Add CMake package config file

This change enables automatic detection and consumption of Mbed TLS
library targets from within other CMake projects. By generating an
`MbedTLSConfig.cmake` file, consuming projects receive a more complete
view of these targets, allowing them to be used as dependencies which
properly inherit the transitive dependencies of the libraries.

This is fairly fragile, as it seems Mbed TLS's libraries do not appear
to properly model their dependencies on other targets, including
third-party dependencies. It is, however, sufficient for building and
linking the compiled Mbed TLS libraries when there are no third-party
dependencies involved. Further work is needed for more complex
use-cases, but this will likely meet the needs of most projects.

Resolves #298. Probably useful for #2857.

Signed-off-by: Chris Kay <chris.kay@arm.com>
This commit is contained in:
Chris Kay 2021-03-25 16:03:25 +00:00
parent 0c1a42a147
commit d259e347e6
14 changed files with 324 additions and 41 deletions

View file

@ -1,17 +1,5 @@
list (APPEND thirdparty_src)
list (APPEND thirdparty_lib)
list (APPEND thirdparty_inc_public)
list (APPEND thirdparty_inc)
list (APPEND thirdparty_def)
execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
if(${result} EQUAL 0) if(${result} EQUAL 0)
add_subdirectory(everest) add_subdirectory(everest)
endif() endif()
set(thirdparty_src ${thirdparty_src} PARENT_SCOPE)
set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE)
set(thirdparty_inc_public ${thirdparty_inc_public} PARENT_SCOPE)
set(thirdparty_inc ${thirdparty_inc} PARENT_SCOPE)
set(thirdparty_def ${thirdparty_def} PARENT_SCOPE)

View file

@ -1,16 +1,15 @@
list (APPEND everest_src) add_library(everest
list (APPEND everest_inc_public) library/everest.c
list (APPEND everest_inc) library/x25519.c
list (APPEND everest_def) library/Hacl_Curve25519_joined.c)
set(everest_src target_include_directories(everest
${CMAKE_CURRENT_SOURCE_DIR}/library/everest.c PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
${CMAKE_CURRENT_SOURCE_DIR}/library/x25519.c $<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c $<INSTALL_INTERFACE:include>
) PRIVATE include/everest
include/everest/kremlib
list(APPEND everest_inc_public ${CMAKE_CURRENT_SOURCE_DIR}/include) ${MBEDTLS_DIR}/library/)
list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
if(INSTALL_MBEDTLS_HEADERS) if(INSTALL_MBEDTLS_HEADERS)
@ -22,7 +21,7 @@ if(INSTALL_MBEDTLS_HEADERS)
endif(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS)
set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE) install(TARGETS everest
set(thirdparty_inc_public ${thirdparty_inc_public} ${everest_inc_public} PARENT_SCOPE) EXPORT MbedTLSTargets
set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE) DESTINATION ${LIB_INSTALL_DIR}
set(thirdparty_def ${thirdparty_def} ${everest_def} PARENT_SCOPE) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

View file

@ -18,6 +18,8 @@
cmake_minimum_required(VERSION 2.8.12) cmake_minimum_required(VERSION 2.8.12)
include(CMakePackageConfigHelpers)
# https://cmake.org/cmake/help/latest/policy/CMP0011.html # https://cmake.org/cmake/help/latest/policy/CMP0011.html
# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD # Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
# policy setting is deprecated, and will be removed in future versions. # policy setting is deprecated, and will be removed in future versions.
@ -221,7 +223,6 @@ endif()
add_subdirectory(include) add_subdirectory(include)
add_subdirectory(3rdparty) add_subdirectory(3rdparty)
list(APPEND libs ${thirdparty_lib})
add_subdirectory(library) add_subdirectory(library)
@ -300,3 +301,37 @@ if(ENABLE_TESTING)
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY) ${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
endif() endif()
endif() endif()
configure_package_config_file(
"cmake/MbedTLSConfig.cmake.in"
"cmake/MbedTLSConfig.cmake"
INSTALL_DESTINATION "cmake")
write_basic_package_version_file(
"cmake/MbedTLSConfigVersion.cmake"
COMPATIBILITY SameMajorVersion
VERSION 2.26.0)
install(
FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake"
"${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfigVersion.cmake"
DESTINATION "cmake")
export(
EXPORT MbedTLSTargets
NAMESPACE MbedTLS::
FILE "cmake/MbedTLSTargets.cmake")
install(
EXPORT MbedTLSTargets
NAMESPACE MbedTLS::
DESTINATION "cmake"
FILE "MbedTLSTargets.cmake")
if(CMAKE_VERSION VERSION_GREATER 3.14)
# Do not export the package by default
cmake_policy(SET CMP0090 NEW)
# Make this package visible to the system
export(PACKAGE MbedTLS)
endif()

View file

@ -0,0 +1,2 @@
Changes
* Add CMake package config generation for CMake projects consuming Mbed TLS.

View file

@ -181,6 +181,33 @@ Regarding variables, also note that if you set CFLAGS when invoking cmake,
your value of CFLAGS doesn't override the content provided by cmake (depending your value of CFLAGS doesn't override the content provided by cmake (depending
on the build mode as seen above), it's merely prepended to it. on the build mode as seen above), it's merely prepended to it.
#### Consuming Mbed TLS
Mbed TLS provides a package config file for consumption as a dependency in other
CMake projects. You can include Mbed TLS's CMake targets yourself with:
find_package(MbedTLS)
If prompted, set `MbedTLS_DIR` to `${YOUR_MBEDTLS_INSTALL_DIR}/cmake`. This
creates the following targets:
- `MbedTLS::mbedcrypto` (Crypto library)
- `MbedTLS::mbedtls` (TLS library)
- `MbedTLS::mbedx509` (X509 library)
You can then use these directly through `target_link_libraries()`:
add_executable(xyz)
target_link_libraries(xyz
PUBLIC MbedTLS::mbedtls
MbedTLS::mbedcrypto
MbedTLS::mbedx509)
This will link the Mbed TLS libraries to your library or application, and add
its include directories to your target (transitively, in the case of `PUBLIC` or
`INTERFACE` link libraries).
#### Mbed TLS as a subproject #### Mbed TLS as a subproject
Mbed TLS supports being built as a CMake subproject. One can Mbed TLS supports being built as a CMake subproject. One can

View file

@ -0,0 +1,3 @@
@PACKAGE_INIT@
include("${CMAKE_CURRENT_LIST_DIR}/MbedTLSTargets.cmake")

View file

@ -87,8 +87,6 @@ set(src_crypto
xtea.c xtea.c
) )
list(APPEND src_crypto ${thirdparty_src})
set(src_x509 set(src_x509
x509.c x509.c
x509_create.c x509_create.c
@ -180,6 +178,10 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
if(TARGET everest)
target_link_libraries(${mbedcrypto_static_target} PUBLIC everest)
endif()
add_library(${mbedx509_static_target} STATIC ${src_x509}) add_library(${mbedx509_static_target} STATIC ${src_x509})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
@ -194,6 +196,10 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.26.0 SOVERSION 6) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.26.0 SOVERSION 6)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
if(TARGET everest)
target_link_libraries(${mbedcrypto_target} PUBLIC everest)
endif()
add_library(${mbedx509_target} SHARED ${src_x509}) add_library(${mbedx509_target} SHARED ${src_x509})
set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.26.0 SOVERSION 1) set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.26.0 SOVERSION 1)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
@ -210,13 +216,12 @@ foreach(target IN LISTS target_libraries)
# /library needs to be listed explicitly when building .c files outside # /library needs to be listed explicitly when building .c files outside
# of /library (which currently means: under /3rdparty). # of /library (which currently means: under /3rdparty).
target_include_directories(${target} target_include_directories(${target}
PUBLIC ${MBEDTLS_DIR}/include/ PUBLIC $<BUILD_INTERFACE:${MBEDTLS_DIR}/include/>
PUBLIC ${thirdparty_inc_public} $<INSTALL_INTERFACE:include/>
PRIVATE ${MBEDTLS_DIR}/library/ PRIVATE ${MBEDTLS_DIR}/library/)
PRIVATE ${thirdparty_inc}) install(
target_compile_definitions(${target} TARGETS ${target}
PRIVATE ${thirdparty_def}) EXPORT MbedTLSTargets
install(TARGETS ${target}
DESTINATION ${LIB_INSTALL_DIR} DESTINATION ${LIB_INSTALL_DIR}
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
endforeach(target) endforeach(target)

View file

@ -0,0 +1,3 @@
build
Makefile
cmake_package

View file

@ -0,0 +1,36 @@
cmake_minimum_required(VERSION 2.8.12)
#
# Simulate configuring and building Mbed TLS as the user might do it. We'll
# skip installing it, and use the build directory directly instead.
#
set(MbedTLS_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..")
set(MbedTLS_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls")
execute_process(
COMMAND "${CMAKE_COMMAND}"
"-H${MbedTLS_SOURCE_DIR}"
"-B${MbedTLS_BINARY_DIR}"
"-DENABLE_PROGRAMS=NO"
"-DENABLE_TESTING=NO")
execute_process(
COMMAND "${CMAKE_COMMAND}"
--build "${MbedTLS_BINARY_DIR}")
#
# Locate the package.
#
set(MbedTLS_DIR "${MbedTLS_BINARY_DIR}/cmake")
find_package(MbedTLS REQUIRED)
#
# At this point, the Mbed TLS targets should have been imported, and we can now
# link to them from our own program.
#
add_executable(cmake_package cmake_package.c)
target_link_libraries(cmake_package
MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509)

View file

@ -0,0 +1,53 @@
/*
* Simple program to test that Mbed TLS builds correctly as a CMake package.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf fprintf
#define mbedtls_printf printf
#define mbedtls_exit exit
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
#include "mbedtls/version.h"
/* The main reason to build this is for testing the CMake build, so the program
* doesn't need to do very much. It calls a single library function to ensure
* linkage works, but that is all. */
int main()
{
/* This version string is 18 bytes long, as advised by version.h. */
char version[18];
mbedtls_version_get_string_full( version );
mbedtls_printf( "Built against %s\n", version );
return( 0 );
}

View file

@ -0,0 +1,3 @@
build
Makefile
cmake_package_install

View file

@ -0,0 +1,39 @@
cmake_minimum_required(VERSION 2.8.12)
#
# Simulate configuring and building Mbed TLS as the user might do it. We'll
# install into a directory inside our own build directory.
#
set(MbedTLS_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..")
set(MbedTLS_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbedtls")
set(MbedTLS_BINARY_DIR "${MbedTLS_INSTALL_DIR}${CMAKE_FILES_DIRECTORY}")
execute_process(
COMMAND "${CMAKE_COMMAND}"
"-H${MbedTLS_SOURCE_DIR}"
"-B${MbedTLS_BINARY_DIR}"
"-DENABLE_PROGRAMS=NO"
"-DENABLE_TESTING=NO"
"-DCMAKE_INSTALL_PREFIX=${MbedTLS_INSTALL_DIR}")
execute_process(
COMMAND "${CMAKE_COMMAND}"
--build "${MbedTLS_BINARY_DIR}"
--target install)
#
# Locate the package.
#
set(MbedTLS_DIR "${MbedTLS_INSTALL_DIR}/cmake")
find_package(MbedTLS REQUIRED)
#
# At this point, the Mbed TLS targets should have been imported, and we can now
# link to them from our own program.
#
add_executable(cmake_package_install cmake_package_install.c)
target_link_libraries(cmake_package_install
MbedTLS::mbedcrypto MbedTLS::mbedtls MbedTLS::mbedx509)

View file

@ -0,0 +1,54 @@
/*
* Simple program to test that Mbed TLS builds correctly as an installable CMake
* package.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf fprintf
#define mbedtls_printf printf
#define mbedtls_exit exit
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
#include "mbedtls/version.h"
/* The main reason to build this is for testing the CMake build, so the program
* doesn't need to do very much. It calls a single library function to ensure
* linkage works, but that is all. */
int main()
{
/* This version string is 18 bytes long, as advised by version.h. */
char version[18];
mbedtls_version_get_string_full( version );
mbedtls_printf( "Built against %s\n", version );
return( 0 );
}

View file

@ -273,7 +273,7 @@ cleanup()
-iname CMakeFiles -exec rm -rf {} \+ -o \ -iname CMakeFiles -exec rm -rf {} \+ -o \
\( -iname cmake_install.cmake -o \ \( -iname cmake_install.cmake -o \
-iname CTestTestfile.cmake -o \ -iname CTestTestfile.cmake -o \
-iname CMakeCache.txt \) -exec rm {} \+ -iname CMakeCache.txt \) -exec rm -f {} \+
# Recover files overwritten by in-tree CMake builds # Recover files overwritten by in-tree CMake builds
rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile
git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile
@ -284,6 +284,16 @@ cleanup()
rm -f programs/test/cmake_subproject/Makefile rm -f programs/test/cmake_subproject/Makefile
rm -f programs/test/cmake_subproject/cmake_subproject rm -f programs/test/cmake_subproject/cmake_subproject
# Remove any artifacts from the component_test_cmake_as_package test.
rm -rf programs/test/cmake_package/build
rm -f programs/test/cmake_package/Makefile
rm -f programs/test/cmake_package/cmake_package
# Remove any artifacts from the component_test_cmake_as_installed_package test.
rm -rf programs/test/cmake_package_install/build
rm -f programs/test/cmake_package_install/Makefile
rm -f programs/test/cmake_package_install/cmake_package_install
if [ -f "$CONFIG_BAK" ]; then if [ -f "$CONFIG_BAK" ]; then
mv "$CONFIG_BAK" "$CONFIG_H" mv "$CONFIG_BAK" "$CONFIG_H"
fi fi
@ -2609,6 +2619,32 @@ component_test_cmake_as_subdirectory () {
unset MBEDTLS_ROOT_DIR unset MBEDTLS_ROOT_DIR
} }
component_test_cmake_as_package () {
msg "build: cmake 'as-package' build"
MBEDTLS_ROOT_DIR="$PWD"
cd programs/test/cmake_package
cmake .
make
if_build_succeeded ./cmake_package
cd "$MBEDTLS_ROOT_DIR"
unset MBEDTLS_ROOT_DIR
}
component_test_cmake_as_package_install () {
msg "build: cmake 'as-installed-package' build"
MBEDTLS_ROOT_DIR="$PWD"
cd programs/test/cmake_package_install
cmake .
make
if_build_succeeded ./cmake_package_install
cd "$MBEDTLS_ROOT_DIR"
unset MBEDTLS_ROOT_DIR
}
component_test_zeroize () { component_test_zeroize () {
# Test that the function mbedtls_platform_zeroize() is not optimized away by # Test that the function mbedtls_platform_zeroize() is not optimized away by
# different combinations of compilers and optimization flags by using an # different combinations of compilers and optimization flags by using an