1 /* 2 * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef COT_DEF_H 8 #define COT_DEF_H 9 10 /* 11 * Guard here with availability of mbedtls config since PLAT=lx2162aqds 12 * uses custom tbbr from 'drivers/nxp/auth/tbbr/tbbr_cot.c' and also may 13 * build without mbedtls folder only with TRUSTED_BOOT enabled. 14 */ 15 #ifdef MBEDTLS_CONFIG_FILE 16 #include <mbedtls/version.h> 17 #endif 18 19 /* TBBR CoT definitions */ 20 #if defined(SPD_spmd) 21 #define COT_MAX_VERIFIED_PARAMS 8 22 #elif defined(ARM_COT_cca) 23 #define COT_MAX_VERIFIED_PARAMS 8 24 #else 25 #define COT_MAX_VERIFIED_PARAMS 4 26 #endif 27 28 /* 29 * Maximum key and hash sizes (in DER format). 30 * 31 * Both RSA and ECDSA keys may be used at the same time. In this case, the key 32 * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA 33 * ones for all key sizes we support, they impose the minimum size of these 34 * buffers. 35 */ 36 #if TF_MBEDTLS_USE_RSA 37 #if TF_MBEDTLS_KEY_SIZE == 1024 38 #define PK_DER_LEN 162 39 #elif TF_MBEDTLS_KEY_SIZE == 2048 40 #define PK_DER_LEN 294 41 #elif TF_MBEDTLS_KEY_SIZE == 3072 42 #define PK_DER_LEN 422 43 #elif TF_MBEDTLS_KEY_SIZE == 4096 44 #define PK_DER_LEN 550 45 #else 46 #error "Invalid value for TF_MBEDTLS_KEY_SIZE" 47 #endif 48 #else /* Only using ECDSA keys. */ 49 #define PK_DER_LEN 92 50 #endif 51 52 #if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256 53 #define HASH_DER_LEN 51 54 #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384 55 #define HASH_DER_LEN 67 56 #elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512 57 #define HASH_DER_LEN 83 58 #else 59 #error "Invalid value for TF_MBEDTLS_HASH_ALG_ID" 60 #endif 61 62 #endif /* COT_DEF_H */ 63