refactor(crypto): change CRYPTO_SUPPORT flag to numeric Updated CRYPTO_SUPPORT flag to numeric to provide below supports - 1. CRYPTO_SUPPORT = 1 -> Authentication verification only 2. CRYPTO_SUPPORT = 2 -> Hash calculation only 3. CRYPTO_SUPPORT = 3 -> Authentication verification and hash calculation Change-Id: Ib34f31457a6c87d2356d736ad2d048dc787da56f Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

commit: c9fdaf6e18d6f4a6628750120029137f4d2a24b4 [log] [tgz]
author: Manish V Badarkhe <Manish.Badarkhe@arm.com> Mon Jun 20 15:32:38 2022 +0100
committer: Manish V Badarkhe <Manish.Badarkhe@arm.com> Wed Oct 05 15:25:28 2022 +0100
tree: 825c3335c97430e33b175ab9c275edfb3c68c78b
parent: c816807f9da22eb134b597dace5ac17ec5385e40 [diff]
diff --git a/drivers/auth/crypto_mod.c b/drivers/auth/crypto_mod.c
index 2028d53..fa1adb4 100644
--- a/drivers/auth/crypto_mod.c
+++ b/drivers/auth/crypto_mod.c

@@ -46,19 +46,26 @@
 {
 	assert(crypto_lib_desc.name != NULL);
 	assert(crypto_lib_desc.init != NULL);
-#if TRUSTED_BOARD_BOOT
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 	assert(crypto_lib_desc.verify_signature != NULL);
 	assert(crypto_lib_desc.verify_hash != NULL);
-#endif /* TRUSTED_BOARD_BOOT */
-#if MEASURED_BOOT || DRTM_SUPPORT
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
+
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 	assert(crypto_lib_desc.calc_hash != NULL);
-#endif /* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
 	/* Initialize the cryptographic library */
 	crypto_lib_desc.init();
 	INFO("Using crypto library '%s'\n", crypto_lib_desc.name);
 }
 
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 /*
  * Function to verify a digital signature
  *
@@ -108,8 +115,11 @@
 	return crypto_lib_desc.verify_hash(data_ptr, data_len,
 					   digest_info_ptr, digest_info_len);
 }
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
-#if MEASURED_BOOT || DRTM_SUPPORT
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 /*
  * Calculate a hash
  *
@@ -129,7 +139,8 @@
 
 	return crypto_lib_desc.calc_hash(alg, data_ptr, data_len, output);
 }
-#endif	/* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
 /*
  * Authenticated decryption of data

diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c
index e83225c..d231179 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c

@@ -24,7 +24,8 @@
 
 #define LIB_NAME		"mbed TLS"
 
-#if MEASURED_BOOT || DRTM_SUPPORT
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 /*
  * CRYPTO_MD_MAX_SIZE value is as per current stronger algorithm available
  * so make sure that mbed TLS MD maximum size must be lesser than this.
@@ -32,7 +33,8 @@
 CASSERT(CRYPTO_MD_MAX_SIZE >= MBEDTLS_MD_MAX_SIZE,
 	assert_mbedtls_md_size_overflow);
 
-#endif /* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
 /*
  * AlgorithmIdentifier  ::=  SEQUENCE  {
@@ -60,7 +62,8 @@
 	mbedtls_init();
 }
 
-#if TRUSTED_BOARD_BOOT
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 /*
  * Verify a signature.
  *
@@ -219,9 +222,11 @@
 
 	return CRYPTO_SUCCESS;
 }
-#endif /* TRUSTED_BOARD_BOOT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
-#if MEASURED_BOOT || DRTM_SUPPORT
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 /*
  * Map a generic crypto message digest algorithm to the corresponding macro used
  * by Mbed TLS.
@@ -264,7 +269,8 @@
 	 */
 	return mbedtls_md(md_info, data_ptr, data_len, output);
 }
-#endif /* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+	  CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
 
 #if TF_MBEDTLS_USE_AES_GCM
 /*
@@ -368,7 +374,7 @@
 /*
  * Register crypto library descriptor
  */
-#if (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
 #if TF_MBEDTLS_USE_AES_GCM
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash,
 		    auth_decrypt);
@@ -376,13 +382,13 @@
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash,
 		    NULL);
 #endif
-#elif TRUSTED_BOARD_BOOT
+#elif CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY
 #if TF_MBEDTLS_USE_AES_GCM
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash,
 		    auth_decrypt);
 #else
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, NULL);
 #endif
-#elif MEASURED_BOOT || DRTM_SUPPORT
+#elif CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY
 REGISTER_CRYPTO_LIB(LIB_NAME, init, calc_hash);
-#endif /* (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
commit	c9fdaf6e18d6f4a6628750120029137f4d2a24b4	[log] [tgz]
author	Manish V Badarkhe <Manish.Badarkhe@arm.com>	Mon Jun 20 15:32:38 2022 +0100
committer	Manish V Badarkhe <Manish.Badarkhe@arm.com>	Wed Oct 05 15:25:28 2022 +0100
tree	825c3335c97430e33b175ab9c275edfb3c68c78b
parent	c816807f9da22eb134b597dace5ac17ec5385e40 [diff]