Merge pull request #762 from pabuhler/crypto_config

Change crypto config, use one option with a list of values

Author: pabuhler

.github/workflows/autotools.yml

@@ -18,11 +18,11 @@ jobs:
           - crypto: internal
             configure-crypto-enable: ""
           - crypto: openssl
-            configure-crypto-enable: "--enable-openssl"
+            configure-crypto-enable: "--with-crypto-library=openssl"
           - crypto: wolfssl
-            configure-crypto-enable: "--enable-wolfssl"
+            configure-crypto-enable: "--with-crypto-library=wolfssl"
           - crypto: nss
-            configure-crypto-enable: "--enable-nss"
+            configure-crypto-enable: "--with-crypto-library=nss"
 
     runs-on: ${{ matrix.os }}
 

.github/workflows/cmake.yml

@@ -32,15 +32,15 @@ jobs:
           - crypto: internal
             cmake-crypto-enable: ""
           - crypto: openssl
-            cmake-crypto-enable: "-DENABLE_OPENSSL=ON"
+            cmake-crypto-enable: "-DCRYPTO_LIBRARY=openssl"
           - crypto: openssl3
-            cmake-crypto-enable: "-DENABLE_OPENSSL=ON"
+            cmake-crypto-enable: "-DCRYPTO_LIBRARY=openssl"
           - crypto: wolfssl
-            cmake-crypto-enable: "-DENABLE_WOLFSSL=ON"
+            cmake-crypto-enable: "-DCRYPTO_LIBRARY=wolfssl"
           - crypto: nss
-            cmake-crypto-enable: "-DENABLE_NSS=ON"
+            cmake-crypto-enable: "-DCRYPTO_LIBRARY=nss"
           - crypto: mbedtls
-            cmake-crypto-enable: "-DENABLE_MBEDTLS=ON"
+            cmake-crypto-enable: "-DCRYPTO_LIBRARY=mbedtls"
 
     runs-on: ${{ matrix.os }}
 

CMakeLists.txt

@@ -85,49 +85,42 @@ endif()
 set(ENABLE_DEBUG_LOGGING OFF CACHE BOOL "Enable debug logging in all modules")
 set(ERR_REPORTING_STDOUT OFF CACHE BOOL "Enable logging to stdout")
 set(ERR_REPORTING_FILE "" CACHE FILEPATH "Use file for logging")
-set(ENABLE_OPENSSL OFF CACHE BOOL "Enable OpenSSL crypto engine")
-set(ENABLE_WOLFSSL OFF CACHE BOOL "Enable wolfSSL crypto engine")
-set(ENABLE_MBEDTLS OFF CACHE BOOL "Enable MbedTLS crypto engine")
-set(ENABLE_NSS OFF CACHE BOOL "Enable NSS crypto engine")
 
-if(ENABLE_OPENSSL OR ENABLE_WOLFSSL OR ENABLE_MBEDTLS OR ENABLE_NSS)
-  set(USE_EXTERNAL_CRYPTO TRUE)
-else()
-  set(USE_EXTERNAL_CRYPTO FALSE)
+set(CRYPTO_LIBRARY_VALUES "internal;openssl;wolfssl;mbedtls;nss")
+set(CRYPTO_LIBRARY "internal" CACHE STRING
+  "Crypto library used by libSRTP, can be one of: ${CRYPTO_LIBRARY_VALUES}")
+set_property(CACHE CRYPTO_LIBRARY PROPERTY STRINGS ${CRYPTO_LIBRARY_VALUES})
+if(NOT CRYPTO_LIBRARY IN_LIST CRYPTO_LIBRARY_VALUES)
+  message(FATAL_ERROR "Invalid value for CRYPTO_LIBRARY: ${CRYPTO_LIBRARY}. Allowed values are: ${CRYPTO_LIBRARY_VALUES}")
 endif()
+message(STATUS "Using crypto library: ${CRYPTO_LIBRARY}")
 
-if(ENABLE_OPENSSL)
-  if(ENABLE_WOLFSSL OR ENABLE_NSS OR ENABLE_MBEDTLS)
-    message(FATAL_ERROR "ssl conflict. can not enable openssl and wolfssl, mbedtls or nss simultaneously.")
-  endif()
+set(USE_EXTERNAL_CRYPTO TRUE)
+set(ENABLE_OPENSSL FALSE)
+set(ENABLE_WOLFSSL FALSE)
+set(ENABLE_MBEDTLS FALSE)
+set(ENABLE_NSS FALSE)
+
+if(CRYPTO_LIBRARY STREQUAL "internal")
+  set(USE_EXTERNAL_CRYPTO FALSE)
+elseif(CRYPTO_LIBRARY STREQUAL "openssl")
+  set(ENABLE_OPENSSL TRUE)
   find_package(OpenSSL REQUIRED)
   set(OPENSSL ${ENABLE_OPENSSL} CACHE BOOL INTERNAL)
   set(GCM ${ENABLE_OPENSSL} CACHE BOOL INTERNAL)
-endif()
-
-if(ENABLE_WOLFSSL)
-  if(ENABLE_OPENSSL OR ENABLE_NSS OR ENABLE_MBEDTLS)
-    message(FATAL_ERROR "ssl conflict. can not enable wolfssl and openssl, mbedtls or nss simultaneously.")
-  endif()
+elseif(CRYPTO_LIBRARY STREQUAL "wolfssl")
+  set(ENABLE_WOLFSSL TRUE)
   find_package(wolfSSL REQUIRED)
   set(WOLFSSL ${ENABLE_WOLFSSL} CACHE BOOL INTERNAL)
   set(WOLFSSL_KDF ${ENABLE_WOLFSSL} CACHE BOOL INTERNAL)
   set(GCM ${ENABLE_WOLFSSL} CACHE BOOL INTERNAL)
-endif()
-
-if(ENABLE_MBEDTLS)
-  if(ENABLE_OPENSSL OR ENABLE_WOLFSSL OR ENABLE_NSS)
-    message(FATAL_ERROR "ssl conflict. can not enable mbedtls and openssl, wolfssl or nss simultaneously.")
-  endif()
+elseif(CRYPTO_LIBRARY STREQUAL "mbedtls")
+  set(ENABLE_MBEDTLS TRUE)
   find_package(MbedTLS REQUIRED)
   set(MBEDTLS ${ENABLE_MBEDTLS} CACHE BOOL INTERNAL)
   set(GCM ${ENABLE_MBEDTLS} CACHE BOOL INTERNAL)
-endif()
-
-if(ENABLE_NSS)
-  if(ENABLE_OPENSSL OR ENABLE_WOLFSSL OR ENABLE_MBEDTLS)
-    message(FATAL_ERROR "ssl conflict. can not enable nss and openssl, wolfssl or mbedtls simultaneously.")
-  endif()
+elseif(CRYPTO_LIBRARY STREQUAL "nss")
+  set(ENABLE_NSS TRUE)
   find_package(NSS REQUIRED)
   set(NSS ${ENABLE_NSS} CACHE BOOL INTERNAL)
   set(GCM ${ENABLE_NSS} CACHE BOOL INTERNAL)