2015-04-02 15:44:20 +01:00
|
|
|
#
|
2017-03-07 10:08:42 +00:00
|
|
|
# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
|
2015-04-02 15:44:20 +01:00
|
|
|
#
|
2017-05-03 09:38:09 +01:00
|
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
2015-04-02 15:44:20 +01:00
|
|
|
#
|
|
|
|
|
|
|
|
include drivers/auth/mbedtls/mbedtls_common.mk
|
|
|
|
|
2017-05-08 09:48:34 +01:00
|
|
|
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
|
2017-08-31 11:49:32 +01:00
|
|
|
# algorithm to use. If the variable is not defined, select it based on algorithm
|
|
|
|
# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
|
2017-08-31 11:50:29 +01:00
|
|
|
# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
|
2017-05-08 09:48:34 +01:00
|
|
|
ifeq (${TF_MBEDTLS_KEY_ALG},)
|
2017-08-31 11:49:32 +01:00
|
|
|
ifeq (${KEY_ALG}, ecdsa)
|
|
|
|
TF_MBEDTLS_KEY_ALG := ecdsa
|
|
|
|
else
|
|
|
|
TF_MBEDTLS_KEY_ALG := rsa
|
|
|
|
endif
|
2017-05-08 09:48:34 +01:00
|
|
|
endif
|
|
|
|
|
|
|
|
# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
|
|
|
|
# backward compatibility
|
|
|
|
ifdef MBEDTLS_KEY_ALG
|
|
|
|
ifeq (${ERROR_DEPRECATED},1)
|
|
|
|
$(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
|
|
|
endif
|
|
|
|
$(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
|
|
|
TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG}
|
2015-04-02 15:44:20 +01:00
|
|
|
endif
|
|
|
|
|
|
|
|
MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \
|
|
|
|
$(addprefix ${MBEDTLS_DIR}/library/, \
|
|
|
|
bignum.c \
|
|
|
|
md.c \
|
|
|
|
md_wrap.c \
|
|
|
|
pk.c \
|
|
|
|
pk_wrap.c \
|
|
|
|
pkparse.c \
|
|
|
|
pkwrite.c \
|
|
|
|
sha256.c \
|
|
|
|
)
|
|
|
|
|
|
|
|
# Key algorithm specific files
|
2017-08-24 08:26:39 +01:00
|
|
|
MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
|
|
|
|
ecdsa.c \
|
|
|
|
ecp_curves.c \
|
|
|
|
ecp.c \
|
|
|
|
)
|
|
|
|
|
|
|
|
MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
|
|
|
|
rsa.c \
|
|
|
|
)
|
|
|
|
|
2017-05-08 09:48:34 +01:00
|
|
|
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
|
2017-08-24 08:26:39 +01:00
|
|
|
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
|
2017-05-10 16:38:44 +01:00
|
|
|
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
|
2017-05-08 09:48:34 +01:00
|
|
|
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
|
2017-08-24 08:26:39 +01:00
|
|
|
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
|
2017-05-10 16:38:44 +01:00
|
|
|
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
|
2017-08-24 08:26:39 +01:00
|
|
|
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
|
|
|
|
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
|
|
|
|
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
|
|
|
|
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
|
2015-04-02 15:44:20 +01:00
|
|
|
else
|
2017-05-08 09:48:34 +01:00
|
|
|
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
|
2015-04-02 15:44:20 +01:00
|
|
|
endif
|
|
|
|
|
2017-03-07 10:08:42 +00:00
|
|
|
# Needs to be set to drive mbed TLS configuration correctly
|
2017-05-10 16:38:44 +01:00
|
|
|
$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
|
2015-04-02 15:44:20 +01:00
|
|
|
|
|
|
|
BL1_SOURCES += ${MBEDTLS_CRYPTO_SOURCES}
|
|
|
|
BL2_SOURCES += ${MBEDTLS_CRYPTO_SOURCES}
|