From 40c9f0599c822bafca87a6b3181e4987d7aa843f Mon Sep 17 00:00:00 2001
From: Angus Gratton <angus@espressif.com>
Date: Wed, 20 May 2020 12:18:04 +1000
Subject: [PATCH] mbedtls: Don't compile hardware MPI & SHA files if disabled
 in config

Fixes bug where hardware accelerated mbedtls_mpi API was always used, even when
disabled in config.
---
 components/mbedtls/CMakeLists.txt | 27 ++++++++++++++++++---------
 components/mbedtls/component.mk   |  7 +++++++
 2 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt
index 08e6f1ee06..c46d6ff752 100644
--- a/components/mbedtls/CMakeLists.txt
+++ b/components/mbedtls/CMakeLists.txt
@@ -27,15 +27,24 @@ target_sources(mbedtls PRIVATE  "${COMPONENT_DIR}/port/mbedtls_debug.c"
                                 "${COMPONENT_DIR}/port/net_sockets.c")
 
 target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/esp_hardware.c"
-                                "${COMPONENT_DIR}/port/esp_mem.c"
-                                "${COMPONENT_DIR}/port/esp_sha.c"
-                                "${COMPONENT_DIR}/port/esp_sha1.c"
-                                "${COMPONENT_DIR}/port/esp_sha256.c"
-                                "${COMPONENT_DIR}/port/esp_sha512.c"
-                                "${COMPONENT_DIR}/port/esp_timing.c"
-                                "${COMPONENT_DIR}/port/${idf_target}/esp_bignum.c"
-                                "${COMPONENT_DIR}/port/${idf_target}/aes.c"
-                                "${COMPONENT_DIR}/port/${idf_target}/sha.c")
+                                  "${COMPONENT_DIR}/port/esp_mem.c"
+                                  "${COMPONENT_DIR}/port/esp_timing.c"
+                                  "${COMPONENT_DIR}/port/esp_sha.c"
+                                  "${COMPONENT_DIR}/port/${idf_target}/aes.c"
+)
+
+if(CONFIG_MBEDTLS_HARDWARE_MPI)
+    target_sources(mbedcrypto PRIVATE  "${COMPONENT_DIR}/port/${idf_target}/esp_bignum.c"
+    )
+endif()
+
+if(CONFIG_MBEDTLS_HARDWARE_SHA)
+    target_sources(mbedcrypto PRIVATE  "${COMPONENT_DIR}/port/esp_sha1.c"
+                                       "${COMPONENT_DIR}/port/esp_sha256.c"
+                                       "${COMPONENT_DIR}/port/esp_sha512.c"
+                                       "${COMPONENT_DIR}/port/${idf_target}/sha.c"
+    )
+endif()
 
 foreach(target ${mbedtls_targets})
     target_compile_definitions(${target} PUBLIC -DMBEDTLS_CONFIG_FILE="mbedtls/esp_config.h")
diff --git a/components/mbedtls/component.mk b/components/mbedtls/component.mk
index f21c94660b..1f7c167e52 100644
--- a/components/mbedtls/component.mk
+++ b/components/mbedtls/component.mk
@@ -10,3 +10,10 @@ COMPONENT_OBJEXCLUDE := mbedtls/library/net_sockets.o
 
 COMPONENT_SUBMODULES += mbedtls
 
+ifndef CONFIG_MBEDTLS_HARDWARE_MPI
+    COMPONENT_OBJEXCLUDE += port/$(IDF_TARGET)/esp_bignum.o
+endif
+
+ifndef CONFIG_MBEDTLS_HARDWARE_SHA
+    COMPONENT_OBJEXCLUDE += port/esp_sha1.o port/esp_sha256.o port/esp_sha512.o port/$(IDF_TARGET)/sha.o
+endif