Attest: Make possible to remove the optional claims
As part of the optimization work, a compile time switch was
introduced to make possible to exclude the optional claims from
the initial attestation token. Removal of optional claims reduces
the token size and the code size as well. Default behaviour is to
include the optional claims.
Change-Id: Ib48789f8cce1c8fa971ab46d4e09bf2f6bd628a1
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index e409cbe..15635e1 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -300,7 +300,7 @@
#Default TF-M secure storage flags.
#These flags values can be overwritten by setting them in platform/ext/<TARGET_NAME>.cmake
-#Documentation about these flags can be found in docs/user_guides/services/tfm_sst_integration_guide.md
+#Documentation about these flags can be found in docs/user_guides/services/tfm_sst_integration_guide.rst
if (NOT DEFINED SST_ENCRYPTION)
set (SST_ENCRYPTION ON)
endif()
@@ -337,6 +337,12 @@
set(MBEDTLS_DEBUG OFF)
endif()
+#Default TF-M initial-attestation service flags.
+#Documentation about these flags can be found in docs/user_guides/services/tfm_attestation_integration_guide.rst
+if (NOT DEFINED ATTEST_INCLUDE_OPTIONAL_CLAIMS)
+ set(ATTEST_INCLUDE_OPTIONAL_CLAIMS ON)
+endif()
+
##Set mbedTLS compiler flags for BL2 bootloader
set(MBEDTLS_C_FLAGS_BL2 "-D__ARM_FEATURE_CMSE=${ARM_FEATURE_CMSE} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -DMBEDTLS_CONFIG_FILE=\\\\\\\"config-boot.h\\\\\\\" -I${CMAKE_CURRENT_LIST_DIR}/bl2/ext/mcuboot/include")
if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")