xref: /rk3399_ARM-atf/drivers/auth/mbedtls/mbedtls_common.mk (revision 0a0a7a9ac82cb79af91f098cedc69cc67bca3978) 
1#
2# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6
7ifneq (${MBEDTLS_COMMON_MK},1)
8MBEDTLS_COMMON_MK	:=	1
9
10# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain
11# the 'include' and 'library' subdirectories).
12ifeq (${MBEDTLS_DIR},)
13  $(error Error: MBEDTLS_DIR not set)
14endif
15
16MBEDTLS_INC		=	-I${MBEDTLS_DIR}/include
17
18# Specify mbed TLS configuration file
19MBEDTLS_CONFIG_FILE	:=	"<drivers/auth/mbedtls/mbedtls_config.h>"
20$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
21
22MBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
23
24
25LIBMBEDTLS_SRCS		:= $(addprefix ${MBEDTLS_DIR}/library/,	\
26					aes.c 					\
27					asn1parse.c 				\
28					asn1write.c 				\
29					cipher.c 				\
30					cipher_wrap.c 				\
31					memory_buffer_alloc.c			\
32					oid.c 					\
33					platform.c 				\
34					platform_util.c				\
35					bignum.c				\
36					gcm.c 					\
37					md.c					\
38					md_wrap.c				\
39					pk.c 					\
40					pk_wrap.c 				\
41					pkparse.c 				\
42					pkwrite.c 				\
43					sha256.c            			\
44					sha512.c            			\
45					ecdsa.c					\
46					ecp_curves.c				\
47					ecp.c					\
48					rsa.c					\
49					rsa_internal.c				\
50					x509.c 					\
51					x509_crt.c 				\
52					)
53
54# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
55# algorithm to use. If the variable is not defined, select it based on
56# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
57# then it is set to `rsa`.
58ifeq (${TF_MBEDTLS_KEY_ALG},)
59    ifeq (${KEY_ALG}, ecdsa)
60        TF_MBEDTLS_KEY_ALG		:=	ecdsa
61    else
62        TF_MBEDTLS_KEY_ALG		:=	rsa
63    endif
64endif
65
66ifeq (${TF_MBEDTLS_KEY_SIZE},)
67    ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),)
68	ifeq (${KEY_SIZE},)
69            TF_MBEDTLS_KEY_SIZE		:=	2048
70	else
71            TF_MBEDTLS_KEY_SIZE		:=	${KEY_SIZE}
72	endif
73    endif
74endif
75
76ifeq (${HASH_ALG}, sha384)
77    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
78    MBEDTLS_MD_ID		:=	MBEDTLS_MD_SHA384
79    TPM_ALG_ID			:=	TPM_ALG_SHA384
80    TCG_DIGEST_SIZE		:=	48
81else ifeq (${HASH_ALG}, sha512)
82    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
83    MBEDTLS_MD_ID		:=	MBEDTLS_MD_SHA512
84    TPM_ALG_ID			:=	TPM_ALG_SHA512
85    TCG_DIGEST_SIZE		:=	64
86else
87    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
88    MBEDTLS_MD_ID		:=	MBEDTLS_MD_SHA256
89    TPM_ALG_ID			:=	TPM_ALG_SHA256
90    TCG_DIGEST_SIZE		:=	32
91endif
92
93ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
94    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
95else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
96    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
97else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
98    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
99else
100    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
101endif
102
103ifeq (${DECRYPTION_SUPPORT}, aes_gcm)
104    TF_MBEDTLS_USE_AES_GCM	:=	1
105else
106    TF_MBEDTLS_USE_AES_GCM	:=	0
107endif
108
109# Needs to be set to drive mbed TLS configuration correctly
110$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
111$(eval $(call add_define,TF_MBEDTLS_KEY_SIZE))
112$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
113$(eval $(call add_define,TF_MBEDTLS_USE_AES_GCM))
114
115# Set definitions for measured boot driver
116$(eval $(call add_define,MBEDTLS_MD_ID))
117$(eval $(call add_define,TPM_ALG_ID))
118$(eval $(call add_define,TCG_DIGEST_SIZE))
119
120$(eval $(call MAKE_LIB,mbedtls))
121
122endif
123