From b18835102534381365aab391a0f9ce14f3c97331 Mon Sep 17 00:00:00 2001
From: David Cunado <david.cunado@arm.com>
Date: Wed, 10 May 2017 16:38:44 +0100
Subject: [PATCH 1/3] mbedtls: Namespace for TF specific macros

An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
macros to have a TBBR_ suffix to avoid any potential clash with future
mbedtls macros.

But on reflection the TBBR_ suffix could be confusing as the macros
are used to drive TF-specific configuration of mbedtls. As such
this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
suffix which more accurately conveys their use.

Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
Signed-off-by: David Cunado <david.cunado@arm.com>
---
 drivers/auth/mbedtls/mbedtls_common.c         | 4 ++--
 drivers/auth/mbedtls/mbedtls_crypto.mk        | 6 +++---
 include/drivers/auth/mbedtls/mbedtls_config.h | 8 ++++----
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index c71f81ea0..aad49a715 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -12,9 +12,9 @@
 /*
  * mbed TLS heap
  */
-#if (TBBR_KEY_ALG_ID == TBBR_ECDSA)
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA)
 #define MBEDTLS_HEAP_SIZE		(14*1024)
-#elif (TBBR_KEY_ALG_ID == TBBR_RSA)
+#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_HEAP_SIZE		(8*1024)
 #endif
 static unsigned char heap[MBEDTLS_HEAP_SIZE];
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk
index 578fc106e..11df5ad36 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.mk
+++ b/drivers/auth/mbedtls/mbedtls_crypto.mk
@@ -31,18 +31,18 @@ ifeq (${MBEDTLS_KEY_ALG},ecdsa)
     					ecp_curves.c				\
     					ecp.c					\
     					)
-    TBBR_KEY_ALG_ID		:=	TBBR_ECDSA
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
 else ifeq (${MBEDTLS_KEY_ALG},rsa)
     MBEDTLS_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
     					rsa.c					\
     					)
-    TBBR_KEY_ALG_ID		:=	TBBR_RSA
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
 else
     $(error "MBEDTLS_KEY_ALG=${MBEDTLS_KEY_ALG} not supported on mbed TLS")
 endif
 
 # Needs to be set to drive mbed TLS configuration correctly
-$(eval $(call add_define,TBBR_KEY_ALG_ID))
+$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
 
 BL1_SOURCES			+=	${MBEDTLS_CRYPTO_SOURCES}
 BL2_SOURCES			+=	${MBEDTLS_CRYPTO_SOURCES}
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index edb294aba..7d8d17c35 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -9,8 +9,8 @@
 /*
  * Key algorithms currently supported on mbed TLS libraries
  */
-#define TBBR_RSA	1
-#define TBBR_ECDSA	2
+#define TF_MBEDTLS_RSA		1
+#define TF_MBEDTLS_ECDSA	2
 
 /*
  * Configuration file to build mbed TLS with the required features for
@@ -45,11 +45,11 @@
 
 #define MBEDTLS_PLATFORM_C
 
-#if (TBBR_KEY_ALG_ID == TBBR_ECDSA)
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA)
 #define MBEDTLS_ECDSA_C
 #define MBEDTLS_ECP_C
 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#elif (TBBR_KEY_ALG_ID == TBBR_RSA)
+#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_RSA_C
 #endif
 

From 0aff7ad2bc9a2619b61703d3b9c5005fe44bd281 Mon Sep 17 00:00:00 2001
From: David Cunado <david.cunado@arm.com>
Date: Mon, 8 May 2017 09:48:34 +0100
Subject: [PATCH 2/3] mbedtls: Complete namespace for TF specific macros

This patch renames MBEDTLS_KEY_ALG to TF_MBEDTLS_KEY_ALG. This
completes the migration of TF specific macros so that they do not
have the MBEDTLS_ suffix (see arm-trusted-firmware#874).

Change-Id: Iad7632477e220b0af987c4db3cf52229fb127d00
Signed-off-by: David Cunado <david.cunado@arm.com>
---
 drivers/auth/mbedtls/mbedtls_crypto.mk | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk
index 11df5ad36..cb81d4d67 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.mk
+++ b/drivers/auth/mbedtls/mbedtls_crypto.mk
@@ -6,10 +6,20 @@
 
 include drivers/auth/mbedtls/mbedtls_common.mk
 
-# The platform may define the variable 'MBEDTLS_KEY_ALG' to select the key
+# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
 # algorithm to use. Default algorithm is RSA.
-ifeq (${MBEDTLS_KEY_ALG},)
-    MBEDTLS_KEY_ALG		:=	rsa
+ifeq (${TF_MBEDTLS_KEY_ALG},)
+    TF_MBEDTLS_KEY_ALG		:=	rsa
+endif
+
+# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
+# backward compatibility
+ifdef MBEDTLS_KEY_ALG
+    ifeq (${ERROR_DEPRECATED},1)
+        $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
+    endif
+    $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
+    TF_MBEDTLS_KEY_ALG	:= ${MBEDTLS_KEY_ALG}
 endif
 
 MBEDTLS_CRYPTO_SOURCES		:=	drivers/auth/mbedtls/mbedtls_crypto.c	\
@@ -25,20 +35,20 @@ MBEDTLS_CRYPTO_SOURCES		:=	drivers/auth/mbedtls/mbedtls_crypto.c	\
 					)
 
 # Key algorithm specific files
-ifeq (${MBEDTLS_KEY_ALG},ecdsa)
+ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
     MBEDTLS_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
     					ecdsa.c					\
     					ecp_curves.c				\
     					ecp.c					\
     					)
     TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
-else ifeq (${MBEDTLS_KEY_ALG},rsa)
+else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
     MBEDTLS_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
     					rsa.c					\
     					)
     TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
 else
-    $(error "MBEDTLS_KEY_ALG=${MBEDTLS_KEY_ALG} not supported on mbed TLS")
+    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
 endif
 
 # Needs to be set to drive mbed TLS configuration correctly

From 6a0b0d7f8693db5a63b2e32d19ec82d90d2d041d Mon Sep 17 00:00:00 2001
From: David Cunado <david.cunado@arm.com>
Date: Wed, 10 May 2017 00:29:54 +0100
Subject: [PATCH 3/3] Migrate ARM platforms to use TF_MBEDTLS_KEY_ALG

A previous patch superseded the MBEDTLS_KEY_ALG. This patch updates
the ARM platforms to use the new TF_MBEDTLS_KEY_ALG define.

Change-Id: Ie0e1bc272e127e879ac58e7cfcbe268751d7688e
Signed-off-by: David Cunado <david.cunado@arm.com>
---
 plat/arm/common/arm_common.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index d51c123d7..58fc94ec6 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -171,7 +171,7 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
 
     $(eval $(call FWU_FIP_ADD_IMG,NS_BL2U,--fwu))
 
-    MBEDTLS_KEY_ALG	:=	${KEY_ALG}
+    TF_MBEDTLS_KEY_ALG	:=	${KEY_ALG}
 
     # We expect to locate the *.mk files under the directories specified below
     CRYPTO_LIB_MK := drivers/auth/mbedtls/mbedtls_crypto.mk