diff options
author | Qixiang Xu <qixiang.xu@arm.com> | 2017-08-24 15:26:39 +0800 |
---|---|---|
committer | Qixiang Xu <qixiang.xu@arm.com> | 2017-09-22 17:42:40 +0800 |
commit | dcbf3932fd58537695dfcd8ccacb1a76fd193b48 (patch) | |
tree | 3b41add181bdf950d41df02bf74f2133d6bd46ce /drivers/auth | |
parent | 9db9c65a112e6e3a0bb9588b8e30a22265cbfbaf (diff) |
Dynamic selection of ECDSA or RSA
Add new option rsa+ecdsa for TF_MBEDTLS_KEY_ALG, which selects
rsa or ecdsa depending on the certificate used.
Change-Id: I08d9e99bdbba361ed2ec5624248dc382c750ad47
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Diffstat (limited to 'drivers/auth')
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.c | 3 | ||||
-rw-r--r-- | drivers/auth/mbedtls/mbedtls_crypto.mk | 24 |
2 files changed, 18 insertions, 9 deletions
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c index cc57af39..205c2432 100644 --- a/drivers/auth/mbedtls/mbedtls_common.c +++ b/drivers/auth/mbedtls/mbedtls_common.c @@ -14,7 +14,8 @@ /* * mbed TLS heap */ -#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) +#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \ + || (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA) #define MBEDTLS_HEAP_SIZE (13*1024) #elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA) #define MBEDTLS_HEAP_SIZE (7*1024) diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk index 21b857bf..d6fc7eb5 100644 --- a/drivers/auth/mbedtls/mbedtls_crypto.mk +++ b/drivers/auth/mbedtls/mbedtls_crypto.mk @@ -41,18 +41,26 @@ MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \ ) # Key algorithm specific files +MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ + ecdsa.c \ + ecp_curves.c \ + ecp.c \ + ) + +MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ + rsa.c \ + ) + ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) - MBEDTLS_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - ecdsa.c \ - ecp_curves.c \ - ecp.c \ - ) + MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) - MBEDTLS_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - rsa.c \ - ) + MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) + MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) + MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA else $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") endif |