tbbr: Add build flag HASH_ALG to let the user to select the SHA
The flag support the following values:
- sha256 (default)
- sha384
- sha512
Change-Id: I7a49d858c361e993949cf6ada0a86575c3291066
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index 172e793..0eecde9 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -425,11 +425,15 @@
- ``KEY_ALG``: This build flag enables the user to select the algorithm to be
used for generating the PKCS keys and subsequent signing of the certificate.
- It accepts 3 values viz ``rsa``, ``rsa_1_5``, ``ecdsa``. The ``rsa_1_5`` is
+ It accepts 3 values viz. ``rsa``, ``rsa_1_5``, ``ecdsa``. The ``rsa_1_5`` is
the legacy PKCS#1 RSA 1.5 algorithm which is not TBBR compliant and is
retained only for compatibility. The default value of this flag is ``rsa``
which is the TBBR compliant PKCS#1 RSA 2.1 scheme.
+- ``HASH_ALG``: This build flag enables the user to select the secure hash
+ algorithm. It accepts 3 values viz. ``sha256``, ``sha384``, ``sha512``.
+ The default value of this flag is ``sha256``.
+
- ``LDFLAGS``: Extra user options appended to the linkers' command line in
addition to the one set by the build system.