mbed TLS upgraded to 2.6.0

Fork of mbedtls by Mark Radbourne

Committer:
Jasper Wallace
Date:
Fri Sep 29 18:41:59 2017 +0100
Revision:
1:9ebc941037d5
Parent:
0:cdf462088d13
Child:
2:bbdeda018a3c
Update to mbedtls 2.4.2, security fixes

Changes to mbedtls sources made:

in include/mbedtls/config.h comment out:

#define MBEDTLS_FS_IO
#define MBEDTLS_NET_C
#define MBEDTLS_TIMING_C

uncomment:

#define MBEDTLS_NO_PLATFORM_ENTROPY

Who changed what in which revision?

UserRevisionLine numberNew contents of line
markrad 0:cdf462088d13 1 option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON)
markrad 0:cdf462088d13 2 option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF)
markrad 0:cdf462088d13 3 option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
markrad 0:cdf462088d13 4
markrad 0:cdf462088d13 5 set(src_crypto
markrad 0:cdf462088d13 6 aes.c
markrad 0:cdf462088d13 7 aesni.c
markrad 0:cdf462088d13 8 arc4.c
markrad 0:cdf462088d13 9 asn1parse.c
markrad 0:cdf462088d13 10 asn1write.c
markrad 0:cdf462088d13 11 base64.c
markrad 0:cdf462088d13 12 bignum.c
markrad 0:cdf462088d13 13 blowfish.c
markrad 0:cdf462088d13 14 camellia.c
markrad 0:cdf462088d13 15 ccm.c
markrad 0:cdf462088d13 16 cipher.c
markrad 0:cdf462088d13 17 cipher_wrap.c
markrad 0:cdf462088d13 18 cmac.c
markrad 0:cdf462088d13 19 ctr_drbg.c
markrad 0:cdf462088d13 20 des.c
markrad 0:cdf462088d13 21 dhm.c
markrad 0:cdf462088d13 22 ecdh.c
markrad 0:cdf462088d13 23 ecdsa.c
markrad 0:cdf462088d13 24 ecjpake.c
markrad 0:cdf462088d13 25 ecp.c
markrad 0:cdf462088d13 26 ecp_curves.c
markrad 0:cdf462088d13 27 entropy.c
markrad 0:cdf462088d13 28 entropy_poll.c
markrad 0:cdf462088d13 29 error.c
markrad 0:cdf462088d13 30 gcm.c
markrad 0:cdf462088d13 31 havege.c
markrad 0:cdf462088d13 32 hmac_drbg.c
markrad 0:cdf462088d13 33 md.c
markrad 0:cdf462088d13 34 md2.c
markrad 0:cdf462088d13 35 md4.c
markrad 0:cdf462088d13 36 md5.c
markrad 0:cdf462088d13 37 md_wrap.c
markrad 0:cdf462088d13 38 memory_buffer_alloc.c
markrad 0:cdf462088d13 39 oid.c
markrad 0:cdf462088d13 40 padlock.c
markrad 0:cdf462088d13 41 pem.c
markrad 0:cdf462088d13 42 pk.c
markrad 0:cdf462088d13 43 pk_wrap.c
markrad 0:cdf462088d13 44 pkcs12.c
markrad 0:cdf462088d13 45 pkcs5.c
markrad 0:cdf462088d13 46 pkparse.c
markrad 0:cdf462088d13 47 pkwrite.c
markrad 0:cdf462088d13 48 platform.c
markrad 0:cdf462088d13 49 ripemd160.c
markrad 0:cdf462088d13 50 rsa.c
markrad 0:cdf462088d13 51 sha1.c
markrad 0:cdf462088d13 52 sha256.c
markrad 0:cdf462088d13 53 sha512.c
markrad 0:cdf462088d13 54 threading.c
markrad 0:cdf462088d13 55 timing.c
markrad 0:cdf462088d13 56 version.c
markrad 0:cdf462088d13 57 version_features.c
markrad 0:cdf462088d13 58 xtea.c
markrad 0:cdf462088d13 59 )
markrad 0:cdf462088d13 60
markrad 0:cdf462088d13 61 set(src_x509
markrad 0:cdf462088d13 62 certs.c
markrad 0:cdf462088d13 63 pkcs11.c
markrad 0:cdf462088d13 64 x509.c
markrad 0:cdf462088d13 65 x509_create.c
markrad 0:cdf462088d13 66 x509_crl.c
markrad 0:cdf462088d13 67 x509_crt.c
markrad 0:cdf462088d13 68 x509_csr.c
markrad 0:cdf462088d13 69 x509write_crt.c
markrad 0:cdf462088d13 70 x509write_csr.c
markrad 0:cdf462088d13 71 )
markrad 0:cdf462088d13 72
markrad 0:cdf462088d13 73 set(src_tls
markrad 0:cdf462088d13 74 debug.c
markrad 0:cdf462088d13 75 net_sockets.c
markrad 0:cdf462088d13 76 ssl_cache.c
markrad 0:cdf462088d13 77 ssl_ciphersuites.c
markrad 0:cdf462088d13 78 ssl_cli.c
markrad 0:cdf462088d13 79 ssl_cookie.c
markrad 0:cdf462088d13 80 ssl_srv.c
markrad 0:cdf462088d13 81 ssl_ticket.c
markrad 0:cdf462088d13 82 ssl_tls.c
markrad 0:cdf462088d13 83 )
markrad 0:cdf462088d13 84
markrad 0:cdf462088d13 85 if(CMAKE_COMPILER_IS_GNUCC)
markrad 0:cdf462088d13 86 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes")
markrad 0:cdf462088d13 87 endif(CMAKE_COMPILER_IS_GNUCC)
markrad 0:cdf462088d13 88
markrad 0:cdf462088d13 89 if(CMAKE_COMPILER_IS_CLANG)
markrad 0:cdf462088d13 90 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
markrad 0:cdf462088d13 91 endif(CMAKE_COMPILER_IS_CLANG)
markrad 0:cdf462088d13 92
markrad 0:cdf462088d13 93 if(WIN32)
markrad 0:cdf462088d13 94 set(libs ${libs} ws2_32)
markrad 0:cdf462088d13 95 endif(WIN32)
markrad 0:cdf462088d13 96
markrad 0:cdf462088d13 97 if(USE_PKCS11_HELPER_LIBRARY)
markrad 0:cdf462088d13 98 set(libs ${libs} pkcs11-helper)
markrad 0:cdf462088d13 99 endif(USE_PKCS11_HELPER_LIBRARY)
markrad 0:cdf462088d13 100
markrad 0:cdf462088d13 101 if(ENABLE_ZLIB_SUPPORT)
markrad 0:cdf462088d13 102 set(libs ${libs} ${ZLIB_LIBRARIES})
markrad 0:cdf462088d13 103 endif(ENABLE_ZLIB_SUPPORT)
markrad 0:cdf462088d13 104
markrad 0:cdf462088d13 105 if(LINK_WITH_PTHREAD)
markrad 0:cdf462088d13 106 set(libs ${libs} pthread)
markrad 0:cdf462088d13 107 endif()
markrad 0:cdf462088d13 108
markrad 0:cdf462088d13 109 if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 110 message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
markrad 0:cdf462088d13 111 endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 112
markrad 0:cdf462088d13 113 if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 114 set(mbedtls_static_target "mbedtls_static")
markrad 0:cdf462088d13 115 set(mbedx509_static_target "mbedx509_static")
markrad 0:cdf462088d13 116 set(mbedcrypto_static_target "mbedcrypto_static")
markrad 0:cdf462088d13 117 elseif(USE_STATIC_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 118 set(mbedtls_static_target "mbedtls")
markrad 0:cdf462088d13 119 set(mbedx509_static_target "mbedx509")
markrad 0:cdf462088d13 120 set(mbedcrypto_static_target "mbedcrypto")
markrad 0:cdf462088d13 121 endif()
markrad 0:cdf462088d13 122
markrad 0:cdf462088d13 123 if(USE_STATIC_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 124 add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
markrad 0:cdf462088d13 125 set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
markrad 0:cdf462088d13 126 target_link_libraries(${mbedcrypto_static_target} ${libs})
markrad 0:cdf462088d13 127
markrad 0:cdf462088d13 128 add_library(${mbedx509_static_target} STATIC ${src_x509})
markrad 0:cdf462088d13 129 set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
markrad 0:cdf462088d13 130 target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
markrad 0:cdf462088d13 131
markrad 0:cdf462088d13 132 add_library(${mbedtls_static_target} STATIC ${src_tls})
markrad 0:cdf462088d13 133 set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
markrad 0:cdf462088d13 134 target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
markrad 0:cdf462088d13 135
markrad 0:cdf462088d13 136 install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
markrad 0:cdf462088d13 137 DESTINATION ${LIB_INSTALL_DIR}
markrad 0:cdf462088d13 138 PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
markrad 0:cdf462088d13 139 endif(USE_STATIC_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 140
markrad 0:cdf462088d13 141 if(USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 142 add_library(mbedcrypto SHARED ${src_crypto})
Jasper Wallace 1:9ebc941037d5 143 set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.2 SOVERSION 0)
markrad 0:cdf462088d13 144 target_link_libraries(mbedcrypto ${libs})
markrad 0:cdf462088d13 145
markrad 0:cdf462088d13 146 add_library(mbedx509 SHARED ${src_x509})
Jasper Wallace 1:9ebc941037d5 147 set_target_properties(mbedx509 PROPERTIES VERSION 2.4.2 SOVERSION 0)
markrad 0:cdf462088d13 148 target_link_libraries(mbedx509 ${libs} mbedcrypto)
markrad 0:cdf462088d13 149
markrad 0:cdf462088d13 150 add_library(mbedtls SHARED ${src_tls})
Jasper Wallace 1:9ebc941037d5 151 set_target_properties(mbedtls PROPERTIES VERSION 2.4.2 SOVERSION 10)
markrad 0:cdf462088d13 152 target_link_libraries(mbedtls ${libs} mbedx509)
markrad 0:cdf462088d13 153
markrad 0:cdf462088d13 154 install(TARGETS mbedtls mbedx509 mbedcrypto
markrad 0:cdf462088d13 155 DESTINATION ${LIB_INSTALL_DIR}
markrad 0:cdf462088d13 156 PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
markrad 0:cdf462088d13 157 endif(USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 158
markrad 0:cdf462088d13 159 add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
markrad 0:cdf462088d13 160 if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
markrad 0:cdf462088d13 161 add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
markrad 0:cdf462088d13 162 endif()