xref: /optee_os/core/drivers/crypto/se050/crypto.mk (revision f3eff2edcb67683ac85232d2f5278a0a7bbf5b44) 
1ifeq ($(CFG_NXP_SE05X),y)
2# Enable the crypto driver
3$(call force,CFG_CRYPTO_DRIVER,y)
4CFG_CRYPTO_DRIVER_DEBUG ?= 0
5
6# SE050 initialization
7# Enables the SCP03 key rotation
8CFG_CORE_SE05X_SCP03_PROVISION ?= n
9# Displays the SE050 device information on the console at boot (i.e. OEFID)
10CFG_CORE_SE05X_DISPLAY_INFO ?= y
11# Enables the SCP03 before the REE: notice that if SCP03_PROVISION is enabled,
12# it will also attempt to rotate the keys
13CFG_CORE_SE05X_SCP03_EARLY ?= y
14# Deletes all persistent storage from the SE050 at boot
15CFG_CORE_SE05X_INIT_NVM ?= n
16# Prevents the deletion of the secure storage object holding a reference to a
17# Secure Element (SE) Non Volatile Memory object unless there is explicit
18# confirmation from the SE that the NVM object has been removed.
19CFG_CORE_SE05X_BLOCK_OBJ_DEL_ON_ERROR ?= n
20
21# I2C bus baudrate (depends on SoC)
22CFG_CORE_SE05X_BAUDRATE ?= 3400000
23# I2C bus [0..2] (depends on board)
24CFG_CORE_SE05X_I2C_BUS ?= 2
25# I2C access via REE after TEE boot
26CFG_CORE_SE05X_I2C_TRAMPOLINE ?= y
27
28# Extra stacks required to support the Plug and Trust external library
29ifeq ($(shell test $(CFG_STACK_THREAD_EXTRA) -lt 8192; echo $$?), 0)
30$(error Error: SE050 requires CFG_STACK_THREAD_EXTRA at least 8192)
31endif
32ifeq ($(shell test $(CFG_STACK_TMP_EXTRA) -lt 8192; echo $$?), 0)
33$(error Error: SE050 requires CFG_STACK_TMP_EXTRA at least 8192)
34endif
35
36# SE05X Die Identifier
37CFG_NXP_SE05X_DIEID_DRV ?= y
38
39# Allow a secure client to enable the SCP03 session
40CFG_NXP_SE05X_SCP03_DRV ?= y
41ifeq ($(CFG_NXP_SE05X_SCP03_DRV),y)
42$(call force,CFG_SCP03_PTA,y,Mandated by CFG_NXP_SE05X_SCP03)
43endif
44
45# Allow a secure client to send APDU raw frames
46CFG_NXP_SE05X_APDU_DRV ?= y
47ifeq ($(CFG_NXP_SE05X_APDU_DRV),y)
48$(call force,CFG_APDU_PTA,y,Mandated by CFG_NXP_SE05X_APDU)
49endif
50
51# Random Number Generator
52CFG_NXP_SE05X_RNG_DRV ?= y
53ifeq ($(CFG_NXP_SE05X_RNG_DRV),y)
54$(call force,CFG_WITH_SOFTWARE_PRNG,n)
55endif
56
57se050-one-enabled = $(call cfg-one-enabled, \
58                        $(foreach v,$(1), CFG_NXP_SE05X_$(v)_DRV))
59# Asymmetric ciphers
60CFG_NXP_SE05X_RSA_DRV ?= y
61CFG_NXP_SE05X_ECC_DRV ?= y
62$(call force,CFG_NXP_SE05X_ACIPHER_DRV,$(call se050-one-enabled,RSA ECC))
63
64# Asymmetric driver
65ifeq ($(CFG_NXP_SE05X_ACIPHER_DRV),y)
66$(call force,CFG_CRYPTO_DRV_ACIPHER,y,Mandated by CFG_NXP_SE05X_ACIPHER_DRV)
67endif
68
69# Asymmetric ciphers configuration
70# - RSA
71ifeq ($(CFG_NXP_SE05X_RSA_DRV),y)
72$(call force,CFG_CRYPTO_DRV_RSA,y)
73CFG_CRYPTO_RSASSA_NA1 ?= y
74_CFG_CORE_LTC_RSA = n
75endif
76# - ECC
77ifeq ($(CFG_NXP_SE05X_ECC_DRV),y)
78$(call force,CFG_CRYPTO_DRV_ECC,y)
79endif
80
81# Symmetric ciphers
82CFG_NXP_SE05X_CTR_DRV ?= y
83$(call force,CFG_NXP_SE05X_CIPHER_DRV,$(call se050-one-enabled,CTR))
84
85# Symmetric driver
86ifeq ($(CFG_NXP_SE05X_CIPHER_DRV),y)
87$(call force,CFG_CRYPTO_DRV_CIPHER,y,Mandated by CFG_NXP_SE05X_CIPHER_DRV)
88endif
89
90endif  # CFG_NXP_SE05X
91