diff options
author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2020-02-17 16:26:05 +0100 |
---|---|---|
committer | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2020-02-18 09:47:12 +0100 |
commit | 0b4e59211bf78db96b9f6a87869f623ea2810ebc (patch) | |
tree | 485b2883e2186bb8fcdc4990f6f0f2feabac5eec | |
parent | 495599cd0a56143f9e5159f354b5718ac84e7431 (diff) | |
download | trusted-firmware-a-0b4e59211bf78db96b9f6a87869f623ea2810ebc.tar.gz |
TBBR: Reduce size of hash buffers when possible
The TBBR implementation extracts hashes from certificates and stores
them in static buffers. TF-A supports 3 variants of SHA right now:
SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
commit 9a3088a5f509084e60d9c55bf53985c5ec4ca821 ("tbbr: Add build flag
HASH_ALG to let the user to select the SHA"), the hash buffers got
unconditionally increased from 51 to 83 bytes each. We can reduce that
space if we're using SHA-256 or SHA-384.
This saves some BSS space in both BL1 and BL2:
- BL1 with SHA-256: saving 168 bytes.
- BL1 with SHA-384: saving 80 bytes.
- BL2 with SHA-256: saving 384 bytes.
- BL2 with SHA-384: saving 192 bytes.
Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-rw-r--r-- | drivers/auth/tbbr/tbbr_cot.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 2f1f451b15..6f00b180ca 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -41,7 +41,15 @@ #define PK_DER_LEN 91 #endif +#if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256 +#define HASH_DER_LEN 51 +#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384 +#define HASH_DER_LEN 67 +#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512 #define HASH_DER_LEN 83 +#else +#error "Invalid value for TF_MBEDTLS_HASH_ALG_ID" +#endif /* * The platform must allocate buffers to store the authentication parameters |