• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#
2# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6
7include drivers/auth/mbedtls/mbedtls_common.mk
8
9# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
10# algorithm to use. If the variable is not defined, select it based on algorithm
11# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
12# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
13ifeq (${TF_MBEDTLS_KEY_ALG},)
14    ifeq (${KEY_ALG}, ecdsa)
15        TF_MBEDTLS_KEY_ALG		:=	ecdsa
16    else
17        TF_MBEDTLS_KEY_ALG		:=	rsa
18    endif
19endif
20
21# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
22# backward compatibility
23ifdef MBEDTLS_KEY_ALG
24    ifeq (${ERROR_DEPRECATED},1)
25        $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
26    endif
27    $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
28    TF_MBEDTLS_KEY_ALG	:= ${MBEDTLS_KEY_ALG}
29endif
30
31MBEDTLS_CRYPTO_SOURCES		:=	drivers/auth/mbedtls/mbedtls_crypto.c	\
32					$(addprefix ${MBEDTLS_DIR}/library/,	\
33					bignum.c				\
34					md.c					\
35					md_wrap.c				\
36					pk.c 					\
37					pk_wrap.c 				\
38					pkparse.c 				\
39					pkwrite.c 				\
40					sha256.c				\
41					)
42
43# Key algorithm specific files
44MBEDTLS_ECDSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
45					ecdsa.c					\
46					ecp_curves.c				\
47					ecp.c					\
48					)
49
50MBEDTLS_RSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
51					rsa.c					\
52					)
53
54ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
55    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
56    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
57else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
58    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
59    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
60else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
61    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
62    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
63    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
64else
65    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
66endif
67
68# Needs to be set to drive mbed TLS configuration correctly
69$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
70
71BL1_SOURCES			+=	${MBEDTLS_CRYPTO_SOURCES}
72BL2_SOURCES			+=	${MBEDTLS_CRYPTO_SOURCES}
73