diff options
Diffstat (limited to 'drivers/auth/mbedtls/mbedtls_common.mk')
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.mk | 88 |
1 files changed, 76 insertions, 12 deletions
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index a5d19e6a..71c496ed 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -13,22 +13,86 @@ ifeq (${MBEDTLS_DIR},) $(error Error: MBEDTLS_DIR not set) endif -INCLUDES += -I${MBEDTLS_DIR}/include \ - -Iinclude/drivers/auth/mbedtls +MBEDTLS_INC = -I${MBEDTLS_DIR}/include +INCLUDES += -Iinclude/drivers/auth/mbedtls # Specify mbed TLS configuration file MBEDTLS_CONFIG_FILE := "<mbedtls_config.h>" $(eval $(call add_define,MBEDTLS_CONFIG_FILE)) -MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - asn1parse.c \ - asn1write.c \ - memory_buffer_alloc.c \ - oid.c \ - platform.c \ - platform_util.c \ - rsa_internal.c \ - ) +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c + + +LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ + asn1parse.c \ + asn1write.c \ + memory_buffer_alloc.c \ + oid.c \ + platform.c \ + platform_util.c \ + bignum.c \ + md.c \ + md_wrap.c \ + pk.c \ + pk_wrap.c \ + pkparse.c \ + pkwrite.c \ + sha256.c \ + sha512.c \ + ecdsa.c \ + ecp_curves.c \ + ecp.c \ + rsa.c \ + rsa_internal.c \ + x509.c \ + x509_crt.c \ + ) + +# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key +# algorithm to use. If the variable is not defined, select it based on algorithm +# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is +# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. +ifeq (${TF_MBEDTLS_KEY_ALG},) + ifeq (${KEY_ALG}, ecdsa) + TF_MBEDTLS_KEY_ALG := ecdsa + else + TF_MBEDTLS_KEY_ALG := rsa + endif +endif + +# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for +# backward compatibility +ifdef MBEDTLS_KEY_ALG + ifeq (${ERROR_DEPRECATED},1) + $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + endif + $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} +endif + +ifeq (${HASH_ALG}, sha384) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 +else ifeq (${HASH_ALG}, sha512) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 +else + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 +endif + +ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA +else + $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") +endif + +# Needs to be set to drive mbed TLS configuration correctly +$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) +$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) + + +$(eval $(call MAKE_LIB,mbedtls)) endif |