| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame] | 1 | # |
| 2 | # Copyright (C) 2011-2015 OpenWrt.org |
| 3 | # |
| 4 | # This is free software, licensed under the GNU General Public License v2. |
| 5 | # See /LICENSE for more information. |
| 6 | # |
| 7 | |
| 8 | include $(TOPDIR)/rules.mk |
| 9 | |
| 10 | PKG_NAME:=mbedtls |
| 11 | PKG_VERSION:=3.6.2 |
| 12 | PKG_RELEASE:=1 |
| 13 | PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto |
| 14 | |
| 15 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 |
| 16 | PKG_SOURCE_URL=https://github.com/Mbed-TLS/$(PKG_NAME)/releases/download/$(PKG_NAME)-$(PKG_VERSION) |
| 17 | PKG_HASH:=8b54fb9bcf4d5a7078028e0520acddefb7900b3e66fec7f7175bb5b7d85ccdca |
| 18 | |
| 19 | PKG_LICENSE:=GPL-2.0-or-later |
| 20 | PKG_LICENSE_FILES:=LICENSE |
| 21 | PKG_CPE_ID:=cpe:/a:arm:mbed_tls |
| 22 | |
| 23 | MBEDTLS_BUILD_OPTS_CURVES= \ |
| 24 | CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED \ |
| 25 | CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED \ |
| 26 | CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED \ |
| 27 | CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED \ |
| 28 | CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED \ |
| 29 | CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED \ |
| 30 | CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED \ |
| 31 | CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED \ |
| 32 | CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED \ |
| 33 | CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED \ |
| 34 | CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED \ |
| 35 | CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED \ |
| 36 | CONFIG_MBEDTLS_ECP_DP_CURVE448_ENABLED |
| 37 | |
| 38 | MBEDTLS_BUILD_OPTS_CIPHERS= \ |
| 39 | CONFIG_MBEDTLS_AES_C \ |
| 40 | CONFIG_MBEDTLS_ARIA_C \ |
| 41 | CONFIG_MBEDTLS_CAMELLIA_C \ |
| 42 | CONFIG_MBEDTLS_CCM_C \ |
| 43 | CONFIG_MBEDTLS_CMAC_C \ |
| 44 | CONFIG_MBEDTLS_DES_C \ |
| 45 | CONFIG_MBEDTLS_GCM_C \ |
| 46 | CONFIG_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED \ |
| 47 | CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED \ |
| 48 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED \ |
| 49 | CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \ |
| 50 | CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ |
| 51 | CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \ |
| 52 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ |
| 53 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ |
| 54 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED \ |
| 55 | CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \ |
| 56 | CONFIG_MBEDTLS_NIST_KW_C \ |
| 57 | CONFIG_MBEDTLS_RIPEMD160_C \ |
| 58 | CONFIG_MBEDTLS_RSA_NO_CRT \ |
| 59 | CONFIG_MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ |
| 60 | CONFIG_MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ |
| 61 | CONFIG_MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED |
| 62 | |
| 63 | MBEDTLS_BUILD_OPTS= \ |
| 64 | $(MBEDTLS_BUILD_OPTS_CURVES) \ |
| 65 | $(MBEDTLS_BUILD_OPTS_CIPHERS) \ |
| 66 | CONFIG_MBEDTLS_CIPHER_MODE_OFB \ |
| 67 | CONFIG_MBEDTLS_CIPHER_MODE_XTS \ |
| 68 | CONFIG_MBEDTLS_DEBUG_C \ |
| 69 | CONFIG_MBEDTLS_ENTROPY_FORCE_SHA256 \ |
| 70 | CONFIG_MBEDTLS_HKDF_C \ |
| 71 | CONFIG_MBEDTLS_PLATFORM_C \ |
| 72 | CONFIG_MBEDTLS_SELF_TEST \ |
| 73 | CONFIG_MBEDTLS_SSL_RENEGOTIATION \ |
| 74 | CONFIG_MBEDTLS_THREADING_C \ |
| 75 | CONFIG_MBEDTLS_THREADING_PTHREAD \ |
| 76 | CONFIG_MBEDTLS_VERSION_C \ |
| 77 | CONFIG_MBEDTLS_VERSION_FEATURES \ |
| 78 | CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT \ |
| 79 | CONFIG_MBEDTLS_DEPRECATED_WARNING \ |
| 80 | CONFIG_MBEDTLS_SSL_PROTO_TLS1_2 \ |
| 81 | CONFIG_MBEDTLS_SSL_PROTO_TLS1_3 \ |
| 82 | CONFIG_MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE |
| 83 | |
| 84 | PKG_CONFIG_DEPENDS := $(MBEDTLS_BUILD_OPTS) |
| 85 | |
| 86 | include $(INCLUDE_DIR)/package.mk |
| 87 | include $(INCLUDE_DIR)/cmake.mk |
| 88 | |
| 89 | define Package/mbedtls/Default |
| 90 | TITLE:=Embedded SSL |
| 91 | URL:=https://www.trustedfirmware.org/projects/mbed-tls/ |
| 92 | endef |
| 93 | |
| 94 | define Package/mbedtls/Default/description |
| 95 | The aim of the mbedtls project is to provide a quality, open-source |
| 96 | cryptographic library written in C and targeted at embedded systems. |
| 97 | endef |
| 98 | |
| 99 | define Package/libmbedtls |
| 100 | $(call Package/mbedtls/Default) |
| 101 | SECTION:=libs |
| 102 | CATEGORY:=Libraries |
| 103 | SUBMENU:=SSL |
| 104 | TITLE+= (library) |
| 105 | ABI_VERSION:=21 |
| 106 | MENU:=1 |
| 107 | endef |
| 108 | |
| 109 | define Package/libmbedtls/config |
| 110 | source "$(SOURCE)/Config.in" |
| 111 | endef |
| 112 | |
| 113 | define Package/mbedtls-util |
| 114 | $(call Package/mbedtls/Default) |
| 115 | SECTION:=utils |
| 116 | CATEGORY:=Utilities |
| 117 | TITLE+= (utilities) |
| 118 | DEPENDS:=+libmbedtls |
| 119 | endef |
| 120 | |
| 121 | define Package/libmbedtls/description |
| 122 | $(call Package/mbedtls/Default/description) |
| 123 | This package contains the mbedtls library. |
| 124 | endef |
| 125 | |
| 126 | define Package/mbedtls-util/description |
| 127 | $(call Package/mbedtls/Default/description) |
| 128 | This package contains mbedtls helper programs for private key and |
| 129 | CSR generation (gen_key, cert_req) |
| 130 | endef |
| 131 | |
| 132 | TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) |
| 133 | |
| 134 | CMAKE_OPTIONS += \ |
| 135 | -DCMAKE_POSITION_INDEPENDENT_CODE=ON \ |
| 136 | -DUSE_SHARED_MBEDTLS_LIBRARY:Bool=ON \ |
| 137 | -DENABLE_TESTING:Bool=OFF \ |
| 138 | -DENABLE_PROGRAMS:Bool=ON |
| 139 | |
| 140 | define Build/Prepare |
| 141 | $(call Build/Prepare/Default) |
| 142 | |
| 143 | $(if $(strip $(foreach opt,$(MBEDTLS_BUILD_OPTS),$($(opt)))), |
| 144 | $(foreach opt,$(MBEDTLS_BUILD_OPTS), |
| 145 | $(PKG_BUILD_DIR)/scripts/config.py \ |
| 146 | -f $(PKG_BUILD_DIR)/include/mbedtls/mbedtls_config.h \ |
| 147 | $(if $($(opt)),set,unset) $(patsubst CONFIG_%,%,$(opt))),) |
| 148 | endef |
| 149 | |
| 150 | define Build/InstallDev |
| 151 | $(INSTALL_DIR) $(1)/usr/include |
| 152 | $(CP) \ |
| 153 | $(PKG_INSTALL_DIR)/usr/include/mbedtls \ |
| 154 | $(PKG_INSTALL_DIR)/usr/include/psa \ |
| 155 | $(1)/usr/include/ |
| 156 | $(INSTALL_DIR) $(1)/usr/lib |
| 157 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/ |
| 158 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.a $(1)/usr/lib/ |
| 159 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/cmake $(1)/usr/lib/ |
| 160 | $(INSTALL_DIR) $(1)/usr/lib/pkgconfig |
| 161 | $(CP) \ |
| 162 | $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/mbedcrypto.pc \ |
| 163 | $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/mbedtls.pc \ |
| 164 | $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/mbedx509.pc \ |
| 165 | $(1)/usr/lib/pkgconfig/ |
| 166 | endef |
| 167 | |
| 168 | define Package/libmbedtls/install |
| 169 | $(INSTALL_DIR) $(1)/usr/lib |
| 170 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/ |
| 171 | endef |
| 172 | |
| 173 | define Package/mbedtls-util/install |
| 174 | $(INSTALL_DIR) $(1)/usr/bin |
| 175 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gen_key $(1)/usr/bin/ |
| 176 | $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/cert_req $(1)/usr/bin/ |
| 177 | endef |
| 178 | |
| 179 | $(eval $(call BuildPackage,libmbedtls)) |
| 180 | $(eval $(call BuildPackage,mbedtls-util)) |