17d37aa17SJuan Castillo# 2d25b527cSJeenu Viswambharan# Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved. 37d37aa17SJuan Castillo# 482cb2c1aSdp-arm# SPDX-License-Identifier: BSD-3-Clause 57d37aa17SJuan Castillo# 67d37aa17SJuan Castillo 77d37aa17SJuan Castilloifneq (${MBEDTLS_COMMON_MK},1) 87d37aa17SJuan CastilloMBEDTLS_COMMON_MK := 1 97d37aa17SJuan Castillo 107d37aa17SJuan Castillo# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain 117d37aa17SJuan Castillo# the 'include' and 'library' subdirectories). 127d37aa17SJuan Castilloifeq (${MBEDTLS_DIR},) 137d37aa17SJuan Castillo $(error Error: MBEDTLS_DIR not set) 147d37aa17SJuan Castilloendif 157d37aa17SJuan Castillo 167d37aa17SJuan CastilloINCLUDES += -I${MBEDTLS_DIR}/include \ 177d37aa17SJuan Castillo -Iinclude/drivers/auth/mbedtls 187d37aa17SJuan Castillo 197d37aa17SJuan Castillo# Specify mbed TLS configuration file 20649dbf6fSJuan CastilloMBEDTLS_CONFIG_FILE := "<mbedtls_config.h>" 21649dbf6fSJuan Castillo$(eval $(call add_define,MBEDTLS_CONFIG_FILE)) 227d37aa17SJuan Castillo 23*180c4bc2SRoberto VargasMBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c 24*180c4bc2SRoberto Vargas 25*180c4bc2SRoberto Vargas 26*180c4bc2SRoberto VargasLIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ 277d37aa17SJuan Castillo asn1parse.c \ 287d37aa17SJuan Castillo asn1write.c \ 297d37aa17SJuan Castillo memory_buffer_alloc.c \ 307d37aa17SJuan Castillo oid.c \ 317d37aa17SJuan Castillo platform.c \ 32d25b527cSJeenu Viswambharan platform_util.c \ 33*180c4bc2SRoberto Vargas bignum.c \ 34*180c4bc2SRoberto Vargas md.c \ 35*180c4bc2SRoberto Vargas md_wrap.c \ 36*180c4bc2SRoberto Vargas pk.c \ 37*180c4bc2SRoberto Vargas pk_wrap.c \ 38*180c4bc2SRoberto Vargas pkparse.c \ 39*180c4bc2SRoberto Vargas pkwrite.c \ 40*180c4bc2SRoberto Vargas sha256.c \ 41*180c4bc2SRoberto Vargas sha512.c \ 42*180c4bc2SRoberto Vargas ecdsa.c \ 43*180c4bc2SRoberto Vargas ecp_curves.c \ 44*180c4bc2SRoberto Vargas ecp.c \ 45*180c4bc2SRoberto Vargas rsa.c \ 46d25b527cSJeenu Viswambharan rsa_internal.c \ 47*180c4bc2SRoberto Vargas x509.c \ 48*180c4bc2SRoberto Vargas x509_crt.c \ 497d37aa17SJuan Castillo ) 507d37aa17SJuan Castillo 51*180c4bc2SRoberto Vargas# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key 52*180c4bc2SRoberto Vargas# algorithm to use. If the variable is not defined, select it based on algorithm 53*180c4bc2SRoberto Vargas# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is 54*180c4bc2SRoberto Vargas# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. 55*180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},) 56*180c4bc2SRoberto Vargas ifeq (${KEY_ALG}, ecdsa) 57*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG := ecdsa 58*180c4bc2SRoberto Vargas else 59*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG := rsa 60*180c4bc2SRoberto Vargas endif 61*180c4bc2SRoberto Vargasendif 62*180c4bc2SRoberto Vargas 63*180c4bc2SRoberto Vargas# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for 64*180c4bc2SRoberto Vargas# backward compatibility 65*180c4bc2SRoberto Vargasifdef MBEDTLS_KEY_ALG 66*180c4bc2SRoberto Vargas ifeq (${ERROR_DEPRECATED},1) 67*180c4bc2SRoberto Vargas $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") 68*180c4bc2SRoberto Vargas endif 69*180c4bc2SRoberto Vargas $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") 70*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} 71*180c4bc2SRoberto Vargasendif 72*180c4bc2SRoberto Vargas 73*180c4bc2SRoberto Vargasifeq (${HASH_ALG}, sha384) 74*180c4bc2SRoberto Vargas TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 75*180c4bc2SRoberto Vargaselse ifeq (${HASH_ALG}, sha512) 76*180c4bc2SRoberto Vargas TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 77*180c4bc2SRoberto Vargaselse 78*180c4bc2SRoberto Vargas TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 79*180c4bc2SRoberto Vargasendif 80*180c4bc2SRoberto Vargas 81*180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) 82*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA 83*180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa) 84*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA 85*180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) 86*180c4bc2SRoberto Vargas TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA 87*180c4bc2SRoberto Vargaselse 88*180c4bc2SRoberto Vargas $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") 89*180c4bc2SRoberto Vargasendif 90*180c4bc2SRoberto Vargas 91*180c4bc2SRoberto Vargas# Needs to be set to drive mbed TLS configuration correctly 92*180c4bc2SRoberto Vargas$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) 93*180c4bc2SRoberto Vargas$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) 94*180c4bc2SRoberto Vargas 95*180c4bc2SRoberto Vargas 96*180c4bc2SRoberto Vargas$(eval $(call MAKE_LIB,mbedtls)) 97*180c4bc2SRoberto Vargas 987d37aa17SJuan Castilloendif 99