libmbedtls: configure and compile mbedtls

Configures mbedtls with a minimal user mode TA configuration and makes it compile. Adds dummy include/mbedtls_config_kernel.h to give a good error message in case mbedTLS is compiled in for kernel mode. mbedTLS is enabled for TAs with CFG_TA_MBEDTLS = y Builtin self tests are enabled with CFG_TA_MBEDTLS_SELF_TEST = y Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
author: Jens Wiklander <jens.wiklander@linaro.org> 2018-05-18 15:49:22 +0200
committer: Jérôme Forissier <jerome.forissier@linaro.org> 2018-05-22 15:23:06 +0200
commit: a97bc4a084f1292c3a2cfd0c4593183b2f873e67 (patch)
tree: 172531e5959e24bc52a1cccbce993803f7c23382 /lib
parent: 817466cb476de705a8e3dabe1ef165fe27a18c2f (diff)
3 files changed, 147 insertions, 0 deletions
diff --git a/lib/libmbedtls/include/mbedtls_config_kernel.h b/lib/libmbedtls/include/mbedtls_config_kernel.h
new file mode 100644
index 00000000..771795ce
--- /dev/null
+++ b/lib/libmbedtls/include/mbedtls_config_kernel.h
@@ -0,0 +1,3 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/* Copyright (c) 2018, Linaro Limited */
+#error "mbedTLS is not yet supported in kernel mode"
diff --git a/lib/libmbedtls/include/mbedtls_config_uta.h b/lib/libmbedtls/include/mbedtls_config_uta.h
new file mode 100644
index 00000000..a43afd7b
--- /dev/null
+++ b/lib/libmbedtls/include/mbedtls_config_uta.h
@@ -0,0 +1,57 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/* Copyright (c) 2018, Linaro Limited */
+#ifndef __MBEDTLS_CONFIG_UTA_H
+#define __MBEDTLS_CONFIG_UTA_H
+
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_PKCS1_V15
+
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_DES_C
+#define MBEDTLS_AES_C
+
+#define MBEDTLS_SHA1_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CSR_PARSE_C
+#define MBEDTLS_X509_CRT_WRITE_C
+#define MBEDTLS_X509_CREATE_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_CERTS_C
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PEM_WRITE_C
+
+#include <mbedtls/check_config.h>
+
+#endif /* __MBEDTLS_CONFIG_UTA_H */
diff --git a/lib/libmbedtls/sub.mk b/lib/libmbedtls/sub.mk
new file mode 100644
index 00000000..6f1fcfbc
--- /dev/null
+++ b/lib/libmbedtls/sub.mk
@@ -0,0 +1,87 @@
+global-incdirs-y += include
+global-incdirs-y += mbedtls/include
+
+SRCS :=
+
+# OBJS_CRYPTO from make file
+SRCS += aes.c
+SRCS += aesni.c
+SRCS += arc4.c
+SRCS += asn1parse.c
+SRCS += asn1write.c
+SRCS += base64.c
+SRCS += bignum.c
+SRCS += blowfish.c
+SRCS += camellia.c
+SRCS += ccm.c
+SRCS += cipher.c
+SRCS += cipher_wrap.c
+SRCS += cmac.c
+SRCS += ctr_drbg.c
+SRCS += des.c
+SRCS += dhm.c
+SRCS += ecdh.c
+SRCS += ecdsa.c
+SRCS += ecjpake.c
+SRCS += ecp.c
+SRCS += ecp_curves.c
+SRCS += entropy.c
+SRCS += entropy_poll.c
+SRCS += error.c
+SRCS += gcm.c
+SRCS += havege.c
+SRCS += hmac_drbg.c
+SRCS += md.c
+SRCS += md2.c
+SRCS += md4.c
+SRCS += md5.c
+SRCS += md_wrap.c
+SRCS += memory_buffer_alloc.c
+SRCS += oid.c
+SRCS += padlock.c
+SRCS += pem.c
+SRCS += pk.c
+SRCS += pk_wrap.c
+SRCS += pkcs12.c
+SRCS += pkcs5.c
+SRCS += pkparse.c
+SRCS += pkwrite.c
+SRCS += platform.c
+SRCS += ripemd160.c
+SRCS += rsa.c
+SRCS += sha1.c
+SRCS += sha256.c
+SRCS += sha512.c
+SRCS += threading.c
+SRCS += timing.c
+SRCS += version.c
+SRCS += version_features.c
+SRCS += xtea.c
+
+# OBJS_X509
+SRCS += certs.c
+SRCS += pkcs11.c
+SRCS += x509.c
+SRCS += x509_create.c
+SRCS += x509_crl.c
+SRCS += x509_crt.c
+SRCS += x509_csr.c
+SRCS += x509write_crt.c
+SRCS += x509write_csr.c
+
+# OBJS_TLS
+SRCS += debug.c
+SRCS += net_sockets.c
+SRCS += ssl_cache.c
+SRCS += ssl_ciphersuites.c
+SRCS += ssl_cli.c
+SRCS += ssl_cookie.c
+SRCS += ssl_srv.c
+SRCS += ssl_ticket.c
+SRCS += ssl_tls.c
+
+srcs-y += $(addprefix mbedtls/library/, $(SRCS))
+
+cflags-lib-y += -Wno-redundant-decls
+cflags-lib-y += -Wno-switch-default
+cflags-lib-$(CFG_ULIBS_GPROF) += -pg
author	Jens Wiklander <jens.wiklander@linaro.org>	2018-05-18 15:49:22 +0200
committer	Jérôme Forissier <jerome.forissier@linaro.org>	2018-05-22 15:23:06 +0200
commit	a97bc4a084f1292c3a2cfd0c4593183b2f873e67 (patch)
tree	172531e5959e24bc52a1cccbce993803f7c23382 /lib
parent	817466cb476de705a8e3dabe1ef165fe27a18c2f (diff)