1*54fd6939SJiyong Park# 2*54fd6939SJiyong Park# Copyright (c) 2015-2020, Arm Limited. All rights reserved. 3*54fd6939SJiyong Park# 4*54fd6939SJiyong Park# SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park# 6*54fd6939SJiyong Park 7*54fd6939SJiyong Parkifneq (${MBEDTLS_COMMON_MK},1) 8*54fd6939SJiyong ParkMBEDTLS_COMMON_MK := 1 9*54fd6939SJiyong Park 10*54fd6939SJiyong Park# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain 11*54fd6939SJiyong Park# the 'include' and 'library' subdirectories). 12*54fd6939SJiyong Parkifeq (${MBEDTLS_DIR},) 13*54fd6939SJiyong Park $(error Error: MBEDTLS_DIR not set) 14*54fd6939SJiyong Parkendif 15*54fd6939SJiyong Park 16*54fd6939SJiyong ParkMBEDTLS_INC = -I${MBEDTLS_DIR}/include 17*54fd6939SJiyong Park 18*54fd6939SJiyong Park# Specify mbed TLS configuration file 19*54fd6939SJiyong ParkMBEDTLS_CONFIG_FILE := "<drivers/auth/mbedtls/mbedtls_config.h>" 20*54fd6939SJiyong Park$(eval $(call add_define,MBEDTLS_CONFIG_FILE)) 21*54fd6939SJiyong Park 22*54fd6939SJiyong ParkMBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c 23*54fd6939SJiyong Park 24*54fd6939SJiyong Park 25*54fd6939SJiyong ParkLIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ 26*54fd6939SJiyong Park aes.c \ 27*54fd6939SJiyong Park asn1parse.c \ 28*54fd6939SJiyong Park asn1write.c \ 29*54fd6939SJiyong Park cipher.c \ 30*54fd6939SJiyong Park cipher_wrap.c \ 31*54fd6939SJiyong Park memory_buffer_alloc.c \ 32*54fd6939SJiyong Park oid.c \ 33*54fd6939SJiyong Park platform.c \ 34*54fd6939SJiyong Park platform_util.c \ 35*54fd6939SJiyong Park bignum.c \ 36*54fd6939SJiyong Park gcm.c \ 37*54fd6939SJiyong Park md.c \ 38*54fd6939SJiyong Park pk.c \ 39*54fd6939SJiyong Park pk_wrap.c \ 40*54fd6939SJiyong Park pkparse.c \ 41*54fd6939SJiyong Park pkwrite.c \ 42*54fd6939SJiyong Park sha256.c \ 43*54fd6939SJiyong Park sha512.c \ 44*54fd6939SJiyong Park ecdsa.c \ 45*54fd6939SJiyong Park ecp_curves.c \ 46*54fd6939SJiyong Park ecp.c \ 47*54fd6939SJiyong Park rsa.c \ 48*54fd6939SJiyong Park rsa_internal.c \ 49*54fd6939SJiyong Park x509.c \ 50*54fd6939SJiyong Park x509_crt.c \ 51*54fd6939SJiyong Park ) 52*54fd6939SJiyong Park 53*54fd6939SJiyong Park# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key 54*54fd6939SJiyong Park# algorithm to use. If the variable is not defined, select it based on 55*54fd6939SJiyong Park# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined, 56*54fd6939SJiyong Park# then it is set to `rsa`. 57*54fd6939SJiyong Parkifeq (${TF_MBEDTLS_KEY_ALG},) 58*54fd6939SJiyong Park ifeq (${KEY_ALG}, ecdsa) 59*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG := ecdsa 60*54fd6939SJiyong Park else 61*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG := rsa 62*54fd6939SJiyong Park endif 63*54fd6939SJiyong Parkendif 64*54fd6939SJiyong Park 65*54fd6939SJiyong Parkifeq (${TF_MBEDTLS_KEY_SIZE},) 66*54fd6939SJiyong Park ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),) 67*54fd6939SJiyong Park ifeq (${KEY_SIZE},) 68*54fd6939SJiyong Park TF_MBEDTLS_KEY_SIZE := 2048 69*54fd6939SJiyong Park else 70*54fd6939SJiyong Park TF_MBEDTLS_KEY_SIZE := ${KEY_SIZE} 71*54fd6939SJiyong Park endif 72*54fd6939SJiyong Park endif 73*54fd6939SJiyong Parkendif 74*54fd6939SJiyong Park 75*54fd6939SJiyong Parkifeq (${HASH_ALG}, sha384) 76*54fd6939SJiyong Park TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 77*54fd6939SJiyong Parkelse ifeq (${HASH_ALG}, sha512) 78*54fd6939SJiyong Park TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 79*54fd6939SJiyong Parkelse 80*54fd6939SJiyong Park TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 81*54fd6939SJiyong Parkendif 82*54fd6939SJiyong Park 83*54fd6939SJiyong Parkifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) 84*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA 85*54fd6939SJiyong Parkelse ifeq (${TF_MBEDTLS_KEY_ALG},rsa) 86*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA 87*54fd6939SJiyong Parkelse ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) 88*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA 89*54fd6939SJiyong Parkelse 90*54fd6939SJiyong Park $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") 91*54fd6939SJiyong Parkendif 92*54fd6939SJiyong Park 93*54fd6939SJiyong Parkifeq (${DECRYPTION_SUPPORT}, aes_gcm) 94*54fd6939SJiyong Park TF_MBEDTLS_USE_AES_GCM := 1 95*54fd6939SJiyong Parkelse 96*54fd6939SJiyong Park TF_MBEDTLS_USE_AES_GCM := 0 97*54fd6939SJiyong Parkendif 98*54fd6939SJiyong Park 99*54fd6939SJiyong Park# Needs to be set to drive mbed TLS configuration correctly 100*54fd6939SJiyong Park$(eval $(call add_defines,\ 101*54fd6939SJiyong Park $(sort \ 102*54fd6939SJiyong Park TF_MBEDTLS_KEY_ALG_ID \ 103*54fd6939SJiyong Park TF_MBEDTLS_KEY_SIZE \ 104*54fd6939SJiyong Park TF_MBEDTLS_HASH_ALG_ID \ 105*54fd6939SJiyong Park TF_MBEDTLS_USE_AES_GCM \ 106*54fd6939SJiyong Park))) 107*54fd6939SJiyong Park 108*54fd6939SJiyong Park$(eval $(call MAKE_LIB,mbedtls)) 109*54fd6939SJiyong Park 110*54fd6939SJiyong Parkendif 111