Commit graph

219 commits

Author SHA1 Message Date
David Horstmann
b3a5424a4e Add function to remove last filename extension
Add a new function that takes a string and removes the
portion following the last '.' character, usually a file
extension. This would transform:
 * "a.b.c" into "a.b"
 * "name." into "name"
 * ".name" into ""
 * "no_dot" into "no_dot" (i.e. no change)

CMake's existing file-extension-removal command removes
the largest possible extension which would make "a.b.c"
into "a", which is incorrect for handling tests that have
'.'s within their names.

The desired behaviour was added in CMake 3.14, but we
support CMake >= 3.5.1 (for 3.0) and >= 2.8.12.2 (for 2.x)
at the time of writing.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2021-10-25 13:16:04 +01:00
Manuel Pégourié-Gonnard
e90e405e15 Introduce "Dev mode" option
When the option is On, CMake will have rules to generate the generated
files using scripts etc. When the option is Off, CMake will assume the
files are available from the source tree; in that mode, it won't require
any extra tools (Perl for example) compared to when we committed the
files to git.

The intention is that users will never need to adjust this option:

- in the development branch (and features branches etc.) the option is
always On (development mode);
- in released tarballs, which include the generated files, we'll switch
the option to Off (release mode) in the same commit that re-adds the
generated files.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-10-25 13:16:04 +01:00
lhuang04
8c51b73c86 Update CMake version for CMP0090
Summary:
[CMP0090](https://cmake.org/cmake/help/latest/policy/CMP0090.html) was introduced in CMake version 3.15. The CMake version guard
should be greater or equal to 3.15.
My cmake version is 3.14.5, and run into the following error.

```
cmake --version
cmake version 3.14.5
```

```
CMake Error at CMakeLists.txt:338 (cmake_policy):
  Policy "CMP0090" is not known to this version of CMake.

-- Configuring incomplete, errors occurred!

Test Plan:
```
cmake
```

Signed-off-by: lhuang04 <lhuang04@fb.com>
2021-08-17 12:50:11 -07:00
Dave Rodgman
1bc9e934e2 Manual updates to version information
This covers a few files that were missed by scripts/bump_version.sh

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 09:26:12 +01:00
Bence Szépkúti
bb0cfeb2d4 Rename config.h to mbedtls_config.h
This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:33 +01:00
Dave Rodgman
10bda58b49
Merge pull request #4259 from CJKay/cmake-config
Add CMake package config file
2021-06-25 20:32:13 +01:00
Dave Rodgman
be4af04fcf Update minimum CMake version in CMakeLists.txt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-07 09:18:50 +01:00
Chris Kay
d259e347e6 Add CMake package config file
This change enables automatic detection and consumption of Mbed TLS
library targets from within other CMake projects. By generating an
`MbedTLSConfig.cmake` file, consuming projects receive a more complete
view of these targets, allowing them to be used as dependencies which
properly inherit the transitive dependencies of the libraries.

This is fairly fragile, as it seems Mbed TLS's libraries do not appear
to properly model their dependencies on other targets, including
third-party dependencies. It is, however, sufficient for building and
linking the compiled Mbed TLS libraries when there are no third-party
dependencies involved. Further work is needed for more complex
use-cases, but this will likely meet the needs of most projects.

Resolves #298. Probably useful for #2857.

Signed-off-by: Chris Kay <chris.kay@arm.com>
2021-06-04 16:02:48 +01:00
Mateusz Starzyk
72f60dfcc1 Remove MBEDTLS_TEST_NULL_ENTROPY config option.
Building the library without entropy sources negates any and all security
provided by the library.
This option was originally requested a relatively long time ago and it
does not provide any tangible benefit for users any more.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-11 13:15:19 +02:00
Mateusz Starzyk
f9c7b3eb11 Remove PKCS#11 library wrapper.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-21 11:05:00 +02:00
Mateusz Starzyk
c301bd56f0 Merge branch 'development_3.0' into drop_old_tls_options 2021-04-15 13:55:20 +02:00
Paul Elliott
2065a8d8af Reduce level of -Wformat-truncation
Reduce level of format truncation warnings due to issues with false
positives (an unknown size buffer is always treated as size 1)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-17 13:12:22 +00:00
Mateusz Starzyk
a3a9984a5d Drop support for TLS record-level compression.
Remove option MBEDTLS_ZLIB_SUPPORT.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-03-16 12:49:51 +01:00
Paul Elliott
21c62a2aed Raise level of -Wformat-truncation to 2
This was not possible earlier due to warnings, however now this seems to
be ok.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
ea32d55623 Add printf warning flags to CMake Build
Add extra printf warning flags into the cmake build, only adding those
that are supported by each version of the compiler

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
b250ac951d Set CMake policies for newer versions of CMake
Make sure that CMP0012 is set to NEW, without which FindPython3 and
FindPython2 functionality becomes broken with CMake 3.18.2 if searching
by location. CMP0012 being set to OLD is also deprecated as of 3.18.3.
Ensure CMP0011 is set to NEW to avoid warnings and deprecated behaviour
being issued about policy push / pop with CMake 3.18.0 or newer.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-12-03 13:02:14 +00:00
Gilles Peskine
2da4292dc1
Merge pull request #3790 from peter-toft-greve/development
Add fix for cmake control of CMAKE_BUILD_TYPE only if mbedtls is the root project
2020-10-30 09:44:29 +01:00
Gilles Peskine
935b4f96f9
Merge pull request #3407 from RcColes/development
Increase compatibility with external cmake
2020-10-28 12:29:14 +01:00
Peter Toft
70e2062218 Updated minimum cmake requirement down to 2.8.12
* As described in issue #3801 the upcoming cmake 3.19
  will not support cmake 2.6 any more
* This PR updates the mimimum required cmake version
  to 2.8.12, which will not give a warning with cmake 3.19
  but still compatible with MbedTLS support of RHEL/CentOS 7 LTS
* Adding ChangeLog.d/bugfix_PR3802.txt

Signed-off-by: Peter Toft <peter.toft@dirac.com>
2020-10-22 10:43:40 +02:00
Raef Coles
995c66f702 Build: Add MBEDTLS_TARGET_PREFIX
Allows required targets to have prefixes added to them, so that external
projects can avoid target names clashing.

Signed-off-by: Raef Coles <raef.coles@arm.com>
2020-10-20 13:44:44 +01:00
Peter Toft
fdf337965c Add fix for cmake control of CMAKE_BUILD_TYPE only if mbedtls is the root project
Signed-off-by: Peter Toft <peter.toft@dirac.com>
2020-10-14 19:55:25 +02:00
Steven Cooreman
a70d588f74 Add initial test driver conforming to the new spec
Also adjusted the different makefiles accordingly.
Note: driver lifetime is currently statically defined in the header, but
this will be replaced in the future based on autogeneration of lifetime
values by a script (TBD)

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-04 14:22:26 +02:00
makise-homura
e74f372330 Get back -Wsigned-one-bit-field and fix sources according to it
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 23:57:48 +03:00
makise-homura
0be6aa9957 Get back -Wsign-compare and fix sources according to it
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 23:52:53 +03:00
makise-homura
ac2fd6524a Support building on e2k (Elbrus) architecture
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
2020-08-18 21:59:46 +03:00
okhowang(王沛文)
0cd8e0f6a7 Only pass -Wformat-signedness to versions of GCC that support it.
Fixes #3478

Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-07-03 16:51:14 +08:00
Ronald Cron
dd6bdb5056 cmake: Add comment about mbedtls_test target
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-29 09:21:54 +02:00
Ronald Cron
ddaf99c9d4 build: Add top-level mbedtls_test target
In preparation of linking common test objects in programs,
add the top-level mbedtls_test target.

This target consists of the common test objects.

It is necessary to declare it at the top-level as both
tests and programs will depend on it and it is necessary
to synchronize the compilation of those objects for tests
and programs for the case of parallel building.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-26 10:45:09 +02:00
Ronald Cron
b1790af648 cmake: Add include directory policy documentation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-22 16:33:29 +02:00
Ronald Cron
855274113a cmake: Remove global include directories
Remove the declaration of ./include and ./library
as include directories for all targets.

Prefer being more local and declare include directories
at the target level using target_include_directories().

Note that there is no need to declare explicitely
./include as an include directory for tests as they
inherit it from the "mbed librairies".

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-22 16:33:22 +02:00
Ronald Cron
67d4b555b8 cmake: Limit scope of 3rd party definitions
Don't define anymore globally third party include
directories and compile definitions. Declare them within the
scope of the crypto library target as per the third party
source files.

Note that targets linking to the crypto library inherit from
the third party public include directories.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-22 13:44:03 +02:00
Ronald Cron
f19f312aa6 cmake: Add 3rd party public include directories
Add the possibility to distinguish between public and
non-public include directories. Public directories are
the one to use to access definitions of 3rd party code
interfaces.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-06-22 13:44:03 +02:00
okhowang(王沛文)
3c1b090e58 Use FindPython3 when cmake version >= 3.15.0
Signed-off-by: okhowang(王沛文) <okhowang@tencent.com>
2020-06-10 10:21:50 +08:00
danh-arm
924a1f2f47
Merge pull request #3147 from gocarlos/gocarlos-patch-1
cmake: add option to treat compiler warnings as errors
2020-04-29 17:14:48 +01:00
Carlos Gomes Martinho
e150c77969 build: readd unsafe build to show #warnings in CI
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-28 12:55:14 +02:00
Kenneth Soerensen
518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
Carlos Gomes Martinho
a5f0bd34b6 build: add option to treat compiler warnings as errors
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Carlos Gomes Martinho
f64db80448 build: do not treat compiler warnings as errors for unsafe builds with msvc
this is the same behaviour as with gcc and clang

Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Gilles Peskine
7dc97048d6 Revert "Remove tests that depend on TLS or X.509"
This reverts commit 9afb2e9921.

Conflicts:
* include/CMakeLists.txt
  * "Make config.h available" comment: there has been a change
    adjacent to where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * compat.sh: there has been a change immediately before where it was
    removed. Just re-add what was removed.
2020-03-19 14:17:54 +01:00
Gilles Peskine
6bbe783908 Revert "Remove pkcs11-helper option"
This reverts commit d832f187f7.

Conflicts:
* CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine
5bb8bec1de Revert "Remove zlib"
This reverts commit d874a1fd14.

Conflicts:
* CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
* tests/CMakeLists.txt:
  * ENABLE_ZLIB_SUPPORT: there has been a change immediately after
    where it was removed. Just re-add what was removed.
2020-03-19 14:07:55 +01:00
Gilles Peskine
9740929371 cmake: fix Python requirement
Perl is no longer needed.

Python must be version 3. Version 2 is not suitable.

The variable is PYTHONINTERP_FOUND, not PYTHON_FOUND.
2019-11-13 14:33:34 +00:00
Gilles Peskine
3bdd412d09 Invoke config.py instead of config.pl
git grep -Fl /config.pl | xargs sed -i -e 's!/config\.pl!/config.py!g'

Also:
* Change one comment in include/mbedtls/check_config.h.
* Change PERL to PYTHON in CMakeLists.txt.
2019-11-13 14:33:33 +00:00
Unknown
10d42b686a Unify gcc and clang cmake flags to test with UBsan
Previously, not all flags were supported by the gcc version that was used
(pre-4.9). Now, since the minimum version gcc version tested is 5.4, 
the flags can be unified.
2019-09-05 09:34:47 -04:00
Christoph M. Wintersteiger
7b747fcdc9 3rdparty: fix inclusion order of CMakeLists.txt
This is so that third-party modules pick up the INSTALL_MBEDTLS_HEADERS variable.
2019-08-19 13:37:46 +01:00
Christoph M. Wintersteiger
6ea2dea1c5 3rdparty: Add additional build facilities for 3rd-party code 2019-08-19 13:37:46 +01:00
Christoph M. Wintersteiger
62dddd08fd Add new 3rdparty build scripts 2019-08-19 13:36:44 +01:00
Christoph M. Wintersteiger
d5fd766c49 ECDH: Include Everest Curve25519 in build scripts 2019-08-19 13:36:44 +01:00
Jaeden Amero
8dd1690993 Merge remote-tracking branch 'tls/development' into development
Resolve conflicts by performing the following operations:
- Reject changes related to building a crypto submodule, since Mbed
  Crypto is the crypto submodule.
- Reject X.509, NET, and SSL changes.
- Reject changes to README, as Mbed Crypto is a different project from
  Mbed TLS, with a different README.
- Avoid adding mention of ssl-opt.sh in a comment near some modified
  code in include/CMakeLists.txt (around where ENABLE_TESTING as added).
- Align config.pl in Mbed TLS with config.pl in Mbed Crypto where PSA
  options are concerned, to make future merging easier. There is no
  reason for the two to be different in this regard, now that Mbed TLS
  always depends on Mbed Crypto. Remaining differences are only the
  PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option and the absence of X.509,
  NET, and SSL related options in Mbed Crypto's config.pl.
- Align config.h in Mbed Crypto with Mbed TLS's copy, with a few notable
  exceptions:
  - Leave CMAC on by default.
  - Leave storage on by default (including ITS emulation).
  - Avoid documenting the PSA Crypto API as is in beta stage in
    documentation for MBEDTLS_PSA_CRYPTO_C.
  The only remaining differences are a lack of X.509, NET, and SSL
  options in Mbed Crypto's config.h, as well as an additional
  Mbed-Crypto-specific PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option.
  Documentation for the check params feature and related macros is also
  updated to match Mbed TLS's description.
- Reject tests/data_files/Makefile changes to generate DER versions of
  CRTs and keys, as none of those are used by Mbed Crypto tests.
- Add the "no PEM and no filesystem" test to all.sh, without ssl-opt.sh
  run, as Mbed Crypto doesn't have ssl-opt.sh. Also remove use of PSA
  Crypto storage and ITS emulation, since those depend on filesystem
  support.
- Reject addition of test when no ciphersuites have MAC to all.sh, as
  the option being tested, MBEDTLS_SSL_SOME_MODES_USE_MAC, is not
  present in Mbed Crypto.
- Use baremetal config in all.sh, as Mbed Crypto's baremetal
  configuration does exclude the net module (as it doesn't exist in Mbed
  Crypto)
- Reject cmake_subproject_build changes, continuing to link only
  libmbedcrypto.
- Reject changes to visualc and associated templates. Mbed Crypto
  doesn't need additional logic to handle submodule-sourced headers.
- Avoid adding fuzzers from Mbed TLS. The only relevant fuzzers are the
  privkey and pubkey fuzzers, but non-trivial work would be required to
  integrate those into Mbed Crypto (more than is comfortable in a merge
  commit).
- Reject addition of Docker wrappers for compat.sh and ssl-opt.sh, as
  those are not present in Mbed Crypto.
- Remove calls to SSL-related scripts from basic-in-docker.sh

Fix test errors by performing the following:
- Avoid using a link that Doxygen can't seem to resolve in Mbed Crypto,
  but can resolve in Mbed TLS. In documentation for
  MBEDTLS_CHECK_PARAMS, don't attempt to link to MBEDTLS_PARAM_FAILED.

* origin/development: (339 commits)
  Do not build fuzz on windows
  No booleans and import config
  Removing space before opening parenthesis
  Style corrections
  Syntax fix
  Fixes warnings from MSVC
  Add a linker flag to enable gcov in basic-build-test.sh
  Update crypto submodule to a revision with the HAVEGE header changes
  Test with MBEDTLS_ECP_RESTARTABLE
  Allow TODO in code
  Use the docstring in the command line help
  Split _abi_compliance_command into smaller functions
  Record the commits that were compared
  Document how to build the typical argument for -s
  Allow running /somewhere/else/path/to/abi_check.py
  tests: Limit each log to 10 GiB
  Warn if VLAs are used
  Remove redundant compiler flag
  Consistently spell -Wextra
  Fix parsing issue when int parameter is in base 16
  ...
2019-07-31 10:37:53 +01:00
Jaeden Amero
01604a334a Merge remote-tracking branch 'origin/pr/2726' into development
* origin/pr/2726:
  Warn if VLAs are used
  Remove redundant compiler flag
  Consistently spell -Wextra
  Allow declarations after statements
2019-07-10 07:55:25 +01:00
Gilles Peskine
be517164d2 Warn if VLAs are used
We don't intend to use C99 variable-length arrays, so make the
compiler complain about them.
2019-07-02 20:22:11 +02:00
Gilles Peskine
85aba47715 Consistently spell -Wextra
-W is a deprecated alias of -Wextra. Consistently use the new name.
2019-07-02 20:05:16 +02:00
Ashley Duncan
d85a7e9b09 Remove use of CMAKE_SOURCE_DIR
Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within
another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR}
in the main CMakeLists.txt file and refer to that when defining target
include paths to enable mbedtls to be built as a sub project.

Fixes https://github.com/ARMmbed/mbedtls/issues/2609

Signed-off-by: Ashley Duncan <ashes.man@gmail.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2019-06-26 12:46:53 +01:00
Gilles Peskine
c2d56a4446 Allow declarations after statements
We officially allow C99, so don't forbid this C99 feature.
2019-06-25 18:52:06 +02:00
Ashley Duncan
3278081428 Remove use of CMAKE_SOURCE_DIR
Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within
another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR}
in the main CMakeLists.txt file and refer to that when defining target
include paths to enable mbedtls to be built as a sub project.

Fixes #2609

Signed-off-by: Ashley Duncan <ashes.man@gmail.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2019-06-25 13:33:51 +01:00
Jaeden Amero
bb16d0c956 Merge remote-tracking branch 'origin/pr/2654' into development
* origin/pr/2654:
  Create link to include/mbedtls only when testing is enabled
2019-06-06 14:18:23 +01:00
Renz Christian Bagaporo
d8a40b5725 Create link to include/mbedtls only when testing is enabled 2019-05-23 18:48:13 +08:00
Andrzej Kurek
f425ff1457 Export the submodule flag to sub-cmakes 2019-05-23 03:01:35 -04:00
Andrzej Kurek
346747cd24 Force the usage of crypto submodule
Remove all.sh tests exercising the optional usage of submodule
2019-05-23 03:01:35 -04:00
Manuel Pégourié-Gonnard
d8167e85d6 Build from submodule by default (make, cmake)
Adapt tests in all.sh:
- tests with submodule enabled (default) no longer need to enable it
  explicitly, and no longer need runtime tests, as those are now handled by
all other test cases in this script
- tests with submodule disabled (old default) now need to disable it
  explicitly, and execute some runtime tests, as those are no longer tested
anywhere else in this script

Adapt documentation in Readme: remove the section "building with submodule"
and replace it with a new section before the other building sections.
Purposefully don't document how to build not from the submodule, as that
option is going away soon.
2019-05-23 03:01:35 -04:00
Jaeden Amero
3d07ffade2 Merge remote-tracking branch 'tls/development' into development
Resolve conflicts by performing the following operations:
    - Reject changes to files removed during the creation of Mbed Crypto
      from Mbed TLS.
    - Reject the addition of certificates that would not be used by any
      tests, including rejecting the addition of Makefile rules to
      generate these certificates.
    - Reject changes to error.c referencing modules that are not part of
      Mbed Crypto.

* origin/development: (80 commits)
  Style fix
  Fix test data
  Update test data
  Add some negative test cases
  Fix minor issues
  Add ChangeLog entry about listing all SAN
  Remove unneeded whitespaces
  Fix mingw CI failures
  Initialize psa_crypto in ssl test
  Check that SAN is not malformed when parsing
  Documentation fixes
  Fix ChangeLog entry
  Fix missing tls version test failures
  Fix typo
  Fix ChangeLog entry location
  Add changeLog entry
  Add test for export keys functionality
  Add function to retrieve the tls_prf type
  Add tests for the public tls_prf API
  Add public API for tls_prf
  ...
2019-05-21 08:57:44 +01:00
Jaeden Amero
e3435053f5 Merge remote-tracking branch 'origin/pr/2473' into development
* origin/pr/2473:
  Fix CMake build error on Cygwin and minGW platforms
2019-05-01 09:56:42 +01:00
Jaeden Amero
d874a1fd14 Remove zlib
The library no longer uses zlib, so we can remove the option to build
with zlib.
2019-04-18 10:32:56 +01:00
Jaeden Amero
d832f187f7 Remove pkcs11-helper option
In preparation for removing X.509 and PKCS11 from Mbed Crypto, remove
pkcs11-helper. It won't be relevant after X.509 and PKCS11 are removed.
2019-04-18 10:32:56 +01:00
Qixiang Xu
7346b312e1 Fix CMake build error on Cygwin and minGW platforms
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2019-04-10 14:59:29 +01:00
Jaeden Amero
b78b300b2e tests: Test crypto via the crypto submodule
Test the crypto implementation via tests from the Mbed Crypto submodule
instead of at the Mbed TLS top level.

The version test is the only test that is tested from both TLS and
Crypto, despite being entirely in libmbedcrypto. This is because the
test data is code-gen'd from the version updating script and the version
between Mbed TLS and Mbed Crypto don't necessarily always agree. The
test data must come from the top level module, as only the top level
module will have test data that matches the expected version.
2019-03-13 13:39:23 +00:00
Jaeden Amero
9afb2e9921 Remove tests that depend on TLS or X.509 2019-03-11 16:49:26 +00:00
Jaeden Amero
30b340a760 crypto: Add mbedtls-psa as a submodule
mbedtls-psa contains an implementation of libmbedcrypto, including the PSA
Crypto API.
2018-11-21 12:54:57 +00:00
Jaeden Amero
4cb814e3a7 cmake: Use finer grained include directory
Using finer grained control over include directories will allow differnt
targets to use different include files. This will be useful when the
`crypto` subcomponent wants to use its own include files instead of or in
addition to the top level ones.
2018-11-20 18:46:43 +00:00
Darryl Green
d9eee3b417 Add library as valid header file location
The persistent key implementation will be split across multiple
files as it will eventually be implementing multiple storage
backends. As these internal functions will need to be callable by
other files, we will add the headers in the library folder. This
commit adds this include location to the necessary scripts.

For tests, the library is added as an include location as testing
on-target with Mbed OS is not possible with paths including ".."
2018-11-20 15:21:22 +00:00
Nir Sonnenschein
e46c329377 restore missing operation to CMakeLists.txt 2018-08-29 23:39:58 +03:00
Nir Sonnenschein
b7ebbcaa2c compile time warning of 128bit ctr_drbg keys and standardized warnings
a compile time print was added warning in case of 128bit ctr_drbg keys.
This was don't to avoid an actual warning in these cases
(making build with warnings as errors possible).
Additional warnings on the Changelog/headers were set to use the same phrasing
phrasing was approved by Gilles and Janos.
2018-08-29 10:20:12 +03:00
Mohammad Azim Khan
9540261a76 Incorporated code review comments 2018-08-06 11:40:58 +01:00
Andrzej Kurek
037ec4b416 Replace tabs with spaces 2018-06-28 05:07:08 -04:00
Andrzej Kurek
0211c32c9a Change the cpp test to be optional
Remove unnecessary defines from the test.
Test by defining TEST_CPP using makefiles or cmake.
2018-06-28 05:07:08 -04:00
Andrzej Kurek
40741f8ce5 Add a test with a cpp executable including all mbed TLS headers
In case of any problems with the 'extern "C"' directives,
building the executable will fail
2018-06-28 05:05:40 -04:00
Simon Butcher
4ab8acd696 Merge remote-tracking branch 'public/pr/1075' into development 2018-06-14 10:34:44 +01:00
Simon Butcher
ebb6427992 Merge remote-tracking branch 'public/pr/1646' into development 2018-06-12 16:41:04 +01:00
Darryl Green
2a1edacb1b Change symlink to hardlink to avoid permission issues 2018-06-08 10:07:32 +01:00
Darryl Green
d75ee64c1f Fix out-of-tree testing symlinks on Windows 2018-06-07 11:55:50 +01:00
Simon Butcher
b02f7893f6 Merge remote-tracking branch 'public/pr/1470' into development 2018-06-01 19:20:25 +01:00
Azim Khan
45b79cf12b Treat warnings as errors for IAR
Fix IAR compiler warnings

Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
   This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
   This was fixed by read the volatile data in temporary variables before the computation.

Explain IAR warning on volatile access

Consistent use of CMAKE_C_COMPILER_ID
2018-05-25 14:54:14 +01:00
Ron Eldor
e95092d8eb Change the value of fno-sanitize-recover
Change the value of `-fno-sanitize-recover` from `undefined,integer` to `all`
2018-05-24 10:15:13 +03:00
Gilles Peskine
c33c7c8363 Copy DartConfiguration.tcl, needed for make memcheck 2018-04-05 15:59:45 +02:00
Gilles Peskine
be038366ea Fix some comments regarding what files are symlinked 2018-03-23 14:39:52 +01:00
Gilles Peskine
fc458d0b9b Merge remote-tracking branch 'myfork/pr_1073' into development-proposed 2018-03-22 21:53:12 +01:00
Gilles Peskine
8405257035 Support out-of-tree testing with CMake
Create extra symbolic links with CMake so that SSL testing (ssl-opt.sh
and compat.sh) works in out-of-tree builds.
2018-03-21 12:28:59 +01:00
Krzysztof Stachowiak
a0188d6730 Have doxygen run in the doxygen directory
When the Doxywizzard GUI is used and the doxyfile is loaded, the
workind directory for doxygen is set to the location of the doxyfile.
However the Make and CMake build systems expect doxygen to be ran
from the top level directory.
This commit unifies the build system and the Doxywizzard GUI so that
all of them expect doxygen to be executed in the doxygen directory.
2018-01-19 16:21:18 +01:00
Ron Eldor
3f8271e32b Support only new CLang version
Support only new CLang version by enabling only
`-fno-sanitize-recover=undefined,integer`
2017-09-19 15:13:44 +03:00
Ron Eldor
18b3c912f9 Address Azim's coments
Fix typo and use new check for clang>3.5m according to azim's comments
2017-09-04 14:03:33 +03:00
Ron Eldor
22d989c434 Suport clang version 3.8
Check CLANG version, and according to the version,
set the correct paramters. fix for #1072
2017-09-03 17:56:25 +03:00
VOLAT Matthieu 22923
533751f98f
Use current source paths for config file creation command
That way, the project integrate more nicely when used as a cmake sub-project.
2017-09-01 09:55:40 +02:00
Simon B
9b3e3c4942 Fix config of compiler warning flags with MSVC
Compiler warnings were being configured twice and not suppressed on the
test suites with Microsoft Visual Studio.
2016-11-10 15:37:33 +00:00
Andres AG
dc192215f4 Allow cmake 'out-of-source' builds
Allow mbed TLS to be build in a subdirectory. Also add a test in
all.sh
2016-09-06 20:38:40 +01:00
Simon Butcher
45103f3e15 Changes multiline string (for CMake >3.0) to list (for CMake 2.8) 2016-06-21 14:47:11 +01:00
Simon Butcher
1ceab6e43a Adds a check and warning for the null entropy option
If the option MBEDTLS_TEST_NULL_ENTROPY is enabled, the cmake generated
makefile will generate an error unless a UNSAFE_BUILD switch is also enabled.

Equally, a similar warning will always be generated if the Makefile is built,
and another warning is generated on every compilation of entropy.c.

This is to ensure the user is aware of what they're doing when they enable the
null entropy option.
2016-06-21 10:14:00 +01:00
Simon Butcher
3ea7f52fdf Update interop tests to default configuration
Removed SSLv3 from the default tests in compat.sh, and adapted the test
cases in all.sh to include an additional SSLv3 regression test suite.
2016-03-09 19:32:11 +00:00
Janos Follath
e2681a448b Update default configuration
Change the default settings for SSL and modify the tests accordingly.
2016-03-09 19:32:11 +00:00
Manuel Pégourié-Gonnard
c990189e14 Revert changes done to 'make apidoc' target
This partially reverts 1989caf71c (only the changes to Makefile and
CMakeLists, the addition to scripts/config.pl is kept).

Modifying config.h in the apidoc target creates a race condition with

    make -j4 all apidoc

where some parts of the library, tests or programs could be built with the
wrong config.h, resulting in all kinds of (semi-random) errors. Recent
versions of CMake mitigate this by adding a .NOTPARALLEL target to the
generated Makefile, but people would still get errors with older CMake
versions that are still in use (eg in RHEL 5), and with plain make.

An additional issue is that, by failing to use cp -p, the apidoc target was
updating the timestamp on config.h, which seems to cause further build issues.

Let's get back to the previous, safe, situation. The improved apidoc building
will be resurrected in a script in the next commit.

fixes #390
fixes #391
2016-01-12 14:48:03 +00:00
Manuel Pégourié-Gonnard
1989caf71c Use a full config.h with doxygen
Otherwise we get warnings that some documentation items don't have
corresponding #define, and more importantly the corresponding snippets are not
included in the output.

For that we need a modified version of the "full" argument for config.pl.

Also, the new CMakeLists.txt target only works on Unix (which was already the
case of the Makefile target). Hopefully this is not an issue as people are
unlikely to need that target on Windows.
2016-01-04 12:57:32 +01:00