1 /* 2 * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef COT_DEF_H 8 #define COT_DEF_H 9 10 /* 11 * Guard here with availability of mbedtls config since PLAT=lx2162aqds 12 * uses custom tbbr from 'drivers/nxp/auth/tbbr/tbbr_cot.c' and also may 13 * build without mbedtls folder only with TRUSTED_BOOT enabled. 14 */ 15 #ifdef MBEDTLS_CONFIG_FILE 16 #include <mbedtls/version.h> 17 #endif 18 19 /* TBBR CoT definitions */ 20 #if defined(SPD_spmd) 21 #define COT_MAX_VERIFIED_PARAMS 8 22 #elif defined(ARM_COT_cca) 23 #define COT_MAX_VERIFIED_PARAMS 8 24 #else 25 #define COT_MAX_VERIFIED_PARAMS 4 26 #endif 27 28 /* 29 * Maximum key and hash sizes (in DER format). 30 * 31 * Both RSA and ECDSA keys may be used at the same time. In this case, the key 32 * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA 33 * ones for all key sizes we support, they impose the minimum size of these 34 * buffers. 35 */ 36 #if TF_MBEDTLS_USE_RSA 37 #if TF_MBEDTLS_KEY_SIZE == 1024 38 #define PK_DER_LEN 162 39 #elif TF_MBEDTLS_KEY_SIZE == 2048 40 #define PK_DER_LEN 294 41 #elif TF_MBEDTLS_KEY_SIZE == 3072 42 #define PK_DER_LEN 422 43 #elif TF_MBEDTLS_KEY_SIZE == 4096 44 #define PK_DER_LEN 550 45 #else 46 #error "Invalid value for TF_MBEDTLS_KEY_SIZE" 47 #endif 48 #elif TF_MBEDTLS_USE_ECDSA 49 #if TF_MBEDTLS_KEY_SIZE == 384 50 #define PK_DER_LEN 120 51 #elif TF_MBEDTLS_KEY_SIZE == 256 52 #define PK_DER_LEN 92 53 #else 54 #error "Invalid value for TF_MBEDTLS_KEY_SIZE" 55 #endif 56 #else 57 #error "Invalid value of algorithm" 58 #endif /* TF_MBEDTLS_USE_RSA */ 59 60 #if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256 61 #define HASH_DER_LEN 51 62 #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384 63 #define HASH_DER_LEN 67 64 #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512 65 #define HASH_DER_LEN 83 66 #else 67 #error "Invalid value for TF_MBEDTLS_HASH_ALG_ID" 68 #endif 69 70 #endif /* COT_DEF_H */ 71