diff options
-rw-r--r-- | board/cr50/board.h | 3 | ||||
-rw-r--r-- | board/cr50/build.mk | 36 | ||||
-rw-r--r-- | chip/g/build.mk | 1 | ||||
-rw-r--r-- | common/rma_auth.c | 5 | ||||
-rw-r--r-- | include/config.h | 4 |
5 files changed, 44 insertions, 5 deletions
diff --git a/board/cr50/board.h b/board/cr50/board.h index 06e1252101..a91bb9ba2a 100644 --- a/board/cr50/board.h +++ b/board/cr50/board.h @@ -156,7 +156,8 @@ #define CONFIG_CONSOLE_COMMAND_FLAGS_DEFAULT CMD_FLAG_RESTRICTED /* Include crypto stuff, both software and hardware. Enable optimizations. */ -#define CONFIG_DCRYPTO +/* Use board specific version of dcrypto */ +#define CONFIG_DCRYPTO_BOARD #define CONFIG_UPTO_SHA512 #define CONFIG_DCRYPTO_RSA_SPEEDUP diff --git a/board/cr50/build.mk b/board/cr50/build.mk index a06bcd3065..140812542f 100644 --- a/board/cr50/build.mk +++ b/board/cr50/build.mk @@ -33,9 +33,9 @@ else all: hex # The simulator components have their own subdirectory -CFLAGS += -I$(realpath chip/$(CHIP)/dcrypto) +CFLAGS += -I$(realpath $(BDIR)/dcrypto) CFLAGS += -I$(realpath $(BDIR)/tpm2) -dirs-y += chip/$(CHIP)/dcrypto +dirs-y += $(BDIR)/dcrypto dirs-y += $(BDIR)/tpm2 # Objects that we need to build @@ -54,6 +54,38 @@ board-${CONFIG_RDD} += rdd.o board-${CONFIG_USB_SPI} += usb_spi.o board-${CONFIG_USB_I2C} += usb_i2c.o board-y += recovery_button.o + +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/aes.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/aes_cmac.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/app_cipher.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/app_key.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/bn.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/dcrypto_bn.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/dcrypto_p256.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/compare.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/dcrypto_runtime.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/gcm.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/hkdf.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/hmac.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/hmac_drbg.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/key_ladder.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/p256.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/p256_ec.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/p256_ecies.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/rsa.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/sha1.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/sha256.o +ifeq ($(CONFIG_UPTO_SHA512),y) +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/sha384.o +ifeq ($(CONFIG_DCRYPTO_SHA512),y) +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/dcrypto_sha512.o +else +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/sha512.o +endif +endif +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/x509.o +board-$(CONFIG_DCRYPTO_BOARD)+= dcrypto/trng.o + board-y += tpm2/NVMem.o board-y += tpm2/aes.o board-y += tpm2/ecc.o diff --git a/chip/g/build.mk b/chip/g/build.mk index 67e8967eca..2fb82e4f4d 100644 --- a/chip/g/build.mk +++ b/chip/g/build.mk @@ -28,6 +28,7 @@ chip-$(CONFIG_UART_BITBANG)+= uart_bitbang.o endif # undef CONFIG_POLLING_UART chip-$(CONFIG_DCRYPTO)+= crypto_api.o +chip-$(CONFIG_DCRYPTO_BOARD)+= crypto_api.o chip-$(CONFIG_DCRYPTO)+= dcrypto/aes.o chip-$(CONFIG_DCRYPTO)+= dcrypto/aes_cmac.o diff --git a/common/rma_auth.c b/common/rma_auth.c index 24c30bbe52..7ed16bb968 100644 --- a/common/rma_auth.c +++ b/common/rma_auth.c @@ -35,8 +35,9 @@ #define always_memset memset #endif -#ifdef CONFIG_DCRYPTO +#if defined(CONFIG_DCRYPTO) || defined(CONFIG_DCRYPTO_BOARD) #include "dcrypto.h" +#define USE_DCRYPTO #else #include "sha256.h" #endif @@ -79,7 +80,7 @@ static void get_hmac_sha256(void *hmac_out, const uint8_t *secret, size_t secret_size, const void *ch_ptr, size_t ch_size) { -#ifdef CONFIG_DCRYPTO +#ifdef USE_DCRYPTO LITE_HMAC_CTX hmac; DCRYPTO_HMAC_SHA256_init(&hmac, secret, secret_size); diff --git a/include/config.h b/include/config.h index 8f7abdec59..b800904829 100644 --- a/include/config.h +++ b/include/config.h @@ -1355,6 +1355,10 @@ */ #undef CONFIG_DCRYPTO /* + * Use dcrypto in the board directory instead of chip/g. + */ +#undef CONFIG_DCRYPTO_BOARD +/* * This provides struct definitions and function declarations that can be * implemented by unit tests for testing code that depends on dcrypto. * This should not be set at the same time as CONFIG_DCRYPTO. |