mirrors/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-08-31 19:31:34 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
arm-trusted-firmware/drivers/auth/mbedtls/mbedtls_common.mk
Manish V Badarkhe 14db963fd3 refactor(measured-boot): add generic macros for using Crypto library 
It doesn't look correct to use mbed TLS defines directly in the Event
Log driver as this driver may use another Crypto library in future.
Hence mbed TLS Crypto dependency on Event Log driver is removed by
introducing generic Crypto defines and uses those in the Event Log
driver to call Crypto functions.
Also, updated mbed TLS glue layer to map these generic Crypto defines
to mbed TLS library defines.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibc9c751f60cbce4d3f3cf049b7c53b3d05cc6735
2021-12-08 11:00:13 +00:00

127 lines
3.2 KiB
Makefile
Raw Blame History

#
# Copyright (c) 2015-2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
ifneq (${MBEDTLS_COMMON_MK},1)
MBEDTLS_COMMON_MK := 1
# MBEDTLS_DIR must be set to the mbed TLS main directory (it must contain
# the 'include' and 'library' subdirectories).
ifeq (${MBEDTLS_DIR},)
$(error Error: MBEDTLS_DIR not set)
endif
MBEDTLS_INC = -I${MBEDTLS_DIR}/include
# Specify mbed TLS configuration file
MBEDTLS_CONFIG_FILE := "<drivers/auth/mbedtls/mbedtls_config.h>"
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
aes.c \
asn1parse.c \
asn1write.c \
cipher.c \
cipher_wrap.c \
memory_buffer_alloc.c \
oid.c \
platform.c \
platform_util.c \
bignum.c \
gcm.c \
md.c \
pk.c \
pk_wrap.c \
pkparse.c \
pkwrite.c \
sha256.c \
sha512.c \
ecdsa.c \
ecp_curves.c \
ecp.c \
rsa.c \
rsa_internal.c \
x509.c \
x509_crt.c \
)
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
# algorithm to use. If the variable is not defined, select it based on
# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
# then it is set to `rsa`.
ifeq (${TF_MBEDTLS_KEY_ALG},)
ifeq (${KEY_ALG}, ecdsa)
TF_MBEDTLS_KEY_ALG := ecdsa
else
TF_MBEDTLS_KEY_ALG := rsa
endif
endif
ifeq (${TF_MBEDTLS_KEY_SIZE},)
ifneq ($(findstring rsa,${TF_MBEDTLS_KEY_ALG}),)
ifeq (${KEY_SIZE},)
TF_MBEDTLS_KEY_SIZE := 2048
else
TF_MBEDTLS_KEY_SIZE := ${KEY_SIZE}
endif
endif
endif
ifeq (${HASH_ALG}, sha384)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384
else ifeq (${HASH_ALG}, sha512)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512
else
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256
endif
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
else
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
endif
ifeq (${DECRYPTION_SUPPORT}, aes_gcm)
TF_MBEDTLS_USE_AES_GCM := 1
else
TF_MBEDTLS_USE_AES_GCM := 0
endif
ifeq ($(MEASURED_BOOT),1)
ifeq (${TPM_HASH_ALG}, sha256)
TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA256
else ifeq (${TPM_HASH_ALG}, sha384)
TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA384
else ifeq (${TPM_HASH_ALG}, sha512)
TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA512
else
$(error "TPM_HASH_ALG not defined.")
endif
endif
# Needs to be set to drive mbed TLS configuration correctly
$(eval $(call add_defines,\
$(sort \
TF_MBEDTLS_KEY_ALG_ID \
TF_MBEDTLS_KEY_SIZE \
TF_MBEDTLS_HASH_ALG_ID \
TF_MBEDTLS_USE_AES_GCM \
)))
ifeq ($(MEASURED_BOOT),1)
$(eval $(call add_define,TF_MBEDTLS_TPM_HASH_ALG_ID))
endif
$(eval $(call MAKE_LIB,mbedtls))
endif
Reference in New Issue View Git Blame Copy Permalink