Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 30f896422f194a547fd91a21f86c63797d011244 / . / include / drivers / auth / mbedtls / mbedtls_config.h
blob: 59aeea99294b9863f80ac3e3835df513ada0ab90 [file] [log] [blame]
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]1/*
John Tsichritzis30f89642018-06-07 16:31:34 +0100[diff] [blame^]2 * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]3 *
dp-armfa3cf0b2017-05-03 09:38:09 +0100[diff] [blame]4 * SPDX-License-Identifier: BSD-3-Clause
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]5 */
6#ifndef __MBEDTLS_CONFIG_H__
7#define __MBEDTLS_CONFIG_H__
8
9/*
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]10 * Key algorithms currently supported on mbed TLS libraries
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]11 */
Qixiang Xu1c2aef12017-08-24 15:12:20 +0800[diff] [blame]12#define TF_MBEDTLS_RSA 1
13#define TF_MBEDTLS_ECDSA 2
Qixiang Xuaa05eea2017-08-24 15:26:39 +0800[diff] [blame]14#define TF_MBEDTLS_RSA_AND_ECDSA 3
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]15
16/*
Qixiang Xu1a1f2912017-11-09 13:56:29 +0800[diff] [blame]17 * Hash algorithms currently supported on mbed TLS libraries
18 */
19#define TF_MBEDTLS_SHA256 1
20#define TF_MBEDTLS_SHA384 2
21#define TF_MBEDTLS_SHA512 3
22
23/*
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]24 * Configuration file to build mbed TLS with the required features for
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]25 * Trusted Boot
26 */
27
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]28#define MBEDTLS_PLATFORM_MEMORY
29#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Antonio Nino Diaz6b90f5e2017-05-19 11:37:22 +0100[diff] [blame]30/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
31#define MBEDTLS_PLATFORM_SNPRINTF_ALT
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]32
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]33#if !ERROR_DEPRECATED
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]34#define MBEDTLS_PKCS1_V15
Soby Mathew0a68d132017-05-31 10:35:27 +0100[diff] [blame]35#endif
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]36#define MBEDTLS_PKCS1_V21
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]37
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]38#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
39#define MBEDTLS_X509_CHECK_KEY_USAGE
40#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]41
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]42#define MBEDTLS_ASN1_PARSE_C
43#define MBEDTLS_ASN1_WRITE_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]44
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]45#define MBEDTLS_BASE64_C
46#define MBEDTLS_BIGNUM_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]47
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]48#define MBEDTLS_ERROR_C
49#define MBEDTLS_MD_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]50
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]51#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
52#define MBEDTLS_OID_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]53
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]54#define MBEDTLS_PK_C
55#define MBEDTLS_PK_PARSE_C
56#define MBEDTLS_PK_WRITE_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]57
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]58#define MBEDTLS_PLATFORM_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]59
David Cunadoc7a1b192017-05-10 16:38:44 +0100[diff] [blame]60#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA)
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]61#define MBEDTLS_ECDSA_C
62#define MBEDTLS_ECP_C
63#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
David Cunadoc7a1b192017-05-10 16:38:44 +0100[diff] [blame]64#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]65#define MBEDTLS_RSA_C
Qixiang Xu1c2aef12017-08-24 15:12:20 +0800[diff] [blame]66#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
Qixiang Xuaa05eea2017-08-24 15:26:39 +0800[diff] [blame]67#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
68#define MBEDTLS_RSA_C
69#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
70#define MBEDTLS_ECDSA_C
71#define MBEDTLS_ECP_C
72#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]73#endif
74
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]75#define MBEDTLS_SHA256_C
Qixiang Xu1a1f2912017-11-09 13:56:29 +0800[diff] [blame]76#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256)
77#define MBEDTLS_SHA512_C
78#endif
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]79
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]80#define MBEDTLS_VERSION_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]81
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]82#define MBEDTLS_X509_USE_C
83#define MBEDTLS_X509_CRT_PARSE_C
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]84
85/* MPI / BIGNUM options */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]86#define MBEDTLS_MPI_WINDOW_SIZE 2
87#define MBEDTLS_MPI_MAX_SIZE 256
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]88
89/* Memory buffer allocator options */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]90#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]91
Qixiang Xude431b12017-10-13 09:23:42 +0800[diff] [blame]92#ifndef __ASSEMBLY__
93/* System headers required to build mbed TLS with the current configuration */
94#include <stdlib.h>
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]95#include "mbedtls/check_config.h"
Qixiang Xude431b12017-10-13 09:23:42 +0800[diff] [blame]96#endif
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]97
John Tsichritzis30f89642018-06-07 16:31:34 +0100[diff] [blame^]98/*
99 * Determine Mbed TLS heap size
100 * 13312 = 13*1024
101 * 7168 = 7*1024
102 */
103#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
104 || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
105#define TF_MBEDTLS_HEAP_SIZE U(13312)
106#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
107#define TF_MBEDTLS_HEAP_SIZE U(7168)
108#endif
109
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]110#endif /* __MBEDTLS_CONFIG_H__ */