Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Mbed TLS Support #822

Merged
merged 1 commit into from
Apr 1, 2023
Merged

Add Mbed TLS Support #822

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions .github/workflows/build-mbedtls.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Build with Mbed TLS
on:
push:
branches:
- master
pull_request:
jobs:
build-linux:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Homebrew
uses: Homebrew/actions/setup-homebrew@master
- name: Install Mbed TLS
run: brew update && brew install mbedtls
- name: submodules
run: git submodule update --init --recursive --depth 1
- name: cmake
run: cmake -B build -DUSE_MBEDTLS=1 -DWARNINGS_AS_ERRORS=1 -DCMAKE_PREFIX_PATH=$(brew --prefix mbedtls)
- name: make
run: (cd build; make -j2)
- name: test
run: ./build/tests
build-macos:
runs-on: macos-latest
steps:
- uses: actions/checkout@v2
- name: Install Mbed TLS
run: brew update && brew install mbedtls
- name: submodules
run: git submodule update --init --recursive --depth 1
- name: cmake
run: cmake -B build -DUSE_MBEDTLS=1 -DWARNINGS_AS_ERRORS=1 -DENABLE_LOCAL_ADDRESS_TRANSLATION=1 -DCMAKE_PREFIX_PATH=$(brew --prefix mbedtls)
- name: make
run: (cd build; make -j2)
- name: test
run: ./build/tests
20 changes: 19 additions & 1 deletion CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ project(libdatachannel
set(PROJECT_DESCRIPTION "C/C++ WebRTC network library featuring Data Channels, Media Transport, and WebSockets")

# Options
option(USE_MBEDTLS "Use Mbed TLS instead of OpenSSL" OFF)
option(USE_GNUTLS "Use GnuTLS instead of OpenSSL" OFF)
option(USE_NICE "Use libnice instead of libjuice" OFF)
option(PREFER_SYSTEM_LIB "Prefer system libraries over deps folder" OFF)
Expand All @@ -21,12 +22,22 @@ option(WARNINGS_AS_ERRORS "Treat warnings as errors" OFF)
option(CAPI_STDCALL "Set calling convention of C API callbacks stdcall" OFF)
option(SCTP_DEBUG "Enable SCTP debugging output to verbose log" OFF)

if (USE_MBEDTLS AND USE_GNUTLS)
message(FATAL_ERROR "Both USE_MBEDTLS and USE_GNUTLS can not be enabled at the same time")
endif()


if(USE_GNUTLS)
option(USE_NETTLE "Use Nettle in libjuice" ON)
else()
option(USE_NETTLE "Use Nettle in libjuice" OFF)

if(NOT USE_SYSTEM_SRTP)
option(ENABLE_OPENSSL "Enable OpenSSL crypto engine for SRTP" ON)
if (USE_MBEDTLS)
option(ENABLE_MBEDTLS "Enable Mbed TLS crypto engine for SRTP" ON)
else()
option(ENABLE_OPENSSL "Enable OpenSSL crypto engine for SRTP" ON)
endif()
endif()
endif()

Expand Down Expand Up @@ -337,6 +348,13 @@ if (USE_GNUTLS)
target_link_libraries(datachannel PRIVATE Nettle::Nettle)
target_link_libraries(datachannel-static PRIVATE Nettle::Nettle)
endif()
elseif(USE_MBEDTLS)
find_package(MbedTLS 3 REQUIRED)

target_compile_definitions(datachannel PRIVATE USE_MBEDTLS)
target_compile_definitions(datachannel-static PRIVATE USE_MBEDTLS)
target_link_libraries(datachannel PRIVATE MbedTLS::MbedTLS)
target_link_libraries(datachannel-static PRIVATE MbedTLS::MbedTLS)
else()
if(APPLE)
# This is a bug in CMake that causes it to prefer the system version over
Expand Down
214 changes: 214 additions & 0 deletions cmake/Modules/FindMbedTLS.cmake
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,214 @@
#[=======================================================================[.rst
FindMbedTLS
-----------

FindModule for MbedTLS and associated libraries

Components
^^^^^^^^^^

This module contains provides several components:

``MbedCrypto``
``MbedTLS``
``MbedX509``

Import targets exist for each component.

Imported Targets
^^^^^^^^^^^^^^^^

This module defines the :prop_tgt:`IMPORTED` targets:

``MbedTLS::MbedCrypto``
Crypto component

``MbedTLS::MbedTLS``
TLS component

``MbedTLS::MbedX509``
X509 component

Result Variables
^^^^^^^^^^^^^^^^

This module sets the following variables:

``MbedTLS_FOUND``
True, if all required components and the core library were found.
``MbedTLS_VERSION``
Detected version of found MbedTLS libraries.

``MbedTLS_<COMPONENT>_VERSION``
Detected version of found MbedTLS component library.

Cache variables
^^^^^^^^^^^^^^^

The following cache variables may also be set:

``MbedTLS_<COMPONENT>_LIBRARY``
Path to the library component of MbedTLS.
``MbedTLS_<COMPONENT>_INCLUDE_DIR``
Directory containing ``<COMPONENT>.h``.

Distributed under the MIT License, see accompanying LICENSE file or
https://github.com/PatTheMav/cmake-finders/blob/master/LICENSE for details.
(c) 2023 Patrick Heyer

#]=======================================================================]

# cmake-format: off
# cmake-lint: disable=C0103
# cmake-lint: disable=C0301
# cmake-lint: disable=C0307
# cmake-format: on

include(FindPackageHandleStandardArgs)

find_package(PkgConfig QUIET)
if(PKG_CONFIG_FOUND)
pkg_check_modules(PC_MbedTLS QUIET mbedtls mbedcrypto mbedx509)
endif()

# MbedTLS_set_soname: Set SONAME on imported library targets
macro(MbedTLS_set_soname component)
if(CMAKE_HOST_SYSTEM_NAME MATCHES "Darwin")
execute_process(
COMMAND sh -c "otool -D '${Mbed${component}_LIBRARY}' | grep -v '${Mbed${component}_LIBRARY}'"
OUTPUT_VARIABLE _output
RESULT_VARIABLE _result)

if(_result EQUAL 0 AND _output MATCHES "^@rpath/")
set_property(TARGET MbedTLS::Mbed${component} PROPERTY IMPORTED_SONAME "${_output}")
endif()
elseif(CMAKE_HOST_SYSTEM_NAME MATCHES "Linux|FreeBSD")
execute_process(
COMMAND sh -c "objdump -p '${Mbed${component}_LIBRARY}' | grep SONAME"
OUTPUT_VARIABLE _output
RESULT_VARIABLE _result)

if(_result EQUAL 0)
string(REGEX REPLACE "[ \t]+SONAME[ \t]+([^ \t]+)" "\\1" _soname "${_output}")
set_property(TARGET MbedTLS::Mbed${component} PROPERTY IMPORTED_SONAME "${_soname}")
unset(_soname)
endif()
endif()
unset(_output)
unset(_result)
endmacro()

find_path(
MbedTLS_INCLUDE_DIR
NAMES mbedtls/ssl.h
HINTS "${PC_MbedTLS_INCLUDE_DIRS}"
PATHS /usr/include /usr/local/include
DOC "MbedTLS include directory")

if(PC_MbedTLS_VERSION VERSION_GREATER 0)
set(MbedTLS_VERSION ${PC_MbedTLS_VERSION})
elseif(EXISTS "${MbedTLS_INCLUDE_DIR}/mbedtls/build_info.h")
file(STRINGS "${MbedTLS_INCLUDE_DIR}/mbedtls/build_info.h" _VERSION_STRING
REGEX "#define[ \t]+MBEDTLS_VERSION_STRING[ \t]+.+")
string(REGEX REPLACE ".*#define[ \t]+MBEDTLS_VERSION_STRING[ \t]+\"(.+)\".*" "\\1" MbedTLS_VERSION
"${_VERSION_STRING}")
else()
if(NOT MbedTLS_FIND_QUIETLY)
message(AUTHOR_WARNING "Failed to find MbedTLS version.")
endif()
set(MbedTLS_VERSION 0.0.0)
endif()

find_library(
MbedTLS_LIBRARY
NAMES libmbedtls mbedtls
HINTS "${PC_MbedTLS_LIBRARY_DIRS}"
PATHS /usr/lib /usr/local/lib
DOC "MbedTLS location")

find_library(
MbedCrypto_LIBRARY
NAMES libmbedcrypto mbedcrypto
HINTS "${PC_MbedTLS_LIBRARY_DIRS}"
PATHS /usr/lib /usr/local/lib
DOC "MbedCrypto location")

find_library(
MbedX509_LIBRARY
NAMES libmbedx509 mbedx509
HINTS "${PC_MbedTLS_LIBRARY_DIRS}"
PATHS /usr/lib /usr/local/lib
DOC "MbedX509 location")

if(MbedTLS_LIBRARY
AND NOT MbedCrypto_LIBRARY
AND NOT MbedX509_LIBRARY)
set(CMAKE_REQUIRED_LIBRARIES "${MbedTLS_LIBRARY}")
set(CMAKE_REQUIRED_INCLUDES "${MbedTLS_INCLUDE_DIR}")

check_symbol_exists(mbedtls_x509_crt_init "mbedtls/x590_crt.h" MbedTLS_INCLUDES_X509)
check_symbol_exists(mbedtls_sha256_init "mbedtls/sha256.h" MbedTLS_INCLUDES_CRYPTO)
unset(CMAKE_REQUIRED_LIBRARIES)
unset(CMAKE_REQUIRED_INCLUDES)
endif()

if(CMAKE_HOST_SYSTEM_NAME MATCHES "Darwin|Windows")
set(MbedTLS_ERROR_REASON "Ensure that an MbedTLS distribution is provided as part of CMAKE_PREFIX_PATH.")
elseif(CMAKE_HOST_SYSTEM_NAME MATCHES "Linux|FreeBSD")
set(MbedTLS_ERROR_REASON "Ensure that MbedTLS is installed on the system.")
endif()

if(MbedTLS_INCLUDES_X509 AND MbedTLS_INCLUDES_CRYPTO)
find_package_handle_standard_args(
MbedTLS
REQUIRED_VARS MbedTLS_LIBRARY MbedTLS_INCLUDE_DIR
VERSION_VAR MbedTLS_VERSION REASON_FAILURE_MESSAGE "${MbedTLS_ERROR_REASON}")
mark_as_advanced(MbedTLS_LIBRARY MbedTLS_INCLUDE_DIR)
list(APPEND _COMPONENTS TLS)
else()
find_package_handle_standard_args(
MbedTLS
REQUIRED_VARS MbedTLS_LIBRARY MbedCrypto_LIBRARY MbedX509_LIBRARY MbedTLS_INCLUDE_DIR
VERSION_VAR MbedTLS_VERSION REASON_FAILURE_MESSAGE "${MbedTLS_ERROR_REASON}")
Sean-Der marked this conversation as resolved.
Show resolved Hide resolved
mark_as_advanced(MbedTLS_LIBRARY MbedCrypto_LIBRARY MbedX509_LIBRARY MbedTLS_INCLUDE_DIR)
list(APPEND _COMPONENTS TLS Crypto X509)
endif()
unset(MbedTLS_ERROR_REASON)
Sean-Der marked this conversation as resolved.
Show resolved Hide resolved

if(MbedTLS_FOUND)
foreach(component IN LISTS _COMPONENTS)
if(NOT TARGET MbedTLS::Mbed${component})
if(IS_ABSOLUTE "${Mbed${component}_LIBRARY}")
add_library(MbedTLS::Mbed${component} UNKNOWN IMPORTED)
set_property(TARGET MbedTLS::Mbed${component} PROPERTY IMPORTED_LOCATION "${Mbed${component}_LIBRARY}")
else()
add_library(MbedTLS::Mbed${component} INTERFACE IMPORTED)
set_property(TARGET MbedTLS::Mbed${component} PROPERTY IMPORTED_LIBNAME "${Mbed${component}_LIBRARY}")
endif()

mbedtls_set_soname(${component})
set_target_properties(
MbedTLS::MbedTLS
PROPERTIES INTERFACE_COMPILE_OPTIONS "${PC_MbedTLS_CFLAGS_OTHER}"
INTERFACE_INCLUDE_DIRECTORIES "${MbedTLS_INCLUDE_DIR}"
VERSION ${MbedTLS_VERSION})
endif()
endforeach()

if(MbedTLS_INCLUDES_X509 AND MbedTLS_INCLUDES_CRYPTO)
set(MbedTLS_LIBRARIES ${MbedTLS_LIBRARY})
set(MBEDTLS_INCLUDE_DIRS ${MbedTLS_INCLUDE_DIR})
else()
set(MbedTLS_LIBRARIES ${MbedTLS_LIBRARY} ${MbedCrypto_LIBRARY} ${MbedX509_LIBRARY})
set_property(TARGET MbedTLS::MbedTLS PROPERTY INTERFACE_LINK_LIBRARIES MbedTLS::MbedCrypto MbedTLS::MbedX509)
set(MBEDTLS_INCLUDE_DIRS ${MbedTLS_INCLUDE_DIR})
endif()
endif()

include(FeatureSummary)
set_package_properties(
MbedTLS PROPERTIES
URL "https://www.trustedfirmware.org/projects/mbed-tls"
DESCRIPTION
"A C library implementing cryptographic primitives, X.509 certificate manipulation, and the SSL/TLS and DTLS protocols."
)
Loading