build: drop configuring external mbedtls

billatarm · tgonzalezorlandoarm · commit 7695a58a0a27 · 2024-02-02T10:53:30.000Z
This also fixes a possible header mismatch, as the interface feature was
wanting an external mbedtls header file to build against, but would
generate the bindings and compile the shim library against the local
vendored mbedtls. On an ABI change, things would have been broken.

To fix this, and not require the vendored package, use the externally
supplied mbedtls found through the env var or pkg-config.

Signed-off-by: Bill Roberts &lt;bill.roberts@arm.com&gt;
diff --git a/psa-crypto-sys/build.rs b/psa-crypto-sys/build.rs
@@ -64,7 +64,7 @@ mod common {
 
     use std::env;
     use std::io::{Error, ErrorKind, Result};
-    use std::path::{Path, PathBuf};
+    use std::path::PathBuf;
 
     #[cfg(any(feature = "prefix", feature = "operations"))]
     pub fn get_external_mbedtls() -> Option<Result<(String, String)>> {
@@ -133,41 +133,6 @@ mod common {
         ))
     }
 
-    pub fn configure_mbed_crypto() -> Result<()> {
-        let mbedtls_dir = String::from("./vendor");
-        let mbedtls_config = mbedtls_dir + "/scripts/config.py";
-
-        println!("cargo:rerun-if-changed=src/c/shim.c");
-        println!("cargo:rerun-if-changed=src/c/shim.h");
-
-        let out_dir = env::var("OUT_DIR").unwrap();
-
-        //  Check for Mbed TLS sources
-        if !Path::new(&mbedtls_config).exists() {
-            return Err(Error::new(
-                ErrorKind::Other,
-                "MbedTLS config.py is missing. Have you run 'git submodule update --init'?",
-            ));
-        }
-
-        // Configure the MbedTLS build for making Mbed Crypto
-        if !::std::process::Command::new(mbedtls_config)
-            .arg("--write")
-            .arg(&(out_dir + "/" + CONFIG_FILE))
-            .arg("crypto")
-            .status()
-            .map_err(|_| Error::new(ErrorKind::Other, "configuring mbedtls failed"))?
-            .success()
-        {
-            return Err(Error::new(
-                ErrorKind::Other,
-                "config.py returned an error status",
-            ));
-        }
-
-        Ok(())
-    }
-
     #[cfg(feature = "prefix")]
     // Cargo provides the crate version from Cargo.toml in the environment.
     const VERSION: &str = env!("CARGO_PKG_VERSION");
@@ -282,10 +247,8 @@ mod interface {
     pub fn script_interface() -> Result<()> {
         let include_dir = common::get_external_mbedtls_include_only()?;
 
-        // TODO: Does interface need the vendored mbedtls?
-        common::configure_mbed_crypto()?;
-        common::generate_mbed_crypto_bindings(include_dir.clone(), false)?;
-        let _ = common::compile_shim_library(include_dir, true, false)?;
+        common::generate_mbed_crypto_bindings(include_dir.clone(), true)?;
+        let _ = common::compile_shim_library(include_dir, true, true)?;
         Ok(())
     }
 }
@@ -297,12 +260,47 @@ mod operations {
     use super::common::prefix;
     use cmake::Config;
     use std::env;
-    use std::io::Result;
     #[cfg(feature = "prefix")]
     use std::io::Write;
-    use std::path::PathBuf;
+    use std::io::{Error, ErrorKind, Result};
+    use std::path::{Path, PathBuf};
     use walkdir::WalkDir;
 
+    pub fn configure_mbed_crypto() -> Result<()> {
+        let mbedtls_dir = String::from("./vendor");
+        let mbedtls_config = mbedtls_dir + "/scripts/config.py";
+
+        println!("cargo:rerun-if-changed=src/c/shim.c");
+        println!("cargo:rerun-if-changed=src/c/shim.h");
+
+        let out_dir = env::var("OUT_DIR").unwrap();
+
+        //  Check for Mbed TLS sources
+        if !Path::new(&mbedtls_config).exists() {
+            return Err(Error::new(
+                ErrorKind::Other,
+                "MbedTLS config.py is missing. Have you run 'git submodule update --init'?",
+            ));
+        }
+
+        // Configure the MbedTLS build for making Mbed Crypto
+        if !::std::process::Command::new(mbedtls_config)
+            .arg("--write")
+            .arg(&(out_dir + "/" + common::CONFIG_FILE))
+            .arg("crypto")
+            .status()
+            .map_err(|_| Error::new(ErrorKind::Other, "configuring mbedtls failed"))?
+            .success()
+        {
+            return Err(Error::new(
+                ErrorKind::Other,
+                "config.py returned an error status",
+            ));
+        }
+
+        Ok(())
+    }
+
     fn compile_mbed_crypto() -> Result<PathBuf> {
         let mbedtls_dir = String::from("./vendor");
         let out_dir = env::var("OUT_DIR").unwrap();
@@ -360,7 +358,7 @@ mod operations {
             }
             None => {
                 println!("Did not find external MBEDTLS, building MbedTLS!");
-                common::configure_mbed_crypto()?;
+                configure_mbed_crypto()?;
                 let mut mbed_lib_dir = compile_mbed_crypto()?;
                 let mut mbed_include_dir = mbed_lib_dir.clone();
                 mbed_lib_dir.push("lib");
@@ -407,7 +405,7 @@ mod operations {
             }
             None => {
                 println!("Did not find environment variables, building MbedTLS!");
-                common::configure_mbed_crypto()?;
+                configure_mbed_crypto()?;
                 let mut mbed_lib_dir = compile_mbed_crypto()?;
                 let mut mbed_include_dir = mbed_lib_dir.clone();
                 mbed_lib_dir.push("lib");
