refactor(crypto): change CRYPTO_SUPPORT flag to numeric
Updated CRYPTO_SUPPORT flag to numeric to provide below
supports -
1. CRYPTO_SUPPORT = 1 -> Authentication verification only
2. CRYPTO_SUPPORT = 2 -> Hash calculation only
3. CRYPTO_SUPPORT = 3 -> Authentication verification and
hash calculation
Change-Id: Ib34f31457a6c87d2356d736ad2d048dc787da56f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c
index e83225c..d231179 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@@ -24,7 +24,8 @@
#define LIB_NAME "mbed TLS"
-#if MEASURED_BOOT || DRTM_SUPPORT
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
/*
* CRYPTO_MD_MAX_SIZE value is as per current stronger algorithm available
* so make sure that mbed TLS MD maximum size must be lesser than this.
@@ -32,7 +33,8 @@
CASSERT(CRYPTO_MD_MAX_SIZE >= MBEDTLS_MD_MAX_SIZE,
assert_mbedtls_md_size_overflow);
-#endif /* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+ CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
/*
* AlgorithmIdentifier ::= SEQUENCE {
@@ -60,7 +62,8 @@
mbedtls_init();
}
-#if TRUSTED_BOARD_BOOT
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
/*
* Verify a signature.
*
@@ -219,9 +222,11 @@
return CRYPTO_SUCCESS;
}
-#endif /* TRUSTED_BOARD_BOOT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \
+ CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
-#if MEASURED_BOOT || DRTM_SUPPORT
+#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
/*
* Map a generic crypto message digest algorithm to the corresponding macro used
* by Mbed TLS.
@@ -264,7 +269,8 @@
*/
return mbedtls_md(md_info, data_ptr, data_len, output);
}
-#endif /* MEASURED_BOOT || DRTM_SUPPORT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \
+ CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
#if TF_MBEDTLS_USE_AES_GCM
/*
@@ -368,7 +374,7 @@
/*
* Register crypto library descriptor
*/
-#if (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT
+#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC
#if TF_MBEDTLS_USE_AES_GCM
REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash,
auth_decrypt);
@@ -376,13 +382,13 @@
REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash,
NULL);
#endif
-#elif TRUSTED_BOARD_BOOT
+#elif CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY
#if TF_MBEDTLS_USE_AES_GCM
REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash,
auth_decrypt);
#else
REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, NULL);
#endif
-#elif MEASURED_BOOT || DRTM_SUPPORT
+#elif CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY
REGISTER_CRYPTO_LIB(LIB_NAME, init, calc_hash);
-#endif /* (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT */
+#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */