTLS_DIR}/library - ${MBEDTLS_DIR}/tf-psa-crypto/core) + ${TF_PSA_CRYPTO_DIR}/core) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE # This must be duplicated from library/CMakeLists.txt because diff --git a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt index f097ed13a5..165ee150f8 100644 --- a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt +++ b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt @@ -8,11 +8,11 @@ target_include_directories(${p256m_target} PUBLIC $ $ $ - $ - $ + $ + $ $ PRIVATE ${MBEDTLS_DIR}/library/ - ${MBEDTLS_DIR}/tf-psa-crypto/core) + ${TF_PSA_CRYPTO_DIR}/core) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE # This must be duplicated from library/CMakeLists.txt because From b6254f5b977434dccb52de2a5bec573db4ae4d74 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 25 Jul 2024 14:52:19 +0200 Subject: [PATCH 09/19] cmake: Add MBEDTLS_FRAMEWORK_DIR Signed-off-by: Ronald Cron --- CMakeLists.txt | 15 ++++---- tests/CMakeLists.txt | 10 ++--- tf-psa-crypto/tests/CMakeLists.txt | 62 +++++++++++++++--------------- 3 files changed, 44 insertions(+), 43 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index d20dbfe735..8372905d0d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -59,8 +59,9 @@ if(NOT DEFINED MBEDTLS_AS_SUBPROJECT) endif() endif() -# Set the project root directory. +# Set the project and framework root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/framework) option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) @@ -313,8 +314,8 @@ if(LIB_INSTALL_DIR) set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") endif() -if (NOT EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/framework/CMakeLists.txt") - message(FATAL_ERROR "${CMAKE_CURRENT_SOURCE_DIR}/framework/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") +if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt") + message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") endif() add_subdirectory(framework) @@ -353,11 +354,11 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${CMAKE_CURRENT_SOURCE_DIR}/tests COMMAND "${MBEDTLS_PYTHON_EXECUTABLE}" - "${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_test_keys.py" + "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py" "--output" "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h" DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_test_keys.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py ) add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h) add_custom_command( @@ -367,11 +368,11 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${CMAKE_CURRENT_SOURCE_DIR}/tests COMMAND "${MBEDTLS_PYTHON_EXECUTABLE}" - "${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_test_cert_macros.py" + "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py" "--output" "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h" DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/framework/scripts/generate_test_cert_macros.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py ) add_custom_target(test_certs_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h) add_dependencies(mbedtls_test test_keys_header test_certs_header) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 4a42efe1f2..5b6850376c 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -21,7 +21,7 @@ file(MAKE_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/suites) execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --list-for-cmake WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. @@ -55,11 +55,11 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites ${config_generated_data_files} DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py # Do not declare the configuration files as dependencies: they # change too often in ways that don't affect the result # ((un)commenting some options). @@ -140,7 +140,7 @@ function(add_test_suite suite_name) test_suite_${data_name}.c COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_test_code.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${data_file} -t ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/tests/suites/main_test.function @@ -149,7 +149,7 @@ function(add_test_suite suite_name) --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/tests/suites/helpers.function -o . DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/generate_test_code.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_code.py ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${data_file} ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/tests/suites/main_test.function diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index cf25c716fd..dc3cea5f9a 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -21,7 +21,7 @@ file(MAKE_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/suites) execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_bignum_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_bignum_tests.py --list-for-cmake WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. @@ -33,7 +33,7 @@ string(REGEX REPLACE "[^;]*/" "" execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --list-for-cmake WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. @@ -52,7 +52,7 @@ endforeach() execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_ecp_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_ecp_tests.py --list-for-cmake WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. @@ -64,7 +64,7 @@ string(REGEX REPLACE "[^;]*/" "" execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_psa_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_psa_tests.py --list-for-cmake WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. @@ -105,16 +105,16 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_bignum_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_bignum_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_bignum_tests.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/bignum_common.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/bignum_core.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/bignum_mod_raw.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/bignum_mod.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_case.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_data_generation.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_bignum_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/bignum_common.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/bignum_core.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/bignum_mod_raw.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/bignum_mod.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_case.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_data_generation.py ) add_custom_command( OUTPUT @@ -123,11 +123,11 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites ${config_generated_data_files} DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_config_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py # Do not declare the configuration files as dependencies: they # change too often in ways that don't affect the result # ((un)commenting some options). @@ -139,14 +139,14 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_ecp_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_ecp_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_ecp_tests.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/bignum_common.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/ecp.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_case.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_data_generation.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_ecp_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/bignum_common.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/ecp.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_case.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_data_generation.py ) add_custom_command( OUTPUT @@ -155,17 +155,17 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_psa_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_psa_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_psa_tests.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/crypto_data_tests.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/crypto_knowledge.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/macro_collector.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/psa_information.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/psa_storage.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_case.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/mbedtls_framework/test_data_generation.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_psa_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/crypto_data_tests.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/crypto_knowledge.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/macro_collector.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/psa_information.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/psa_storage.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_case.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/mbedtls_framework/test_data_generation.py ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_values.h ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_extra.h @@ -279,7 +279,7 @@ function(add_test_suite suite_name) test_suite_${data_name}.c COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_test_code.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${data_file} -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function @@ -288,7 +288,7 @@ function(add_test_suite suite_name) --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o . DEPENDS - ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/scripts/generate_test_code.py + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_code.py ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${data_file} ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function From 8d887d18f1c5244c83406ed6ed0dba39ad9e0f2f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 25 Jul 2024 15:43:42 +0200 Subject: [PATCH 10/19] cmake: tf-psa-crypto: Replace some Mbed TLS options/variables by TF-PSA-Crypto ones Signed-off-by: Ronald Cron --- tf-psa-crypto/CMakeLists.txt | 6 ++++ tf-psa-crypto/core/CMakeLists.txt | 36 ++++++++++---------- tf-psa-crypto/drivers/builtin/CMakeLists.txt | 22 ++++++------ tf-psa-crypto/drivers/everest/CMakeLists.txt | 6 ++-- tf-psa-crypto/drivers/p256-m/CMakeLists.txt | 6 ++-- tf-psa-crypto/tests/CMakeLists.txt | 20 +++++------ 6 files changed, 51 insertions(+), 45 deletions(-) diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index 6e9789a90b..31832acbf7 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -35,6 +35,12 @@ if(LIB_INSTALL_DIR) set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") endif() +set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${MBEDTLS_PYTHON_EXECUTABLE}) +set(USE_STATIC_TF_PSA_CRYPTO_LIBRARY ${USE_STATIC_MBEDTLS_LIBRARY}) +set(USE_SHARED_TF_PSA_CRYPTO_LIBRARY ${USE_SHARED_MBEDTLS_LIBRARY}) +set(TF_PSA_CRYPTO_TARGET_PREFIX ${MBEDTLS_TARGET_PREFIX}) +option(INSTALL_TF_PSA_CRYPTO_HEADERS "Install TF-PSA-Crypto headers." ${INSTALL_MBEDTLS_HEADERS}) + # Set the project root directory. set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR}) diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index dfc292cc4a..0917cae2f4 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -14,7 +14,7 @@ if(GEN_FILES) ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers.h ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers_no_static.c COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/generate_driver_wrappers.py ${CMAKE_CURRENT_BINARY_DIR} DEPENDS @@ -64,21 +64,21 @@ if(LINK_WITH_TRUSTED_STORAGE) set(libs ${libs} trusted_storage) endif() -if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) - message(FATAL_ERROR "Need to choose static or shared mbedtls build!") -endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) +if (NOT USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND NOT USE_SHARED_TF_PSA_CRYPTO_LIBRARY) + message(FATAL_ERROR "Need to choose static or shared TF-PSA-Crypto build!") +endif(NOT USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND NOT USE_SHARED_TF_PSA_CRYPTO_LIBRARY) -set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") -set(builtin_target "${MBEDTLS_TARGET_PREFIX}builtin") +set(mbedcrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}mbedcrypto") +set(builtin_target "${TF_PSA_CRYPTO_TARGET_PREFIX}builtin") -if (USE_STATIC_MBEDTLS_LIBRARY) +if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY) set(mbedcrypto_static_target ${mbedcrypto_target}) set(builtin_static_target ${builtin_target}) endif() set(target_libraries ${mbedcrypto_target}) -if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY) string(APPEND mbedcrypto_static_target "_static") string(APPEND builtin_static_target "_static") @@ -86,10 +86,10 @@ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) ${mbedcrypto_static_target}) endif() -set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") -set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") +set(p256m_target "${TF_PSA_CRYPTO_TARGET_PREFIX}p256m") +set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest") -if(USE_STATIC_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) @@ -103,9 +103,9 @@ if(USE_STATIC_MBEDTLS_LIBRARY) if(TARGET ${p256m_target}) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${p256m_target}) endif() -endif(USE_STATIC_MBEDTLS_LIBRARY) +endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) -if(USE_SHARED_MBEDTLS_LIBRARY) +if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 4.0.0 SOVERSION 16) @@ -120,7 +120,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY) if(TARGET ${p256m_target}) target_link_libraries(${mbedcrypto_target} PUBLIC ${p256m_target}) endif() -endif(USE_SHARED_MBEDTLS_LIBRARY) +endif(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) foreach(target IN LISTS target_libraries) add_library(MbedTLS::${target} ALIAS ${target}) # add_subdirectory support @@ -154,15 +154,15 @@ foreach(target IN LISTS target_libraries) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) endforeach(target) -if(USE_STATIC_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) add_custom_command( TARGET ${mbedcrypto_static_target} POST_BUILD COMMAND ${CMAKE_COMMAND} ARGS -E copy $ ${CMAKE_BINARY_DIR}/library) -endif(USE_STATIC_MBEDTLS_LIBRARY) +endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) -if(USE_SHARED_MBEDTLS_LIBRARY) +if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) add_custom_command( TARGET ${mbedcrypto_target} POST_BUILD @@ -175,4 +175,4 @@ if(USE_SHARED_MBEDTLS_LIBRARY) COMMAND ${CMAKE_COMMAND} ARGS -E copy $ ${CMAKE_BINARY_DIR}/library/$) -endif(USE_SHARED_MBEDTLS_LIBRARY) +endif(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index ed2c0f80d0..0043fca4e2 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -86,20 +86,20 @@ if(LINK_WITH_PTHREAD) set(libs ${libs} ${CMAKE_THREAD_LIBS_INIT}) endif() -set(builtin_target ${MBEDTLS_TARGET_PREFIX}builtin) -if (USE_STATIC_MBEDTLS_LIBRARY) +set(builtin_target ${TF_PSA_CRYPTO_TARGET_PREFIX}builtin) +if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY) set(builtin_static_target ${builtin_target}) endif() set(target_libraries ${builtin_target}) -if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY) string(APPEND builtin_static_target "_static") list(APPEND target_libraries ${builtin_static_target}) endif() -set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") -set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") +set(p256m_target "${TF_PSA_CRYPTO_TARGET_PREFIX}p256m") +set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest") -if(USE_STATIC_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) add_library(${builtin_static_target} STATIC ${src_builtin}) target_link_libraries(${builtin_static_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -109,9 +109,9 @@ if(USE_STATIC_MBEDTLS_LIBRARY) if(TARGET ${p256m_target}) target_link_libraries(${builtin_static_target} PUBLIC ${p256m_target}) endif() -endif(USE_STATIC_MBEDTLS_LIBRARY) +endif(USE_STATIC_TF_PSA_CRYPTO_LIBRARY) -if(USE_SHARED_MBEDTLS_LIBRARY) +if(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) add_library(${builtin_target} SHARED ${src_builtin}) target_link_libraries(${builtin_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -121,7 +121,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY) if(TARGET ${p256m_target}) target_link_libraries(${builtin_target} PUBLIC ${p256m_target}) endif() -endif(USE_SHARED_MBEDTLS_LIBRARY) +endif(USE_SHARED_TF_PSA_CRYPTO_LIBRARY) foreach (target IN LISTS target_libraries) target_include_directories(${target} @@ -144,7 +144,7 @@ foreach (target IN LISTS target_libraries) PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() - if(INSTALL_MBEDTLS_HEADERS) + if(INSTALL_TF_PSA_CRYPTO_HEADERS) install(DIRECTORY include/mbedtls DESTINATION include @@ -153,7 +153,7 @@ foreach (target IN LISTS target_libraries) GROUP_EXECUTE WORLD_READ WORLD_EXECUTE FILES_MATCHING PATTERN "*.h") - endif(INSTALL_MBEDTLS_HEADERS) + endif(INSTALL_TF_PSA_CRYPTO_HEADERS) install(TARGETS ${target} EXPORT MbedTLSTargets diff --git a/tf-psa-crypto/drivers/everest/CMakeLists.txt b/tf-psa-crypto/drivers/everest/CMakeLists.txt index 82a85974ff..e7048590ef 100644 --- a/tf-psa-crypto/drivers/everest/CMakeLists.txt +++ b/tf-psa-crypto/drivers/everest/CMakeLists.txt @@ -1,4 +1,4 @@ -set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") +set(everest_target "${TF_PSA_CRYPTO_TARGET_PREFIX}everest") add_library(${everest_target} library/everest.c @@ -29,7 +29,7 @@ if(MBEDTLS_USER_CONFIG_FILE) PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() -if(INSTALL_MBEDTLS_HEADERS) +if(INSTALL_TF_PSA_CRYPTO_HEADERS) install(DIRECTORY include/everest DESTINATION include @@ -37,7 +37,7 @@ if(INSTALL_MBEDTLS_HEADERS) DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE FILES_MATCHING PATTERN "*.h") -endif(INSTALL_MBEDTLS_HEADERS) +endif(INSTALL_TF_PSA_CRYPTO_HEADERS) install(TARGETS ${everest_target} EXPORT MbedTLSTargets diff --git a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt index 165ee150f8..bc53a5e465 100644 --- a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt +++ b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt @@ -1,4 +1,4 @@ -set(p256m_target ${MBEDTLS_TARGET_PREFIX}p256m) +set(p256m_target ${TF_PSA_CRYPTO_TARGET_PREFIX}p256m) add_library(${p256m_target} p256-m_driver_entrypoints.c @@ -27,7 +27,7 @@ if(MBEDTLS_USER_CONFIG_FILE) PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() -if(INSTALL_MBEDTLS_HEADERS) +if(INSTALL_TF_PSA_CRYPTO_HEADERS) install(DIRECTORY :${CMAKE_CURRENT_SOURCE_DIR} DESTINATION include @@ -35,7 +35,7 @@ if(INSTALL_MBEDTLS_HEADERS) DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE FILES_MATCHING PATTERN "*.h") -endif(INSTALL_MBEDTLS_HEADERS) +endif(INSTALL_TF_PSA_CRYPTO_HEADERS) install(TARGETS ${p256m_target} EXPORT MbedTLSTargets diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index dc3cea5f9a..862d8623b0 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -10,7 +10,7 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() -if(NOT MBEDTLS_PYTHON_EXECUTABLE) +if(NOT TF_PSA_CRYPTO_PYTHON_EXECUTABLE) message(FATAL_ERROR "Cannot build test suites without Python 3") endif() @@ -20,7 +20,7 @@ file(MAKE_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/suites) # Get base names for generated files execute_process( COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_bignum_tests.py --list-for-cmake WORKING_DIRECTORY @@ -32,7 +32,7 @@ string(REGEX REPLACE "[^;]*/" "" execute_process( COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --list-for-cmake WORKING_DIRECTORY @@ -51,7 +51,7 @@ endforeach() execute_process( COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_ecp_tests.py --list-for-cmake WORKING_DIRECTORY @@ -63,7 +63,7 @@ string(REGEX REPLACE "[^;]*/" "" execute_process( COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_psa_tests.py --list-for-cmake WORKING_DIRECTORY @@ -104,7 +104,7 @@ if(GEN_FILES) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_bignum_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS @@ -122,7 +122,7 @@ if(GEN_FILES) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_config_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites ${config_generated_data_files} @@ -138,7 +138,7 @@ if(GEN_FILES) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_ecp_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS @@ -154,7 +154,7 @@ if(GEN_FILES) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.. COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_psa_tests.py --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS @@ -278,7 +278,7 @@ function(add_test_suite suite_name) # input argument. test_suite_${data_name}.c COMMAND - ${MBEDTLS_PYTHON_EXECUTABLE} + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${data_file} From 701faac8dec9c2f5bf1375ada4e5ad65c8f902f4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 20 Jul 2024 14:43:53 +0200 Subject: [PATCH 11/19] Introduce TF-PSA-Crypto.cmake Copy of mbedtls top CMakeLists.txt file. The TF-PSA-Crypto top CMakeList.txt file will be derived from that file to outline what is common and what is different between the two. Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 502 ++++++++++++++++++++++++++++++ 1 file changed, 502 insertions(+) create mode 100644 tf-psa-crypto/TF-PSA-Crypto.cmake diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake new file mode 100644 index 0000000000..8372905d0d --- /dev/null +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -0,0 +1,502 @@ +# +# CMake build system design considerations: +# +# - Include directories: +# + Do not define include directories globally using the include_directories +# command but rather at the target level using the +# target_include_directories command. That way, it is easier to guarantee +# that targets are built using the proper list of include directories. +# + Use the PUBLIC and PRIVATE keywords to specify the scope of include +# directories. That way, a target linking to a library (using the +# target_link_libraries command) inherits from the library PUBLIC include +# directories and not from the PRIVATE ones. +# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling +# CMake in order to avoid target name clashes, via the use of +# MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the +# mbedtls, mbedx509, mbedcrypto and apidoc targets. +# + +# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here +# until our infrastructure catches up. +cmake_minimum_required(VERSION 3.5.1) + +include(CMakePackageConfigHelpers) + +# Include convenience functions for printing properties and variables, like +# cmake_print_properties(), cmake_print_variables(). +include(CMakePrintHelpers) + +# https://cmake.org/cmake/help/latest/policy/CMP0011.html +# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD +# policy setting is deprecated, and will be removed in future versions. +cmake_policy(SET CMP0011 NEW) +# https://cmake.org/cmake/help/latest/policy/CMP0012.html +# Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2 +# (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required +# for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting +# is deprecated and will be removed in future versions. +cmake_policy(SET CMP0012 NEW) + +if(TEST_CPP) + project("Mbed TLS" + LANGUAGES C CXX + VERSION 4.0.0 + ) +else() + project("Mbed TLS" + LANGUAGES C + VERSION 4.0.0 + ) +endif() + +include(GNUInstallDirs) + +# Determine if Mbed TLS is being built as a subproject using add_subdirectory() +if(NOT DEFINED MBEDTLS_AS_SUBPROJECT) + set(MBEDTLS_AS_SUBPROJECT ON) + if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR) + set(MBEDTLS_AS_SUBPROJECT OFF) + endif() +endif() + +# Set the project and framework root directory. +set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/framework) + +option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) + +option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) +option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) +if(CMAKE_HOST_WIN32) + # N.B. The comment on the next line is significant! If you change it, + # edit the sed command in prepare_release.sh that modifies + # CMakeLists.txt. + option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development +else() + option(GEN_FILES "Generate the auto-generated files as needed" ON) +endif() + +option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${MBEDTLS_AS_SUBPROJECT}) + +if (CMAKE_C_SIMULATE_ID) + set(COMPILER_ID ${CMAKE_C_SIMULATE_ID}) +else() + set(COMPILER_ID ${CMAKE_C_COMPILER_ID}) +endif(CMAKE_C_SIMULATE_ID) + +string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${COMPILER_ID}") +string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${COMPILER_ID}") +string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${COMPILER_ID}") +string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${COMPILER_ID}") + +# the test suites currently have compile errors with MSVC +if(CMAKE_COMPILER_IS_MSVC) + option(ENABLE_TESTING "Build Mbed TLS tests." OFF) +else() + option(ENABLE_TESTING "Build Mbed TLS tests." ON) +endif() + +option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) +option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) + +set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") +if (USE_STATIC_MBEDTLS_LIBRARY) + set(mbedcrypto_static_target ${mbedcrypto_target}) +endif() +if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + string(APPEND mbedcrypto_static_target "_static") +endif() + +# Warning string - created as a list for compatibility with CMake 2.8 +set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n") +set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n") +set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n") + +set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}" + "${CTR_DRBG_128_BIT_KEY_WARN_L1}" + "${CTR_DRBG_128_BIT_KEY_WARN_L2}" + "${CTR_DRBG_128_BIT_KEY_WARN_L3}" + "${WARNING_BORDER}") + +# Python 3 is only needed here to check for configuration warnings. +if(NOT CMAKE_VERSION VERSION_LESS 3.15.0) + set(Python3_FIND_STRATEGY LOCATION) + find_package(Python3 COMPONENTS Interpreter) + if(Python3_Interpreter_FOUND) + set(MBEDTLS_PYTHON_EXECUTABLE ${Python3_EXECUTABLE}) + endif() +else() + find_package(PythonInterp 3) + if(PYTHONINTERP_FOUND) + set(MBEDTLS_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE}) + endif() +endif() +if(MBEDTLS_PYTHON_EXECUTABLE) + + # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning + execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + RESULT_VARIABLE result) + if(${result} EQUAL 0) + message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) + endif() + +endif() + +# We now potentially need to link all executables against PThreads, if available +set(CMAKE_THREAD_PREFER_PTHREAD TRUE) +set(THREADS_PREFER_PTHREAD_FLAG TRUE) +find_package(Threads) + +# If this is the root project add longer list of available CMAKE_BUILD_TYPE values +if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) + set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE} + CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg" + FORCE) +endif() + +# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).") +set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).") + +# Create a symbolic link from ${base_name} in the binary directory +# to the corresponding path in the source directory. +# Note: Copies the file(s) on Windows. +function(link_to_source base_name) + set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}") + set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}") + + # Linking to non-existent file is not desirable. At best you will have a + # dangling link, but when building in tree, this can create a symbolic link + # to itself. + if (EXISTS ${target} AND NOT EXISTS ${link}) + if (CMAKE_HOST_UNIX) + execute_process(COMMAND ln -s ${target} ${link} + RESULT_VARIABLE result + ERROR_VARIABLE output) + + if (NOT ${result} EQUAL 0) + message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}") + endif() + else() + if (IS_DIRECTORY ${target}) + file(GLOB_RECURSE files FOLLOW_SYMLINKS LIST_DIRECTORIES false RELATIVE ${target} "${target}/*") + foreach(file IN LISTS files) + configure_file("${target}/${file}" "${link}/${file}" COPYONLY) + endforeach(file) + else() + configure_file(${target} ${link} COPYONLY) + endif() + endif() + endif() +endfunction(link_to_source) + +# Get the filename without the final extension (i.e. convert "a.b.c" to "a.b") +function(get_name_without_last_ext dest_var full_name) + # Split into a list on '.' (but a cmake list is just a ';'-separated string) + string(REPLACE "." ";" ext_parts "${full_name}") + # Remove the last item if there are more than one + list(LENGTH ext_parts ext_parts_len) + if (${ext_parts_len} GREATER "1") + math(EXPR ext_parts_last_item "${ext_parts_len} - 1") + list(REMOVE_AT ext_parts ${ext_parts_last_item}) + endif() + # Convert back to a string by replacing separators with '.' + string(REPLACE ";" "." no_ext_name "${ext_parts}") + # Copy into the desired variable + set(${dest_var} ${no_ext_name} PARENT_SCOPE) +endfunction(get_name_without_last_ext) + +include(CheckCCompilerFlag) + +set(CMAKE_C_EXTENSIONS OFF) +set(CMAKE_C_STANDARD 99) + +if(CMAKE_COMPILER_IS_GNU) + # some warnings we want are not available with old GCC versions + # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION + execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion + OUTPUT_VARIABLE GCC_VERSION) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes") + if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat=2 -Wno-format-nonliteral") + endif() + if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla") + endif() + if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op") + endif() + if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow") + endif() + if (GCC_VERSION VERSION_GREATER 5.0) + CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) + if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-signedness") + endif() + endif() + if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") + endif() + set(CMAKE_C_FLAGS_RELEASE "-O2") + set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") + set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") + set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") + set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_CHECK "-Os") + set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") +endif(CMAKE_COMPILER_IS_GNU) + +if(CMAKE_COMPILER_IS_CLANG) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral") + set(CMAKE_C_FLAGS_RELEASE "-O2") + set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") + set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") + set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") + set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3") + set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") + set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_CHECK "-Os") +endif(CMAKE_COMPILER_IS_CLANG) + +if(CMAKE_COMPILER_IS_IAR) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts") + set(CMAKE_C_FLAGS_RELEASE "-Ohz") + set(CMAKE_C_FLAGS_DEBUG "--debug -On") +endif(CMAKE_COMPILER_IS_IAR) + +if(CMAKE_COMPILER_IS_MSVC) + # Strictest warnings, UTF-8 source and execution charset + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8") +endif(CMAKE_COMPILER_IS_MSVC) + +if(MBEDTLS_FATAL_WARNINGS) + if(CMAKE_COMPILER_IS_MSVC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") + endif(CMAKE_COMPILER_IS_MSVC) + + if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") + if(UNSAFE_BUILD) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=cpp") + set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error=cpp") + set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp") + endif(UNSAFE_BUILD) + endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) + + if (CMAKE_COMPILER_IS_IAR) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") + endif(CMAKE_COMPILER_IS_IAR) +endif(MBEDTLS_FATAL_WARNINGS) + +if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) + set(CMAKE_CXX_STANDARD 11) + set(CMAKE_CXX_STANDARD_REQUIRED ON) + set(CMAKE_CXX_EXTENSIONS OFF) + if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pedantic") + endif() +endif() + +if(CMAKE_BUILD_TYPE STREQUAL "Coverage") + if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) + set(CMAKE_SHARED_LINKER_FLAGS "--coverage") + endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG) +endif(CMAKE_BUILD_TYPE STREQUAL "Coverage") + +if(LIB_INSTALL_DIR) + set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") +endif() + +if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt") + message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") +endif() +add_subdirectory(framework) + +add_subdirectory(include) + +add_subdirectory(tf-psa-crypto) + +add_subdirectory(library) + +add_subdirectory(pkgconfig) + +# +# The C files in tests/src directory contain test code shared among test suites +# and programs. This shared test code is compiled and linked to test suites and +# programs objects as a set of compiled objects. The compiled objects are NOT +# built into a library that the test suite and program objects would link +# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries. +# The reason is that such library is expected to have mutual dependencies with +# the aforementioned libraries and that there is as of today no portable way of +# handling such dependencies (only toolchain specific solutions). +# +# Thus the below definition of the `mbedtls_test` CMake library of objects +# target. This library of objects is used by tests and programs CMake files +# to define the test executables. +# +if(ENABLE_TESTING OR ENABLE_PROGRAMS) + file(GLOB MBEDTLS_TEST_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) + add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) + if(GEN_FILES) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h + WORKING_DIRECTORY + ${CMAKE_CURRENT_SOURCE_DIR}/tests + COMMAND + "${MBEDTLS_PYTHON_EXECUTABLE}" + "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py" + "--output" + "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h" + DEPENDS + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py + ) + add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h) + add_custom_command( + OUTPUT + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h + WORKING_DIRECTORY + ${CMAKE_CURRENT_SOURCE_DIR}/tests + COMMAND + "${MBEDTLS_PYTHON_EXECUTABLE}" + "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py" + "--output" + "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h" + DEPENDS + ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py + ) + add_custom_target(test_certs_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h) + add_dependencies(mbedtls_test test_keys_header test_certs_header) + endif() + target_include_directories(mbedtls_test + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src) + # Request C11, needed for memory poisoning tests + set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11) + + file(GLOB MBEDTLS_TEST_HELPER_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c) + add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES}) + target_include_directories(mbedtls_test_helpers + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/everest/include) + + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() +endif() + +if(ENABLE_PROGRAMS) + set(ssl_opt_target "${MBEDTLS_TARGET_PREFIX}ssl-opt") + add_custom_target(${ssl_opt_target}) + + add_subdirectory(programs) +endif() + +ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc + COMMAND doxygen mbedtls.doxyfile + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen) + +if(ENABLE_TESTING) + enable_testing() + + add_subdirectory(tests) + + # additional convenience targets for Unix only + if(UNIX) + + # For coverage testing: + # 1. Build with: + # cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make + # 2. Run the relevant tests for the part of the code you're interested in. + # For the reference coverage measurement, see + # tests/scripts/basic-build-test.sh + # 3. Run scripts/lcov.sh to generate an HTML report. + ADD_CUSTOM_TARGET(lcov + COMMAND scripts/lcov.sh + ) + + ADD_CUSTOM_TARGET(memcheck + COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl + COMMAND ctest -O memcheck.log -D ExperimentalMemCheck + COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null + COMMAND rm -f memcheck.log + COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl + ) + endif(UNIX) + + # Make scripts needed for testing available in an out-of-source build. + if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) + link_to_source(scripts) + # Copy (don't link) DartConfiguration.tcl, needed for memcheck, to + # keep things simple with the sed commands in the memcheck target. + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl + ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY) + endif() +endif() + +if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) + configure_package_config_file( + "cmake/MbedTLSConfig.cmake.in" + "cmake/MbedTLSConfig.cmake" + INSTALL_DESTINATION "cmake") + + write_basic_package_version_file( + "cmake/MbedTLSConfigVersion.cmake" + COMPATIBILITY SameMajorVersion + VERSION 4.0.0) + + install( + FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" + "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake" + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS") + + export( + EXPORT MbedTLSTargets + NAMESPACE MbedTLS:: + FILE "cmake/MbedTLSTargets.cmake") + + install( + EXPORT MbedTLSTargets + NAMESPACE MbedTLS:: + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS" + FILE "MbedTLSTargets.cmake") + + if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15) + # Do not export the package by default + cmake_policy(SET CMP0090 NEW) + + # Make this package visible to the system + export(PACKAGE MbedTLS) + endif() +endif() From 4c3fa0aa997bb5b73f340de59259c20922ee0fc8 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Jul 2024 10:50:39 +0200 Subject: [PATCH 12/19] TF-PSA-Crypto.cmake: Do not support package config/install/apidoc/lcov Do not support package config, install, apidoc and lcov for the time being. Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 57 ++----------------------------- 1 file changed, 2 insertions(+), 55 deletions(-) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index 8372905d0d..3c509084d1 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -76,7 +76,8 @@ else() option(GEN_FILES "Generate the auto-generated files as needed" ON) endif() -option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${MBEDTLS_AS_SUBPROJECT}) +# Support for package config and install to be added later. +option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ON) if (CMAKE_C_SIMULATE_ID) set(COMPILER_ID ${CMAKE_C_SIMULATE_ID}) @@ -325,8 +326,6 @@ add_subdirectory(tf-psa-crypto) add_subdirectory(library) -add_subdirectory(pkgconfig) - # # The C files in tests/src directory contain test code shared among test suites # and programs. This shared test code is compiled and linked to test suites and @@ -423,10 +422,6 @@ if(ENABLE_PROGRAMS) add_subdirectory(programs) endif() -ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc - COMMAND doxygen mbedtls.doxyfile - WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen) - if(ENABLE_TESTING) enable_testing() @@ -434,18 +429,6 @@ if(ENABLE_TESTING) # additional convenience targets for Unix only if(UNIX) - - # For coverage testing: - # 1. Build with: - # cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make - # 2. Run the relevant tests for the part of the code you're interested in. - # For the reference coverage measurement, see - # tests/scripts/basic-build-test.sh - # 3. Run scripts/lcov.sh to generate an HTML report. - ADD_CUSTOM_TARGET(lcov - COMMAND scripts/lcov.sh - ) - ADD_CUSTOM_TARGET(memcheck COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl COMMAND ctest -O memcheck.log -D ExperimentalMemCheck @@ -464,39 +447,3 @@ if(ENABLE_TESTING) ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY) endif() endif() - -if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) - configure_package_config_file( - "cmake/MbedTLSConfig.cmake.in" - "cmake/MbedTLSConfig.cmake" - INSTALL_DESTINATION "cmake") - - write_basic_package_version_file( - "cmake/MbedTLSConfigVersion.cmake" - COMPATIBILITY SameMajorVersion - VERSION 4.0.0) - - install( - FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" - "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake" - DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS") - - export( - EXPORT MbedTLSTargets - NAMESPACE MbedTLS:: - FILE "cmake/MbedTLSTargets.cmake") - - install( - EXPORT MbedTLSTargets - NAMESPACE MbedTLS:: - DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/MbedTLS" - FILE "MbedTLSTargets.cmake") - - if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15) - # Do not export the package by default - cmake_policy(SET CMP0090 NEW) - - # Make this package visible to the system - export(PACKAGE MbedTLS) - endif() -endif() From 97d05e5e53217545cb4969fcfefe692feb40819a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 20 Jul 2024 15:02:50 +0200 Subject: [PATCH 13/19] TF-PSA-Crypto.cmake: Remove TLS and x509 specifics Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 32 ++++++------------------------- 1 file changed, 6 insertions(+), 26 deletions(-) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index 3c509084d1..b88bdca0f4 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -13,7 +13,7 @@ # - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling # CMake in order to avoid target name clashes, via the use of # MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the -# mbedtls, mbedx509, mbedcrypto and apidoc targets. +# mbedcrypto and apidoc targets. # # We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here @@ -331,10 +331,10 @@ add_subdirectory(library) # and programs. This shared test code is compiled and linked to test suites and # programs objects as a set of compiled objects. The compiled objects are NOT # built into a library that the test suite and program objects would link -# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries. -# The reason is that such library is expected to have mutual dependencies with -# the aforementioned libraries and that there is as of today no portable way of -# handling such dependencies (only toolchain specific solutions). +# against as they link against the mbedcrypto library. The reason is that such +# library is expected to have mutual dependencies with the aforementioned +# library and that there is as of today no portable way of handling such +# dependencies (only toolchain specific solutions). # # Thus the below definition of the `mbedtls_test` CMake library of objects # target. This library of objects is used by tests and programs CMake files @@ -360,6 +360,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py ) add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h) + add_custom_command( OUTPUT ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h @@ -381,44 +382,23 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src) # Request C11, needed for memory poisoning tests set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11) - file(GLOB MBEDTLS_TEST_HELPER_FILES - ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c) - add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES}) - target_include_directories(mbedtls_test_helpers - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/everest/include) - # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE if(MBEDTLS_CONFIG_FILE) target_compile_definitions(mbedtls_test PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") - target_compile_definitions(mbedtls_test_helpers - PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() if(MBEDTLS_USER_CONFIG_FILE) target_compile_definitions(mbedtls_test PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") - target_compile_definitions(mbedtls_test_helpers - PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() endif() if(ENABLE_PROGRAMS) - set(ssl_opt_target "${MBEDTLS_TARGET_PREFIX}ssl-opt") - add_custom_target(${ssl_opt_target}) - add_subdirectory(programs) endif() From 31829a8abf58d7b7dd1bdcb42f566f475f7ee050 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 29 Jul 2024 19:06:40 +0200 Subject: [PATCH 14/19] TF-PSA-Crypto.cmake: Fix submodules Remove framework and pkgconfig for the time being. Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index b88bdca0f4..e18e8bf2e7 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -318,13 +318,10 @@ endif() if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt") message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.") endif() -add_subdirectory(framework) add_subdirectory(include) - -add_subdirectory(tf-psa-crypto) - -add_subdirectory(library) +add_subdirectory(core) +add_subdirectory(drivers) # # The C files in tests/src directory contain test code shared among test suites From 9c8472624d91dd94e42a1c13cc126e08b0484ebd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 20 Jul 2024 14:56:49 +0200 Subject: [PATCH 15/19] TF-PSA-Crypto.cmake: TF-PSA-Cryto-ify the file Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 83 ++++++++++++++++--------------- 1 file changed, 42 insertions(+), 41 deletions(-) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index e18e8bf2e7..fe25d8d8de 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -10,10 +10,10 @@ # directories. That way, a target linking to a library (using the # target_link_libraries command) inherits from the library PUBLIC include # directories and not from the PRIVATE ones. -# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling -# CMake in order to avoid target name clashes, via the use of -# MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the -# mbedcrypto and apidoc targets. +# - TF_PSA_CRYPTO_TARGET_PREFIX: CMake targets are designed to be alterable by +# calling CMake in order to avoid target name clashes, via the use of +# TF_PSA_CRYPTO_TARGET_PREFIX. The value of this variable is prefixed to the +# tfpsacrypto and apidoc targets. # # We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here @@ -38,35 +38,36 @@ cmake_policy(SET CMP0011 NEW) cmake_policy(SET CMP0012 NEW) if(TEST_CPP) - project("Mbed TLS" + project("TF-PSA-Crypto" LANGUAGES C CXX - VERSION 4.0.0 + VERSION 0.1.0 ) else() - project("Mbed TLS" + project("TF-PSA-Crypto" LANGUAGES C - VERSION 4.0.0 + VERSION 0.1.0 ) endif() include(GNUInstallDirs) -# Determine if Mbed TLS is being built as a subproject using add_subdirectory() -if(NOT DEFINED MBEDTLS_AS_SUBPROJECT) - set(MBEDTLS_AS_SUBPROJECT ON) +# Determine if TF-PSA-Crypto is being built as a subproject using add_subdirectory() +if(NOT DEFINED TF_PSA_CRYPTO_AS_SUBPROJECT) + set(TF_PSA_CRYPTO_AS_SUBPROJECT ON) if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR) - set(MBEDTLS_AS_SUBPROJECT OFF) + set(TF_PSA_CRYPTO_AS_SUBPROJECT OFF) endif() endif() -# Set the project and framework root directory. -set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) -set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/framework) +# Set the project, Mbed TLS and framework root directory. +set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/..) +set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../framework) -option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) +option(ENABLE_PROGRAMS "Build TF-PSA-Crypto programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) -option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) +option(TF_PSA_CRYPTO_FATAL_WARNINGS "Compiler warnings treated as errors" ON) if(CMAKE_HOST_WIN32) # N.B. The comment on the next line is significant! If you change it, # edit the sed command in prepare_release.sh that modifies @@ -92,21 +93,21 @@ string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${COMPILER_ID}") # the test suites currently have compile errors with MSVC if(CMAKE_COMPILER_IS_MSVC) - option(ENABLE_TESTING "Build Mbed TLS tests." OFF) + option(ENABLE_TESTING "Build TF-PSA-Crypto tests." OFF) else() - option(ENABLE_TESTING "Build Mbed TLS tests." ON) + option(ENABLE_TESTING "Build TF-PSA-Crypto tests." ON) endif() -option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) -option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(USE_STATIC_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto static library." ON) +option(USE_SHARED_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto shared library." OFF) option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) -set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") -if (USE_STATIC_MBEDTLS_LIBRARY) +set(mbedcrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}mbedcrypto") +if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY) set(mbedcrypto_static_target ${mbedcrypto_target}) endif() -if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) +if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY) string(APPEND mbedcrypto_static_target "_static") endif() @@ -126,18 +127,18 @@ if(NOT CMAKE_VERSION VERSION_LESS 3.15.0) set(Python3_FIND_STRATEGY LOCATION) find_package(Python3 COMPONENTS Interpreter) if(Python3_Interpreter_FOUND) - set(MBEDTLS_PYTHON_EXECUTABLE ${Python3_EXECUTABLE}) + set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${Python3_EXECUTABLE}) endif() else() find_package(PythonInterp 3) if(PYTHONINTERP_FOUND) - set(MBEDTLS_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE}) + set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE}) endif() endif() -if(MBEDTLS_PYTHON_EXECUTABLE) +if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY RESULT_VARIABLE result) if(${result} EQUAL 0) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) @@ -157,9 +158,9 @@ if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) FORCE) endif() -# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs -set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).") -set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).") +# Make TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE into PATHs +set(TF_PSA_CRYPTO_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto config file (overrides default).") +set(TF_PSA_CRYPTO_USER_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto user config file (appended to default).") # Create a symbolic link from ${base_name} in the binary directory # to the corresponding path in the source directory. @@ -277,7 +278,7 @@ if(CMAKE_COMPILER_IS_MSVC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8") endif(CMAKE_COMPILER_IS_MSVC) -if(MBEDTLS_FATAL_WARNINGS) +if(TF_PSA_CRYPTO_FATAL_WARNINGS) if(CMAKE_COMPILER_IS_MSVC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") endif(CMAKE_COMPILER_IS_MSVC) @@ -294,7 +295,7 @@ if(MBEDTLS_FATAL_WARNINGS) if (CMAKE_COMPILER_IS_IAR) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") endif(CMAKE_COMPILER_IS_IAR) -endif(MBEDTLS_FATAL_WARNINGS) +endif(TF_PSA_CRYPTO_FATAL_WARNINGS) if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP) set(CMAKE_CXX_STANDARD 11) @@ -328,7 +329,7 @@ add_subdirectory(drivers) # and programs. This shared test code is compiled and linked to test suites and # programs objects as a set of compiled objects. The compiled objects are NOT # built into a library that the test suite and program objects would link -# against as they link against the mbedcrypto library. The reason is that such +# against as they link against the tfpsacrypto library. The reason is that such # library is expected to have mutual dependencies with the aforementioned # library and that there is as of today no portable way of handling such # dependencies (only toolchain specific solutions). @@ -349,7 +350,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/tests COMMAND - "${MBEDTLS_PYTHON_EXECUTABLE}" + "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}" "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py" "--output" "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h" @@ -364,7 +365,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/tests COMMAND - "${MBEDTLS_PYTHON_EXECUTABLE}" + "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}" "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py" "--output" "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h" @@ -384,14 +385,14 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) # Request C11, needed for memory poisoning tests set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11) - # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE - if(MBEDTLS_CONFIG_FILE) + # Pass-through TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE + if(TF_PSA_CRYPTO_CONFIG_FILE) target_compile_definitions(mbedtls_test - PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}") endif() - if(MBEDTLS_USER_CONFIG_FILE) + if(TF_PSA_CRYPTO_USER_CONFIG_FILE) target_compile_definitions(mbedtls_test - PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}") endif() endif() From e9e7b763efc76ba6b634f8c4bea08b1f39e44329 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 20 Jul 2024 15:28:39 +0200 Subject: [PATCH 16/19] TF-PSA-Crypto.cmake: Fix paths to tests scripts and C modules Signed-off-by: Ronald Cron --- tf-psa-crypto/TF-PSA-Crypto.cmake | 34 +++++++++++++++---------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index fe25d8d8de..4dbb20ff14 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -138,7 +138,7 @@ endif() if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY RESULT_VARIABLE result) if(${result} EQUAL 0) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) @@ -340,48 +340,48 @@ add_subdirectory(drivers) # if(ENABLE_TESTING OR ENABLE_PROGRAMS) file(GLOB MBEDTLS_TEST_FILES - ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c - ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) + ${MBEDTLS_DIR}/tests/src/*.c + ${MBEDTLS_DIR}/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) if(GEN_FILES) add_custom_command( OUTPUT - ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h + ${MBEDTLS_DIR}/tests/src/test_keys.h WORKING_DIRECTORY - ${CMAKE_CURRENT_SOURCE_DIR}/tests + ${MBEDTLS_DIR}/tests COMMAND "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}" "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py" "--output" - "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h" + "${MBEDTLS_DIR}/tests/src/test_keys.h" DEPENDS ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py ) - add_custom_target(test_keys_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_keys.h) + add_custom_target(test_keys_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_keys.h) add_custom_command( OUTPUT - ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h + ${MBEDTLS_DIR}/tests/src/test_certs.h WORKING_DIRECTORY - ${CMAKE_CURRENT_SOURCE_DIR}/tests + ${MBEDTLS_DIR}/tests COMMAND "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}" "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py" "--output" - "${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h" + "${MBEDTLS_DIR}/tests/src/test_certs.h" DEPENDS ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py ) - add_custom_target(test_certs_header DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_certs.h) + add_custom_target(test_certs_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_certs.h) add_dependencies(mbedtls_test test_keys_header test_certs_header) endif() target_include_directories(mbedtls_test - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src) + PRIVATE ${MBEDTLS_DIR}/tests/include + PRIVATE ${MBEDTLS_DIR}/include + PRIVATE include + PRIVATE drivers/builtin/include + PRIVATE core + PRIVATE drivers/builtin/src) # Request C11, needed for memory poisoning tests set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11) From d2ca9a1b7edc82882515335ae1f03d660115eb19 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 23 Jul 2024 11:21:52 +0200 Subject: [PATCH 17/19] Add support to build only the tf-psa-crypto tree Signed-off-by: Ronald Cron --- tf-psa-crypto/CMakeLists.txt | 20 +++++++++++ tf-psa-crypto/DartConfiguration.tcl | 4 +++ tf-psa-crypto/TF-PSA-Crypto.cmake | 51 --------------------------- tf-psa-crypto/framework/.gitignore | 1 + tf-psa-crypto/programs/CMakeLists.txt | 0 5 files changed, 25 insertions(+), 51 deletions(-) create mode 100644 tf-psa-crypto/DartConfiguration.tcl create mode 100644 tf-psa-crypto/framework/.gitignore create mode 100644 tf-psa-crypto/programs/CMakeLists.txt diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index 31832acbf7..63a71fc017 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -31,6 +31,8 @@ cmake_policy(SET CMP0011 NEW) # is deprecated and will be removed in future versions. cmake_policy(SET CMP0012 NEW) +if(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)) + if(LIB_INSTALL_DIR) set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") endif() @@ -52,3 +54,21 @@ if(ENABLE_TESTING) enable_testing() add_subdirectory(tests) endif() + +else(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)) + +if(TEST_CPP) + project("TF-PSA-Crypto" + LANGUAGES C CXX + VERSION 0.1.0 + ) +else() + project("TF-PSA-Crypto" + LANGUAGES C + VERSION 0.1.0 + ) +endif() + +include(TF-PSA-Crypto.cmake) + +endif(NOT (CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)) diff --git a/tf-psa-crypto/DartConfiguration.tcl b/tf-psa-crypto/DartConfiguration.tcl new file mode 100644 index 0000000000..af0578a581 --- /dev/null +++ b/tf-psa-crypto/DartConfiguration.tcl @@ -0,0 +1,4 @@ +Site: localhost +BuildName: Mbed TLS-test +CoverageCommand: /usr/bin/gcov +MemoryCheckCommand: /usr/bin/valgrind diff --git a/tf-psa-crypto/TF-PSA-Crypto.cmake b/tf-psa-crypto/TF-PSA-Crypto.cmake index 4dbb20ff14..e520ad15be 100644 --- a/tf-psa-crypto/TF-PSA-Crypto.cmake +++ b/tf-psa-crypto/TF-PSA-Crypto.cmake @@ -1,54 +1,3 @@ -# -# CMake build system design considerations: -# -# - Include directories: -# + Do not define include directories globally using the include_directories -# command but rather at the target level using the -# target_include_directories command. That way, it is easier to guarantee -# that targets are built using the proper list of include directories. -# + Use the PUBLIC and PRIVATE keywords to specify the scope of include -# directories. That way, a target linking to a library (using the -# target_link_libraries command) inherits from the library PUBLIC include -# directories and not from the PRIVATE ones. -# - TF_PSA_CRYPTO_TARGET_PREFIX: CMake targets are designed to be alterable by -# calling CMake in order to avoid target name clashes, via the use of -# TF_PSA_CRYPTO_TARGET_PREFIX. The value of this variable is prefixed to the -# tfpsacrypto and apidoc targets. -# - -# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here -# until our infrastructure catches up. -cmake_minimum_required(VERSION 3.5.1) - -include(CMakePackageConfigHelpers) - -# Include convenience functions for printing properties and variables, like -# cmake_print_properties(), cmake_print_variables(). -include(CMakePrintHelpers) - -# https://cmake.org/cmake/help/latest/policy/CMP0011.html -# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD -# policy setting is deprecated, and will be removed in future versions. -cmake_policy(SET CMP0011 NEW) -# https://cmake.org/cmake/help/latest/policy/CMP0012.html -# Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2 -# (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required -# for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting -# is deprecated and will be removed in future versions. -cmake_policy(SET CMP0012 NEW) - -if(TEST_CPP) - project("TF-PSA-Crypto" - LANGUAGES C CXX - VERSION 0.1.0 - ) -else() - project("TF-PSA-Crypto" - LANGUAGES C - VERSION 0.1.0 - ) -endif() - include(GNUInstallDirs) # Determine if TF-PSA-Crypto is being built as a subproject using add_subdirectory() diff --git a/tf-psa-crypto/framework/.gitignore b/tf-psa-crypto/framework/.gitignore new file mode 100644 index 0000000000..182ce949ee --- /dev/null +++ b/tf-psa-crypto/framework/.gitignore @@ -0,0 +1 @@ +data_files diff --git a/tf-psa-crypto/programs/CMakeLists.txt b/tf-psa-crypto/programs/CMakeLists.txt new file mode 100644 index 0000000000..e69de29bb2 From 308c7375724fceb8cd1f3b0cfb589c31f8854cd4 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Wed, 7 Aug 2024 15:00:28 +0100 Subject: [PATCH 18/19] Add all.sh component Signed-off-by: Minos Galanakis Signed-off-by: Ronald Cron --- tests/scripts/components-build-system.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh index 2c2d46004e..a2c32f7e57 100644 --- a/tests/scripts/components-build-system.sh +++ b/tests/scripts/components-build-system.sh @@ -85,6 +85,26 @@ component_test_cmake_out_of_source () { rm -rf "$OUT_OF_SOURCE_DIR" } +component_test_cmake_tf_psa_crypto_out_of_source () { + # Remove existing generated files so that we use the ones cmake + # generates + make neat + msg "build: cmake tf-psa-crypto 'out-of-source' build" + MBEDTLS_ROOT_DIR="$PWD" + cd tf-psa-crypto + TF_PSA_CRYPTO_ROOT_DIR="$PWD" + mkdir "$OUT_OF_SOURCE_DIR" + cd "$OUT_OF_SOURCE_DIR" + # Note: Explicitly generate files as these are turned off in releases + cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR" + make + msg "test: cmake tf-psa-crypto 'out-of-source' build" + make test + cd "$TF_PSA_CRYPTO_ROOT_DIR" + rm -rf "$OUT_OF_SOURCE_DIR" + cd "$MBEDTLS_ROOT_DIR" +} + component_test_cmake_as_subdirectory () { # Remove existing generated files so that we use the ones CMake # generates From 393f9a1dde1a04b263ce63c01a8b714b473e1d0e Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Wed, 7 Aug 2024 15:01:59 +0100 Subject: [PATCH 19/19] test_psa_compliance: Use the pre-built library Signed-off-by: Ronald Cron Signed-off-by: Minos Galanakis --- tests/scripts/components-compliance.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/components-compliance.sh b/tests/scripts/components-compliance.sh index 8b51f10ee7..16a306da13 100644 --- a/tests/scripts/components-compliance.sh +++ b/tests/scripts/components-compliance.sh @@ -15,7 +15,7 @@ component_test_psa_compliance () { CC=gcc make -C library libmbedcrypto.a msg "unit test: test_psa_compliance.py" - CC=gcc ./tests/scripts/test_psa_compliance.py + CC=gcc ./tests/scripts/test_psa_compliance.py --build-dir="." } support_test_psa_compliance () {