ITS: Add support for encrypted ITS -Adds encryption and authentication support for ITS files -Encryption is optional and is enabled using a CMake variable -The encryption implementation is platform dependent, the signatures of the APIs are provided in this change Change-Id: Ifd3a67ac2274fa8d7ceec19482f7cec01b2cac54 Signed-off-by: Markus Swarowsky <markus.swarowsky@nordicsemi.no>

commit: 7de096f6d07a81830fbb369fee418e334fe6811c [log] [tgz]
author: Markus Swarowsky <markus.swarowsky@nordicsemi.no> Thu Mar 16 10:32:02 2023 +0100
committer: David Hu <david.hu@arm.com> Mon Jul 10 09:05:46 2023 +0200
tree: 73fdfcfa94f913c5de21b53621078f9078658306
parent: 9d05a5367df970af4d5bdf17135c78a303d8aad6 [diff] [blame]
diff --git a/config/config_base.h b/config/config_base.h
index d9caeb9..9879b68 100644
--- a/config/config_base.h
+++ b/config/config_base.h

@@ -192,6 +192,16 @@
 #define ITS_STACK_SIZE                         0x720
 #endif
 
+/* The size of the authentication tag used when authentication/encryption of ITS files is enabled */
+#ifndef TFM_ITS_AUTH_TAG_LENGTH
+#define TFM_ITS_AUTH_TAG_LENGTH                16
+#endif
+
+/* The size of the nonce used when ITS file encryption is enabled */
+#ifndef TFM_ITS_ENC_NONCE_LENGTH
+#define TFM_ITS_ENC_NONCE_LENGTH               12
+#endif
+
 /* PS Partition Configs */
 
 /* Create flash FS if it doesn't exist for Protected Storage partition */
commit	7de096f6d07a81830fbb369fee418e334fe6811c	[log] [tgz]
author	Markus Swarowsky <markus.swarowsky@nordicsemi.no>	Thu Mar 16 10:32:02 2023 +0100
committer	David Hu <david.hu@arm.com>	Mon Jul 10 09:05:46 2023 +0200
tree	73fdfcfa94f913c5de21b53621078f9078658306
parent	9d05a5367df970af4d5bdf17135c78a303d8aad6 [diff] [blame]