Supplemental Linux® From Scratch (Systemd Edition) - Versjon #e961

Kapittel 2. General Libraries

Mbed-TLS-3.6.4

Introduction to Mbed TLS

The Mbed TLS package provides TLS libraries and aims to flexible and portable.

Mbed TLS Dependencies

Required

CMake

Installation of Mbed TLS

Install Mbed TLS by running the following commands: 

mkdir build &&
cd    build &&

cmake -D CMAKE_INSTALL_PREFIX=/usr      \
      -D CMAKE_BUILD_TYPE=Release       \
      -D CMAKE_SKIP_RPATH=ON            \
      -D USE_SHARED_MBEDTLS_LIBRARY=ON  \
      -D USE_STATIC_MBEDTLS_LIBRARY=OFF \
      -D ENABLE_TESTING=OFF             \
      -G Ninja .. &&

ninja

Now, as the root user: 

DESTDIR=$PWD/DESTDIR ninja install &&
pushd DESTDIR/usr/bin &&
  for i in *; do
    mv -v {,mbedtls_}$i
  done
popd &&
cp -vR DESTDIR/usr/* /usr

Command Explanations

-D CMAKE_SKIP_INSTALL_RPATH=ON: Denne bryteren gjør at cmake fjerner hardkodede biblioteksøk stier (rpath) når du installerer en binær kjørbar fil eller et delt bibliotek. Denne pakken trenger ikke rpath når den er installert på standard plassering, og rpath kan noen ganger forårsake uønskede effekter eller til og med sikkerhetsproblemer.

-D USE_SHARED_MBEDTLS_LIBRARY=ON: This parameter ensures shared libraries are built.

-D USE_STATIC_MBEDTLS_LIBRARY=OFF: This parameter ensures the main libraries are not statically built.

-D ENABLE_TESTING=OFF: This parameter disables building tests that make the building process twice as long.

pushd DESTDIR/usr/bin ...: These commands rename the programs as to not conflict with those that may be installed by other programs.

Contents

Installed Programs: mbedtls_aead_demo, mbedtls_benchmark, mbedtls_cert_app, mbedtls_cert_req, mbedtls_cert_write, mbedtls_cipher_aead_demo, mbedtls_crl_app, mbedtls_crypt_and_hash, mbedtls_crypto_examples, mbedtls_dh_client, mbedtls_dh_genprime, mbedtls_dh_server, mbedtls_dtls_client, mbedtls_dtls_server, mbedtls_ecdh_curve25519, mbedtls_ecdsa, mbedtls_gen_entropy, mbedtls_generic_sum, mbedtls_gen_key, mbedtls_gen_random_ctr_drbg, mbedtls_hello, mbedtls_hmac_demo, mbedtls_key_app, mbedtls_key_app_writer, mbedtls_key_ladder_demo, mbedtls_key_ladder_demo.sh, mbedtls_load_roots, mbedtls_md_hmac_demo, mbedtls_metatest, mbedtls_mini_client, mbedtls_mpi_demo, mbedtls_pem2der, mbedtls_pk_decrypt, mbedtls_pk_encrypt, mbedtls_pk_sign, mbedtls_pk_verify, mbedtls_psa_constant_names, mbedtls_psa_hash, mbedtls_query_compile_time_config, mbedtls_query_included_headers, mbedtls_req_app, mbedtls_rsa_decrypt, mbedtls_rsa_encrypt, mbedtls_rsa_genkey, mbedtls_rsa_sign, mbedtls_rsa_sign_pss, mbedtls_rsa_verify, mbedtls_rsa_verify_pss, mbedtls_selftest, mbedtls_ssl_client1, mbedtls_ssl_client2, mbedtls_ssl_context_info, mbedtls_ssl_fork_server, mbedtls_ssl_mail_client, mbedtls_ssl_pthread_server, mbedtls_ssl_server, mbedtls_ssl_server2, mbedtls_strerror, mbedtls_udp_proxy, and mbedtls_zeroize
Installed Libraries: libeverest (static), libmbedcrypto, libmbedtls, libmbedx509, and libp256m (static)
Installed Directories: /usr/include/{everest,mbedtls,psa} and /usr/lib/cmake/MbedTLS

Short Descriptions

libmbedcrypto

handles cryptography functions that are needed by other parts of this package and other packages

libmbedtls

provides TLS functions

libmbedx509

is used by libmbedtls; it handles X.509 certificates that allow TLS and SSL to be possible