Crypto: Enable CC312 runtime library
Enable in cmake. Update mbedtls config to use hardware functions. Add
init function.
Change-Id: I874999056d62c8855c1d934a33d4ab4c5c74c569
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/secure_fw/services/crypto/CMakeLists.txt b/secure_fw/services/crypto/CMakeLists.txt
index d6d70f9..f7d7135 100644
--- a/secure_fw/services/crypto/CMakeLists.txt
+++ b/secure_fw/services/crypto/CMakeLists.txt
@@ -28,20 +28,29 @@
set (CRYPTO_ENGINE_MBEDTLS ON)
if (CRYPTO_ENGINE_MBEDTLS)
- #Define location of Mbed Crypto source, build, and installation directory.
- get_filename_component(MBEDCRYPTO_SOURCE_DIR "${TFM_ROOT_DIR}/../mbed-crypto" ABSOLUTE)
- set (MBEDCRYPTO_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbed-crypto/build")
- set (MBEDCRYPTO_INSTALL_DIR ${MBEDCRYPTO_BINARY_DIR}/../install)
- set (MBEDCRYPTO_TARGET_NAME "mbedcrypto_lib")
+ set (MBEDTLS_CONFIG_FILE "tfm_mbedcrypto_config.h")
+ set (MBEDTLS_CONFIG_PATH "${PLATFORM_DIR}/common")
+ #Define location of Mbed Crypto source, build, and installation directory.
+ get_filename_component(MBEDCRYPTO_SOURCE_DIR "${TFM_ROOT_DIR}/../mbed-crypto" ABSOLUTE)
+ set (MBEDCRYPTO_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbed-crypto/build")
+ set (MBEDCRYPTO_INSTALL_DIR ${MBEDCRYPTO_BINARY_DIR}/../install)
+ set (MBEDCRYPTO_TARGET_NAME "mbedcrypto_lib")
endif()
include(CMakeLists.inc)
+if (CRYPTO_HW_ACCELERATOR)
+ if(NOT DEFINED CRYPTO_HW_ACCELERATOR_CMAKE_BUILD)
+ message(FATAL_ERROR "CRYPTO_HW_ACCELERATOR_CMAKE_BUILD not defined.")
+ endif()
+ include(${CRYPTO_HW_ACCELERATOR_CMAKE_BUILD})
+endif()
+
#Create a list of the C defines
list(APPEND TFM_CRYPTO_C_DEFINES_LIST __ARM_FEATURE_CMSE=${ARM_FEATURE_CMSE} __thumb2__ TFM_LVL=${TFM_LVL})
if (CRYPTO_ENGINE_MBEDTLS)
- list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_ENGINE_MBEDTLS MBEDTLS_CONFIG_FILE="platform/ext/common/tfm_mbedcrypto_config.h")
+ list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_ENGINE_MBEDTLS MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
endif()
#Add module configuration parameters in case they are provided during CMake configuration step
@@ -53,35 +62,43 @@
TFM_CRYPTO_GENERATOR_MODULE_DISABLED=${CRYPTO_GENERATOR_MODULE_DISABLED}
TFM_CRYPTO_ASYMMETRIC_MODULE_DISABLED=${CRYPTO_ASYMMETRIC_MODULE_DISABLED})
if (DEFINED CRYPTO_ENGINE_BUF_SIZE)
- list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_ENGINE_BUF_SIZE=${CRYPTO_ENGINE_BUF_SIZE})
+ list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_ENGINE_BUF_SIZE=${CRYPTO_ENGINE_BUF_SIZE})
endif()
if (DEFINED CRYPTO_CONC_OPER_NUM)
- list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_CONC_OPER_NUM=${CRYPTO_CONC_OPER_NUM})
+ list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_CONC_OPER_NUM=${CRYPTO_CONC_OPER_NUM})
endif()
if (TFM_PSA_API AND DEFINED CRYPTO_IOVEC_BUFFER_SIZE)
- list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_IOVEC_BUFFER_SIZE=${CRYPTO_IOVEC_BUFFER_SIZE})
+ list(APPEND TFM_CRYPTO_C_DEFINES_LIST TFM_CRYPTO_IOVEC_BUFFER_SIZE=${CRYPTO_IOVEC_BUFFER_SIZE})
endif()
if (CRYPTO_ENGINE_MBEDTLS)
- #Set Mbed Crypto compiler flags
- set(MBEDCRYPTO_C_FLAGS ${MBEDCRYPTO_C_FLAGS_SERVICES})
- string(APPEND MBEDCRYPTO_C_FLAGS " -DMBEDTLS_CONFIG_FILE=\\\\\\\"tfm_mbedcrypto_config.h\\\\\\\""
- " -I${CMAKE_CURRENT_LIST_DIR}")
+ #Set Mbed Crypto compiler flags
+ string(APPEND MBEDCRYPTO_C_FLAGS " ${MBEDCRYPTO_C_FLAGS_SERVICES}")
+ string(APPEND MBEDCRYPTO_C_FLAGS " -DMBEDTLS_CONFIG_FILE=\\\\\\\"${MBEDTLS_CONFIG_FILE}\\\\\\\""
+ " -I${CMAKE_CURRENT_LIST_DIR}")
- #Build Mbed Crypto as external project.
- #This ensures Mbed Crypto is built with exactly defined settings.
- #Mbed Crypto will be used from its install location
- include(${TFM_ROOT_DIR}/BuildMbedCrypto.cmake)
+ #Build Mbed Crypto as external project.
+ #This ensures Mbed Crypto is built with exactly defined settings.
+ #Mbed Crypto will be used from its install location
+ include(${TFM_ROOT_DIR}/BuildMbedCrypto.cmake)
endif()
#Specify what we build (for the crypto service, build as a static library)
add_library(tfm_crypto STATIC ${ALL_SRC_ASM} ${ALL_SRC_C})
embedded_set_target_compile_defines(TARGET tfm_crypto LANGUAGE C DEFINES ${TFM_CRYPTO_C_DEFINES_LIST})
if (CRYPTO_ENGINE_MBEDTLS)
- #Add a dependency on the Mbed Crypto install target.
- add_dependencies(tfm_crypto ${MBEDCRYPTO_TARGET_NAME}_install)
- #Ask the compiler to merge the Mbed Crypto and crypto service libraries.
- compiler_merge_library(DEST tfm_crypto LIBS "${MBEDCRYPTO_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX_C}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX_C}")
+ #Add a dependency on the Mbed Crypto install target.
+ add_dependencies(tfm_crypto ${MBEDCRYPTO_TARGET_NAME}_install)
+ #Ask the compiler to merge the Mbed Crypto and crypto service libraries.
+ compiler_merge_library(DEST tfm_crypto LIBS "${MBEDCRYPTO_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX_C}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX_C}")
+
+ #Link crypto accelerator libraries if applicable
+ if (CRYPTO_HW_ACCELERATOR)
+ if(NOT DEFINED CRYPTO_HW_ACCELERATOR_CMAKE_LINK)
+ message(FATAL_ERROR "CRYPTO_HW_ACCELERATOR_CMAKE_LINK not defined.")
+ endif()
+ include(${CRYPTO_HW_ACCELERATOR_CMAKE_LINK})
+ endif()
endif()
#Set common compiler and linker flags
diff --git a/secure_fw/services/crypto/crypto_init.c b/secure_fw/services/crypto/crypto_init.c
index bdb99e4..b3acd55 100644
--- a/secure_fw/services/crypto/crypto_init.c
+++ b/secure_fw/services/crypto/crypto_init.c
@@ -20,6 +20,10 @@
#include "tfm_secure_api.h"
#endif
+#ifdef CRYPTO_HW_ACCELERATOR
+#include "crypto_hw.h"
+#endif /* CRYPTO_HW_ACCLERATOR */
+
#ifdef TFM_PSA_API
#include "psa/service.h"
#include "psa_manifest/tfm_crypto.h"
@@ -282,6 +286,13 @@
mbedtls_memory_buffer_alloc_init(mbedtls_mem_buf,
TFM_CRYPTO_ENGINE_BUF_SIZE);
+ /* Initialise the crypto accelerator if one is enabled */
+#ifdef CRYPTO_HW_ACCELERATOR
+ if (crypto_hw_accelerator_init() != 0) {
+ return PSA_ERROR_HARDWARE_FAILURE;
+ }
+#endif /* CRYPTO_HW_ACCELERATOR */
+
/* Previous function does not return any value, so just call the
* initialisation function of the Mbed Crypto layer
*/