Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 64e01a36a2277039dd79d2751d940b974e904fbe / . / plat / st / stm32mp1 / include / stm32mp1_mbedtls_config-3.h
blob: d7dab1f8a2c5d43c5e1371d552d9b912b8bcf507 [file] [log] [blame]
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]1/*
2 * Copyright (c) 2022, STMicroelectronics - All Rights Reserved
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]6
7/*
8 * Key algorithms currently supported on mbed TLS libraries
9 */
10#define TF_MBEDTLS_USE_RSA 0
11#define TF_MBEDTLS_USE_ECDSA 1
12
13/*
14 * Hash algorithms currently supported on mbed TLS libraries
15 */
16#define TF_MBEDTLS_SHA256 1
17#define TF_MBEDTLS_SHA384 2
18#define TF_MBEDTLS_SHA512 3
19
20/*
21 * Configuration file to build mbed TLS with the required features for
22 * Trusted Boot
23 */
24
25#define MBEDTLS_PLATFORM_MEMORY
26#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
27/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
28#define MBEDTLS_PLATFORM_SNPRINTF_ALT
29
30#define MBEDTLS_PKCS1_V21
31
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]32#define MBEDTLS_ASN1_PARSE_C
33#define MBEDTLS_ASN1_WRITE_C
34
35#define MBEDTLS_BASE64_C
36#define MBEDTLS_BIGNUM_C
37
38#define MBEDTLS_ERROR_C
39#define MBEDTLS_MD_C
40
41#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
42#define MBEDTLS_OID_C
43
44#define MBEDTLS_PK_C
45#define MBEDTLS_PK_PARSE_C
46#define MBEDTLS_PK_WRITE_C
47
48#define MBEDTLS_PLATFORM_C
49
50#if TF_MBEDTLS_USE_ECDSA
51#define MBEDTLS_ECDSA_C
52#define MBEDTLS_ECP_C
53#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]54#endif
55#if TF_MBEDTLS_USE_RSA
56#define MBEDTLS_RSA_C
57#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
58#endif
59
Govindraj Raja3191ac42023-01-23 13:11:12 +0000[diff] [blame]60/* The library does not currently support enabling SHA-256 without SHA-224. */
61#define MBEDTLS_SHA224_C
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]62#define MBEDTLS_SHA256_C
Govindraj Raja3191ac42023-01-23 13:11:12 +0000[diff] [blame]63
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]64#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256)
Govindraj Raja3191ac42023-01-23 13:11:12 +0000[diff] [blame]65#define MBEDTLS_SHA384_C
Lionel Debieve13a668d2022-10-05 16:47:03 +0200[diff] [blame]66#define MBEDTLS_SHA512_C
67#endif
68
69#define MBEDTLS_VERSION_C
70
71#define MBEDTLS_X509_USE_C
72#define MBEDTLS_X509_CRT_PARSE_C
73
74#if TF_MBEDTLS_USE_AES_GCM
75#define MBEDTLS_AES_C
76#define MBEDTLS_CIPHER_C
77#define MBEDTLS_GCM_C
78#endif
79
80/* MPI / BIGNUM options */
81#define MBEDTLS_MPI_WINDOW_SIZE 2
82
83#if TF_MBEDTLS_USE_RSA
84#if TF_MBEDTLS_KEY_SIZE <= 2048
85#define MBEDTLS_MPI_MAX_SIZE 256
86#else
87#define MBEDTLS_MPI_MAX_SIZE 512
88#endif
89#else
90#define MBEDTLS_MPI_MAX_SIZE 256
91#endif
92
93/* Memory buffer allocator options */
94#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
95
96/*
97 * Prevent the use of 128-bit division which
98 * creates dependency on external libraries.
99 */
100#define MBEDTLS_NO_UDBL_DIVISION
101
102#ifndef __ASSEMBLER__
103/* System headers required to build mbed TLS with the current configuration */
104#include <stdlib.h>
105#include <mbedtls/check_config.h>
106#endif
107
108/*
109 * Mbed TLS heap size is smal as we only use the asn1
110 * parsing functions
111 * digest, signature and crypto algorithm are done by
112 * other library.
113 */
114
115#define TF_MBEDTLS_HEAP_SIZE U(5120)