Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 1 | /* |
Govindraj Raja | 9c7dfb0 | 2023-01-11 18:34:58 +0000 | [diff] [blame] | 2 | * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved. |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 3 | * |
dp-arm | fa3cf0b | 2017-05-03 09:38:09 +0100 | [diff] [blame] | 4 | * SPDX-License-Identifier: BSD-3-Clause |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 5 | */ |
| 6 | |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 7 | #ifndef COT_DEF_H |
| 8 | #define COT_DEF_H |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 9 | |
Govindraj Raja | e045e12 | 2023-02-28 11:37:02 +0000 | [diff] [blame] | 10 | /* |
| 11 | * Guard here with availability of mbedtls config since PLAT=lx2162aqds |
| 12 | * uses custom tbbr from 'drivers/nxp/auth/tbbr/tbbr_cot.c' and also may |
| 13 | * build without mbedtls folder only with TRUSTED_BOOT enabled. |
| 14 | */ |
| 15 | #ifdef MBEDTLS_CONFIG_FILE |
Govindraj Raja | 9c7dfb0 | 2023-01-11 18:34:58 +0000 | [diff] [blame] | 16 | #include <mbedtls/version.h> |
Govindraj Raja | e045e12 | 2023-02-28 11:37:02 +0000 | [diff] [blame] | 17 | #endif |
Pankaj Gupta | 8778ebf | 2020-12-09 14:02:38 +0530 | [diff] [blame] | 18 | |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 19 | /* TBBR CoT definitions */ |
Manish Pandey | 5f8e1a0 | 2020-05-27 22:40:10 +0100 | [diff] [blame] | 20 | #if defined(SPD_spmd) |
| 21 | #define COT_MAX_VERIFIED_PARAMS 8 |
laurenw-arm | 483e5ac | 2022-04-21 15:49:00 -0500 | [diff] [blame] | 22 | #elif defined(ARM_COT_cca) |
| 23 | #define COT_MAX_VERIFIED_PARAMS 8 |
Manish Pandey | 5f8e1a0 | 2020-05-27 22:40:10 +0100 | [diff] [blame] | 24 | #else |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 25 | #define COT_MAX_VERIFIED_PARAMS 4 |
Manish Pandey | 5f8e1a0 | 2020-05-27 22:40:10 +0100 | [diff] [blame] | 26 | #endif |
Juan Castillo | 9b265a8 | 2015-05-07 14:52:44 +0100 | [diff] [blame] | 27 | |
Manish V Badarkhe | 043fd62 | 2020-05-16 16:36:39 +0100 | [diff] [blame] | 28 | /* |
| 29 | * Maximum key and hash sizes (in DER format). |
| 30 | * |
| 31 | * Both RSA and ECDSA keys may be used at the same time. In this case, the key |
| 32 | * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA |
| 33 | * ones for all key sizes we support, they impose the minimum size of these |
| 34 | * buffers. |
| 35 | */ |
| 36 | #if TF_MBEDTLS_USE_RSA |
| 37 | #if TF_MBEDTLS_KEY_SIZE == 1024 |
| 38 | #define PK_DER_LEN 162 |
| 39 | #elif TF_MBEDTLS_KEY_SIZE == 2048 |
| 40 | #define PK_DER_LEN 294 |
| 41 | #elif TF_MBEDTLS_KEY_SIZE == 3072 |
| 42 | #define PK_DER_LEN 422 |
| 43 | #elif TF_MBEDTLS_KEY_SIZE == 4096 |
| 44 | #define PK_DER_LEN 550 |
| 45 | #else |
| 46 | #error "Invalid value for TF_MBEDTLS_KEY_SIZE" |
| 47 | #endif |
| 48 | #else /* Only using ECDSA keys. */ |
Nicolas Toromanoff | 6bc2bbf | 2020-11-17 10:03:40 +0100 | [diff] [blame] | 49 | #define PK_DER_LEN 92 |
Manish V Badarkhe | 043fd62 | 2020-05-16 16:36:39 +0100 | [diff] [blame] | 50 | #endif |
| 51 | |
| 52 | #if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256 |
| 53 | #define HASH_DER_LEN 51 |
| 54 | #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384 |
| 55 | #define HASH_DER_LEN 67 |
| 56 | #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512 |
| 57 | #define HASH_DER_LEN 83 |
| 58 | #else |
| 59 | #error "Invalid value for TF_MBEDTLS_HASH_ALG_ID" |
| 60 | #endif |
| 61 | |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 62 | #endif /* COT_DEF_H */ |