Create a library file for libmbedtls

TF Makefile was linking all the objects files generated for the Mbed TLS library instead of creating a static library that could be used in the linking stage. Change-Id: I8e4cd843ef56033c9d3faeee71601d110b7e4c12 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

Create a library file for libmbedtls
TF Makefile was linking all the objects files generated for the Mbed TLS library instead of creating a static library that could be used in the linking stage. Change-Id: I8e4cd843ef56033c9d3faeee71601d110b7e4c12 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
180c4bc2 · Roberto Vargas · 61f72a34 · 180c4bc2 · 180c4bc2 · 180c4bc2
Commit 180c4bc2 authored May 08, 2018 by Roberto Vargas
--- a/bl1/bl1.mk
+++ b/bl1/bl1.mk
@@ -14,9 +14,7 @@ BL1_SOURCES		+=	bl1/bl1_main.c				\
 				lib/el3_runtime/${ARCH}/context_mgmt.c	\
 				plat/common/plat_bl1_common.c		\
 				plat/common/${ARCH}/platform_up_stack.S \
-				${MBEDTLS_COMMON_SOURCES}		\
-				${MBEDTLS_CRYPTO_SOURCES}		\
-				${MBEDTLS_X509_SOURCES}
+				${MBEDTLS_SOURCES}

 ifeq (${ARCH},aarch64)
 BL1_SOURCES		+=	lib/el3_runtime/aarch64/context.S

--- a/bl2/bl2.mk
+++ b/bl2/bl2.mk
@@ -8,9 +8,7 @@ BL2_SOURCES		+=	bl2/bl2_main.c				\
 				bl2/${ARCH}/bl2_arch_setup.c		\
 				lib/locks/exclusive/${ARCH}/spinlock.S	\
 				plat/common/${ARCH}/platform_up_stack.S	\
-				${MBEDTLS_COMMON_SOURCES}               \
-				${MBEDTLS_CRYPTO_SOURCES}		\
-				${MBEDTLS_X509_SOURCES}
+				${MBEDTLS_SOURCES}

 ifeq (${ARCH},aarch64)
 BL2_SOURCES		+=	common/aarch64/early_exceptions.S

--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -20,15 +20,79 @@ INCLUDES		+=	-I${MBEDTLS_DIR}/include		\
 MBEDTLS_CONFIG_FILE	:=	"<mbedtls_config.h>"
 $(eval $(call add_define,MBEDTLS_CONFIG_FILE))

-MBEDTLS_COMMON_SOURCES	:=	drivers/auth/mbedtls/mbedtls_common.c	\
-				$(addprefix ${MBEDTLS_DIR}/library/,	\
+MBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
+
+
+LIBMBEDTLS_SRCS		:= $(addprefix ${MBEDTLS_DIR}/library/,	\
 					asn1parse.c 				\
 					asn1write.c 				\
 					memory_buffer_alloc.c			\
 					oid.c 					\
 					platform.c 				\
 					platform_util.c				\
+					bignum.c				\
+					md.c					\
+					md_wrap.c				\
+					pk.c 					\
+					pk_wrap.c 				\
+					pkparse.c 				\
+					pkwrite.c 				\
+					sha256.c            			\
+					sha512.c            			\
+					ecdsa.c					\
+					ecp_curves.c				\
+					ecp.c					\
+					rsa.c					\
 					rsa_internal.c				\
+					x509.c 					\
+					x509_crt.c 				\
 					)

+# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
+# algorithm to use. If the variable is not defined, select it based on algorithm
+# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
+# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
+ifeq (${TF_MBEDTLS_KEY_ALG},)
+    ifeq (${KEY_ALG}, ecdsa)
+        TF_MBEDTLS_KEY_ALG		:=	ecdsa
+    else
+        TF_MBEDTLS_KEY_ALG		:=	rsa
+    endif
+endif
+
+# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
+# backward compatibility
+ifdef MBEDTLS_KEY_ALG
+    ifeq (${ERROR_DEPRECATED},1)
+        $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
+    endif
+    $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
+    TF_MBEDTLS_KEY_ALG	:= ${MBEDTLS_KEY_ALG}
+endif
+
+ifeq (${HASH_ALG}, sha384)
+    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
+else ifeq (${HASH_ALG}, sha512)
+   TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
+else
+    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
+endif
+
+ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
+else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
+else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
+else
+    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
+endif
+
+# Needs to be set to drive mbed TLS configuration correctly
+$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
+$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
+
+
+$(eval $(call MAKE_LIB,mbedtls))
+
 endif
--- a/drivers/auth/mbedtls/mbedtls_crypto.mk
+++ b/drivers/auth/mbedtls/mbedtls_crypto.mk
@@ -6,86 +6,6 @@

 include drivers/auth/mbedtls/mbedtls_common.mk

-# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
-# algorithm to use. If the variable is not defined, select it based on algorithm
-# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
-# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
-ifeq (${TF_MBEDTLS_KEY_ALG},)
-    ifeq (${KEY_ALG}, ecdsa)
-        TF_MBEDTLS_KEY_ALG		:=	ecdsa
-    else
-        TF_MBEDTLS_KEY_ALG		:=	rsa
-    endif
-endif
+MBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_crypto.c

-# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
-# backward compatibility
-ifdef MBEDTLS_KEY_ALG
-    ifeq (${ERROR_DEPRECATED},1)
-        $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
-    endif
-    $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
-    TF_MBEDTLS_KEY_ALG	:= ${MBEDTLS_KEY_ALG}
-endif

-MBEDTLS_CRYPTO_SOURCES		:=	drivers/auth/mbedtls/mbedtls_crypto.c	\
-					$(addprefix ${MBEDTLS_DIR}/library/,	\
-					bignum.c				\
-					md.c					\
-					md_wrap.c				\
-					pk.c 					\
-					pk_wrap.c 				\
-					pkparse.c 				\
-					pkwrite.c 				\
-					)
-
-ifeq (${HASH_ALG}, sha384)
-    MBEDTLS_CRYPTO_SOURCES  += \
-					$(addprefix ${MBEDTLS_DIR}/library/,	\
-						sha256.c            \
-						sha512.c            \
-					)
-    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA384
-else ifeq (${HASH_ALG}, sha512)
-    MBEDTLS_CRYPTO_SOURCES  += \
-					$(addprefix ${MBEDTLS_DIR}/library/,	\
-						sha256.c            \
-						sha512.c            \
-					)
-    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA512
-else
-    MBEDTLS_CRYPTO_SOURCES  += \
-					$(addprefix ${MBEDTLS_DIR}/library/,	\
-						sha256.c            \
-					)
-    TF_MBEDTLS_HASH_ALG_ID	:=	TF_MBEDTLS_SHA256
-endif
-
-# Key algorithm specific files
-MBEDTLS_ECDSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
-					ecdsa.c					\
-					ecp_curves.c				\
-					ecp.c					\
-					)
-
-MBEDTLS_RSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
-					rsa.c					\
-					)
-
-ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
-    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
-else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
-    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
-else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
-    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
-else
-    $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
-endif
-
-# Needs to be set to drive mbed TLS configuration correctly
-$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
-$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
--- a/drivers/auth/mbedtls/mbedtls_x509.mk
+++ b/drivers/auth/mbedtls/mbedtls_x509.mk
@@ -6,8 +6,4 @@

 include drivers/auth/mbedtls/mbedtls_common.mk

-MBEDTLS_X509_SOURCES	:=	drivers/auth/mbedtls/mbedtls_x509_parser.c	\
-				$(addprefix ${MBEDTLS_DIR}/library/,		\
-				x509.c 						\
-				x509_crt.c 					\
-				)
+MBEDTLS_SOURCES	+=	drivers/auth/mbedtls/mbedtls_x509_parser.c