bl1/Kconfig - TF-M/trusted-firmware-m - TrustedFirmware Git Browser

 #-------------------------------------------------------------------------------
 # SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
 #-------------------------------------------------------------------------------

 menuconfig BL1
     bool "BL1"
     default n

 if BL1 && PLATFORM_DEFAULT_BL1

 config TFM_BL2_ENCRYPTION_KEY_PATH
     string
     default "$(TFM_SOURCE_DIR)/bl1/bl1_2/bl2_dummy_encryption_key.bin"
     help
       Path to binary key to use for encrypting BL2

 config TFM_GUK_PATH
     string
     default "$(TFM_SOURCE_DIR)/bl1/bl1_1/dummy_guk.bin"
     help
       Path to binary GUK key file to provision

 config TFM_BL2_IMAGE_FLASH_AREA_NUM
     int "Which flash area BL2 is stored in"
     default 0

 config TFM_GENERATE_BL1_2_CM_SIGNING_KEY
     bool "Generate new keypair or use TFM_BL2_CM_SIGNING_KEY_PATH for signing"
     default n

 config TFM_GENERATE_BL1_2_DM_SIGNING_KEY
     bool "Generate new keypair or use TFM_BL2_DM_SIGNING_KEY_PATH for signing"
     default n

 config TFM_BL2_CM_SIGNING_KEY_PATH
     string
     default "$(TFM_SOURCE_DIR)/bl1/bl1_2/bl1_dummy_rotpk"
     help
       Path to binary BL2 signing private key

 config TFM_BL2_SIGNING_ALG
     string
     default "LMS"
     help
       Path to binary BL2 signing private key

 config TFM_BL1_MEMORY_MAPPED_FLASH
     bool "BL1 Access flash content"
     default y

 config TFM_BL1_DEFAULT_OTP
     bool
     default y
     help
       Whether BL1_1 will use default OTP memory

 config TFM_BL1_DEFAULT_PROVISIONING
     bool
     default y
     help
       Whether BL1_1 will use default provisioning

 config TFM_BL1_SOFTWARE_CRYPTO
     bool
     default y
     help
       Whether BL1_1 will use software crypto

 config TFM_BL1_2_ENABLE_LMS
     bool "Enable LMS PQ crypto for BL2 verification."
     default n
     help
       Enable LMS PQ crypto for BL2 verification.

 config TFM_BL1_2_ENABLE_ECDSA
     bool "Enable ECDSA crypto for BL2 verification."
     default n
     help
       Enable ECSDA crypto for BL2 verification.

 config TFM_BL1_IMAGE_VERSION_BL2
     string "Image version of BL2 image"
     default "1.9.0+0"

 config TFM_BL1_IMAGE_SECURITY_COUNTER_BL2
     int "Security counter value to include with BL2 image"
     default 1

 config TFM_BL1_2_IN_OTP
     bool "Whether BL1_2 is stored in OTP"
     default y

 config TFM_BL1_2_IN_FLASH
     bool "Whether BL1_2 is stored in FLASH"
     default n

 config BL1_2_BUILD_TYPE
     string "BL1_2 build type"
     default "$(CMAKE_BUILD_TYPE)"

 config BL1_1_SHARED_SYMBOLS_PATH
     string "Path to list of symbols that BL1_1 that can be referenced from BL1_2"
     default "${TFM_SOURCE_DIR}/bl1/bl1_1/bl1_1_shared_symbols.txt"

 endif
	#-------------------------------------------------------------------------------
	# SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
	#
	# SPDX-License-Identifier: BSD-3-Clause
	#
	#-------------------------------------------------------------------------------

	menuconfig BL1
	bool "BL1"
	default n

	if BL1 && PLATFORM_DEFAULT_BL1

	config TFM_BL2_ENCRYPTION_KEY_PATH
	string
	default "$(TFM_SOURCE_DIR)/bl1/bl1_2/bl2_dummy_encryption_key.bin"
	help
	Path to binary key to use for encrypting BL2

	config TFM_GUK_PATH
	string
	default "$(TFM_SOURCE_DIR)/bl1/bl1_1/dummy_guk.bin"
	help
	Path to binary GUK key file to provision

	config TFM_BL2_IMAGE_FLASH_AREA_NUM
	int "Which flash area BL2 is stored in"
	default 0

	config TFM_GENERATE_BL1_2_CM_SIGNING_KEY
	bool "Generate new keypair or use TFM_BL2_CM_SIGNING_KEY_PATH for signing"
	default n

	config TFM_GENERATE_BL1_2_DM_SIGNING_KEY
	bool "Generate new keypair or use TFM_BL2_DM_SIGNING_KEY_PATH for signing"
	default n

	config TFM_BL2_CM_SIGNING_KEY_PATH
	string
	default "$(TFM_SOURCE_DIR)/bl1/bl1_2/bl1_dummy_rotpk"
	help
	Path to binary BL2 signing private key

	config TFM_BL2_SIGNING_ALG
	string
	default "LMS"
	help
	Path to binary BL2 signing private key

	config TFM_BL1_MEMORY_MAPPED_FLASH
	bool "BL1 Access flash content"
	default y

	config TFM_BL1_DEFAULT_OTP
	bool
	default y
	help
	Whether BL1_1 will use default OTP memory

	config TFM_BL1_DEFAULT_PROVISIONING
	bool
	default y
	help
	Whether BL1_1 will use default provisioning

	config TFM_BL1_SOFTWARE_CRYPTO
	bool
	default y
	help
	Whether BL1_1 will use software crypto

	config TFM_BL1_2_ENABLE_LMS
	bool "Enable LMS PQ crypto for BL2 verification."
	default n
	help
	Enable LMS PQ crypto for BL2 verification.

	config TFM_BL1_2_ENABLE_ECDSA
	bool "Enable ECDSA crypto for BL2 verification."
	default n
	help
	Enable ECSDA crypto for BL2 verification.

	config TFM_BL1_IMAGE_VERSION_BL2
	string "Image version of BL2 image"
	default "1.9.0+0"

	config TFM_BL1_IMAGE_SECURITY_COUNTER_BL2
	int "Security counter value to include with BL2 image"
	default 1

	config TFM_BL1_2_IN_OTP
	bool "Whether BL1_2 is stored in OTP"
	default y

	config TFM_BL1_2_IN_FLASH
	bool "Whether BL1_2 is stored in FLASH"
	default n

	config BL1_2_BUILD_TYPE
	string "BL1_2 build type"
	default "$(CMAKE_BUILD_TYPE)"

	config BL1_1_SHARED_SYMBOLS_PATH
	string "Path to list of symbols that BL1_1 that can be referenced from BL1_2"
	default "${TFM_SOURCE_DIR}/bl1/bl1_1/bl1_1_shared_symbols.txt"

	endif