crypto: Add mbedtls-psa as a submodule
mbedtls-psa contains an implementation of libmbedcrypto, including the PSA
Crypto API.
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..d25c9a6
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "crypto"]
+ path = crypto
+ url = git@github.com:ARMmbed/mbedtls-psa.git
+ branch = feature-psa
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 06f897e..19ab4eb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,6 +9,7 @@
option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
+option(USE_CRYPTO_SUBMODULE "Build and use libmbedcrypto from the crypto submodule." OFF)
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
@@ -177,6 +178,10 @@
add_subdirectory(library)
add_subdirectory(include)
+if(USE_CRYPTO_SUBMODULE)
+ add_subdirectory(crypto/library)
+ add_subdirectory(crypto/include)
+endif()
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
diff --git a/Makefile b/Makefile
index f4c0a00..87b5a0c 100644
--- a/Makefile
+++ b/Makefile
@@ -28,7 +28,13 @@
mkdir -p $(DESTDIR)/lib
cp -RP library/libmbedtls.* $(DESTDIR)/lib
cp -RP library/libmbedx509.* $(DESTDIR)/lib
+ifdef USE_CRYPTO_SUBMODULE
+ mkdir -p $(DESTDIR)/include/psa
+ cp -rp crypto/include/psa $(DESTDIR)/include
+ cp -RP crypto/library/libmbedcrypto.* $(DESTDIR)/lib
+else
cp -RP library/libmbedcrypto.* $(DESTDIR)/lib
+endif
mkdir -p $(DESTDIR)/bin
for p in programs/*/* ; do \
@@ -44,6 +50,9 @@
rm -f $(DESTDIR)/lib/libmbedtls.*
rm -f $(DESTDIR)/lib/libmbedx509.*
rm -f $(DESTDIR)/lib/libmbedcrypto.*
+ifdef USE_CRYPTO_SUBMODULE
+ $(MAKE) -C crypto uninstall
+endif
for p in programs/*/* ; do \
if [ -x $$p ] && [ ! -d $$p ] ; \
@@ -85,6 +94,9 @@
$(MAKE) -C library clean
$(MAKE) -C programs clean
$(MAKE) -C tests clean
+ifdef USE_CRYPTO_SUBMODULE
+ $(MAKE) -C crypto clean
+endif
ifndef WINDOWS
find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
endif
diff --git a/crypto b/crypto
new file mode 160000
index 0000000..dbb83ac
--- /dev/null
+++ b/crypto
@@ -0,0 +1 @@
+Subproject commit dbb83ac5f7b96077b21fc9fe72b2687986acf963
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index da1eb64..cab8c27 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -140,48 +140,80 @@
endif()
if(USE_STATIC_MBEDTLS_LIBRARY)
- add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
- set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
- target_link_libraries(${mbedcrypto_static_target} ${libs})
- target_include_directories(${mbedcrypto_static_target} PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ if(NOT USE_CRYPTO_SUBMODULE)
+ add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
+ set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
+ target_link_libraries(${mbedcrypto_static_target} ${libs})
+ target_include_directories(${mbedcrypto_static_target} PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ endif()
add_library(${mbedx509_static_target} STATIC ${src_x509})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
- target_include_directories(${mbedx509_static_target} PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ target_include_directories(${mbedx509_static_target}
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
add_library(${mbedtls_static_target} STATIC ${src_tls})
set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
- target_include_directories(${mbedtls_static_target} PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ target_include_directories(${mbedtls_static_target}
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/
+ )
- install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ if(USE_CRYPTO_SUBMODULE)
+ install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ else()
+ install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ endif()
endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
- add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3)
- target_link_libraries(mbedcrypto ${libs})
- target_include_directories(mbedcrypto PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ if(NOT USE_CRYPTO_SUBMODULE)
+ add_library(mbedcrypto SHARED ${src_crypto})
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3)
+ target_link_libraries(mbedcrypto ${libs})
+ target_include_directories(mbedcrypto PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ endif()
add_library(mbedx509 SHARED ${src_x509})
set_target_properties(mbedx509 PROPERTIES VERSION 2.14.0 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
- target_include_directories(mbedx509 PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ target_include_directories(mbedx509
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
add_library(mbedtls SHARED ${src_tls})
set_target_properties(mbedtls PROPERTIES VERSION 2.14.0 SOVERSION 12)
target_link_libraries(mbedtls ${libs} mbedx509)
- target_include_directories(mbedtls PUBLIC ${CMAKE_SOURCE_DIR}/include/)
+ target_include_directories(mbedtls
+ PUBLIC ${CMAKE_SOURCE_DIR}/include/
+ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
- install(TARGETS mbedtls mbedx509 mbedcrypto
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ if(USE_CRYPTO_SUBMODULE)
+ install(TARGETS mbedtls mbedx509
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ else()
+ install(TARGETS mbedtls mbedx509 mbedcrypto
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ endif()
endif(USE_SHARED_MBEDTLS_LIBRARY)
-add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
-if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+if(USE_CRYPTO_SUBMODULE)
+ add_custom_target(lib DEPENDS mbedx509 mbedtls)
+ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+ add_dependencies(lib mbedx509_static mbedtls_static)
+ endif()
+else()
+ add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
+ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+ add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+ endif()
endif()
diff --git a/library/Makefile b/library/Makefile
index 430c598..f01b1a1 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -63,6 +63,13 @@
endif
endif
+
+ifdef USE_CRYPTO_SUBMODULE
+# Look in crypto for libmbedcrypto.
+LOCAL_LDFLAGS += -L../crypto/library
+LOCAL_CFLAGS += -I../crypto/include
+CRYPTO := ../crypto/library/
+else
OBJS_CRYPTO= aes.o aesni.o arc4.o \
aria.o asn1parse.o asn1write.o \
base64.o bignum.o blowfish.o \
@@ -85,6 +92,8 @@
sha1.o sha256.o sha512.o \
threading.o timing.o version.o \
version_features.o xtea.o
+CRYPTO :=
+endif
OBJS_X509= certs.o pkcs11.o x509.o \
x509_create.o x509_crl.o x509_crt.o \
@@ -148,7 +157,7 @@
endif
endif
-libmbedx509.$(SOEXT_X509): $(OBJS_X509) libmbedcrypto.so
+libmbedx509.$(SOEXT_X509): $(OBJS_X509) $(CRYPTO)libmbedcrypto.so
echo " LD $@"
$(CC) -shared -Wl,-soname,$@ -L. -lmbedcrypto $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509)
@@ -165,6 +174,10 @@
$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
# crypto
+ifdef USE_CRYPTO_SUBMODULE
+libmbedcrypto.%:
+ $(MAKE) CRYPTO_INCLUDES:="-I../../include -I../include" -C ../crypto/library $@
+else
libmbedcrypto.a: $(OBJS_CRYPTO)
echo " AR $@"
$(AR) $(ARFLAGS) $@ $(OBJS_CRYPTO)
@@ -190,6 +203,7 @@
libmbedcrypto.dll: $(OBJS_CRYPTO)
echo " LD $@"
$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_CRYPTO) -lws2_32 -lwinmm -lgdi32 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
+endif
.c.o:
echo " CC $<"
diff --git a/programs/Makefile b/programs/Makefile
index b6d1fa2..d379ddf 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -14,6 +14,10 @@
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
+ifdef USE_CRYPTO_SUBMODULE
+LOCAL_LDFLAGS += -L../crypto/library
+endif
+
ifndef SHARED
DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
else
diff --git a/tests/Makefile b/tests/Makefile
index b6e49bf..4118c14 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -12,15 +12,22 @@
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
+ifdef USE_CRYPTO_SUBMODULE
+LOCAL_LDFLAGS += -L../crypto/library
+CRYPTO := ../crypto/library/
+else
+CRYPTO := ../library/
+endif
+
# Enable definition of various functions used throughout the testsuite
# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
# on non-POSIX platforms.
LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L
ifndef SHARED
-DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+DEP=$(CRYPTO)libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
else
-DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+DEP=$(CRYPTO)libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
endif
ifdef DEBUG
diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl
index 6fe6abf..4e57658 100755
--- a/tests/scripts/run-test-suites.pl
+++ b/tests/scripts/run-test-suites.pl
@@ -41,8 +41,8 @@
die "$0: no test suite found\n" unless @suites;
# in case test suites are linked dynamically
-$ENV{'LD_LIBRARY_PATH'} = '../library';
-$ENV{'DYLD_LIBRARY_PATH'} = '../library';
+$ENV{'LD_LIBRARY_PATH'} = '../library:../crypto/library';
+$ENV{'DYLD_LIBRARY_PATH'} = '../library:../crypto/library';
my $prefix = $^O eq "MSWin32" ? '' : './';