d259e347e6
This change enables automatic detection and consumption of Mbed TLS library targets from within other CMake projects. By generating an `MbedTLSConfig.cmake` file, consuming projects receive a more complete view of these targets, allowing them to be used as dependencies which properly inherit the transitive dependencies of the libraries. This is fairly fragile, as it seems Mbed TLS's libraries do not appear to properly model their dependencies on other targets, including third-party dependencies. It is, however, sufficient for building and linking the compiled Mbed TLS libraries when there are no third-party dependencies involved. Further work is needed for more complex use-cases, but this will likely meet the needs of most projects. Resolves #298. Probably useful for #2857. Signed-off-by: Chris Kay <chris.kay@arm.com> |
||
|---|---|---|
| .. | ||
| include/everest | ||
| library | ||
| .gitignore | ||
| CMakeLists.txt | ||
| Makefile.inc | ||
| README.md | ||
The files in this directory stem from Project Everest and are distributed under the Apache 2.0 license.
This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) original implementation in the F* language by KreMLin. In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS.
The caveat is that not all platforms are supported, although the version in everest/library/legacy should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently x86 and x86_64 using gcc or clang, and Visual C (2010 and later).