xref: /rk3399_ARM-atf/drivers/auth/mbedtls/mbedtls_common.mk (revision 51e061591bbf13af2486c3bb5f37ed609578d145) 
17d37aa17SJuan Castillo#
2*51e06159SGovindraj Raja# Copyright (c) 2015-2023, Arm Limited. All rights reserved.
37d37aa17SJuan Castillo#
482cb2c1aSdp-arm# SPDX-License-Identifier: BSD-3-Clause
57d37aa17SJuan Castillo#
67d37aa17SJuan Castillo
77d37aa17SJuan Castilloifneq (${MBEDTLS_COMMON_MK},1)
87d37aa17SJuan CastilloMBEDTLS_COMMON_MK	:=	1
97d37aa17SJuan Castillo
107d37aa17SJuan Castillo# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain
117d37aa17SJuan Castillo# the 'include' and 'library' subdirectories).
127d37aa17SJuan Castilloifeq (${MBEDTLS_DIR},)
137d37aa17SJuan Castillo  $(error Error: MBEDTLS_DIR not set)
147d37aa17SJuan Castilloendif
157d37aa17SJuan Castillo
16ea7a57a3SRoberto VargasMBEDTLS_INC		=	-I${MBEDTLS_DIR}/include
177d37aa17SJuan Castillo
18*51e06159SGovindraj RajaMBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
19*51e06159SGovindraj RajaMBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
20*51e06159SGovindraj Raja$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}])
21*51e06159SGovindraj Raja
227d37aa17SJuan Castillo# Specify mbed TLS configuration file
23*51e06159SGovindraj Rajaifeq (${MBEDTLS_MAJOR}, 2)
24*51e06159SGovindraj Raja	MBEDTLS_CONFIG_FILE	?=	"<drivers/auth/mbedtls/mbedtls_config-2.h>"
25*51e06159SGovindraj Rajaelse ifeq (${MBEDTLS_MAJOR}, 3)
26*51e06159SGovindraj Raja	MBEDTLS_CONFIG_FILE	?=	"<drivers/auth/mbedtls/mbedtls_config-3.h>"
27*51e06159SGovindraj Rajaendif
28*51e06159SGovindraj Raja
29649dbf6fSJuan Castillo$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
307d37aa17SJuan Castillo
31180c4bc2SRoberto VargasMBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
32180c4bc2SRoberto Vargas
333be9c276SMate Toth-PalLIBMBEDTLS_SRCS		+= $(addprefix ${MBEDTLS_DIR}/library/,		\
347cda17bbSSumit Garg					aes.c 				\
357d37aa17SJuan Castillo					asn1parse.c 			\
367d37aa17SJuan Castillo					asn1write.c 			\
377cda17bbSSumit Garg					cipher.c 			\
387cda17bbSSumit Garg					cipher_wrap.c 			\
39*51e06159SGovindraj Raja					constant_time.c			\
407d37aa17SJuan Castillo					memory_buffer_alloc.c		\
417d37aa17SJuan Castillo					oid.c 				\
427d37aa17SJuan Castillo					platform.c 			\
43d25b527cSJeenu Viswambharan					platform_util.c			\
44180c4bc2SRoberto Vargas					bignum.c			\
457cda17bbSSumit Garg					gcm.c 				\
46180c4bc2SRoberto Vargas					md.c				\
47180c4bc2SRoberto Vargas					pk.c 				\
48180c4bc2SRoberto Vargas					pk_wrap.c 			\
49180c4bc2SRoberto Vargas					pkparse.c 			\
50180c4bc2SRoberto Vargas					pkwrite.c 			\
51180c4bc2SRoberto Vargas					sha256.c            		\
52180c4bc2SRoberto Vargas					sha512.c            		\
53180c4bc2SRoberto Vargas					ecdsa.c				\
54180c4bc2SRoberto Vargas					ecp_curves.c			\
55180c4bc2SRoberto Vargas					ecp.c				\
56180c4bc2SRoberto Vargas					rsa.c				\
57180c4bc2SRoberto Vargas					x509.c 				\
58180c4bc2SRoberto Vargas					x509_crt.c 			\
597d37aa17SJuan Castillo					)
607d37aa17SJuan Castillo
61*51e06159SGovindraj Rajaifeq (${MBEDTLS_MAJOR}, 2)
62*51e06159SGovindraj Raja	LIBMBEDTLS_SRCS +=  $(addprefix ${MBEDTLS_DIR}/library/,	\
63*51e06159SGovindraj Raja						rsa_internal.c		\
64*51e06159SGovindraj Raja						)
65*51e06159SGovindraj Rajaelse ifeq (${MBEDTLS_MAJOR}, 3)
66*51e06159SGovindraj Raja	LIBMBEDTLS_SRCS +=  $(addprefix ${MBEDTLS_DIR}/library/,	\
67*51e06159SGovindraj Raja						bignum_core.c		\
68*51e06159SGovindraj Raja						rsa_alt_helpers.c	\
69*51e06159SGovindraj Raja						hash_info.c		\
70*51e06159SGovindraj Raja						)
71*51e06159SGovindraj Raja
72*51e06159SGovindraj Raja	# Currently on Mbedtls-3 there is outstanding bug due to usage
73*51e06159SGovindraj Raja	# of redundant declaration[1], So disable redundant-decls
74*51e06159SGovindraj Raja	# compilation flag to avoid compilation error when compiling with
75*51e06159SGovindraj Raja	# Mbedtls-3.
76*51e06159SGovindraj Raja	# [1]: https://github.com/Mbed-TLS/mbedtls/issues/6910
77*51e06159SGovindraj Raja	LIBMBEDTLS_CFLAGS += -Wno-error=redundant-decls
78*51e06159SGovindraj Rajaendif
79*51e06159SGovindraj Raja
80180c4bc2SRoberto Vargas# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
816a415a50SJustin Chadwell# algorithm to use. If the variable is not defined, select it based on
826a415a50SJustin Chadwell# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
836a415a50SJustin Chadwell# then it is set to `rsa`.
84180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},)
85180c4bc2SRoberto Vargas    ifeq (${KEY_ALG}, ecdsa)
86180c4bc2SRoberto Vargas        TF_MBEDTLS_KEY_ALG		:=	ecdsa
87180c4bc2SRoberto Vargas    else
88180c4bc2SRoberto Vargas        TF_MBEDTLS_KEY_ALG		:=	rsa
89180c4bc2SRoberto Vargas    endif
90180c4bc2SRoberto Vargasendif
91180c4bc2SRoberto Vargas
92aacff749SJustin Chadwellifeq (${TF_MBEDTLS_KEY_SIZE},)
93aacff749SJustin Chadwell    ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),)
94aacff749SJustin Chadwell	ifeq (${KEY_SIZE},)
95aacff749SJustin Chadwell            TF_MBEDTLS_KEY_SIZE		:=	2048
96aacff749SJustin Chadwell	else
97aacff749SJustin Chadwell            TF_MBEDTLS_KEY_SIZE		:=	${KEY_SIZE}
98aacff749SJustin Chadwell	endif
99aacff749SJustin Chadwell    endif
100aacff749SJustin Chadwellendif
101aacff749SJustin Chadwell
102180c4bc2SRoberto Vargasifeq (${HASH_ALG}, sha384)
103180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
104180c4bc2SRoberto Vargaselse ifeq (${HASH_ALG}, sha512)
105180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
106180c4bc2SRoberto Vargaselse
107180c4bc2SRoberto Vargas    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
108180c4bc2SRoberto Vargasendif
109180c4bc2SRoberto Vargas
110180c4bc2SRoberto Vargasifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
111180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
112180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
113180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
114180c4bc2SRoberto Vargaselse ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
115180c4bc2SRoberto Vargas    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
116180c4bc2SRoberto Vargaselse
117180c4bc2SRoberto Vargas    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
118180c4bc2SRoberto Vargasendif
119180c4bc2SRoberto Vargas
1207cda17bbSSumit Gargifeq (${DECRYPTION_SUPPORT}, aes_gcm)
1217cda17bbSSumit Garg    TF_MBEDTLS_USE_AES_GCM	:=	1
1227cda17bbSSumit Gargelse
1237cda17bbSSumit Garg    TF_MBEDTLS_USE_AES_GCM	:=	0
1247cda17bbSSumit Gargendif
1257cda17bbSSumit Garg
126180c4bc2SRoberto Vargas# Needs to be set to drive mbed TLS configuration correctly
127327131c4SLeonardo Sandoval$(eval $(call add_defines,\
128327131c4SLeonardo Sandoval    $(sort \
129327131c4SLeonardo Sandoval        TF_MBEDTLS_KEY_ALG_ID \
130327131c4SLeonardo Sandoval        TF_MBEDTLS_KEY_SIZE \
131327131c4SLeonardo Sandoval        TF_MBEDTLS_HASH_ALG_ID \
132327131c4SLeonardo Sandoval        TF_MBEDTLS_USE_AES_GCM \
133327131c4SLeonardo Sandoval)))
134180c4bc2SRoberto Vargas
135180c4bc2SRoberto Vargas$(eval $(call MAKE_LIB,mbedtls))
136180c4bc2SRoberto Vargas
1377d37aa17SJuan Castilloendif
138