xref: /rk3399_ARM-atf/drivers/auth/mbedtls/mbedtls_common.mk (revision 0379b0b945870561ed69e2e6fdf84901ca694615) 
17d37aa17SJuan Castillo#
2f7c5ec1eSlaurenw-arm# Copyright (c) 2015-2024, Arm Limited. All rights reserved.
37d37aa17SJuan Castillo#
482cb2c1aSdp-arm# SPDX-License-Identifier: BSD-3-Clause
57d37aa17SJuan Castillo#
67d37aa17SJuan Castillo
77d37aa17SJuan Castilloifneq (${MBEDTLS_COMMON_MK},1)
87d37aa17SJuan CastilloMBEDTLS_COMMON_MK	:=	1
97d37aa17SJuan Castillo
107d37aa17SJuan Castillo# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain
117d37aa17SJuan Castillo# the 'include' and 'library' subdirectories).
127d37aa17SJuan Castilloifeq (${MBEDTLS_DIR},)
137d37aa17SJuan Castillo  $(error Error: MBEDTLS_DIR not set)
147d37aa17SJuan Castilloendif
157d37aa17SJuan Castillo
16ea7a57a3SRoberto VargasMBEDTLS_INC		=	-I${MBEDTLS_DIR}/include
177d37aa17SJuan Castillo
1851e06159SGovindraj RajaMBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
1951e06159SGovindraj RajaMBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
2051e06159SGovindraj Raja$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}])
2151e06159SGovindraj Raja
22f7c5ec1eSlaurenw-armifneq (${MBEDTLS_MAJOR}, 3)
23f7c5ec1eSlaurenw-arm  $(error Error: TF-A only supports MbedTLS versions > 3.x)
24f7c5ec1eSlaurenw-armendif
25f7c5ec1eSlaurenw-arm
267d37aa17SJuan Castillo# Specify mbed TLS configuration file
275782b890SManish V Badarkheifeq (${PSA_CRYPTO},1)
28640ba634SRyan Everett  MBEDTLS_CONFIG_FILE    ?=    "<drivers/auth/mbedtls/default_psa_mbedtls_config.h>"
295782b890SManish V Badarkheelse
30640ba634SRyan Everett  MBEDTLS_CONFIG_FILE    ?=    "<drivers/auth/mbedtls/default_mbedtls_config.h>"
3151e06159SGovindraj Rajaendif
3251e06159SGovindraj Raja
33649dbf6fSJuan Castillo$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
347d37aa17SJuan Castillo
35180c4bc2SRoberto VargasMBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
36180c4bc2SRoberto Vargas
373be9c276SMate Toth-PalLIBMBEDTLS_SRCS		+= $(addprefix ${MBEDTLS_DIR}/library/,		\
387cda17bbSSumit Garg					aes.c 				\
397d37aa17SJuan Castillo					asn1parse.c 			\
407d37aa17SJuan Castillo					asn1write.c 			\
417cda17bbSSumit Garg					cipher.c 			\
427cda17bbSSumit Garg					cipher_wrap.c 			\
4351e06159SGovindraj Raja					constant_time.c			\
447d37aa17SJuan Castillo					memory_buffer_alloc.c		\
457d37aa17SJuan Castillo					oid.c 				\
467d37aa17SJuan Castillo					platform.c 			\
47d25b527cSJeenu Viswambharan					platform_util.c			\
48180c4bc2SRoberto Vargas					bignum.c			\
49f7c5ec1eSlaurenw-arm					bignum_core.c			\
507cda17bbSSumit Garg					gcm.c 				\
51180c4bc2SRoberto Vargas					md.c				\
52180c4bc2SRoberto Vargas					pk.c 				\
5355aed7d7SJimmy Brisson					pk_ecc.c 			\
54180c4bc2SRoberto Vargas					pk_wrap.c 			\
55180c4bc2SRoberto Vargas					pkparse.c 			\
56180c4bc2SRoberto Vargas					pkwrite.c 			\
57180c4bc2SRoberto Vargas					sha256.c            		\
58180c4bc2SRoberto Vargas					sha512.c            		\
59180c4bc2SRoberto Vargas					ecdsa.c				\
60180c4bc2SRoberto Vargas					ecp_curves.c			\
61180c4bc2SRoberto Vargas					ecp.c				\
62180c4bc2SRoberto Vargas					rsa.c				\
63f7c5ec1eSlaurenw-arm					rsa_alt_helpers.c		\
64180c4bc2SRoberto Vargas					x509.c 				\
65180c4bc2SRoberto Vargas					x509_crt.c 			\
667d37aa17SJuan Castillo					)
677d37aa17SJuan Castillo
685782b890SManish V Badarkheifeq (${PSA_CRYPTO},1)
695782b890SManish V BadarkheLIBMBEDTLS_SRCS         += $(addprefix ${MBEDTLS_DIR}/library/,    	\
705782b890SManish V Badarkhe					psa_crypto.c                   	\
715782b890SManish V Badarkhe					psa_crypto_client.c            	\
725782b890SManish V Badarkhe					psa_crypto_hash.c              	\
735782b890SManish V Badarkhe					psa_crypto_rsa.c               	\
745782b890SManish V Badarkhe					psa_crypto_ecp.c               	\
755782b890SManish V Badarkhe					psa_crypto_slot_management.c   	\
767079ddf9SRyan Everett					psa_crypto_aead.c               \
777079ddf9SRyan Everett					psa_crypto_cipher.c             \
7855aed7d7SJimmy Brisson					psa_util.c			\
795782b890SManish V Badarkhe					)
805782b890SManish V Badarkheendif
815782b890SManish V Badarkhe
82*24d6ed9fSLauren Wehrmeister# This is a temporary workaround due to changes in the locations of helper
83*24d6ed9fSLauren Wehrmeister# function declarations in Mbed-TLS version 3.6.4
84*24d6ed9fSLauren Wehrmeister# TODO: remove this once the related Mbedt-TLS issue is resolved
85*24d6ed9fSLauren WehrmeisterLIBMBEDTLS_CFLAGS	+=	-Wno-error=redundant-decls
86*24d6ed9fSLauren Wehrmeister
87180c4bc2SRoberto Vargas# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
886a415a50SJustin Chadwell# algorithm to use. If the variable is not defined, select it based on
896a415a50SJustin Chadwell# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
906a415a50SJustin Chadwell# then it is set to `rsa`.
91180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},)
92180c4bc2SRoberto Vargas    ifeq (${KEY_ALG}, ecdsa)
93180c4bc2SRoberto Vargas        TF_MBEDTLS_KEY_ALG		:=	ecdsa
94180c4bc2SRoberto Vargas    else
95180c4bc2SRoberto Vargas        TF_MBEDTLS_KEY_ALG		:=	rsa
96180c4bc2SRoberto Vargas    endif
97180c4bc2SRoberto Vargasendif
98180c4bc2SRoberto Vargas
99aacff749SJustin Chadwellifeq (${TF_MBEDTLS_KEY_SIZE},)
100aacff749SJustin Chadwell    ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),)
101aacff749SJustin Chadwell        ifeq (${KEY_SIZE},)
102aacff749SJustin Chadwell            TF_MBEDTLS_KEY_SIZE		:=	2048
103557f7d80Slaurenw-arm        else ifneq ($(filter $(KEY_SIZE), 1024 2048 3072 4096),)
104aacff749SJustin Chadwell            TF_MBEDTLS_KEY_SIZE		:=	${KEY_SIZE}
105557f7d80Slaurenw-arm        else
106557f7d80Slaurenw-arm            $(error "Invalid value for KEY_SIZE: ${KEY_SIZE}")
107557f7d80Slaurenw-arm        endif
108557f7d80Slaurenw-arm    else ifneq ($(findstring ecdsa,${TF_MBEDTLS_KEY_ALG}),)
109557f7d80Slaurenw-arm        ifeq (${KEY_SIZE},)
110557f7d80Slaurenw-arm            TF_MBEDTLS_KEY_SIZE		:=	256
111557f7d80Slaurenw-arm        else ifneq ($(filter $(KEY_SIZE), 256 384),)
112557f7d80Slaurenw-arm            TF_MBEDTLS_KEY_SIZE		:=	${KEY_SIZE}
113557f7d80Slaurenw-arm        else
114557f7d80Slaurenw-arm            $(error "Invalid value for KEY_SIZE: ${KEY_SIZE}")
115aacff749SJustin Chadwell        endif
116aacff749SJustin Chadwell    endif
117aacff749SJustin Chadwellendif
118aacff749SJustin Chadwell
119180c4bc2SRoberto Vargasifeq (${HASH_ALG}, sha384)
120180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
121180c4bc2SRoberto Vargaselse ifeq (${HASH_ALG}, sha512)
122180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
123180c4bc2SRoberto Vargaselse
124180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
125180c4bc2SRoberto Vargasendif
126180c4bc2SRoberto Vargas
12748ee4995SJimmy Brissonifeq (${MBOOT_EL_HASH_ALG}, sha256)
12848ee4995SJimmy Brisson    $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA256))
12948ee4995SJimmy Brissonelse ifeq (${MBOOT_EL_HASH_ALG}, sha384)
13048ee4995SJimmy Brisson    $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA384))
13148ee4995SJimmy Brissonelse ifeq (${MBOOT_EL_HASH_ALG}, sha512)
13248ee4995SJimmy Brisson    $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512))
13348ee4995SJimmy Brissonendif
13448ee4995SJimmy Brisson
135180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
136180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
137180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
138180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
139180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
140180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
141180c4bc2SRoberto Vargaselse
142180c4bc2SRoberto Vargas    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
143180c4bc2SRoberto Vargasendif
144180c4bc2SRoberto Vargas
1457cda17bbSSumit Gargifeq (${DECRYPTION_SUPPORT}, aes_gcm)
1467cda17bbSSumit Garg    TF_MBEDTLS_USE_AES_GCM	:=	1
1477cda17bbSSumit Gargelse
1487cda17bbSSumit Garg    TF_MBEDTLS_USE_AES_GCM	:=	0
1497cda17bbSSumit Gargendif
1507cda17bbSSumit Garg
151180c4bc2SRoberto Vargas# Needs to be set to drive mbed TLS configuration correctly
152327131c4SLeonardo Sandoval$(eval $(call add_defines,\
153327131c4SLeonardo Sandoval    $(sort \
154327131c4SLeonardo Sandoval        TF_MBEDTLS_KEY_ALG_ID \
155327131c4SLeonardo Sandoval        TF_MBEDTLS_KEY_SIZE \
156327131c4SLeonardo Sandoval        TF_MBEDTLS_HASH_ALG_ID \
157327131c4SLeonardo Sandoval        TF_MBEDTLS_USE_AES_GCM \
158327131c4SLeonardo Sandoval)))
159180c4bc2SRoberto Vargas
160180c4bc2SRoberto Vargas$(eval $(call MAKE_LIB,mbedtls))
161180c4bc2SRoberto Vargas
1627d37aa17SJuan Castilloendif
163