@@ -31,6 +31,11 @@ endif
# X.509 Certificate handling
#
obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += x509_key_parser.o
+ifdef CONFIG_MBEDTLS_LIB_X509
+x509_key_parser-y := \
+ x509_cert_parser.o \
+ x509_public_key.o
+else
x509_key_parser-y := \
x509.asn1.o \
x509_akid.asn1.o \
@@ -43,27 +48,37 @@ $(obj)/x509_cert_parser.o: \
$(obj)/x509.asn1.o: $(obj)/x509.asn1.c $(obj)/x509.asn1.h
$(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h
+endif
#
# PKCS#7 message handling
#
obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o
+ifdef CONFIG_MBEDTLS_LIB_X509
+pkcs7_message-y := \
+ pkcs7_parser.o
+else
pkcs7_message-y := \
pkcs7.asn1.o \
pkcs7_parser.o
-obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
$(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h
$(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h
+endif
+obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
#
# Signed PE binary-wrapped key handling
#
obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o
-
+ifdef CONFIG_MBEDTLS_LIB_X509
+mscode-y := \
+ mscode_parser.o
+else
mscode-y := \
mscode_parser.o \
mscode.asn1.o
$(obj)/mscode_parser.o: $(obj)/mscode.asn1.h $(obj)/mscode.asn1.h
$(obj)/mscode.asn1.o: $(obj)/mscode.asn1.c $(obj)/mscode.asn1.h
+endif
When building with MbedTLS, we are using MbedTLS to decode ASN1 data for x509, pkcs7 and mscode. So we can remove the dependence on ASN1 decoder when MBEDTLS_LIB_X509 is enabled. Signed-off-by: Raymond Mao <raymond.mao@linaro.org> --- lib/crypto/Makefile | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-)