mcu-tools · prene-se · Nov 10, 2025 · Nov 25, 2025 · nordicjm · Nov 21, 2025
@@ -300,21 +300,25 @@ elseif(CONFIG_BOOT_SIGNATURE_TYPE_ED25519 OR CONFIG_BOOT_ENCRYPT_X25519)
 endif()
 
 if(NOT CONFIG_BOOT_ED25519_PSA AND NOT CONFIG_BOOT_ECDSA_PSA)
-  if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519)
-    zephyr_library_sources(
-      ${TINYCRYPT_DIR}/source/aes_encrypt.c
-      ${TINYCRYPT_DIR}/source/aes_decrypt.c
-      ${TINYCRYPT_DIR}/source/ctr_mode.c
-      ${TINYCRYPT_DIR}/source/hmac.c
-      ${TINYCRYPT_DIR}/source/ecc_dh.c
-    )
+  if(CONFIG_BOOT_USE_TINYCRYPT)
+    if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519)
+      zephyr_library_sources(
+        ${TINYCRYPT_DIR}/source/aes_encrypt.c
+        ${TINYCRYPT_DIR}/source/aes_decrypt.c
+        ${TINYCRYPT_DIR}/source/ctr_mode.c
+        ${TINYCRYPT_DIR}/source/hmac.c
+        ${TINYCRYPT_DIR}/source/ecc_dh.c
+      )
+    endif()
   endif()
 endif()
 
-if(CONFIG_BOOT_ENCRYPT_EC256 AND NOT CONFIG_BOOT_ECDSA_PSA)
-  zephyr_library_sources(
-    ${TINYCRYPT_DIR}/source/ecc_dh.c
-    )
+if(CONFIG_BOOT_USE_TINYCRYPT)
+  if(CONFIG_BOOT_ENCRYPT_EC256 AND NOT CONFIG_BOOT_ECDSA_PSA)
+    zephyr_library_sources(
+      ${TINYCRYPT_DIR}/source/ecc_dh.c
+      )
+  endif()
 endif()
 
 if(CONFIG_MCUBOOT_SERIAL)

@@ -283,6 +283,20 @@ config BOOT_ECDSA_TINYCRYPT
 	bool "Use tinycrypt"
 	select BOOT_USE_TINYCRYPT
 
+config BOOT_ECDSA_MBEDTLS
+	bool "Use mbedTLS"
+	select BOOT_USE_MBEDTLS
+	select MBEDTLS
+	select MBEDTLS_ECP_C if MBEDTLS_BUILTIN
+	select MBEDTLS_ECDSA_C if MBEDTLS_BUILTIN
+	select MBEDTLS_ECP_DP_SECP256R1_ENABLED if MBEDTLS_BUILTIN
+	select MBEDTLS_ASN1_PARSE_C if MBEDTLS_BUILTIN
+	select MBEDTLS_ECP_NIST_OPTIM if MBEDTLS_BUILTIN
+	select MBEDTLS_SHA256 if MBEDTLS_BUILTIN
+	select MBEDTLS_MD if MBEDTLS_BUILTIN
+	select MBEDTLS_ECDH_C if MBEDTLS_BUILTIN && BOOT_ENCRYPT_IMAGE
+	select BOOT_AES_MBEDTLS_DEPENDENCIES if MBEDTLS_BUILTIN && BOOT_ENCRYPT_IMAGE
+
 config BOOT_ECDSA_CC310
 	bool "Use CC310"
 	depends on HAS_HW_NRF_CC310