diff options
-rw-r--r-- | board/cr50/board.h | 1 | ||||
-rw-r--r-- | board/cr50/build.mk | 9 | ||||
-rw-r--r-- | chip/g/build.mk | 4 | ||||
-rw-r--r-- | include/config.h | 4 |
4 files changed, 16 insertions, 2 deletions
diff --git a/board/cr50/board.h b/board/cr50/board.h index 84a12d595a..8f718e13c0 100644 --- a/board/cr50/board.h +++ b/board/cr50/board.h @@ -111,6 +111,7 @@ /* Include crypto stuff, both software and hardware. */ #define CONFIG_DCRYPTO +#define CONFIG_UPTO_SHA512 #ifndef __ASSEMBLER__ diff --git a/board/cr50/build.mk b/board/cr50/build.mk index d2194c39e4..9aeaf391b7 100644 --- a/board/cr50/build.mk +++ b/board/cr50/build.mk @@ -63,14 +63,21 @@ CPPFLAGS += -I$(abspath ./chip/$(CHIP)) CPPFLAGS += -I$(abspath .) CPPFLAGS += -I$(abspath $(BDIR)) CPPFLAGS += -I$(abspath ./test) +ifeq ($(CONFIG_UPTO_SHA512),y) +CPPFLAGS += -DSHA512_SUPPORT +endif # Make sure the context of the software sha512 implementation fits. If it ever # increases, a compile time assert will fire in tpm2/hash.c. +ifeq ($(CONFIG_UPTO_SHA512),y) CFLAGS += -DUSER_MIN_HASH_STATE_SIZE=208 +else +CFLAGS += -DUSER_MIN_HASH_STATE_SIZE=112 +endif # Configure TPM2 headers accordingly. CFLAGS += -DEMBEDDED_MODE=1 # Configure cryptoc headers to handle unaligned accesses. -CFLAGS += -DSUPPORT_UNALIGNED=1 -DSHA512_SUPPORT=1 +CFLAGS += -DSUPPORT_UNALIGNED=1 # Add dependencies on that library $(out)/RW/ec.RW.elf $(out)/RW/ec.RW_B.elf: LDFLAGS_EXTRA += -L$(out)/tpm2 -ltpm2 diff --git a/chip/g/build.mk b/chip/g/build.mk index 0505cf84b1..a123bd173d 100644 --- a/chip/g/build.mk +++ b/chip/g/build.mk @@ -41,8 +41,10 @@ chip-$(CONFIG_DCRYPTO)+= dcrypto/p256_ecies.o chip-$(CONFIG_DCRYPTO)+= dcrypto/rsa.o chip-$(CONFIG_DCRYPTO)+= dcrypto/sha1.o chip-$(CONFIG_DCRYPTO)+= dcrypto/sha256.o +ifeq ($(CONFIG_UPTO_SHA512),y) chip-$(CONFIG_DCRYPTO)+= dcrypto/sha384.o chip-$(CONFIG_DCRYPTO)+= dcrypto/sha512.o +endif chip-$(CONFIG_DCRYPTO)+= dcrypto/x509.o chip-$(CONFIG_SPI_MASTER)+=spi_master.o @@ -139,7 +141,7 @@ $(out)/RW/ec.RW.elf $(out)/RW/ec.RW_B.elf: $(out)/cryptoc/libcryptoc.a .PHONY: $(out)/cryptoc/libcryptoc.a $(out)/cryptoc/libcryptoc.a: $(MAKE) obj=$(realpath $(out))/cryptoc SUPPORT_UNALIGNED=1 \ - SHA512_SUPPORT=1 -C $(CRYPTOCLIB) + CONFIG_UPTO_SHA512=$(CONFIG_UPTO_SHA512) -C $(CRYPTOCLIB) endif # end CONFIG_DCRYPTO endif # CHIP_MK_INCLUDED_ONCE is nonempty diff --git a/include/config.h b/include/config.h index 7519fb6d58..43b7c141bf 100644 --- a/include/config.h +++ b/include/config.h @@ -762,6 +762,10 @@ * only supported on CR50. */ #undef CONFIG_DCRYPTO +/* + * When enabled build support for SHA-384/512, requires CONFIG_DCRYPTO. + */ +#undef CONFIG_UPTO_SHA512 /*****************************************************************************/ /* |