TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / refs/heads/gh-readonly-queue/development/pr-9727-0b7faf9011cda58411a4f21ee940f196decddf1a / . / tf-psa-crypto / TF-PSA-Crypto.cmake
blob: 13b7a45bf0cad322048a1f1f2b2b954f7f70be74 [file] [log] [blame]
Ronald Cronf85882d2024-10-11 19:56:38 +0200[diff] [blame]1include(CMakePackageConfigHelpers)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]2include(GNUInstallDirs)
3
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]4# Determine if TF-PSA-Crypto is being built as a subproject using add_subdirectory()
5if(NOT DEFINED TF_PSA_CRYPTO_AS_SUBPROJECT)
6 set(TF_PSA_CRYPTO_AS_SUBPROJECT ON)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]7 if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR)
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]8 set(TF_PSA_CRYPTO_AS_SUBPROJECT OFF)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]9 endif()
10endif()
11
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]12# Set the project, Mbed TLS and framework root directory.
13set(TF_PSA_CRYPTO_DIR ${CMAKE_CURRENT_SOURCE_DIR})
14set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/..)
15set(MBEDTLS_FRAMEWORK_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../framework)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]16
Ronald Cronb58c2252024-10-04 17:19:50 +0200[diff] [blame]17# Put the version numbers into relevant files
18set(version_number_files
19 doxygen/input/doc_mainpage.h
20 doxygen/tfpsacrypto.doxyfile)
21foreach(file ${version_number_files})
22 configure_file(${file}.in
23 ${TF_PSA_CRYPTO_DIR}/${file})
24endforeach(file)
25
26ADD_CUSTOM_TARGET(${TF_PSA_CRYPTO_TARGET_PREFIX}apidoc
27 COMMAND doxygen tfpsacrypto.doxyfile
28 WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
29
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]30option(ENABLE_PROGRAMS "Build TF-PSA-Crypto programs." ON)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]31
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]32option(TF_PSA_CRYPTO_FATAL_WARNINGS "Compiler warnings treated as errors" ON)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]33if(CMAKE_HOST_WIN32)
34 # N.B. The comment on the next line is significant! If you change it,
35 # edit the sed command in prepare_release.sh that modifies
36 # CMakeLists.txt.
37 option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development
38else()
39 option(GEN_FILES "Generate the auto-generated files as needed" ON)
40endif()
41
Ronald Cron4c3fa0a2024-07-30 10:50:39 +0200[diff] [blame]42# Support for package config and install to be added later.
Ronald Cronf85882d2024-10-11 19:56:38 +0200[diff] [blame]43option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${TF_PSA_CRYPTO_AS_SUBPROJECT})
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]44
45if (CMAKE_C_SIMULATE_ID)
46 set(COMPILER_ID ${CMAKE_C_SIMULATE_ID})
47else()
48 set(COMPILER_ID ${CMAKE_C_COMPILER_ID})
49endif(CMAKE_C_SIMULATE_ID)
50
51string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${COMPILER_ID}")
52string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${COMPILER_ID}")
53string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${COMPILER_ID}")
54string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${COMPILER_ID}")
55
56# the test suites currently have compile errors with MSVC
57if(CMAKE_COMPILER_IS_MSVC)
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]58 option(ENABLE_TESTING "Build TF-PSA-Crypto tests." OFF)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]59else()
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]60 option(ENABLE_TESTING "Build TF-PSA-Crypto tests." ON)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]61endif()
62
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]63option(USE_STATIC_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto static library." ON)
64option(USE_SHARED_TF_PSA_CRYPTO_LIBRARY "Build TF-PSA-Crypto shared library." OFF)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]65option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF)
66option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF)
67
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]68set(mbedcrypto_target "${TF_PSA_CRYPTO_TARGET_PREFIX}mbedcrypto")
69if (USE_STATIC_TF_PSA_CRYPTO_LIBRARY)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]70 set(mbedcrypto_static_target ${mbedcrypto_target})
71endif()
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]72if(USE_STATIC_TF_PSA_CRYPTO_LIBRARY AND USE_SHARED_TF_PSA_CRYPTO_LIBRARY)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]73 string(APPEND mbedcrypto_static_target "_static")
74endif()
75
76# Warning string - created as a list for compatibility with CMake 2.8
77set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
78set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
79set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
80
81set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
82 "${CTR_DRBG_128_BIT_KEY_WARN_L1}"
83 "${CTR_DRBG_128_BIT_KEY_WARN_L2}"
84 "${CTR_DRBG_128_BIT_KEY_WARN_L3}"
85 "${WARNING_BORDER}")
86
87# Python 3 is only needed here to check for configuration warnings.
88if(NOT CMAKE_VERSION VERSION_LESS 3.15.0)
89 set(Python3_FIND_STRATEGY LOCATION)
90 find_package(Python3 COMPONENTS Interpreter)
91 if(Python3_Interpreter_FOUND)
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]92 set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${Python3_EXECUTABLE})
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]93 endif()
94else()
95 find_package(PythonInterp 3)
96 if(PYTHONINTERP_FOUND)
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]97 set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]98 endif()
99endif()
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]100if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]101
102 # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]103 execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]104 RESULT_VARIABLE result)
105 if(${result} EQUAL 0)
106 message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
107 endif()
108
109endif()
110
111# We now potentially need to link all executables against PThreads, if available
112set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
113set(THREADS_PREFER_PTHREAD_FLAG TRUE)
114find_package(Threads)
115
116# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
Ronald Cronf584e972024-10-07 11:38:17 +0200[diff] [blame]117if(NOT TF_PSA_CRYPTO_AS_SUBPROJECT)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]118 set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
119 CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg"
120 FORCE)
121endif()
122
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]123# Make TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE into PATHs
124set(TF_PSA_CRYPTO_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto config file (overrides default).")
125set(TF_PSA_CRYPTO_USER_CONFIG_FILE "" CACHE FILEPATH "TF-PSA-Crypto user config file (appended to default).")
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]126
127# Create a symbolic link from ${base_name} in the binary directory
128# to the corresponding path in the source directory.
129# Note: Copies the file(s) on Windows.
130function(link_to_source base_name)
131 set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
132 set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
133
134 # Linking to non-existent file is not desirable. At best you will have a
135 # dangling link, but when building in tree, this can create a symbolic link
136 # to itself.
137 if (EXISTS ${target} AND NOT EXISTS ${link})
138 if (CMAKE_HOST_UNIX)
139 execute_process(COMMAND ln -s ${target} ${link}
140 RESULT_VARIABLE result
141 ERROR_VARIABLE output)
142
143 if (NOT ${result} EQUAL 0)
144 message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
145 endif()
146 else()
147 if (IS_DIRECTORY ${target})
148 file(GLOB_RECURSE files FOLLOW_SYMLINKS LIST_DIRECTORIES false RELATIVE ${target} "${target}/*")
149 foreach(file IN LISTS files)
150 configure_file("${target}/${file}" "${link}/${file}" COPYONLY)
151 endforeach(file)
152 else()
153 configure_file(${target} ${link} COPYONLY)
154 endif()
155 endif()
156 endif()
157endfunction(link_to_source)
158
159# Get the filename without the final extension (i.e. convert "a.b.c" to "a.b")
160function(get_name_without_last_ext dest_var full_name)
161 # Split into a list on '.' (but a cmake list is just a ';'-separated string)
162 string(REPLACE "." ";" ext_parts "${full_name}")
163 # Remove the last item if there are more than one
164 list(LENGTH ext_parts ext_parts_len)
165 if (${ext_parts_len} GREATER "1")
166 math(EXPR ext_parts_last_item "${ext_parts_len} - 1")
167 list(REMOVE_AT ext_parts ${ext_parts_last_item})
168 endif()
169 # Convert back to a string by replacing separators with '.'
170 string(REPLACE ";" "." no_ext_name "${ext_parts}")
171 # Copy into the desired variable
172 set(${dest_var} ${no_ext_name} PARENT_SCOPE)
173endfunction(get_name_without_last_ext)
174
175include(CheckCCompilerFlag)
176
177set(CMAKE_C_EXTENSIONS OFF)
178set(CMAKE_C_STANDARD 99)
179
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]180function(set_base_compile_options target)
181 if(CMAKE_COMPILER_IS_GNU)
182 set_gnu_base_compile_options(${target})
Ronald Crond9e11092024-10-09 10:01:46 +0200[diff] [blame]183 elseif(CMAKE_COMPILER_IS_CLANG)
184 set_clang_base_compile_options(${target})
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]185 elseif(CMAKE_COMPILER_IS_IAR)
186 set_iar_base_compile_options(${target})
187 elseif(CMAKE_COMPILER_IS_MSVC)
188 set_msvc_base_compile_options(${target})
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]189 endif()
190endfunction(set_base_compile_options)
191
192function(set_gnu_base_compile_options target)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]193 # some warnings we want are not available with old GCC versions
194 # note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
195 execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
196 OUTPUT_VARIABLE GCC_VERSION)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]197 target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]198 if (GCC_VERSION VERSION_GREATER 3.0 OR GCC_VERSION VERSION_EQUAL 3.0)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]199 target_compile_options(${target} PRIVATE -Wformat=2 -Wno-format-nonliteral)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]200 endif()
201 if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]202 target_compile_options(${target} PRIVATE -Wvla)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]203 endif()
204 if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]205 target_compile_options(${target} PRIVATE -Wlogical-op)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]206 endif()
207 if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]208 target_compile_options(${target} PRIVATE -Wshadow)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]209 endif()
210 if (GCC_VERSION VERSION_GREATER 5.0)
211 CHECK_C_COMPILER_FLAG("-Wformat-signedness" C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
212 if(C_COMPILER_SUPPORTS_WFORMAT_SIGNEDNESS)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]213 target_compile_options(${target} PRIVATE -Wformat-signedness)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]214 endif()
215 endif()
216 if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]217 target_compile_options(${target} PRIVATE -Wformat-overflow=2 -Wformat-truncation)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]218 endif()
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]219 target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
220 target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
221 target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
Ronald Cron4ae24f42024-10-08 17:53:13 +0200[diff] [blame]222 set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]223 # Old GCC versions hit a performance problem with test_suite_pkwrite
224 # "Private keey write check EC" tests when building with Asan+UBSan
225 # and -O3: those tests take more than 100x time than normal, with
226 # test_suite_pkwrite taking >3h on the CI. Observed with GCC 5.4 on
227 # Ubuntu 16.04 x86_64 and GCC 6.5 on Ubuntu 18.04 x86_64.
228 # GCC 7.5 and above on Ubuntu 18.04 appear fine.
229 # To avoid the performance problem, we use -O2 when GCC version is lower than 7.0.
230 # It doesn't slow down much even with modern compiler versions.
231 target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all>)
232 if (GCC_VERSION VERSION_LESS 7.0)
233 target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O2>)
234 else()
235 target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-O3>)
236 endif()
Ronald Cron4ae24f42024-10-08 17:53:13 +0200[diff] [blame]237 set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]238 target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
Ronald Cron4ae24f42024-10-08 17:53:13 +0200[diff] [blame]239 set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]240 target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
Ronald Cron4ae24f42024-10-08 17:53:13 +0200[diff] [blame]241 set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]242 target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
Ronald Cron4ae24f42024-10-08 17:53:13 +0200[diff] [blame]243 set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]244 target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
245 target_compile_options(${target} PRIVATE $<$<CONFIG:CheckFull>:-Os -Wcast-qual>)
Ronald Crond77fad22024-10-08 09:24:31 +0200[diff] [blame]246
247 if(TF_PSA_CRYPTO_FATAL_WARNINGS)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]248 target_compile_options(${target} PRIVATE -Werror)
Ronald Crond77fad22024-10-08 09:24:31 +0200[diff] [blame]249 endif(TF_PSA_CRYPTO_FATAL_WARNINGS)
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]250endfunction(set_gnu_base_compile_options)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]251
Ronald Crond9e11092024-10-09 10:01:46 +0200[diff] [blame]252function(set_clang_base_compile_options target)
253 target_compile_options(${target} PRIVATE -Wall -Wextra -Wwrite-strings -Wmissing-prototypes -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral)
254 target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-O2>)
255 target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:-O0 -g3>)
256 target_compile_options(${target} PRIVATE $<$<CONFIG:Coverage>:-O0 -g3 --coverage>)
257 set_target_properties(${target} PROPERTIES LINK_FLAGS_COVERAGE "--coverage")
258 target_compile_options(${target} PRIVATE $<$<CONFIG:ASan>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3>)
259 set_target_properties(${target} PROPERTIES LINK_FLAGS_ASAN "-fsanitize=address -fsanitize=undefined")
260 target_compile_options(${target} PRIVATE $<$<CONFIG:ASanDbg>:-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
261 set_target_properties(${target} PROPERTIES LINK_FLAGS_ASANDBG "-fsanitize=address -fsanitize=undefined")
262 target_compile_options(${target} PRIVATE $<$<CONFIG:MemSan>:-fsanitize=memory>)
263 set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSAN "-fsanitize=memory")
264 target_compile_options(${target} PRIVATE $<$<CONFIG:MemSanDbg>:-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2>)
265 set_target_properties(${target} PROPERTIES LINK_FLAGS_MEMSANDBG "-fsanitize=memory")
266 target_compile_options(${target} PRIVATE $<$<CONFIG:TSan>:-fsanitize=thread -O3>)
267 set_target_properties(${target} PROPERTIES LINK_FLAGS_TSAN "-fsanitize=thread")
268 target_compile_options(${target} PRIVATE $<$<CONFIG:TSanDbg>:-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls>)
269 set_target_properties(${target} PROPERTIES LINK_FLAGS_TSANDBG "-fsanitize=thread")
270 target_compile_options(${target} PRIVATE $<$<CONFIG:Check>:-Os>)
Ronald Crond77fad22024-10-08 09:24:31 +0200[diff] [blame]271
Ronald Crond9e11092024-10-09 10:01:46 +0200[diff] [blame]272 if(MBEDTLS_FATAL_WARNINGS)
273 target_compile_options(${target} PRIVATE -Werror)
274 endif(MBEDTLS_FATAL_WARNINGS)
275endfunction(set_clang_base_compile_options)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]276
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]277function(set_iar_base_compile_options target)
278 target_compile_options(${target} PRIVATE --warn_about_c_style_casts)
279 target_compile_options(${target} PRIVATE $<$<CONFIG:Release>:-Ohz>)
280 target_compile_options(${target} PRIVATE $<$<CONFIG:Debug>:--debug -On>)
Ronald Crond77fad22024-10-08 09:24:31 +0200[diff] [blame]281
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]282 if(MBEDTLS_FATAL_WARNINGS)
283 target_compile_options(${target} PRIVATE --warnings_are_errors)
284 endif(MBEDTLS_FATAL_WARNINGS)
285endfunction(set_iar_base_compile_options)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]286
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]287function(set_msvc_base_compile_options target)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]288 # Strictest warnings, UTF-8 source and execution charset
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]289 target_compile_options(${target} PRIVATE /W3 /utf-8)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]290
Ronald Cron6f9d5082024-10-09 14:54:43 +0200[diff] [blame]291 if(MBEDTLS_FATAL_WARNINGS)
292 target_compile_options(${target} PRIVATE /WX)
293 endif(MBEDTLS_FATAL_WARNINGS)
294endfunction(set_msvc_base_compile_options)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]295
296if(CMAKE_BUILD_TYPE STREQUAL "Check" AND TEST_CPP)
297 set(CMAKE_CXX_STANDARD 11)
298 set(CMAKE_CXX_STANDARD_REQUIRED ON)
299 set(CMAKE_CXX_EXTENSIONS OFF)
300 if(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU)
301 set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pedantic")
302 endif()
303endif()
304
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]305if (NOT EXISTS "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt")
306 message(FATAL_ERROR "${MBEDTLS_FRAMEWORK_DIR}/CMakeLists.txt not found. Run `git submodule update --init` from the source tree to fetch the submodule contents.")
307endif()
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]308
309add_subdirectory(include)
Ronald Cron31829a82024-07-29 19:06:40 +0200[diff] [blame]310add_subdirectory(core)
311add_subdirectory(drivers)
Ronald Cronf85882d2024-10-11 19:56:38 +0200[diff] [blame]312add_subdirectory(pkgconfig)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]313
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]314#
315# The C files in tests/src directory contain test code shared among test suites
316# and programs. This shared test code is compiled and linked to test suites and
317# programs objects as a set of compiled objects. The compiled objects are NOT
318# built into a library that the test suite and program objects would link
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]319# against as they link against the tfpsacrypto library. The reason is that such
Ronald Cron97d05e52024-07-20 15:02:50 +0200[diff] [blame]320# library is expected to have mutual dependencies with the aforementioned
321# library and that there is as of today no portable way of handling such
322# dependencies (only toolchain specific solutions).
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]323#
324# Thus the below definition of the `mbedtls_test` CMake library of objects
325# target. This library of objects is used by tests and programs CMake files
326# to define the test executables.
327#
328if(ENABLE_TESTING OR ENABLE_PROGRAMS)
329 file(GLOB MBEDTLS_TEST_FILES
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]330 ${MBEDTLS_DIR}/tests/src/*.c
331 ${MBEDTLS_DIR}/tests/src/drivers/*.c)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]332 add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
Ronald Cronb2478982024-10-07 16:17:07 +0200[diff] [blame]333 set_base_compile_options(mbedtls_test)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]334 if(GEN_FILES)
335 add_custom_command(
336 OUTPUT
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]337 ${MBEDTLS_DIR}/tests/src/test_keys.h
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]338 WORKING_DIRECTORY
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]339 ${MBEDTLS_DIR}/tests
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]340 COMMAND
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]341 "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]342 "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py"
343 "--output"
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]344 "${MBEDTLS_DIR}/tests/src/test_keys.h"
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]345 DEPENDS
346 ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_keys.py
347 )
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]348 add_custom_target(test_keys_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_keys.h)
Ronald Cron97d05e52024-07-20 15:02:50 +0200[diff] [blame]349
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]350 add_custom_command(
351 OUTPUT
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]352 ${MBEDTLS_DIR}/tests/src/test_certs.h
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]353 WORKING_DIRECTORY
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]354 ${MBEDTLS_DIR}/tests
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]355 COMMAND
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]356 "${TF_PSA_CRYPTO_PYTHON_EXECUTABLE}"
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]357 "${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py"
358 "--output"
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]359 "${MBEDTLS_DIR}/tests/src/test_certs.h"
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]360 DEPENDS
361 ${MBEDTLS_FRAMEWORK_DIR}/scripts/generate_test_cert_macros.py
362 )
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]363 add_custom_target(test_certs_header DEPENDS ${MBEDTLS_DIR}/tests/src/test_certs.h)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]364 add_dependencies(mbedtls_test test_keys_header test_certs_header)
365 endif()
366 target_include_directories(mbedtls_test
Ronald Crone9e7b762024-07-20 15:28:39 +0200[diff] [blame]367 PRIVATE ${MBEDTLS_DIR}/tests/include
368 PRIVATE ${MBEDTLS_DIR}/include
369 PRIVATE include
370 PRIVATE drivers/builtin/include
371 PRIVATE core
372 PRIVATE drivers/builtin/src)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]373 # Request C11, needed for memory poisoning tests
374 set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11)
375
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]376 # Pass-through TF_PSA_CRYPTO_CONFIG_FILE and TF_PSA_CRYPTO_USER_CONFIG_FILE
377 if(TF_PSA_CRYPTO_CONFIG_FILE)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]378 target_compile_definitions(mbedtls_test
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]379 PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]380 endif()
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]381 if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]382 target_compile_definitions(mbedtls_test
Ronald Cron9c847262024-07-20 14:56:49 +0200[diff] [blame]383 PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]384 endif()
385endif()
386
387if(ENABLE_PROGRAMS)
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]388 add_subdirectory(programs)
389endif()
390
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]391if(ENABLE_TESTING)
392 enable_testing()
393
394 add_subdirectory(tests)
395
396 # additional convenience targets for Unix only
397 if(UNIX)
Ronald Crond916cc92024-10-17 18:33:59 +0200[diff] [blame]398 # For coverage testing:
399 # 1. Build with:
400 # cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make
401 # 2. Run the relevant tests for the part of the code you're interested in.
402 # For the reference coverage measurement, see
403 # tests/scripts/basic-build-test.sh
404 # 3. Run scripts/lcov.sh to generate an HTML report.
405 ADD_CUSTOM_TARGET(lcov
406 COMMAND ${MBEDTLS_DIR}/scripts/lcov.sh
407 )
408
Ronald Cron701faac2024-07-20 14:43:53 +0200[diff] [blame]409 ADD_CUSTOM_TARGET(memcheck
410 COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
411 COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
412 COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
413 COMMAND rm -f memcheck.log
414 COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
415 )
416 endif(UNIX)
417
418 # Make scripts needed for testing available in an out-of-source build.
419 if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
420 link_to_source(scripts)
421 # Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
422 # keep things simple with the sed commands in the memcheck target.
423 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
424 ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
425 endif()
426endif()
Ronald Cronf85882d2024-10-11 19:56:38 +0200[diff] [blame]427
428if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
429 configure_package_config_file(
430 "cmake/TF-PSA-CryptoConfig.cmake.in"
431 "cmake/TF-PSA-CryptoConfig.cmake"
432 INSTALL_DESTINATION "cmake")
433
434 write_basic_package_version_file(
435 "cmake/TF-PSA-CryptoConfigVersion.cmake"
436 COMPATIBILITY SameMajorVersion
437 VERSION 0.1.0)
438
439 install(
440 FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfig.cmake"
441 "${CMAKE_CURRENT_BINARY_DIR}/cmake/TF-PSA-CryptoConfigVersion.cmake"
442 DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto")
443
444 export(
445 EXPORT MbedTLSTargets
446 NAMESPACE TF-PSA-Crypto::
447 FILE "cmake/TF-PSA-CryptoTargets.cmake")
448
449 install(
450 EXPORT MbedTLSTargets
451 NAMESPACE TF-PSA-Crypto::
452 DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/TF-PSA-Crypto"
453 FILE "TF-PSA-CryptoTargets.cmake")
454
455 if(CMAKE_VERSION VERSION_GREATER 3.15 OR CMAKE_VERSION VERSION_EQUAL 3.15)
456 # Do not export the package by default
457 cmake_policy(SET CMP0090 NEW)
458
459 # Make this package visible to the system
460 export(PACKAGE TF-PSA-Crypto)
461 endif()
462endif()