Build: Add RSA-3072 support PSA TBSA-M recommends to use RSA signature for firmware authentication with at least 3072 bits length key size. Change-Id: I0689123d61b55167b3efab90fe520e94d9586055 Signed-off-by: Tamas Ban <tamas.ban@arm.com>

commit: 7801ed4dcba33a5412ed5c9bcbded0ee6d48dd52 [log] [tgz]
author: Tamas Ban <tamas.ban@arm.com> Mon May 20 13:21:53 2019 +0100
committer: Tamas Ban <tamas.ban@arm.com> Fri May 24 12:26:02 2019 +0000
tree: 5313b77e497f7193a2f4fa172a4d99de64aeb59b
parent: 861835c0c534848bf6dcd81ef8042cfc1b0bffae [diff] [blame]
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index 06e0d5b..19ddf3d 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt

@@ -130,12 +130,19 @@
 
 #Set macro definitions for the project.
 target_compile_definitions(${PROJECT_NAME} PRIVATE
-							MCUBOOT_SIGN_RSA
 							MCUBOOT_VALIDATE_SLOT0
 							MCUBOOT_USE_FLASH_AREA_GET_SECTORS
 							MBEDTLS_CONFIG_FILE="config-boot.h"
 							MCUBOOT_TARGET_CONFIG="flash_layout.h")
 
+if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
+	target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=3072)
+elseif(MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-2048")
+	target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_SIGN_RSA MCUBOOT_SIGN_RSA_LEN=2048)
+else()
+	message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm")
+endif()
+
 if (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "OVERWRITE_ONLY")
 	target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_OVERWRITE_ONLY)
 elseif (${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP")
commit	7801ed4dcba33a5412ed5c9bcbded0ee6d48dd52	[log] [tgz]
author	Tamas Ban <tamas.ban@arm.com>	Mon May 20 13:21:53 2019 +0100
committer	Tamas Ban <tamas.ban@arm.com>	Fri May 24 12:26:02 2019 +0000
tree	5313b77e497f7193a2f4fa172a4d99de64aeb59b
parent	861835c0c534848bf6dcd81ef8042cfc1b0bffae [diff] [blame]