• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#
2# Copyright (c) 2015-2020, Arm Limited. All rights reserved.
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6
7ifneq (${MBEDTLS_COMMON_MK},1)
8MBEDTLS_COMMON_MK	:=	1
9
10# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain
11# the 'include' and 'library' subdirectories).
12ifeq (${MBEDTLS_DIR},)
13  $(error Error: MBEDTLS_DIR not set)
14endif
15
16MBEDTLS_INC		=	-I${MBEDTLS_DIR}/include
17
18# Specify mbed TLS configuration file
19MBEDTLS_CONFIG_FILE	:=	"<drivers/auth/mbedtls/mbedtls_config.h>"
20$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
21
22MBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
23
24
25LIBMBEDTLS_SRCS		:= $(addprefix ${MBEDTLS_DIR}/library/,	\
26					aes.c 					\
27					asn1parse.c 				\
28					asn1write.c 				\
29					cipher.c 				\
30					cipher_wrap.c 				\
31					memory_buffer_alloc.c			\
32					oid.c 					\
33					platform.c 				\
34					platform_util.c				\
35					bignum.c				\
36					gcm.c 					\
37					md.c					\
38					pk.c 					\
39					pk_wrap.c 				\
40					pkparse.c 				\
41					pkwrite.c 				\
42					sha256.c            			\
43					sha512.c            			\
44					ecdsa.c					\
45					ecp_curves.c				\
46					ecp.c					\
47					rsa.c					\
48					rsa_internal.c				\
49					x509.c 					\
50					x509_crt.c 				\
51					)
52
53# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
54# algorithm to use. If the variable is not defined, select it based on
55# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
56# then it is set to `rsa`.
57ifeq (${TF_MBEDTLS_KEY_ALG},)
58    ifeq (${KEY_ALG}, ecdsa)
59        TF_MBEDTLS_KEY_ALG		:=	ecdsa
60    else
61        TF_MBEDTLS_KEY_ALG		:=	rsa
62    endif
63endif
64
65ifeq (${TF_MBEDTLS_KEY_SIZE},)
66    ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),)
67	ifeq (${KEY_SIZE},)
68            TF_MBEDTLS_KEY_SIZE		:=	2048
69	else
70            TF_MBEDTLS_KEY_SIZE		:=	${KEY_SIZE}
71	endif
72    endif
73endif
74
75ifeq (${HASH_ALG}, sha384)
76    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
77else ifeq (${HASH_ALG}, sha512)
78    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
79else
80    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
81endif
82
83ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
84    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
85else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
86    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
87else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
88    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
89else
90    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
91endif
92
93ifeq (${DECRYPTION_SUPPORT}, aes_gcm)
94    TF_MBEDTLS_USE_AES_GCM	:=	1
95else
96    TF_MBEDTLS_USE_AES_GCM	:=	0
97endif
98
99# Needs to be set to drive mbed TLS configuration correctly
100$(eval $(call add_defines,\
101    $(sort \
102        TF_MBEDTLS_KEY_ALG_ID \
103        TF_MBEDTLS_KEY_SIZE \
104        TF_MBEDTLS_HASH_ALG_ID \
105        TF_MBEDTLS_USE_AES_GCM \
106)))
107
108$(eval $(call MAKE_LIB,mbedtls))
109
110endif
111