blob: bf23917bbf286e999ee15c0dcd6a234c7f545e67 [file] [log] [blame]
Juan Castillo9b265a82015-05-07 14:52:44 +01001/*
laurenw-arm9ccfe802023-10-03 15:25:21 -05002 * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
Juan Castillo9b265a82015-05-07 14:52:44 +01003 *
dp-armfa3cf0b2017-05-03 09:38:09 +01004 * SPDX-License-Identifier: BSD-3-Clause
Juan Castillo9b265a82015-05-07 14:52:44 +01005 */
6
Antonio Nino Diaz5eb88372018-11-08 10:20:19 +00007#ifndef COT_DEF_H
8#define COT_DEF_H
Juan Castillo9b265a82015-05-07 14:52:44 +01009
Govindraj Rajae045e122023-02-28 11:37:02 +000010/*
11 * Guard here with availability of mbedtls config since PLAT=lx2162aqds
12 * uses custom tbbr from 'drivers/nxp/auth/tbbr/tbbr_cot.c' and also may
13 * build without mbedtls folder only with TRUSTED_BOOT enabled.
14 */
15#ifdef MBEDTLS_CONFIG_FILE
Govindraj Raja9c7dfb02023-01-11 18:34:58 +000016#include <mbedtls/version.h>
Govindraj Rajae045e122023-02-28 11:37:02 +000017#endif
Pankaj Gupta8778ebf2020-12-09 14:02:38 +053018
Juan Castillo9b265a82015-05-07 14:52:44 +010019/* TBBR CoT definitions */
Manish Pandey5f8e1a02020-05-27 22:40:10 +010020#if defined(SPD_spmd)
21#define COT_MAX_VERIFIED_PARAMS 8
laurenw-arm483e5ac2022-04-21 15:49:00 -050022#elif defined(ARM_COT_cca)
23#define COT_MAX_VERIFIED_PARAMS 8
Manish Pandey5f8e1a02020-05-27 22:40:10 +010024#else
Juan Castillo9b265a82015-05-07 14:52:44 +010025#define COT_MAX_VERIFIED_PARAMS 4
Manish Pandey5f8e1a02020-05-27 22:40:10 +010026#endif
Juan Castillo9b265a82015-05-07 14:52:44 +010027
Manish V Badarkhe043fd622020-05-16 16:36:39 +010028/*
29 * Maximum key and hash sizes (in DER format).
30 *
31 * Both RSA and ECDSA keys may be used at the same time. In this case, the key
32 * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA
33 * ones for all key sizes we support, they impose the minimum size of these
34 * buffers.
Manish V Badarkhea3e377b2023-10-20 10:53:42 +010035 *
36 * If the platform employs its own mbedTLS configuration, it is the platform's
37 * responsibility to define TF_MBEDTLS_USE_RSA or TF_MBEDTLS_USE_ECDSA to
38 * establish the appropriate PK_DER_LEN size.
Manish V Badarkhe043fd622020-05-16 16:36:39 +010039 */
Manish V Badarkhea3e377b2023-10-20 10:53:42 +010040#ifdef MBEDTLS_CONFIG_FILE
Manish V Badarkhe043fd622020-05-16 16:36:39 +010041#if TF_MBEDTLS_USE_RSA
42#if TF_MBEDTLS_KEY_SIZE == 1024
43#define PK_DER_LEN 162
44#elif TF_MBEDTLS_KEY_SIZE == 2048
45#define PK_DER_LEN 294
46#elif TF_MBEDTLS_KEY_SIZE == 3072
47#define PK_DER_LEN 422
48#elif TF_MBEDTLS_KEY_SIZE == 4096
49#define PK_DER_LEN 550
50#else
51#error "Invalid value for TF_MBEDTLS_KEY_SIZE"
52#endif
Manish V Badarkhecdeb5522023-10-26 11:06:23 +010053#elif TF_MBEDTLS_USE_ECDSA
laurenw-arm9ccfe802023-10-03 15:25:21 -050054#if TF_MBEDTLS_KEY_SIZE == 384
55#define PK_DER_LEN 120
56#elif TF_MBEDTLS_KEY_SIZE == 256
Nicolas Toromanoff6bc2bbf2020-11-17 10:03:40 +010057#define PK_DER_LEN 92
laurenw-arm9ccfe802023-10-03 15:25:21 -050058#else
59#error "Invalid value for TF_MBEDTLS_KEY_SIZE"
60#endif
Manish V Badarkhecdeb5522023-10-26 11:06:23 +010061#else
62#error "Invalid value of algorithm"
63#endif /* TF_MBEDTLS_USE_RSA */
Manish V Badarkhe043fd622020-05-16 16:36:39 +010064
65#if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256
66#define HASH_DER_LEN 51
67#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384
68#define HASH_DER_LEN 67
69#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512
70#define HASH_DER_LEN 83
71#else
72#error "Invalid value for TF_MBEDTLS_HASH_ALG_ID"
73#endif
Manish V Badarkhea3e377b2023-10-20 10:53:42 +010074#endif /* MBEDTLS_CONFIG_FILE */
Manish V Badarkhe043fd622020-05-16 16:36:39 +010075
Antonio Nino Diaz5eb88372018-11-08 10:20:19 +000076#endif /* COT_DEF_H */