mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 09:34:18 +00:00
Create a library file for libmbedtls
TF Makefile was linking all the objects files generated for the Mbed TLS library instead of creating a static library that could be used in the linking stage. Change-Id: I8e4cd843ef56033c9d3faeee71601d110b7e4c12 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
This commit is contained in:
Roberto Vargas
parent
61f72a3425
commit
180c4bc2c0
5 changed files with 78 additions and 102 deletions
|
|
@ -14,9 +14,7 @@ BL1_SOURCES += bl1/bl1_main.c \
|
|||
lib/el3_runtime/${ARCH}/context_mgmt.c \
|
||||
plat/common/plat_bl1_common.c \
|
||||
plat/common/${ARCH}/platform_up_stack.S \
|
||||
${MBEDTLS_COMMON_SOURCES} \
|
||||
${MBEDTLS_CRYPTO_SOURCES} \
|
||||
${MBEDTLS_X509_SOURCES}
|
||||
${MBEDTLS_SOURCES}
|
||||
|
||||
ifeq (${ARCH},aarch64)
|
||||
BL1_SOURCES += lib/el3_runtime/aarch64/context.S
|
||||
|
|
|
|||
|
|
@ -8,9 +8,7 @@ BL2_SOURCES += bl2/bl2_main.c \
|
|||
bl2/${ARCH}/bl2_arch_setup.c \
|
||||
lib/locks/exclusive/${ARCH}/spinlock.S \
|
||||
plat/common/${ARCH}/platform_up_stack.S \
|
||||
${MBEDTLS_COMMON_SOURCES} \
|
||||
${MBEDTLS_CRYPTO_SOURCES} \
|
||||
${MBEDTLS_X509_SOURCES}
|
||||
${MBEDTLS_SOURCES}
|
||||
|
||||
ifeq (${ARCH},aarch64)
|
||||
BL2_SOURCES += common/aarch64/early_exceptions.S
|
||||
|
|
|
|||
|
|
@ -20,15 +20,79 @@ INCLUDES += -I${MBEDTLS_DIR}/include \
|
|||
MBEDTLS_CONFIG_FILE := "<mbedtls_config.h>"
|
||||
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
|
||||
|
||||
MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
asn1parse.c \
|
||||
asn1write.c \
|
||||
memory_buffer_alloc.c \
|
||||
oid.c \
|
||||
platform.c \
|
||||
platform_util.c \
|
||||
rsa_internal.c \
|
||||
)
|
||||
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
|
||||
|
||||
|
||||
LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
asn1parse.c \
|
||||
asn1write.c \
|
||||
memory_buffer_alloc.c \
|
||||
oid.c \
|
||||
platform.c \
|
||||
platform_util.c \
|
||||
bignum.c \
|
||||
md.c \
|
||||
md_wrap.c \
|
||||
pk.c \
|
||||
pk_wrap.c \
|
||||
pkparse.c \
|
||||
pkwrite.c \
|
||||
sha256.c \
|
||||
sha512.c \
|
||||
ecdsa.c \
|
||||
ecp_curves.c \
|
||||
ecp.c \
|
||||
rsa.c \
|
||||
rsa_internal.c \
|
||||
x509.c \
|
||||
x509_crt.c \
|
||||
)
|
||||
|
||||
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
|
||||
# algorithm to use. If the variable is not defined, select it based on algorithm
|
||||
# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
|
||||
# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
|
||||
ifeq (${TF_MBEDTLS_KEY_ALG},)
|
||||
ifeq (${KEY_ALG}, ecdsa)
|
||||
TF_MBEDTLS_KEY_ALG := ecdsa
|
||||
else
|
||||
TF_MBEDTLS_KEY_ALG := rsa
|
||||
endif
|
||||
endif
|
||||
|
||||
# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
|
||||
# backward compatibility
|
||||
ifdef MBEDTLS_KEY_ALG
|
||||
ifeq (${ERROR_DEPRECATED},1)
|
||||
$(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
||||
endif
|
||||
$(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
||||
TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG}
|
||||
endif
|
||||
|
||||
ifeq (${HASH_ALG}, sha384)
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384
|
||||
else ifeq (${HASH_ALG}, sha512)
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512
|
||||
else
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256
|
||||
endif
|
||||
|
||||
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
|
||||
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
|
||||
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
|
||||
else
|
||||
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
|
||||
endif
|
||||
|
||||
# Needs to be set to drive mbed TLS configuration correctly
|
||||
$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
|
||||
$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
|
||||
|
||||
|
||||
$(eval $(call MAKE_LIB,mbedtls))
|
||||
|
||||
endif
|
||||
|
|
|
|||
|
|
@ -6,86 +6,6 @@
|
|||
|
||||
include drivers/auth/mbedtls/mbedtls_common.mk
|
||||
|
||||
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
|
||||
# algorithm to use. If the variable is not defined, select it based on algorithm
|
||||
# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
|
||||
# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
|
||||
ifeq (${TF_MBEDTLS_KEY_ALG},)
|
||||
ifeq (${KEY_ALG}, ecdsa)
|
||||
TF_MBEDTLS_KEY_ALG := ecdsa
|
||||
else
|
||||
TF_MBEDTLS_KEY_ALG := rsa
|
||||
endif
|
||||
endif
|
||||
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_crypto.c
|
||||
|
||||
# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
|
||||
# backward compatibility
|
||||
ifdef MBEDTLS_KEY_ALG
|
||||
ifeq (${ERROR_DEPRECATED},1)
|
||||
$(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
||||
endif
|
||||
$(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
|
||||
TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG}
|
||||
endif
|
||||
|
||||
MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
bignum.c \
|
||||
md.c \
|
||||
md_wrap.c \
|
||||
pk.c \
|
||||
pk_wrap.c \
|
||||
pkparse.c \
|
||||
pkwrite.c \
|
||||
)
|
||||
|
||||
ifeq (${HASH_ALG}, sha384)
|
||||
MBEDTLS_CRYPTO_SOURCES += \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
sha256.c \
|
||||
sha512.c \
|
||||
)
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384
|
||||
else ifeq (${HASH_ALG}, sha512)
|
||||
MBEDTLS_CRYPTO_SOURCES += \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
sha256.c \
|
||||
sha512.c \
|
||||
)
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512
|
||||
else
|
||||
MBEDTLS_CRYPTO_SOURCES += \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
sha256.c \
|
||||
)
|
||||
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256
|
||||
endif
|
||||
|
||||
# Key algorithm specific files
|
||||
MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
ecdsa.c \
|
||||
ecp_curves.c \
|
||||
ecp.c \
|
||||
)
|
||||
|
||||
MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
rsa.c \
|
||||
)
|
||||
|
||||
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
|
||||
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
|
||||
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
|
||||
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
|
||||
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
|
||||
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
|
||||
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
|
||||
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
|
||||
else
|
||||
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
|
||||
endif
|
||||
|
||||
# Needs to be set to drive mbed TLS configuration correctly
|
||||
$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
|
||||
$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
|
||||
|
|
|
|||
|
|
@ -6,8 +6,4 @@
|
|||
|
||||
include drivers/auth/mbedtls/mbedtls_common.mk
|
||||
|
||||
MBEDTLS_X509_SOURCES := drivers/auth/mbedtls/mbedtls_x509_parser.c \
|
||||
$(addprefix ${MBEDTLS_DIR}/library/, \
|
||||
x509.c \
|
||||
x509_crt.c \
|
||||
)
|
||||
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_x509_parser.c
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue