zephyr: Properly use the same mbedTLS header macros
For both RSA (which uses Zephyr's mbedTLS copy) and ECDSA (which uses
our own for ASN1 parsing) use the common "mcuboot-mbedtls-cfg.h" header
file instead of relying on the default config.h bundled with mbedTLS.
Additionally issue a descriptive error when CONFIG_MBEDTLS is set and we
are building with our own copy.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt
index 3b8ad92..9540b5b 100644
--- a/boot/zephyr/CMakeLists.txt
+++ b/boot/zephyr/CMakeLists.txt
@@ -104,8 +104,20 @@
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/sha256.c")
target_sources(app PRIVATE "${TINYCRYPT_DIR}/source/utils.c")
+ # When building for ECDSA, we use our own copy of mbedTLS, so the Zephyr
+ # one must not be enabled or the MBEDTLS_CONFIG_FILE macros will collide.
+ if(DEFINED CONFIG_MBEDTLS)
+ message(FATAL_ERROR "\
+
+CONFIG_MBEDTLS should not be enabled. \
+Try adding CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y to your prj.conf, \
+delete the build folder and build from scratch.")
+ endif()
+ # Since here we are not using Zephyr's mbedTLS bur rather our own, we need
+ # to set MBEDTLS_CONFIG_FILE ourselves. When using Zephyr's copy, this
+ # variable is set by its Kconfig in the Zephyr codebase.
+ target_compile_definitions(app PRIVATE MBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/include/mcuboot-mbedtls-cfg.h")
# Additionally pull in just the ASN.1 parser from mbedTLS.
- target_compile_definitions(app PRIVATE MBEDTLS_CFG_FILE=config-asn1.h)
target_sources(app PRIVATE "${MBEDTLS_ASN1_DIR}/src/asn1parse.c")
elseif(CONFIG_BOOT_SIGNATURE_TYPE_RSA)
# Use mbedTLS provided by Zephyr for RSA signatures. (Its config file