diff options
author | Justin Chadwell <justin.chadwell@arm.com> | 2019-07-29 17:13:10 +0100 |
---|---|---|
committer | Justin Chadwell <justin.chadwell@arm.com> | 2019-09-12 15:27:39 +0100 |
commit | aacff7498c7241696f55a9b80473e59b72d4d095 (patch) | |
tree | 01615f4f69293ad2d89108796fc9c8d3f4b2e302 /drivers/auth/tbbr/tbbr_cot.c | |
parent | 2fc6ffc451c9af16e03eff51e779c33828e9ab07 (diff) | |
download | trusted-firmware-a-aacff7498c7241696f55a9b80473e59b72d4d095.tar.gz |
Support larger RSA key sizes when using MBEDTLS
Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations with the larger, higher-precision numbers required. With
these changes to the arguments passed to MBEDTLS, TF-A now supports
using 3072 (3K) and 4096 (4K) keys in certificates.
Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
Diffstat (limited to 'drivers/auth/tbbr/tbbr_cot.c')
-rw-r--r-- | drivers/auth/tbbr/tbbr_cot.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index da3631bbf9..6dd4ae252d 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -7,6 +7,7 @@ #include <stddef.h> #include <platform_def.h> +#include <drivers/auth/mbedtls/mbedtls_config.h> #include <drivers/auth/auth_mod.h> #if USE_TBBR_DEFS @@ -19,7 +20,22 @@ /* * Maximum key and hash sizes (in DER format) */ +#if TF_MBEDTLS_USE_RSA +#if TF_MBEDTLS_KEY_SIZE == 1024 +#define PK_DER_LEN 162 +#elif TF_MBEDTLS_KEY_SIZE == 2048 #define PK_DER_LEN 294 +#elif TF_MBEDTLS_KEY_SIZE == 3072 +#define PK_DER_LEN 422 +#elif TF_MBEDTLS_KEY_SIZE == 4096 +#define PK_DER_LEN 550 +#else +#error "Invalid value for TF_MBEDTLS_KEY_SIZE" +#endif +#else +#define PK_DER_LEN 294 +#endif + #define HASH_DER_LEN 83 /* |