diff options
author | Roberto Vargas <roberto.vargas@arm.com> | 2018-05-08 10:27:10 +0100 |
---|---|---|
committer | Roberto Vargas <roberto.vargas@arm.com> | 2018-08-03 11:31:36 +0100 |
commit | 180c4bc2c04f1fa58c9e4355cb2b204efdf29f52 (patch) | |
tree | 137e8112936287592f078f4479ed5da2c40c2319 /drivers/auth | |
parent | 61f72a34250d063da67f4fc2b0eb8c3fda3376be (diff) |
Create a library file for libmbedtls
TF Makefile was linking all the objects files generated for the
Mbed TLS library instead of creating a static library that could be
used in the linking stage.
Change-Id: I8e4cd843ef56033c9d3faeee71601d110b7e4c12
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Diffstat (limited to 'drivers/auth')
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.mk | 84 | ||||
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_crypto.mk | 82 | ||||
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_x509.mk | 6 |
3 files changed, 76 insertions, 96 deletions
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index a5d19e6a..67a5da2b 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -20,15 +20,79 @@ INCLUDES += -I${MBEDTLS_DIR}/include \ MBEDTLS_CONFIG_FILE := "<mbedtls_config.h>" $(eval $(call add_define,MBEDTLS_CONFIG_FILE)) -MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - asn1parse.c \ - asn1write.c \ - memory_buffer_alloc.c \ - oid.c \ - platform.c \ - platform_util.c \ - rsa_internal.c \ - ) +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c + + +LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ + asn1parse.c \ + asn1write.c \ + memory_buffer_alloc.c \ + oid.c \ + platform.c \ + platform_util.c \ + bignum.c \ + md.c \ + md_wrap.c \ + pk.c \ + pk_wrap.c \ + pkparse.c \ + pkwrite.c \ + sha256.c \ + sha512.c \ + ecdsa.c \ + ecp_curves.c \ + ecp.c \ + rsa.c \ + rsa_internal.c \ + x509.c \ + x509_crt.c \ + ) + +# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key +# algorithm to use. If the variable is not defined, select it based on algorithm +# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is +# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. +ifeq (${TF_MBEDTLS_KEY_ALG},) + ifeq (${KEY_ALG}, ecdsa) + TF_MBEDTLS_KEY_ALG := ecdsa + else + TF_MBEDTLS_KEY_ALG := rsa + endif +endif + +# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for +# backward compatibility +ifdef MBEDTLS_KEY_ALG + ifeq (${ERROR_DEPRECATED},1) + $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + endif + $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} +endif + +ifeq (${HASH_ALG}, sha384) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 +else ifeq (${HASH_ALG}, sha512) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 +else + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 +endif + +ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA +else + $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") +endif + +# Needs to be set to drive mbed TLS configuration correctly +$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) +$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) + + +$(eval $(call MAKE_LIB,mbedtls)) endif diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk index 6b15e717..2a9fbbf9 100644 --- a/drivers/auth/mbedtls/mbedtls_crypto.mk +++ b/drivers/auth/mbedtls/mbedtls_crypto.mk @@ -6,86 +6,6 @@ include drivers/auth/mbedtls/mbedtls_common.mk -# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key -# algorithm to use. If the variable is not defined, select it based on algorithm -# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is -# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. -ifeq (${TF_MBEDTLS_KEY_ALG},) - ifeq (${KEY_ALG}, ecdsa) - TF_MBEDTLS_KEY_ALG := ecdsa - else - TF_MBEDTLS_KEY_ALG := rsa - endif -endif +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_crypto.c -# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for -# backward compatibility -ifdef MBEDTLS_KEY_ALG - ifeq (${ERROR_DEPRECATED},1) - $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") - endif - $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") - TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} -endif -MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - bignum.c \ - md.c \ - md_wrap.c \ - pk.c \ - pk_wrap.c \ - pkparse.c \ - pkwrite.c \ - ) - -ifeq (${HASH_ALG}, sha384) - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - sha512.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 -else ifeq (${HASH_ALG}, sha512) - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - sha512.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 -else - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 -endif - -# Key algorithm specific files -MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - ecdsa.c \ - ecp_curves.c \ - ecp.c \ - ) - -MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - rsa.c \ - ) - -ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA -else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA -else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA -else - $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") -endif - -# Needs to be set to drive mbed TLS configuration correctly -$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) -$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) diff --git a/drivers/auth/mbedtls/mbedtls_x509.mk b/drivers/auth/mbedtls/mbedtls_x509.mk index a6f72e67..a0557e20 100644 --- a/drivers/auth/mbedtls/mbedtls_x509.mk +++ b/drivers/auth/mbedtls/mbedtls_x509.mk @@ -6,8 +6,4 @@ include drivers/auth/mbedtls/mbedtls_common.mk -MBEDTLS_X509_SOURCES := drivers/auth/mbedtls/mbedtls_x509_parser.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - x509.c \ - x509_crt.c \ - ) +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_x509_parser.c |