1 // Build mcuboot as a library, based on the requested features.
2
3 extern crate cc;
4
5 use std::collections::BTreeSet;
6 use std::env;
7 use std::fs;
8 use std::io;
9 use std::path::{Path, PathBuf};
10
main()11 fn main() {
12 // Feature flags.
13 let psa_crypto_api = env::var("CARGO_FEATURE_PSA_CRYPTO_API").is_ok();
14 let sig_rsa = env::var("CARGO_FEATURE_SIG_RSA").is_ok();
15 let sig_rsa3072 = env::var("CARGO_FEATURE_SIG_RSA3072").is_ok();
16 let sig_ecdsa = env::var("CARGO_FEATURE_SIG_ECDSA").is_ok();
17 let sig_ecdsa_mbedtls = env::var("CARGO_FEATURE_SIG_ECDSA_MBEDTLS").is_ok();
18 let sig_ecdsa_psa = env::var("CARGO_FEATURE_SIG_ECDSA_PSA").is_ok();
19 let sig_p384 = env::var("CARGO_FEATURE_SIG_P384").is_ok();
20 let sig_ed25519 = env::var("CARGO_FEATURE_SIG_ED25519").is_ok();
21 let overwrite_only = env::var("CARGO_FEATURE_OVERWRITE_ONLY").is_ok();
22 let swap_move = env::var("CARGO_FEATURE_SWAP_MOVE").is_ok();
23 let validate_primary_slot =
24 env::var("CARGO_FEATURE_VALIDATE_PRIMARY_SLOT").is_ok();
25 let enc_rsa = env::var("CARGO_FEATURE_ENC_RSA").is_ok();
26 let enc_aes256_rsa = env::var("CARGO_FEATURE_ENC_AES256_RSA").is_ok();
27 let enc_kw = env::var("CARGO_FEATURE_ENC_KW").is_ok();
28 let enc_aes256_kw = env::var("CARGO_FEATURE_ENC_AES256_KW").is_ok();
29 let enc_ec256 = env::var("CARGO_FEATURE_ENC_EC256").is_ok();
30 let enc_ec256_mbedtls = env::var("CARGO_FEATURE_ENC_EC256_MBEDTLS").is_ok();
31 let enc_aes256_ec256 = env::var("CARGO_FEATURE_ENC_AES256_EC256").is_ok();
32 let enc_x25519 = env::var("CARGO_FEATURE_ENC_X25519").is_ok();
33 let enc_aes256_x25519 = env::var("CARGO_FEATURE_ENC_AES256_X25519").is_ok();
34 let bootstrap = env::var("CARGO_FEATURE_BOOTSTRAP").is_ok();
35 let multiimage = env::var("CARGO_FEATURE_MULTIIMAGE").is_ok();
36 let downgrade_prevention = env::var("CARGO_FEATURE_DOWNGRADE_PREVENTION").is_ok();
37 let ram_load = env::var("CARGO_FEATURE_RAM_LOAD").is_ok();
38 let direct_xip = env::var("CARGO_FEATURE_DIRECT_XIP").is_ok();
39 let max_align_32 = env::var("CARGO_FEATURE_MAX_ALIGN_32").is_ok();
40 let hw_rollback_protection = env::var("CARGO_FEATURE_HW_ROLLBACK_PROTECTION").is_ok();
41
42 let mut conf = CachedBuild::new();
43 conf.conf.define("__BOOTSIM__", None);
44 conf.conf.define("MCUBOOT_HAVE_LOGGING", None);
45 conf.conf.define("MCUBOOT_USE_FLASH_AREA_GET_SECTORS", None);
46 conf.conf.define("MCUBOOT_HAVE_ASSERT_H", None);
47 conf.conf.define("MCUBOOT_MAX_IMG_SECTORS", Some("128"));
48
49 if max_align_32 {
50 conf.conf.define("MCUBOOT_BOOT_MAX_ALIGN", Some("32"));
51 } else {
52 conf.conf.define("MCUBOOT_BOOT_MAX_ALIGN", Some("8"));
53 }
54
55 conf.conf.define("MCUBOOT_IMAGE_NUMBER", Some(if multiimage { "2" } else { "1" }));
56
57 if downgrade_prevention && !overwrite_only {
58 panic!("Downgrade prevention requires overwrite only");
59 }
60
61 if bootstrap {
62 conf.conf.define("MCUBOOT_BOOTSTRAP", None);
63 conf.conf.define("MCUBOOT_OVERWRITE_ONLY_FAST", None);
64 }
65
66 if validate_primary_slot {
67 conf.conf.define("MCUBOOT_VALIDATE_PRIMARY_SLOT", None);
68 }
69
70 if downgrade_prevention {
71 conf.conf.define("MCUBOOT_DOWNGRADE_PREVENTION", None);
72 }
73
74 if ram_load {
75 conf.conf.define("MCUBOOT_RAM_LOAD", None);
76 }
77
78 if direct_xip {
79 conf.conf.define("MCUBOOT_DIRECT_XIP", None);
80 }
81
82 if hw_rollback_protection {
83 conf.conf.define("MCUBOOT_HW_ROLLBACK_PROT", None);
84 conf.file("csupport/security_cnt.c");
85 }
86
87 // Currently no more than one sig type can be used simultaneously.
88 if vec![sig_rsa, sig_rsa3072, sig_ecdsa, sig_ed25519].iter()
89 .fold(0, |sum, &v| sum + v as i32) > 1 {
90 panic!("mcuboot does not support more than one sig type at the same time");
91 }
92
93 if psa_crypto_api {
94 if sig_ecdsa || enc_ec256 || enc_x25519 ||
95 enc_aes256_ec256 || sig_ecdsa_mbedtls || enc_aes256_x25519 ||
96 enc_kw || enc_aes256_kw {
97 conf.file("csupport/psa_crypto_init_stub.c");
98 } else {
99 conf.conf.define("MCUBOOT_USE_PSA_CRYPTO", None);
100 conf.file("../../ext/mbedtls/library/aes.c");
101 conf.file("../../ext/mbedtls/library/aesni.c");
102 conf.file("../../ext/mbedtls/library/aria.c");
103 conf.file("../../ext/mbedtls/library/asn1write.c");
104 conf.file("../../ext/mbedtls/library/base64.c");
105 conf.file("../../ext/mbedtls/library/camellia.c");
106 conf.file("../../ext/mbedtls/library/ccm.c");
107 conf.file("../../ext/mbedtls/library/chacha20.c");
108 conf.file("../../ext/mbedtls/library/chachapoly.c");
109 conf.file("../../ext/mbedtls/library/cipher.c");
110 conf.file("../../ext/mbedtls/library/cipher_wrap.c");
111 conf.file("../../ext/mbedtls/library/ctr_drbg.c");
112 conf.file("../../ext/mbedtls/library/des.c");
113 conf.file("../../ext/mbedtls/library/ecdsa.c");
114 conf.file("../../ext/mbedtls/library/ecp.c");
115 conf.file("../../ext/mbedtls/library/ecp_curves.c");
116 conf.file("../../ext/mbedtls/library/entropy.c");
117 conf.file("../../ext/mbedtls/library/entropy_poll.c");
118 conf.file("../../ext/mbedtls/library/gcm.c");
119 conf.file("../../ext/mbedtls/library/md5.c");
120 conf.file("../../ext/mbedtls/library/nist_kw.c");
121 conf.file("../../ext/mbedtls/library/oid.c");
122 conf.file("../../ext/mbedtls/library/pem.c");
123 conf.file("../../ext/mbedtls/library/pk.c");
124 conf.file("../../ext/mbedtls/library/pkcs5.c");
125 conf.file("../../ext/mbedtls/library/pkcs12.c");
126 conf.file("../../ext/mbedtls/library/pkparse.c");
127 conf.file("../../ext/mbedtls/library/pk_wrap.c");
128 conf.file("../../ext/mbedtls/library/pkwrite.c");
129 conf.file("../../ext/mbedtls/library/poly1305.c");
130 conf.file("../../ext/mbedtls/library/psa_crypto.c");
131 conf.file("../../ext/mbedtls/library/psa_crypto_cipher.c");
132 conf.file("../../ext/mbedtls/library/psa_crypto_client.c");
133 conf.file("../../ext/mbedtls/library/psa_crypto_driver_wrappers.c");
134 conf.file("../../ext/mbedtls/library/psa_crypto_ecp.c");
135 conf.file("../../ext/mbedtls/library/psa_crypto_hash.c");
136 conf.file("../../ext/mbedtls/library/psa_crypto_mac.c");
137 conf.file("../../ext/mbedtls/library/psa_crypto_rsa.c");
138 conf.file("../../ext/mbedtls/library/psa_crypto_slot_management.c");
139 conf.file("../../ext/mbedtls/library/psa_crypto_storage.c");
140 conf.file("../../ext/mbedtls/library/psa_its_file.c");
141 conf.file("../../ext/mbedtls/library/ripemd160.c");
142 conf.file("../../ext/mbedtls/library/rsa_alt_helpers.c");
143 conf.file("../../ext/mbedtls/library/sha1.c");
144 conf.file("../../ext/mbedtls/library/sha512.c");
145 conf.file("../../ext/mbedtls/tests/src/random.c");
146 conf.conf.include("../../ext/mbedtls/library");
147 }
148
149 conf.conf.include("../../ext/mbedtls/tests/include/");
150 conf.file("../../ext/mbedtls/tests/src/fake_external_rng_for_test.c");
151 }
152
153 if sig_rsa || sig_rsa3072 {
154 conf.conf.define("MCUBOOT_SIGN_RSA", None);
155 // The Kconfig style defines must be added here as well because
156 // they are used internally by "config-rsa.h"
157 if sig_rsa {
158 conf.conf.define("MCUBOOT_SIGN_RSA_LEN", "2048");
159 conf.conf.define("CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN", "2048");
160 } else {
161 conf.conf.define("MCUBOOT_SIGN_RSA_LEN", "3072");
162 conf.conf.define("CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN", "3072");
163 }
164 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
165
166 conf.conf.include("../../ext/mbedtls/include");
167 conf.file("../../ext/mbedtls/library/sha256.c");
168 conf.file("csupport/keys.c");
169
170 conf.file("../../ext/mbedtls/library/rsa.c");
171 conf.file("../../ext/mbedtls/library/bignum.c");
172 conf.file("../../ext/mbedtls/library/platform.c");
173 conf.file("../../ext/mbedtls/library/platform_util.c");
174 conf.file("../../ext/mbedtls/library/asn1parse.c");
175 conf.file("../../ext/mbedtls/library/md.c");
176
177 } else if sig_ecdsa {
178 conf.conf.define("MCUBOOT_SIGN_EC256", None);
179 conf.conf.define("MCUBOOT_USE_TINYCRYPT", None);
180
181 if !enc_kw {
182 conf.conf.include("../../ext/mbedtls/include");
183 }
184 conf.conf.include("../../ext/tinycrypt/lib/include");
185
186 conf.file("csupport/keys.c");
187
188 conf.file("../../ext/tinycrypt/lib/source/utils.c");
189 conf.file("../../ext/tinycrypt/lib/source/sha256.c");
190 conf.file("../../ext/tinycrypt/lib/source/ecc.c");
191 conf.file("../../ext/tinycrypt/lib/source/ecc_dsa.c");
192 conf.file("../../ext/tinycrypt/lib/source/ecc_platform_specific.c");
193 conf.file("../../ext/mbedtls/library/platform_util.c");
194 conf.file("../../ext/mbedtls/library/asn1parse.c");
195 } else if sig_ecdsa_mbedtls {
196 conf.conf.define("MCUBOOT_SIGN_EC256", None);
197 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
198
199 conf.conf.include("../../ext/mbedtls/include");
200 conf.file("../../ext/mbedtls/library/sha256.c");
201 conf.file("csupport/keys.c");
202
203 conf.file("../../ext/mbedtls/library/asn1parse.c");
204 conf.file("../../ext/mbedtls/library/bignum.c");
205 conf.file("../../ext/mbedtls/library/ecdsa.c");
206 conf.file("../../ext/mbedtls/library/ecp.c");
207 conf.file("../../ext/mbedtls/library/ecp_curves.c");
208 conf.file("../../ext/mbedtls/library/platform.c");
209 conf.file("../../ext/mbedtls/library/platform_util.c");
210 } else if sig_ecdsa_psa {
211 conf.conf.include("../../ext/mbedtls/include");
212
213 if sig_p384 {
214 conf.conf.define("MCUBOOT_SIGN_EC384", None);
215 conf.file("../../ext/mbedtls/library/sha512.c");
216 } else {
217 conf.conf.define("MCUBOOT_SIGN_EC256", None);
218 conf.file("../../ext/mbedtls/library/sha256.c");
219 }
220
221 conf.file("csupport/keys.c");
222 conf.file("../../ext/mbedtls/library/asn1parse.c");
223 conf.file("../../ext/mbedtls/library/bignum.c");
224 conf.file("../../ext/mbedtls/library/ecp.c");
225 conf.file("../../ext/mbedtls/library/ecp_curves.c");
226 conf.file("../../ext/mbedtls/library/platform.c");
227 conf.file("../../ext/mbedtls/library/platform_util.c");
228 } else if sig_ed25519 {
229 conf.conf.define("MCUBOOT_SIGN_ED25519", None);
230 conf.conf.define("MCUBOOT_USE_TINYCRYPT", None);
231
232 conf.conf.include("../../ext/tinycrypt/lib/include");
233 conf.conf.include("../../ext/tinycrypt-sha512/lib/include");
234 conf.conf.include("../../ext/mbedtls/include");
235 conf.file("../../ext/tinycrypt/lib/source/sha256.c");
236 conf.file("../../ext/tinycrypt-sha512/lib/source/sha512.c");
237 conf.file("../../ext/tinycrypt/lib/source/utils.c");
238 conf.file("csupport/keys.c");
239 conf.file("../../ext/fiat/src/curve25519.c");
240 conf.file("../../ext/mbedtls/library/platform_util.c");
241 conf.file("../../ext/mbedtls/library/asn1parse.c");
242 } else if !enc_ec256 && !enc_x25519 {
243 // No signature type, only sha256 validation. The default
244 // configuration file bundled with mbedTLS is sufficient.
245 // When using ECIES-P256 rely on Tinycrypt.
246 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
247 conf.conf.include("../../ext/mbedtls/include");
248 conf.file("../../ext/mbedtls/library/sha256.c");
249 conf.file("../../ext/mbedtls/library/platform_util.c");
250 }
251
252 if overwrite_only {
253 conf.conf.define("MCUBOOT_OVERWRITE_ONLY", None);
254 }
255
256 if swap_move {
257 conf.conf.define("MCUBOOT_SWAP_USING_MOVE", None);
258 } else if !overwrite_only && !direct_xip && !ram_load {
259 conf.conf.define("CONFIG_BOOT_SWAP_USING_SCRATCH", None);
260 conf.conf.define("MCUBOOT_SWAP_USING_SCRATCH", None);
261 }
262
263 if enc_rsa || enc_aes256_rsa {
264 if enc_aes256_rsa {
265 conf.conf.define("MCUBOOT_AES_256", None);
266 }
267 conf.conf.define("MCUBOOT_ENCRYPT_RSA", None);
268 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
269 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
270
271 conf.file("../../boot/bootutil/src/encrypted.c");
272 conf.file("csupport/keys.c");
273
274 conf.conf.include("../../ext/mbedtls/include");
275 conf.conf.include("../../ext/mbedtls/library");
276 conf.file("../../ext/mbedtls/library/sha256.c");
277
278 conf.file("../../ext/mbedtls/library/platform.c");
279 conf.file("../../ext/mbedtls/library/platform_util.c");
280 conf.file("../../ext/mbedtls/library/rsa.c");
281 conf.file("../../ext/mbedtls/library/rsa_alt_helpers.c");
282 conf.file("../../ext/mbedtls/library/md.c");
283 conf.file("../../ext/mbedtls/library/aes.c");
284 conf.file("../../ext/mbedtls/library/bignum.c");
285 conf.file("../../ext/mbedtls/library/asn1parse.c");
286 }
287
288 if enc_kw || enc_aes256_kw {
289 if enc_aes256_kw {
290 conf.conf.define("MCUBOOT_AES_256", None);
291 }
292 conf.conf.define("MCUBOOT_ENCRYPT_KW", None);
293 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
294
295 conf.file("../../boot/bootutil/src/encrypted.c");
296 conf.file("csupport/keys.c");
297
298 if sig_rsa || sig_rsa3072 {
299 conf.file("../../ext/mbedtls/library/sha256.c");
300 }
301
302 /* Simulator uses Mbed-TLS to wrap keys */
303 conf.conf.include("../../ext/mbedtls/include");
304 conf.file("../../ext/mbedtls/library/platform.c");
305 conf.conf.include("../../ext/mbedtls/library");
306 conf.file("../../ext/mbedtls/library/platform_util.c");
307 conf.file("../../ext/mbedtls/library/nist_kw.c");
308 conf.file("../../ext/mbedtls/library/cipher.c");
309 conf.file("../../ext/mbedtls/library/cipher_wrap.c");
310 conf.file("../../ext/mbedtls/library/aes.c");
311
312 if sig_ecdsa {
313 conf.conf.define("MCUBOOT_USE_TINYCRYPT", None);
314
315 conf.conf.include("../../ext/tinycrypt/lib/include");
316
317 conf.file("../../ext/tinycrypt/lib/source/utils.c");
318 conf.file("../../ext/tinycrypt/lib/source/sha256.c");
319 conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c");
320 conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c");
321 conf.file("../../ext/tinycrypt/lib/source/ctr_mode.c");
322 }
323
324 if sig_ed25519 {
325 panic!("ed25519 does not support image encryption with KW yet");
326 }
327 }
328
329 if enc_ec256 {
330 conf.conf.define("MCUBOOT_ENCRYPT_EC256", None);
331 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
332 conf.conf.define("MCUBOOT_USE_TINYCRYPT", None);
333 conf.conf.define("MCUBOOT_SWAP_SAVE_ENCTLV", None);
334
335 conf.file("../../boot/bootutil/src/encrypted.c");
336 conf.file("csupport/keys.c");
337
338 conf.conf.include("../../ext/mbedtls/include");
339 conf.conf.include("../../ext/tinycrypt/lib/include");
340
341 /* FIXME: fail with other signature schemes ? */
342
343 conf.file("../../ext/tinycrypt/lib/source/utils.c");
344 conf.file("../../ext/tinycrypt/lib/source/sha256.c");
345 conf.file("../../ext/tinycrypt/lib/source/ecc.c");
346 conf.file("../../ext/tinycrypt/lib/source/ecc_dsa.c");
347 conf.file("../../ext/tinycrypt/lib/source/ecc_platform_specific.c");
348
349 conf.file("../../ext/mbedtls/library/platform_util.c");
350 conf.file("../../ext/mbedtls/library/asn1parse.c");
351
352 conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c");
353 conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c");
354 conf.file("../../ext/tinycrypt/lib/source/ctr_mode.c");
355 conf.file("../../ext/tinycrypt/lib/source/hmac.c");
356 conf.file("../../ext/tinycrypt/lib/source/ecc_dh.c");
357 } else if enc_ec256_mbedtls || enc_aes256_ec256 {
358 if enc_aes256_ec256 {
359 conf.conf.define("MCUBOOT_AES_256", None);
360 }
361 conf.conf.define("MCUBOOT_ENCRYPT_EC256", None);
362 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
363 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
364 conf.conf.define("MCUBOOT_SWAP_SAVE_ENCTLV", None);
365
366 conf.conf.include("../../ext/mbedtls/include");
367
368 conf.file("../../boot/bootutil/src/encrypted.c");
369 conf.file("../../ext/mbedtls/library/sha256.c");
370 conf.file("../../ext/mbedtls/library/asn1parse.c");
371 conf.file("../../ext/mbedtls/library/bignum.c");
372 conf.file("../../ext/mbedtls/library/ecdh.c");
373 conf.file("../../ext/mbedtls/library/md.c");
374 conf.file("../../ext/mbedtls/library/aes.c");
375 conf.file("../../ext/mbedtls/library/ecp.c");
376 conf.file("../../ext/mbedtls/library/ecp_curves.c");
377 conf.file("../../ext/mbedtls/library/platform.c");
378 conf.file("../../ext/mbedtls/library/platform_util.c");
379 conf.file("csupport/keys.c");
380 }
381
382 if enc_x25519 {
383 conf.conf.define("MCUBOOT_ENCRYPT_X25519", None);
384 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
385 conf.conf.define("MCUBOOT_USE_TINYCRYPT", None);
386 conf.conf.define("MCUBOOT_SWAP_SAVE_ENCTLV", None);
387
388 conf.file("../../boot/bootutil/src/encrypted.c");
389 conf.file("csupport/keys.c");
390
391 conf.conf.include("../../ext/mbedtls/include");
392 conf.conf.include("../../ext/tinycrypt/lib/include");
393 conf.conf.include("../../ext/tinycrypt-sha512/lib/include");
394
395 conf.file("../../ext/fiat/src/curve25519.c");
396
397 conf.file("../../ext/tinycrypt/lib/source/utils.c");
398 conf.file("../../ext/tinycrypt/lib/source/sha256.c");
399
400 conf.file("../../ext/mbedtls/library/platform_util.c");
401 conf.file("../../ext/mbedtls/library/asn1parse.c");
402
403 conf.file("../../ext/tinycrypt/lib/source/aes_encrypt.c");
404 conf.file("../../ext/tinycrypt/lib/source/aes_decrypt.c");
405 conf.file("../../ext/tinycrypt/lib/source/ctr_mode.c");
406 conf.file("../../ext/tinycrypt/lib/source/hmac.c");
407 }
408
409 else if enc_aes256_x25519 {
410 conf.conf.define("MCUBOOT_AES_256", None);
411 conf.conf.define("MCUBOOT_ENCRYPT_X25519", None);
412 conf.conf.define("MCUBOOT_ENC_IMAGES", None);
413 conf.conf.define("MCUBOOT_USE_MBED_TLS", None);
414 conf.conf.define("MCUBOOT_SWAP_SAVE_ENCTLV", None);
415
416 conf.file("../../boot/bootutil/src/encrypted.c");
417 conf.file("csupport/keys.c");
418
419 conf.conf.include("../../ext/mbedtls/include");
420 conf.file("../../ext/fiat/src/curve25519.c");
421 conf.file("../../ext/mbedtls/library/asn1parse.c");
422 conf.file("../../ext/mbedtls/library/platform.c");
423 conf.file("../../ext/mbedtls/library/platform_util.c");
424 conf.file("../../ext/mbedtls/library/aes.c");
425 conf.file("../../ext/mbedtls/library/sha256.c");
426 conf.file("../../ext/mbedtls/library/md.c");
427 conf.file("../../ext/mbedtls/library/sha512.c");
428 }
429
430 if sig_rsa && enc_kw {
431 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa-kw.h>"));
432 } else if sig_rsa || sig_rsa3072 || enc_rsa || enc_aes256_rsa {
433 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-rsa.h>"));
434 } else if sig_ecdsa_mbedtls || enc_ec256_mbedtls || enc_aes256_ec256 {
435 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-ec.h>"));
436 } else if (sig_ecdsa || enc_ec256) && !enc_kw {
437 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-asn1.h>"));
438 } else if sig_ed25519 || enc_x25519 {
439 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-asn1.h>"));
440 } else if enc_kw || enc_aes256_kw {
441 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-kw.h>"));
442 } else if enc_aes256_x25519 {
443 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-ed25519.h>"));
444 } else if sig_ecdsa_psa {
445 conf.conf.define("MBEDTLS_CONFIG_FILE", Some("<config-ec-psa.h>"));
446 }
447
448 conf.file("../../boot/bootutil/src/image_validate.c");
449 if sig_rsa || sig_rsa3072 {
450 conf.file("../../boot/bootutil/src/image_rsa.c");
451 } else if sig_ecdsa || sig_ecdsa_mbedtls || sig_ecdsa_psa {
452 conf.file("../../boot/bootutil/src/image_ecdsa.c");
453 } else if sig_ed25519 {
454 conf.file("../../boot/bootutil/src/image_ed25519.c");
455 }
456
457 conf.file("../../boot/bootutil/src/loader.c");
458 conf.file("../../boot/bootutil/src/swap_misc.c");
459 conf.file("../../boot/bootutil/src/swap_scratch.c");
460 conf.file("../../boot/bootutil/src/swap_move.c");
461 conf.file("../../boot/bootutil/src/caps.c");
462 conf.file("../../boot/bootutil/src/bootutil_misc.c");
463 conf.file("../../boot/bootutil/src/bootutil_public.c");
464 conf.file("../../boot/bootutil/src/tlv.c");
465 conf.file("../../boot/bootutil/src/fault_injection_hardening.c");
466 conf.file("csupport/run.c");
467 conf.conf.include("../../boot/bootutil/include");
468 conf.conf.include("csupport");
469 conf.conf.debug(true);
470 conf.conf.flag("-Wall");
471 conf.conf.flag("-Werror");
472
473 // FIXME: travis-ci still uses gcc 4.8.4 which defaults to std=gnu90.
474 // It has incomplete std=c11 and std=c99 support but std=c99 was checked
475 // to build correctly so leaving it here to updated in the future...
476 conf.conf.flag("-std=c99");
477
478 conf.conf.compile("libbootutil.a");
479
480 walk_dir("../../boot").unwrap();
481 walk_dir("../../ext/tinycrypt/lib/source").unwrap();
482 walk_dir("../../ext/mbedtls-asn1").unwrap();
483 walk_dir("csupport").unwrap();
484 walk_dir("../../ext/mbedtls/include").unwrap();
485 walk_dir("../../ext/mbedtls/library").unwrap();
486 }
487
488 // Output the names of all files within a directory so that Cargo knows when to rebuild.
walk_dir<P: AsRef<Path>>(path: P) -> io::Result<()>489 fn walk_dir<P: AsRef<Path>>(path: P) -> io::Result<()> {
490 for ent in fs::read_dir(path.as_ref())? {
491 let ent = ent?;
492 let p = ent.path();
493 if p.is_dir() {
494 walk_dir(p)?;
495 } else {
496 // Note that non-utf8 names will fail.
497 let name = p.to_str().unwrap();
498 if name.ends_with(".c") || name.ends_with(".h") {
499 println!("cargo:rerun-if-changed={}", name);
500 }
501 }
502 }
503
504 Ok(())
505 }
506
507 /// Wrap the cc::Build type so that we can make sure that files are only added a single time.
508 /// Other methods can be passed through as needed.
509 struct CachedBuild {
510 conf: cc::Build,
511 seen: BTreeSet<PathBuf>,
512 }
513
514 impl CachedBuild {
new() -> CachedBuild515 fn new() -> CachedBuild {
516 CachedBuild {
517 conf: cc::Build::new(),
518 seen: BTreeSet::new(),
519 }
520 }
521
522 /// Works like `file` in the Build, but doesn't add a file if the same path has already been
523 /// given.
file<P: AsRef<Path>>(&mut self, p: P) -> &mut CachedBuild524 fn file<P: AsRef<Path>>(&mut self, p: P) -> &mut CachedBuild {
525 let p = p.as_ref();
526 if !self.seen.contains(p) {
527 self.conf.file(p);
528 self.seen.insert(p.to_owned());
529 }
530 self
531 }
532 }
533
