crypto-client: simplify build of mbedtls static libraries
Instead of copying the entire library & include folders twice
to build libraries for client and server:
- change the main config file (mbedtls_config.h)
- build in the root library folder
- move the generated library in the psasim folder
- use those library for linking the client/server binaries
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/tests/Makefile b/tests/Makefile
index ebe3d4a..a07dd97 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -247,17 +247,3 @@
echo " Gen $@"
sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
endif
-
-libpsaclient libpsaserver:
- # Clone the library and include folder for client and server builds.
- rm -Rf ./$@
- mkdir ./$@
- cp -Rf ../library ./$@
- cp -Rf ../include ./$@
- cp -Rf ../scripts ./$@
- mkdir ./$@/3rdparty
- touch ./$@/3rdparty/Makefile.inc
- cp ./psa-client-server/psasim/include/crypto_spe.h ./$@/include/psa/
-
- # Build the libraries.
- $(MAKE) -C ./$@/library CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a libmbedx509.a libmbedtls.a
diff --git a/tests/psa-client-server/psasim/Makefile b/tests/psa-client-server/psasim/Makefile
index 45b3196..29afca1 100644
--- a/tests/psa-client-server/psasim/Makefile
+++ b/tests/psa-client-server/psasim/Makefile
@@ -4,16 +4,11 @@
CFLAGS += -DDEBUG
endif
-LIBPSACLIENT_PATH := ../../libpsaclient
-LIBPSASERVER_PATH := ../../libpsaserver
+LIBPSACLIENT := -Llibpsaclient/ -lmbedcrypto -lmbedx509 -lmbedtls
+LIBPSASERVER := -Llibpsaserver/ -lmbedcrypto
-LIBPSACLIENT := -L$(LIBPSACLIENT_PATH)/library -lmbedcrypto -lmbedx509 -lmbedtls
-LIBPSASERVER := -L$(LIBPSASERVER_PATH)/library -lmbedcrypto
-
-LIBPSACLIENT_H := -I$(LIBPSACLIENT_PATH)/include
-LIBPSASERVER_H := -I$(LIBPSASERVER_PATH)/include
-
-COMMON_INCLUDE := -I./include
+MBEDTLS_ROOT_PATH = ../../..
+COMMON_INCLUDE := -I./include -I$(MBEDTLS_ROOT_PATH)/include
TEST_BIN = test/psa_client \
test/psa_partition
@@ -30,22 +25,34 @@
PSA_SERVER_SRC = $(PARTITION_SERVER_BOOTSTRAP) \
src/psa_ff_server.c
-.PHONY: all clean
+.PHONY: all clean libpsaclient libpsaserver
all: $(TEST_BIN)
test/psa_client: $(PSA_CLIENT_SRC) $(GENERATED_H_FILES)
- $(CC) $(COMMON_INCLUDE) $(LIBPSACLIENT_H) $(CFLAGS) $(PSA_CLIENT_SRC) $(LIBPSACLIENT) $(LDFLAGS) -o $@
+ $(CC) $(COMMON_INCLUDE) $(CFLAGS) $(PSA_CLIENT_SRC) $(LIBPSACLIENT) $(LDFLAGS) -o $@
test/psa_partition: $(PSA_SERVER_SRC) $(GENERATED_H_FILES)
- $(CC) $(COMMON_INCLUDE) $(LIBPSASERVER_H) $(CFLAGS) $(PSA_SERVER_SRC) $(LIBPSASERVER) $(LDFLAGS) -o $@
+ $(CC) $(COMMON_INCLUDE) $(CFLAGS) $(PSA_SERVER_SRC) $(LIBPSASERVER) $(LDFLAGS) -o $@
$(PARTITION_SERVER_BOOTSTRAP) $(GENERATED_H_FILES): src/manifest.json src/server.c
tools/psa_autogen.py src/manifest.json
+# Build MbedTLS libraries (crypto, x509 and tls) and copy them locally to
+# build client/server applications.
+#
+# Note: these rules assume that mbedtls_config.h is already configured by all.sh.
+# If not using all.sh then the user must do it manually.
+libpsaclient libpsaserver:
+ $(MAKE) -C $(MBEDTLS_ROOT_PATH)/library CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a libmbedx509.a libmbedtls.a
+ mkdir -p $@
+ cp $(MBEDTLS_ROOT_PATH)/library/libmbed*.a $@/
+ $(MAKE) -C $(MBEDTLS_ROOT_PATH) clean
+
clean:
rm -f $(TEST_BIN)
rm -f $(PARTITION_SERVER_BOOTSTRAP)
+ rm -rf libpsaclient libpsaserver
rm -rf include/psa_manifest
rm -f test/psa_service_* test/psa_notify_*
diff --git a/tests/psa-client-server/psasim/include/crypto_spe.h b/tests/psa-client-server/psasim/include/crypto_spe.h
deleted file mode 100644
index fdf3a2d..0000000
--- a/tests/psa-client-server/psasim/include/crypto_spe.h
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- *
- */
-
-/**
- * \file crypto_spe.h
- *
- * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option
- * enabled, this header is included by all .c files in Mbed TLS that
- * use PSA Crypto function names. This avoids duplication of symbols
- * between TF-M and Mbed TLS.
- *
- * \note This file should be included before including any PSA Crypto headers
- * from Mbed TLS.
- */
-
-#ifndef CRYPTO_SPE_H
-#define CRYPTO_SPE_H
-
-#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
-
-#define psa_crypto_init \
- PSA_FUNCTION_NAME(psa_crypto_init)
-#define psa_key_derivation_get_capacity \
- PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
-#define psa_key_derivation_set_capacity \
- PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
-#define psa_key_derivation_input_bytes \
- PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
-#define psa_key_derivation_output_bytes \
- PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
-#define psa_key_derivation_input_key \
- PSA_FUNCTION_NAME(psa_key_derivation_input_key)
-#define psa_key_derivation_output_key \
- PSA_FUNCTION_NAME(psa_key_derivation_output_key)
-#define psa_key_derivation_setup \
- PSA_FUNCTION_NAME(psa_key_derivation_setup)
-#define psa_key_derivation_abort \
- PSA_FUNCTION_NAME(psa_key_derivation_abort)
-#define psa_key_derivation_key_agreement \
- PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
-#define psa_raw_key_agreement \
- PSA_FUNCTION_NAME(psa_raw_key_agreement)
-#define psa_generate_random \
- PSA_FUNCTION_NAME(psa_generate_random)
-#define psa_aead_encrypt \
- PSA_FUNCTION_NAME(psa_aead_encrypt)
-#define psa_aead_decrypt \
- PSA_FUNCTION_NAME(psa_aead_decrypt)
-#define psa_open_key \
- PSA_FUNCTION_NAME(psa_open_key)
-#define psa_close_key \
- PSA_FUNCTION_NAME(psa_close_key)
-#define psa_import_key \
- PSA_FUNCTION_NAME(psa_import_key)
-#define psa_destroy_key \
- PSA_FUNCTION_NAME(psa_destroy_key)
-#define psa_get_key_attributes \
- PSA_FUNCTION_NAME(psa_get_key_attributes)
-#define psa_reset_key_attributes \
- PSA_FUNCTION_NAME(psa_reset_key_attributes)
-#define psa_export_key \
- PSA_FUNCTION_NAME(psa_export_key)
-#define psa_export_public_key \
- PSA_FUNCTION_NAME(psa_export_public_key)
-#define psa_purge_key \
- PSA_FUNCTION_NAME(psa_purge_key)
-#define psa_copy_key \
- PSA_FUNCTION_NAME(psa_copy_key)
-#define psa_cipher_operation_init \
- PSA_FUNCTION_NAME(psa_cipher_operation_init)
-#define psa_cipher_generate_iv \
- PSA_FUNCTION_NAME(psa_cipher_generate_iv)
-#define psa_cipher_set_iv \
- PSA_FUNCTION_NAME(psa_cipher_set_iv)
-#define psa_cipher_encrypt_setup \
- PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
-#define psa_cipher_decrypt_setup \
- PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
-#define psa_cipher_update \
- PSA_FUNCTION_NAME(psa_cipher_update)
-#define psa_cipher_finish \
- PSA_FUNCTION_NAME(psa_cipher_finish)
-#define psa_cipher_abort \
- PSA_FUNCTION_NAME(psa_cipher_abort)
-#define psa_hash_operation_init \
- PSA_FUNCTION_NAME(psa_hash_operation_init)
-#define psa_hash_setup \
- PSA_FUNCTION_NAME(psa_hash_setup)
-#define psa_hash_update \
- PSA_FUNCTION_NAME(psa_hash_update)
-#define psa_hash_finish \
- PSA_FUNCTION_NAME(psa_hash_finish)
-#define psa_hash_verify \
- PSA_FUNCTION_NAME(psa_hash_verify)
-#define psa_hash_abort \
- PSA_FUNCTION_NAME(psa_hash_abort)
-#define psa_hash_clone \
- PSA_FUNCTION_NAME(psa_hash_clone)
-#define psa_hash_compute \
- PSA_FUNCTION_NAME(psa_hash_compute)
-#define psa_hash_compare \
- PSA_FUNCTION_NAME(psa_hash_compare)
-#define psa_mac_operation_init \
- PSA_FUNCTION_NAME(psa_mac_operation_init)
-#define psa_mac_sign_setup \
- PSA_FUNCTION_NAME(psa_mac_sign_setup)
-#define psa_mac_verify_setup \
- PSA_FUNCTION_NAME(psa_mac_verify_setup)
-#define psa_mac_update \
- PSA_FUNCTION_NAME(psa_mac_update)
-#define psa_mac_sign_finish \
- PSA_FUNCTION_NAME(psa_mac_sign_finish)
-#define psa_mac_verify_finish \
- PSA_FUNCTION_NAME(psa_mac_verify_finish)
-#define psa_mac_abort \
- PSA_FUNCTION_NAME(psa_mac_abort)
-#define psa_sign_hash \
- PSA_FUNCTION_NAME(psa_sign_hash)
-#define psa_verify_hash \
- PSA_FUNCTION_NAME(psa_verify_hash)
-#define psa_asymmetric_encrypt \
- PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
-#define psa_asymmetric_decrypt \
- PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
-#define psa_generate_key \
- PSA_FUNCTION_NAME(psa_generate_key)
-
-#endif /* CRYPTO_SPE_H */
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 573f769..eee0042 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -969,7 +969,7 @@
scripts/config.py crypto_full
scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
+ # scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
# Disable NV_SEED as the MBEDTLS_PLATFORM_STD_NV_SEED_FILE is not in
# right path for mbedtls_platform_std_nv_seed_read(). Just rely on
# mbedtls_platform_entropy_poll() as entropy source().
@@ -977,7 +977,7 @@
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
fi
- make -C tests CC="$ASAN_CC" CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $TARGET_LIB
+ make -C tests/psa-client-server/psasim/ CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $TARGET_LIB
rm $CONFIG_H
mv $CONFIG_H.bak $CONFIG_H