Force the usage of crypto submodule
Remove all.sh tests exercising the optional usage of submodule
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 67da304..38991b8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,7 +9,6 @@
option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
-option(USE_CRYPTO_SUBMODULE "Build and use libmbedcrypto from the crypto submodule." ON)
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
@@ -184,10 +183,8 @@
add_subdirectory(library)
add_subdirectory(include)
-if(USE_CRYPTO_SUBMODULE)
- add_subdirectory(crypto/library)
- add_subdirectory(crypto/include)
-endif()
+add_subdirectory(crypto/library)
+add_subdirectory(crypto/include)
if(ENABLE_PROGRAMS)
add_subdirectory(programs)
@@ -201,9 +198,7 @@
enable_testing()
add_subdirectory(tests)
- if(USE_CRYPTO_SUBMODULE)
- add_subdirectory(crypto/tests)
- endif()
+ add_subdirectory(crypto/tests)
# additional convenience targets for Unix only
if(UNIX)
diff --git a/Makefile b/Makefile
index c83c64e..527486f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,4 @@
-# build crypto from submodule unless explicitly disabled
-USE_CRYPTO_SUBMODULE ?= 1
-
DESTDIR=/usr/local
PREFIX=mbedtls_
@@ -22,9 +19,7 @@
tests: lib
$(MAKE) -C tests
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
$(MAKE) CRYPTO_INCLUDES:="-I../../include -I../include" -C crypto/tests
-endif
ifndef WINDOWS
install: no_test
@@ -34,13 +29,10 @@
mkdir -p $(DESTDIR)/lib
cp -RP library/libmbedtls.* $(DESTDIR)/lib
cp -RP library/libmbedx509.* $(DESTDIR)/lib
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
+
mkdir -p $(DESTDIR)/include/psa
cp -rp crypto/include/psa $(DESTDIR)/include
cp -RP crypto/library/libmbedcrypto.* $(DESTDIR)/lib
-else
- cp -RP library/libmbedcrypto.* $(DESTDIR)/lib
-endif
mkdir -p $(DESTDIR)/bin
for p in programs/*/* ; do \
@@ -56,9 +48,8 @@
rm -f $(DESTDIR)/lib/libmbedtls.*
rm -f $(DESTDIR)/lib/libmbedx509.*
rm -f $(DESTDIR)/lib/libmbedcrypto.*
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
$(MAKE) -C crypto uninstall
-endif
+
for p in programs/*/* ; do \
if [ -x $$p ] && [ ! -d $$p ] ; \
@@ -100,18 +91,14 @@
$(MAKE) -C library clean
$(MAKE) -C programs clean
$(MAKE) -C tests clean
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
$(MAKE) -C crypto clean
-endif
ifndef WINDOWS
find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} +
endif
check: lib tests
$(MAKE) -C tests check
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
$(MAKE) CRYPTO_INCLUDES:="-I../../include -I../include" -C crypto/tests check
-endif
test: check
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index fb43fd0..1004cb3 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -146,12 +146,6 @@
endif()
if(USE_STATIC_MBEDTLS_LIBRARY)
- if(NOT USE_CRYPTO_SUBMODULE)
- add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
- set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
- target_link_libraries(${mbedcrypto_static_target} ${libs})
- target_include_directories(${mbedcrypto_static_target} PUBLIC ${CMAKE_SOURCE_DIR}/include/)
- endif()
add_library(${mbedx509_static_target} STATIC ${src_x509})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
@@ -168,24 +162,14 @@
PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/
)
- if(USE_CRYPTO_SUBMODULE)
- install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target}
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
- else()
- install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
- endif()
+
+ install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target}
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
- if(NOT USE_CRYPTO_SUBMODULE)
- add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.17.0 SOVERSION 3)
- target_link_libraries(mbedcrypto ${libs})
- target_include_directories(mbedcrypto PUBLIC ${CMAKE_SOURCE_DIR}/include/)
- endif()
add_library(mbedx509 SHARED ${src_x509})
set_target_properties(mbedx509 PROPERTIES VERSION 2.17.0 SOVERSION 0)
@@ -201,25 +185,13 @@
PUBLIC ${CMAKE_SOURCE_DIR}/include/
PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
- if(USE_CRYPTO_SUBMODULE)
- install(TARGETS mbedtls mbedx509
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
- else()
- install(TARGETS mbedtls mbedx509 mbedcrypto
- DESTINATION ${LIB_INSTALL_DIR}
- PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
- endif()
+ install(TARGETS mbedtls mbedx509
+ DESTINATION ${LIB_INSTALL_DIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
endif(USE_SHARED_MBEDTLS_LIBRARY)
-if(USE_CRYPTO_SUBMODULE)
- add_custom_target(lib DEPENDS mbedx509 mbedtls)
- if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- add_dependencies(lib mbedx509_static mbedtls_static)
- endif()
-else()
- add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
- if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
- endif()
+add_custom_target(lib DEPENDS mbedx509 mbedtls)
+if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+ add_dependencies(lib mbedx509_static mbedtls_static)
endif()
diff --git a/library/Makefile b/library/Makefile
index 38bb59a..60f3ae0 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -1,9 +1,6 @@
# Also see "include/mbedtls/config.h"
-# build crypto form submodule unless explicitly disabled
-USE_CRYPTO_SUBMODULE ?= 1
-
CFLAGS ?= -O2
WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement
LDFLAGS ?=
@@ -67,36 +64,11 @@
endif
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
+
# Look in crypto for libmbedcrypto.
LOCAL_LDFLAGS += -L../crypto/library
LOCAL_CFLAGS += -I../crypto/include
CRYPTO := ../crypto/library/
-else
-OBJS_CRYPTO= aes.o aesni.o arc4.o \
- aria.o asn1parse.o asn1write.o \
- base64.o bignum.o blowfish.o \
- camellia.o ccm.o chacha20.o \
- chachapoly.o cipher.o cipher_wrap.o \
- cmac.o ctr_drbg.o des.o \
- dhm.o ecdh.o ecdsa.o \
- ecjpake.o ecp.o \
- ecp_curves.o entropy.o entropy_poll.o \
- error.o gcm.o havege.o \
- hkdf.o \
- hmac_drbg.o md.o md2.o \
- md4.o md5.o md_wrap.o \
- memory_buffer_alloc.o nist_kw.o \
- oid.o padlock.o pem.o \
- pk.o pk_wrap.o pkcs12.o \
- pkcs5.o pkparse.o pkwrite.o \
- platform.o platform_util.o poly1305.o \
- ripemd160.o rsa_internal.o rsa.o \
- sha1.o sha256.o sha512.o \
- threading.o timing.o version.o \
- version_features.o xtea.o
-CRYPTO :=
-endif
OBJS_X509= certs.o pkcs11.o x509.o \
x509_create.o x509_crl.o x509_crt.o \
@@ -176,37 +148,8 @@
echo " LD $@"
$(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 -L. -lmbedcrypto -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
-# crypto
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
libmbedcrypto.%:
$(MAKE) CRYPTO_INCLUDES:="-I../../include -I../include" -C ../crypto/library $@
-else
-libmbedcrypto.a: $(OBJS_CRYPTO)
- echo " AR $@"
- $(AR) $(ARFLAGS) $@ $(OBJS_CRYPTO)
-ifdef APPLE_BUILD
-ifneq ($(APPLE_BUILD),0)
- echo " RL $@"
- $(RL) $(RLFLAGS) $@
-endif
-endif
-
-libmbedcrypto.$(SOEXT_CRYPTO): $(OBJS_CRYPTO)
- echo " LD $@"
- $(CC) -shared -Wl,-soname,$@ $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO)
-
-libmbedcrypto.so: libmbedcrypto.$(SOEXT_CRYPTO)
- echo " LN $@ -> $<"
- ln -sf $< $@
-
-libmbedcrypto.dylib: $(OBJS_CRYPTO)
- echo " LD $@"
- $(CC) -dynamiclib $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO)
-
-libmbedcrypto.dll: $(OBJS_CRYPTO)
- echo " LD $@"
- $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_CRYPTO) -lws2_32 -lwinmm -lgdi32 -static-libgcc $(LOCAL_LDFLAGS) $(LDFLAGS)
-endif
.c.o:
echo " CC $<"
diff --git a/programs/Makefile b/programs/Makefile
index bf5ba9f..14ba543 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -1,7 +1,4 @@
-# build crypto form submodule unless explicitly disabled
-USE_CRYPTO_SUBMODULE ?= 1
-
# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
@@ -17,11 +14,9 @@
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
LOCAL_LDFLAGS += -L../crypto/library
LOCAL_CFLAGS += -I../crypto/include
LOCAL_CXXFLAGS += -I../crypto/include
-endif
ifndef SHARED
DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 06b8997..482c98d 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -60,77 +60,6 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
endif(MSVC)
-if(NOT USE_CRYPTO_SUBMODULE)
- add_test_suite(aes aes.ecb)
- add_test_suite(aes aes.cbc)
- add_test_suite(aes aes.cfb)
- add_test_suite(aes aes.ofb)
- add_test_suite(aes aes.rest)
- add_test_suite(aes aes.xts)
- add_test_suite(arc4)
- add_test_suite(aria)
- add_test_suite(asn1write)
- add_test_suite(base64)
- add_test_suite(blowfish)
- add_test_suite(camellia)
- add_test_suite(ccm)
- add_test_suite(chacha20)
- add_test_suite(chachapoly)
- add_test_suite(cipher cipher.aes)
- add_test_suite(cipher cipher.arc4)
- add_test_suite(cipher cipher.blowfish)
- add_test_suite(cipher cipher.camellia)
- add_test_suite(cipher cipher.ccm)
- add_test_suite(cipher cipher.chacha20)
- add_test_suite(cipher cipher.chachapoly)
- add_test_suite(cipher cipher.des)
- add_test_suite(cipher cipher.gcm)
- add_test_suite(cipher cipher.misc)
- add_test_suite(cipher cipher.null)
- add_test_suite(cipher cipher.padding)
- add_test_suite(cipher cipher.nist_kw)
- add_test_suite(cmac)
- add_test_suite(ctr_drbg)
- add_test_suite(des)
- add_test_suite(dhm)
- add_test_suite(ecdh)
- add_test_suite(ecdsa)
- add_test_suite(ecjpake)
- add_test_suite(ecp)
- add_test_suite(entropy)
- add_test_suite(error)
- add_test_suite(gcm gcm.aes128_en)
- add_test_suite(gcm gcm.aes192_en)
- add_test_suite(gcm gcm.aes256_en)
- add_test_suite(gcm gcm.aes128_de)
- add_test_suite(gcm gcm.aes192_de)
- add_test_suite(gcm gcm.aes256_de)
- add_test_suite(gcm gcm.camellia)
- add_test_suite(gcm gcm.misc)
- add_test_suite(hkdf)
- add_test_suite(hmac_drbg hmac_drbg.misc)
- add_test_suite(hmac_drbg hmac_drbg.no_reseed)
- add_test_suite(hmac_drbg hmac_drbg.nopr)
- add_test_suite(hmac_drbg hmac_drbg.pr)
- add_test_suite(md)
- add_test_suite(mdx)
- add_test_suite(memory_buffer_alloc)
- add_test_suite(mpi)
- add_test_suite(nist_kw)
- add_test_suite(oid)
- add_test_suite(pem)
- add_test_suite(pkcs1_v15)
- add_test_suite(pkcs1_v21)
- add_test_suite(pkcs5)
- add_test_suite(pk)
- add_test_suite(pkparse)
- add_test_suite(pkwrite)
- add_test_suite(poly1305)
- add_test_suite(shax)
- add_test_suite(timing)
- add_test_suite(rsa)
- add_test_suite(xtea)
-endif()
add_test_suite(debug)
add_test_suite(ssl)
add_test_suite(version)
diff --git a/tests/Makefile b/tests/Makefile
index 44b35ef..c263e64 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -1,7 +1,4 @@
-# build crypto form submodule unless explicitly disabled
-USE_CRYPTO_SUBMODULE ?= 1
-
# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS
# To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS
@@ -15,13 +12,9 @@
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
-ifneq ($(USE_CRYPTO_SUBMODULE), 0)
LOCAL_LDFLAGS += -L../crypto/library
LOCAL_CFLAGS += -I../crypto/include
CRYPTO := ../crypto/library/
-else
-CRYPTO := ../library/
-endif
# Enable definition of various functions used throughout the testsuite
# (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless
@@ -69,7 +62,6 @@
# constructed by stripping path 'suites/' and extension .data.
APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data)))
-ifdef USE_CRYPTO_SUBMODULE
APPS := $(filter-out \
test_suite_aes.% \
test_suite_arc4 \
@@ -114,7 +106,6 @@
test_suite_timing \
test_suite_xtea \
,$(APPS))
-endif
# Construct executable name by adding OS specific suffix $(EXEXT).
BINARIES := $(addsuffix $(EXEXT),$(APPS))
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 708adc9..20b628c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -800,89 +800,6 @@
make TEST_CPP=1
}
-component_test_submodule_cmake () {
- # USE_CRYPTO_SUBMODULE: check that it's enabled by default with cmake
- msg "build: cmake, full config (with USE_CRYPTO_SUBMODULE), gcc+debug"
- scripts/config.pl full # enables md4 and submodule doesn't enable md4
- CC=gcc cmake -D CMAKE_BUILD_TYPE=Debug .
- make
- msg "test: top-level libmbedcrypto wasn't built (USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded not test -f library/libmbedcrypto.a
- msg "test: libmbedcrypto symbols are from crypto files (USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded objdump -g crypto/library/libmbedcrypto.a | grep -E 'crypto/library$' > /dev/null
- msg "test: libmbedcrypto uses top-level config (USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded objdump -g crypto/library/libmbedcrypto.a | grep 'md4.c' > /dev/null
- # no need for runtime tests - this is the default, tested elsewhere
-
-}
-
-component_test_submodule_make () {
- # USE_CRYPTO_SUBMODULE: check that it's enabled by default with make
- msg "build: make, full config (with USE_CRYPTO_SUBMODULE), gcc+debug"
- scripts/config.pl full # enables md4 and submodule doesn't enable md4
- make CC=gcc CFLAGS='-g' USE_CRYPTO_SUBMODULE=1
-
- msg "test: top-level libmbedcrypto wasn't built (USE_CRYPTO_SUBMODULE, make)"
- if_build_succeeded not test -f library/libmbedcrypto.a
-
- msg "test: libmbedcrypto symbols are from crypto files (USE_CRYPTO_SUBMODULE, make)"
- if_build_succeeded objdump -g crypto/library/libmbedcrypto.a | grep -E 'crypto/library$' > /dev/null
-
- msg "test: libmbedcrypto uses top-level config (USE_CRYPTO_SUBMODULE, make)"
- if_build_succeeded objdump -g crypto/library/libmbedcrypto.a | grep 'md4.c' > /dev/null
-}
-
-component_test_not_submodule_make () {
- # Disable USE_CRYPTO_SUBMODULE: check that the submodule is not used with make
- msg "build: make, full config without USE_CRYPTO_SUBMODULE, gcc+debug"
- scripts/config.pl full
- scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
- scripts/config.pl unset MBEDTLS_USE_PSA_CRYPTO # depends on PSA
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # only works from submodule
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on PSA
- scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C # depends on PSA
- make CC=gcc CFLAGS='-g' USE_CRYPTO_SUBMODULE=0
-
- msg "test: submodule libmbedcrypto wasn't built (no USE_CRYPTO_SUBMODULE, make)"
- if_build_succeeded not test -f crypto/library/libmbedcrypto.a
-
- msg "test: libmbedcrypto symbols are from library files (no USE_CRYPTO_SUBMODULE, make)"
- if_build_succeeded objdump -g library/libmbedcrypto.a | grep -E 'library$' | not grep 'crypto' > /dev/null
-
- # run some tests to validate this non-default build
- msg "test: main suites (no USE_CRYPTO_SUBMODULE, cmake)"
- make test
-
- msg "test: ssl-opt.sh (no USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded tests/ssl-opt.sh
-}
-
-component_test_not_submodule_cmake () {
- # Don't USE_CRYPTO_SUBMODULE: check that the submodule is not used with CMake
- msg "build: cmake, full config without USE_CRYPTO_SUBMODULE, gcc+debug"
- scripts/config.pl full
- scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # only works from submodule
- scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on PSA
- scripts/config.pl unset MBEDTLS_PSA_ITS_FILE_C # depends on PSA
- scripts/config.pl unset MBEDTLS_USE_PSA_CRYPTO # depends on PSA
- CC=gcc cmake -D CMAKE_BUILD_TYPE=Debug -D USE_CRYPTO_SUBMODULE=Off .
- make
-
- msg "test: submodule libmbedcrypto wasn't built (no USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded not test -f crypto/library/libmbedcrypto.a
-
- msg "test: libmbedcrypto symbols are from library files (no USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded objdump -g library/libmbedcrypto.a | grep -E 'library$' | not grep 'crypto' > /dev/null
-
- # run some tests to validate this non-default build
- msg "test: main suites (no USE_CRYPTO_SUBMODULE, cmake)"
- make test
-
- msg "test: ssl-opt.sh (no USE_CRYPTO_SUBMODULE, cmake)"
- if_build_succeeded tests/ssl-opt.sh
-}
-
component_test_no_use_psa_crypto_full_cmake_asan() {
# full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan"