diff options
author | Jens Wiklander <jens.wiklander@linaro.org> | 2019-03-27 11:31:48 +0100 |
---|---|---|
committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2019-03-28 14:11:23 +0100 |
commit | a1cbb728630308fcf902a8953a32cc972d14757e (patch) | |
tree | 45ecc8a88a51527b68fb9c06844f40e41e5d6eb4 /core | |
parent | 5edbd86a96a09538b07ec1f6c5db4277e1c82e96 (diff) |
core: LTC use only _CFG_CORE_LTC_ variables
LTC is only taking _CFG_CORE_LTC_ prefixed variables into account for
configuration.
_CFG_CORE_LTC_ prefixed variables are assigned based on CFG_CRYPTO_ and
other variables for unchanged LTC configuration.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Diffstat (limited to 'core')
24 files changed, 181 insertions, 132 deletions
diff --git a/core/crypto.mk b/core/crypto.mk index 2fcde139..2026ad40 100644 --- a/core/crypto.mk +++ b/core/crypto.mk @@ -124,17 +124,61 @@ $(eval $(call cryp-dep-one, AES, ECB CBC CTR CTS XTS)) # If no DES cipher mode is left, disable DES $(eval $(call cryp-dep-one, DES, ECB CBC)) +############################################################### +# libtomcrypt (LTC) specifics, phase #1 +# LTC is only configured via _CFG_CORE_LTC_ prefixed variables +# +# _CFG_CORE_LTC_xxx_DESC means that LTC will only register the +# descriptor of the algorithm, not provide a +# crypt_xxx_alloc_ctx() function. +############################################################### + +# If LTC is the cryptolib, pull configuration from CFG_CRYPTO_xxx +ifeq ($(CFG_CRYPTOLIB_NAME),tomcrypt) # dsa_make_params() needs all three SHA-2 algorithms. # Disable DSA if any is missing. $(eval $(call cryp-dep-all, DSA, SHA256 SHA384 SHA512)) -cryp-one-enabled = $(call cfg-one-enabled,$(foreach v,$(1),CFG_CRYPTO_$(v))) -cryp-all-enabled = $(call cfg-all-enabled,$(foreach v,$(1),CFG_CRYPTO_$(v))) +# Assign _CFG_CORE_LTC_xxx based on CFG_CRYPTO_yyy +core-ltc-vars = AES DES +core-ltc-vars += ECB CBC CTR CTS XTS +core-ltc-vars += MD5 SHA1 SHA224 SHA256 SHA384 SHA512 SHA512_256 +core-ltc-vars += HMAC CMAC CBC_MAC +core-ltc-vars += CCM +ifeq ($(CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB),y) +core-ltc-vars += GCM +endif +core-ltc-vars += RSA DSA DH ECC +core-ltc-vars += AES_ARM64_CE AES_ARM32_CE +core-ltc-vars += SHA1_ARM32_CE SHA1_ARM64_CE +core-ltc-vars += SHA256_ARM32_CE SHA256_ARM64_CE +core-ltc-vars += SIZE_OPTIMIZATION +# Assigned selected CFG_CRYPTO_xxx as _CFG_CORE_LTC_xxx +$(foreach v, $(core-ltc-vars), $(eval _CFG_CORE_LTC_$(v) := $(CFG_CRYPTO_$(v)))) +_CFG_CORE_LTC_MPI := $(CFG_CORE_MBEDTLS_MPI) +endif -_CFG_CRYPTO_WITH_ACIPHER := $(call cryp-one-enabled, RSA DSA DH ECC) -_CFG_CRYPTO_WITH_AUTHENC := $(and $(filter y,$(CFG_CRYPTO_AES)), $(call cryp-one-enabled, CCM GCM)) -_CFG_CRYPTO_WITH_CIPHER := $(call cryp-one-enabled, AES DES) -_CFG_CRYPTO_WITH_HASH := $(call cryp-one-enabled, MD5 SHA1 SHA224 SHA256 SHA384 SHA512) -_CFG_CRYPTO_WITH_MAC := $(call cryp-one-enabled, HMAC CMAC CBC_MAC) -_CFG_CRYPTO_WITH_CBC := $(call cryp-one-enabled, CBC CBC_MAC) -_CFG_CRYPTO_WITH_ASN1 := $(call cryp-one-enabled, RSA DSA ECC) +############################################################### +# libtomcrypt (LTC) specifics, phase #2 +############################################################### + +# Assign system variables +_CFG_CORE_LTC_CE := $(CFG_CRYPTO_WITH_CE) +_CFG_CORE_LTC_VFP := $(CFG_WITH_VFP) +_CFG_CORE_LTC_BIGNUM_MAX_BITS := $(CFG_CORE_BIGNUM_MAX_BITS) +_CFG_CORE_LTC_PAGER := $(CFG_WITH_PAGER) +_CFG_CORE_LTC_OPTEE_THREAD := $(CFG_LTC_OPTEE_THREAD) +_CFG_CORE_LTC_HWSUPP_PMULL := $(CFG_HWSUPP_PMULL) + +# Assign aggregated variables +ltc-one-enabled = $(call cfg-one-enabled,$(foreach v,$(1),_CFG_CORE_LTC_$(v))) +_CFG_CORE_LTC_ACIPHER := $(call ltc-one-enabled, RSA DSA DH ECC) +_CFG_CORE_LTC_AUTHENC := $(and $(filter y,$(_CFG_CORE_LTC_AES) \ + $(_CFG_CORE_LTC_AES_DESC)), \ + $(call ltc-one-enabled, CCM GCM)) +_CFG_CORE_LTC_CIPHER := $(call ltc-one-enabled, AES AES_DESC DES) +_CFG_CORE_LTC_HASH := $(call ltc-one-enabled, MD5 SHA1 SHA224 SHA256 SHA384 \ + SHA512) +_CFG_CORE_LTC_MAC := $(call ltc-one-enabled, HMAC CMAC CBC_MAC) +_CFG_CORE_LTC_CBC := $(call ltc-one-enabled, CBC CBC_MAC) +_CFG_CORE_LTC_ASN1 := $(call ltc-one-enabled, RSA DSA ECC) diff --git a/core/lib/libtomcrypt/acipher_helpers.h b/core/lib/libtomcrypt/acipher_helpers.h index e439d35c..d8677300 100644 --- a/core/lib/libtomcrypt/acipher_helpers.h +++ b/core/lib/libtomcrypt/acipher_helpers.h @@ -9,7 +9,7 @@ static inline bool bn_alloc_max(struct bignum **s) { - *s = crypto_bignum_allocate(CFG_CORE_BIGNUM_MAX_BITS); + *s = crypto_bignum_allocate(_CFG_CORE_LTC_BIGNUM_MAX_BITS); return *s; } diff --git a/core/lib/libtomcrypt/cbc.c b/core/lib/libtomcrypt/cbc.c index ca62d11d..d096fb1d 100644 --- a/core/lib/libtomcrypt/cbc.c +++ b/core/lib/libtomcrypt/cbc.c @@ -120,14 +120,14 @@ static TEE_Result ltc_cbc_alloc_ctx(struct crypto_cipher_ctx **ctx_ret, return TEE_SUCCESS; } -#if defined CFG_CRYPTO_AES +#if defined(_CFG_CORE_LTC_AES) TEE_Result crypto_aes_cbc_alloc_ctx(struct crypto_cipher_ctx **ctx) { return ltc_cbc_alloc_ctx(ctx, find_cipher("aes"), false); } #endif -#if defined CFG_CRYPTO_DES +#if defined(_CFG_CORE_LTC_DES) TEE_Result crypto_des_cbc_alloc_ctx(struct crypto_cipher_ctx **ctx) { return ltc_cbc_alloc_ctx(ctx, find_cipher("des"), false); diff --git a/core/lib/libtomcrypt/ecb.c b/core/lib/libtomcrypt/ecb.c index ab68efd7..1834fa5a 100644 --- a/core/lib/libtomcrypt/ecb.c +++ b/core/lib/libtomcrypt/ecb.c @@ -118,14 +118,14 @@ static TEE_Result ltc_ecb_alloc_ctx(struct crypto_cipher_ctx **ctx_ret, return TEE_SUCCESS; } -#if defined(CFG_CRYPTO_AES) +#if defined(_CFG_CORE_LTC_AES) TEE_Result crypto_aes_ecb_alloc_ctx(struct crypto_cipher_ctx **ctx) { return ltc_ecb_alloc_ctx(ctx, find_cipher("aes"), false); } #endif -#if defined(CFG_CRYPTO_DES) +#if defined(_CFG_CORE_LTC_DES) TEE_Result crypto_des_ecb_alloc_ctx(struct crypto_cipher_ctx **ctx) { return ltc_ecb_alloc_ctx(ctx, find_cipher("des"), false); diff --git a/core/lib/libtomcrypt/hash.c b/core/lib/libtomcrypt/hash.c index c757515d..c2f7dcda 100644 --- a/core/lib/libtomcrypt/hash.c +++ b/core/lib/libtomcrypt/hash.c @@ -125,49 +125,49 @@ static TEE_Result ltc_hash_alloc_ctx(struct crypto_hash_ctx **ctx_ret, return TEE_SUCCESS; } -#if defined(CFG_CRYPTO_MD5) +#if defined(_CFG_CORE_LTC_MD5) TEE_Result crypto_md5_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("md5")); } #endif -#if defined(CFG_CRYPTO_SHA1) +#if defined(_CFG_CORE_LTC_SHA1) TEE_Result crypto_sha1_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("sha1")); } #endif -#if defined(CFG_CRYPTO_SHA224) +#if defined(_CFG_CORE_LTC_SHA224) TEE_Result crypto_sha224_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("sha224")); } #endif -#if defined(CFG_CRYPTO_SHA256) +#if defined(_CFG_CORE_LTC_SHA256) TEE_Result crypto_sha256_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("sha256")); } #endif -#if defined(CFG_CRYPTO_SHA384) +#if defined(_CFG_CORE_LTC_SHA384) TEE_Result crypto_sha384_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("sha384")); } #endif -#if defined(CFG_CRYPTO_SHA512) +#if defined(_CFG_CORE_LTC_SHA512) TEE_Result crypto_sha512_alloc_ctx(struct crypto_hash_ctx **ctx) { return ltc_hash_alloc_ctx(ctx, find_hash("sha512")); } #endif -#if defined(CFG_CRYPTO_SHA256) +#if defined(_CFG_CORE_LTC_SHA256) TEE_Result hash_sha256_check(const uint8_t *hash, const uint8_t *data, size_t data_size) { @@ -186,7 +186,7 @@ TEE_Result hash_sha256_check(const uint8_t *hash, const uint8_t *data, } #endif -#if defined(CFG_CRYPTO_SHA512_256) +#if defined(_CFG_CORE_LTC_SHA512_256) TEE_Result hash_sha512_256_compute(uint8_t *digest, const uint8_t *data, size_t data_size) { diff --git a/core/lib/libtomcrypt/include/tomcrypt_custom.h b/core/lib/libtomcrypt/include/tomcrypt_custom.h index fef2035a..f944dc9d 100644 --- a/core/lib/libtomcrypt/include/tomcrypt_custom.h +++ b/core/lib/libtomcrypt/include/tomcrypt_custom.h @@ -146,91 +146,91 @@ #define LTC_NO_CIPHERS -#ifdef CFG_CRYPTO_AES +#if defined(_CFG_CORE_LTC_AES) || defined(_CFG_CORE_LTC_AES_DESC) #define LTC_RIJNDAEL #endif -#ifdef CFG_CRYPTO_DES +#ifdef _CFG_CORE_LTC_DES #define LTC_DES #endif #define LTC_NO_MODES -#ifdef CFG_CRYPTO_ECB +#ifdef _CFG_CORE_LTC_ECB #define LTC_ECB_MODE #endif -#if defined(CFG_CRYPTO_CBC) || defined(CFG_CRYPTO_CBC_MAC) +#if defined(_CFG_CORE_LTC_CBC) #define LTC_CBC_MODE #endif -#ifdef CFG_CRYPTO_CTR +#ifdef _CFG_CORE_LTC_CTR #define LTC_CTR_MODE #endif -#ifdef CFG_CRYPTO_XTS +#ifdef _CFG_CORE_LTC_XTS #define LTC_XTS_MODE #endif #define LTC_NO_HASHES -#ifdef CFG_CRYPTO_MD5 +#ifdef _CFG_CORE_LTC_MD5 #define LTC_MD5 #endif -#ifdef CFG_CRYPTO_SHA1 +#ifdef _CFG_CORE_LTC_SHA1 #define LTC_SHA1 #endif -#ifdef CFG_CRYPTO_SHA1_ARM32_CE +#ifdef _CFG_CORE_LTC_SHA1_ARM32_CE #define LTC_SHA1_ARM32_CE #endif -#ifdef CFG_CRYPTO_SHA1_ARM64_CE +#ifdef _CFG_CORE_LTC_SHA1_ARM64_CE #define LTC_SHA1_ARM64_CE #endif -#ifdef CFG_CRYPTO_SHA224 +#ifdef _CFG_CORE_LTC_SHA224 #define LTC_SHA224 #endif -#ifdef CFG_CRYPTO_SHA256 +#if defined(_CFG_CORE_LTC_SHA256) || defined(_CFG_CORE_LTC_SHA256_DESC) #define LTC_SHA256 #endif -#ifdef CFG_CRYPTO_SHA256_ARM32_CE +#ifdef _CFG_CORE_LTC_SHA256_ARM32_CE #define LTC_SHA256_ARM32_CE #endif -#ifdef CFG_CRYPTO_SHA256_ARM64_CE +#ifdef _CFG_CORE_LTC_SHA256_ARM64_CE #define LTC_SHA256_ARM64_CE #endif -#ifdef CFG_CRYPTO_SHA384 +#if defined(_CFG_CORE_LTC_SHA384) || defined(_CFG_CORE_LTC_SHA384_DESC) #define LTC_SHA384 #endif -#ifdef CFG_CRYPTO_SHA512 +#if defined(_CFG_CORE_LTC_SHA512) || defined(_CFG_CORE_LTC_SHA512_DESC) #define LTC_SHA512 #endif -#ifdef CFG_CRYPTO_SHA512_256 +#ifdef _CFG_CORE_LTC_SHA512_256 #define LTC_SHA512_256 #endif #define LTC_NO_MACS -#ifdef CFG_CRYPTO_HMAC +#ifdef _CFG_CORE_LTC_HMAC #define LTC_HMAC #endif -#ifdef CFG_CRYPTO_CMAC +#ifdef _CFG_CORE_LTC_CMAC #define LTC_OMAC #endif -#ifdef CFG_CRYPTO_CCM +#ifdef _CFG_CORE_LTC_CCM #define LTC_CCM_MODE #endif -#ifdef CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB +#ifdef _CFG_CORE_LTC_GCM #define LTC_GCM_MODE #endif #define LTC_NO_PK -#ifdef CFG_CRYPTO_RSA +#ifdef _CFG_CORE_LTC_RSA #define LTC_MRSA #endif -#ifdef CFG_CRYPTO_DSA +#ifdef _CFG_CORE_LTC_DSA #define LTC_MDSA #endif -#ifdef CFG_CRYPTO_DH +#ifdef _CFG_CORE_LTC_DH #define LTC_MDH #endif -#ifdef CFG_CRYPTO_ECC +#ifdef _CFG_CORE_LTC_ECC #define LTC_MECC /* use Shamir's trick for point mul (speeds up signature verification) */ @@ -258,8 +258,8 @@ #define LTC_NO_PKCS -#if defined(CFG_CRYPTO_RSA) || defined(CFG_CRYPTO_DSA) || \ - defined(CFG_CRYPTO_ECC) +#if defined(_CFG_CORE_LTC_RSA) || defined(_CFG_CORE_LTC_DSA) || \ + defined(_CFG_CORE_LTC_ECC) #define LTC_DER #endif @@ -476,7 +476,7 @@ /* THREAD management */ -#if defined(CFG_LTC_OPTEE_THREAD) +#if defined(_CFG_CORE_LTC_OPTEE_THREAD) #include <kernel/mutex.h> diff --git a/core/lib/libtomcrypt/include/tomcrypt_mp.h b/core/lib/libtomcrypt/include/tomcrypt_mp.h index c8ecc496..fd4df636 100644 --- a/core/lib/libtomcrypt/include/tomcrypt_mp.h +++ b/core/lib/libtomcrypt/include/tomcrypt_mp.h @@ -6,7 +6,7 @@ #ifndef TOMCRYPT_MP_H_ #define TOMCRYPT_MP_H_ -#if defined(_CFG_CRYPTO_WITH_ACIPHER) +#if defined(_CFG_CORE_LTC_ACIPHER) void init_mp_tomcrypt(void); #else static inline void init_mp_tomcrypt(void) { } diff --git a/core/lib/libtomcrypt/mpa_desc.c b/core/lib/libtomcrypt/mpa_desc.c index 58aa2427..7867684c 100644 --- a/core/lib/libtomcrypt/mpa_desc.c +++ b/core/lib/libtomcrypt/mpa_desc.c @@ -16,9 +16,9 @@ static mpa_scratch_mem external_mem_pool; #define LTC_MEMPOOL_U32_SIZE \ mpa_scratch_mem_size_in_U32(LTC_VARIABLE_NUMBER, \ - CFG_CORE_BIGNUM_MAX_BITS) + _CFG_CORE_LTC_BIGNUM_MAX_BITS) -#if defined(CFG_WITH_PAGER) +#if defined(_CFG_CORE_LTC_PAGER) #include <mm/tee_pager.h> #include <util.h> #include <mm/core_mmu.h> @@ -37,7 +37,7 @@ static struct mempool *get_mpa_scratch_memory_pool(void) return mempool_alloc_pool(data, size, tee_pager_release_phys); } -#else /* CFG_WITH_PAGER */ +#else /* _CFG_CORE_LTC_PAGER */ static struct mempool *get_mpa_scratch_memory_pool(void) { static uint32_t data[LTC_MEMPOOL_U32_SIZE] __aligned(MEMPOOL_ALIGN); @@ -55,7 +55,7 @@ void init_mp_tomcrypt(void) * equals the max size of the computation (for example 4096 bits), * multiplied by 2 to allow overflow in computation */ - mem.bn_bits = CFG_CORE_BIGNUM_MAX_BITS * 2; + mem.bn_bits = _CFG_CORE_LTC_BIGNUM_MAX_BITS * 2; mem.pool = get_mpa_scratch_memory_pool(); if (!mem.pool) panic(); diff --git a/core/lib/libtomcrypt/mpi_desc.c b/core/lib/libtomcrypt/mpi_desc.c index 67bc3a72..f1551adb 100644 --- a/core/lib/libtomcrypt/mpi_desc.c +++ b/core/lib/libtomcrypt/mpi_desc.c @@ -13,7 +13,7 @@ #include <tomcrypt_mp.h> #include <util.h> -#if defined(CFG_WITH_PAGER) +#if defined(_CFG_CORE_LTC_PAGER) #include <mm/core_mmu.h> #include <mm/tee_pager.h> #endif @@ -21,7 +21,7 @@ /* Size needed for xtest to pass reliably on both ARM32 and ARM64 */ #define MPI_MEMPOOL_SIZE (42 * 1024) -#if defined(CFG_WITH_PAGER) +#if defined(_CFG_CORE_LTC_PAGER) /* allocate pageable_zi vmem for mp scratch memory pool */ static struct mempool *get_mp_scratch_memory_pool(void) { @@ -35,7 +35,7 @@ static struct mempool *get_mp_scratch_memory_pool(void) return mempool_alloc_pool(data, size, tee_pager_release_phys); } -#else /* CFG_WITH_PAGER */ +#else /* _CFG_CORE_LTC_PAGER */ static struct mempool *get_mp_scratch_memory_pool(void) { static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(MEMPOOL_ALIGN); diff --git a/core/lib/libtomcrypt/rsa.c b/core/lib/libtomcrypt/rsa.c index 7e222d9f..c3b561e7 100644 --- a/core/lib/libtomcrypt/rsa.c +++ b/core/lib/libtomcrypt/rsa.c @@ -27,40 +27,40 @@ static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex) { switch (algo) { -#if defined(CFG_CRYPTO_SHA1) +#if defined(_CFG_CORE_LTC_SHA1) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1: *ltc_hashindex = find_hash("sha1"); break; #endif -#if defined(CFG_CRYPTO_MD5) +#if defined(_CFG_CORE_LTC_MD5) case TEE_ALG_RSASSA_PKCS1_V1_5_MD5: *ltc_hashindex = find_hash("md5"); break; #endif -#if defined(CFG_CRYPTO_SHA224) +#if defined(_CFG_CORE_LTC_SHA224) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224: *ltc_hashindex = find_hash("sha224"); break; #endif -#if defined(CFG_CRYPTO_SHA256) +#if defined(_CFG_CORE_LTC_SHA256) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256: *ltc_hashindex = find_hash("sha256"); break; #endif -#if defined(CFG_CRYPTO_SHA384) +#if defined(_CFG_CORE_LTC_SHA384) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384: *ltc_hashindex = find_hash("sha384"); break; #endif -#if defined(CFG_CRYPTO_SHA512) +#if defined(_CFG_CORE_LTC_SHA512) case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512: case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512: case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512: @@ -189,7 +189,7 @@ static TEE_Result rsadorep(rsa_key *ltc_key, const uint8_t *src, * required size of the out buffer without doing a partial decrypt. * We know the upper bound though. */ - blen = CFG_CORE_BIGNUM_MAX_BITS / sizeof(uint8_t); + blen = _CFG_CORE_LTC_BIGNUM_MAX_BITS / sizeof(uint8_t); buf = malloc(blen); if (!buf) { res = TEE_ERROR_OUT_OF_MEMORY; diff --git a/core/lib/libtomcrypt/src/ciphers/sub.mk b/core/lib/libtomcrypt/src/ciphers/sub.mk index 6f1f1aab..996a17ec 100644 --- a/core/lib/libtomcrypt/src/ciphers/sub.mk +++ b/core/lib/libtomcrypt/src/ciphers/sub.mk @@ -1,17 +1,18 @@ cflags-y += -Wno-unused-parameter -ifeq ($(CFG_CRYPTO_AES_ARM64_CE),y) + +ifeq ($(_CFG_CORE_LTC_AES_ARM64_CE),y) srcs-y += aes_armv8a_ce.c cflags-aes_armv8a_ce.c-y += -march=armv8-a+crypto srcs-y += aes_modes_armv8a_ce_a64.S aflags-aes_modes_armv8a_ce_a64.S-y += -DINTERLEAVE=4 else -ifeq ($(CFG_CRYPTO_AES_ARM32_CE),y) +ifeq ($(_CFG_CORE_LTC_AES_ARM32_CE),y) srcs-y += aes_armv8a_ce.c srcs-y += aes_modes_armv8a_ce_a32.S else -srcs-$(CFG_CRYPTO_AES) += aes.c +srcs-$(call cfg-one-enabled, _CFG_CORE_LTC_AES _CFG_CORE_LTC_AES_DESC) += aes.c endif endif -srcs-$(CFG_CRYPTO_DES) += des.c +srcs-$(_CFG_CORE_LTC_DES) += des.c diff --git a/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c b/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c index 89b03a56..895a9247 100644 --- a/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c +++ b/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c @@ -35,7 +35,7 @@ void gcm_mult_h(gcm_state *gcm, unsigned char *I) dg[0] = get_be64(I + 8); tomcrypt_arm_neon_enable(&state); -#ifdef CFG_HWSUPP_PMULL +#ifdef _CFG_CORE_LTC_HWSUPP_PMULL pmull_ghash_update_p64(1, dg, zeroes, k, NULL); #else pmull_ghash_update_p8(1, dg, zeroes, k, NULL); diff --git a/core/lib/libtomcrypt/src/encauth/gcm/sub.mk b/core/lib/libtomcrypt/src/encauth/gcm/sub.mk index 3df1df51..14874c56 100644 --- a/core/lib/libtomcrypt/src/encauth/gcm/sub.mk +++ b/core/lib/libtomcrypt/src/encauth/gcm/sub.mk @@ -4,7 +4,7 @@ srcs-y += gcm_done.c srcs-y += gcm_gf_mult.c srcs-y += gcm_init.c srcs-y += gcm_memory.c -ifeq ($(CFG_CRYPTO_WITH_CE),y) +ifeq ($(_CFG_CORE_LTC_CE),y) srcs-y += gcm_mult_h_arm_ce.c else srcs-y += gcm_mult_h.c diff --git a/core/lib/libtomcrypt/src/encauth/sub.mk b/core/lib/libtomcrypt/src/encauth/sub.mk index 6d6cc89d..6ef94054 100644 --- a/core/lib/libtomcrypt/src/encauth/sub.mk +++ b/core/lib/libtomcrypt/src/encauth/sub.mk @@ -1,2 +1,2 @@ -subdirs-$(CFG_CRYPTO_CCM) += ccm -subdirs-$(CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB) += gcm +subdirs-$(_CFG_CORE_LTC_CCM) += ccm +subdirs-$(_CFG_CORE_LTC_GCM) += gcm diff --git a/core/lib/libtomcrypt/src/hashes/sha2/sub.mk b/core/lib/libtomcrypt/src/hashes/sha2/sub.mk index aa88b46c..5a4a77f4 100644 --- a/core/lib/libtomcrypt/src/hashes/sha2/sub.mk +++ b/core/lib/libtomcrypt/src/hashes/sha2/sub.mk @@ -1,18 +1,22 @@ -srcs-$(CFG_CRYPTO_SHA224) += sha224.c +srcs-$(_CFG_CORE_LTC_SHA224) += sha224.c # SHA-224 needs SHA-256 -SHA256 := $(call cfg-one-enabled, CFG_CRYPTO_SHA224 CFG_CRYPTO_SHA256) +SHA256 := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA224 _CFG_CORE_LTC_SHA256 \ + _CFG_CORE_LTC_SHA256_DESC) ifeq ($(SHA256),y) -SHA256_CE := $(call cfg-one-enabled, CFG_CRYPTO_SHA256_ARM32_CE CFG_CRYPTO_SHA256_ARM64_CE) +SHA256_CE := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA256_ARM32_CE \ + _CFG_CORE_LTC_SHA256_ARM64_CE) ifeq ($(SHA256_CE),y) srcs-y += sha256_armv8a_ce.c -srcs-$(CFG_CRYPTO_SHA256_ARM32_CE) += sha256_armv8a_ce_a32.S -srcs-$(CFG_CRYPTO_SHA256_ARM64_CE) += sha256_armv8a_ce_a64.S +srcs-$(_CFG_CORE_LTC_SHA256_ARM32_CE) += sha256_armv8a_ce_a32.S +srcs-$(_CFG_CORE_LTC_SHA256_ARM64_CE) += sha256_armv8a_ce_a64.S else srcs-y += sha256.c endif endif -srcs-$(CFG_CRYPTO_SHA384) += sha384.c -srcs-$(CFG_CRYPTO_SHA512) += sha512.c -srcs-$(CFG_CRYPTO_SHA512_256) += sha512_256.c +srcs-$(call cfg-one-enabled, _CFG_CORE_LTC_SHA384 \ + _CFG_CORE_LTC_SHA384_DESC) += sha384.c +srcs-$(call cfg-one-enabled, _CFG_CORE_LTC_SHA512 \ + _CFG_CORE_LTC_SHA512_DESC) += sha512.c +srcs-$(_CFG_CORE_LTC_SHA512_256) += sha512_256.c diff --git a/core/lib/libtomcrypt/src/hashes/sub.mk b/core/lib/libtomcrypt/src/hashes/sub.mk index 7e897f70..e5d1bb50 100644 --- a/core/lib/libtomcrypt/src/hashes/sub.mk +++ b/core/lib/libtomcrypt/src/hashes/sub.mk @@ -1,11 +1,11 @@ -srcs-$(CFG_CRYPTO_MD5) += md5.c +srcs-$(_CFG_CORE_LTC_MD5) += md5.c -ifeq ($(CFG_CRYPTO_SHA1),y) -SHA1_CE := $(call cfg-one-enabled, CFG_CRYPTO_SHA1_ARM32_CE CFG_CRYPTO_SHA1_ARM64_CE) +ifeq ($(_CFG_CORE_LTC_SHA1),y) +SHA1_CE := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA1_ARM32_CE _CFG_CORE_LTC_SHA1_ARM64_CE) ifeq ($(SHA1_CE),y) srcs-y += sha1_armv8a_ce.c -srcs-$(CFG_CRYPTO_SHA1_ARM32_CE) += sha1_armv8a_ce_a32.S -srcs-$(CFG_CRYPTO_SHA1_ARM64_CE) += sha1_armv8a_ce_a64.S +srcs-$(_CFG_CORE_LTC_SHA1_ARM32_CE) += sha1_armv8a_ce_a32.S +srcs-$(_CFG_CORE_LTC_SHA1_ARM64_CE) += sha1_armv8a_ce_a64.S else srcs-y += sha1.c endif diff --git a/core/lib/libtomcrypt/src/mac/sub.mk b/core/lib/libtomcrypt/src/mac/sub.mk index c4c60ff3..e8690abc 100644 --- a/core/lib/libtomcrypt/src/mac/sub.mk +++ b/core/lib/libtomcrypt/src/mac/sub.mk @@ -1,2 +1,2 @@ -subdirs-$(CFG_CRYPTO_HMAC) += hmac -subdirs-$(CFG_CRYPTO_CMAC) += omac +subdirs-$(_CFG_CORE_LTC_HMAC) += hmac +subdirs-$(_CFG_CORE_LTC_CMAC) += omac diff --git a/core/lib/libtomcrypt/src/math/fp/sub.mk b/core/lib/libtomcrypt/src/math/fp/sub.mk index c3daceaa..fe796569 100644 --- a/core/lib/libtomcrypt/src/math/fp/sub.mk +++ b/core/lib/libtomcrypt/src/math/fp/sub.mk @@ -1 +1 @@ -srcs-$(CFG_CRYPTO_ECC) += ltc_ecc_fp_mulmod.c +srcs-$(_CFG_CORE_LTC_ECC) += ltc_ecc_fp_mulmod.c diff --git a/core/lib/libtomcrypt/src/modes/sub.mk b/core/lib/libtomcrypt/src/modes/sub.mk index 91776226..45b14a89 100644 --- a/core/lib/libtomcrypt/src/modes/sub.mk +++ b/core/lib/libtomcrypt/src/modes/sub.mk @@ -1,4 +1,4 @@ -subdirs-$(_CFG_CRYPTO_WITH_CBC) += cbc -subdirs-$(CFG_CRYPTO_CTR) += ctr -subdirs-$(CFG_CRYPTO_ECB) += ecb -subdirs-$(CFG_CRYPTO_XTS) += xts +subdirs-$(_CFG_CORE_LTC_CBC) += cbc +subdirs-$(_CFG_CORE_LTC_CTR) += ctr +subdirs-$(_CFG_CORE_LTC_ECB) += ecb +subdirs-$(_CFG_CORE_LTC_XTS) += xts diff --git a/core/lib/libtomcrypt/src/pk/sub.mk b/core/lib/libtomcrypt/src/pk/sub.mk index 562642ca..c9e5c82d 100644 --- a/core/lib/libtomcrypt/src/pk/sub.mk +++ b/core/lib/libtomcrypt/src/pk/sub.mk @@ -1,7 +1,7 @@ -subdirs-$(_CFG_CRYPTO_WITH_ASN1) += asn1 -subdirs-$(CFG_CRYPTO_DSA) += dsa +subdirs-$(_CFG_CORE_LTC_ASN1) += asn1 +subdirs-$(_CFG_CORE_LTC_DSA) += dsa # PKCS1 paddings are used with RSA only -subdirs-$(CFG_CRYPTO_RSA) += pkcs1 -subdirs-$(CFG_CRYPTO_RSA) += rsa -subdirs-$(CFG_CRYPTO_DH) += dh -subdirs-$(CFG_CRYPTO_ECC) += ecc +subdirs-$(_CFG_CORE_LTC_RSA) += pkcs1 +subdirs-$(_CFG_CORE_LTC_RSA) += rsa +subdirs-$(_CFG_CORE_LTC_DH) += dh +subdirs-$(_CFG_CORE_LTC_ECC) += ecc diff --git a/core/lib/libtomcrypt/src/prngs/sub.mk b/core/lib/libtomcrypt/src/prngs/sub.mk index 6aeaa77a..d8a8e51e 100644 --- a/core/lib/libtomcrypt/src/prngs/sub.mk +++ b/core/lib/libtomcrypt/src/prngs/sub.mk @@ -4,4 +4,4 @@ srcs-y += rng_get_bytes.c srcs-y += rng_make_prng.c srcs-y += sprng.c srcs-y += rc4.c -srcs-$(_CFG_CRYPTO_WITH_FORTUNA_PRNG) += fortuna.c +srcs-$(_CFG_CORE_LTC_FORTUNA_PRNG) += fortuna.c diff --git a/core/lib/libtomcrypt/src/sub.mk b/core/lib/libtomcrypt/src/sub.mk index cafccc5e..c4ff5eda 100644 --- a/core/lib/libtomcrypt/src/sub.mk +++ b/core/lib/libtomcrypt/src/sub.mk @@ -1,8 +1,8 @@ -subdirs-$(_CFG_CRYPTO_WITH_CIPHER) += ciphers -subdirs-$(_CFG_CRYPTO_WITH_AUTHENC) += encauth +subdirs-$(_CFG_CORE_LTC_CIPHER) += ciphers +subdirs-$(_CFG_CORE_LTC_AUTHENC) += encauth subdirs-y += hashes -subdirs-$(_CFG_CRYPTO_WITH_MAC) += mac -subdirs-$(_CFG_CRYPTO_WITH_ACIPHER) += math +subdirs-$(_CFG_CORE_LTC_MAC) += mac +subdirs-$(_CFG_CORE_LTC_ACIPHER) += math subdirs-y += misc subdirs-y += modes -subdirs-$(_CFG_CRYPTO_WITH_ACIPHER) += pk +subdirs-$(_CFG_CORE_LTC_ACIPHER) += pk diff --git a/core/lib/libtomcrypt/sub.mk b/core/lib/libtomcrypt/sub.mk index 90a61c94..9a9cccf2 100644 --- a/core/lib/libtomcrypt/sub.mk +++ b/core/lib/libtomcrypt/sub.mk @@ -1,28 +1,28 @@ -cppflags-lib-$(CFG_CRYPTO_SIZE_OPTIMIZATION) += -DLTC_SMALL_CODE +cppflags-lib-$(_CFG_CORE_LTC_SIZE_OPTIMIZATION) += -DLTC_SMALL_CODE cppflags-lib-y += -DLTC_RSA_CRT_HARDENING -DLTC_RSA_BLINDING -cflags-lib-$(CFG_CRYPTO_SIZE_OPTIMIZATION) += -Os +cflags-lib-$(_CFG_CORE_LTC_SIZE_OPTIMIZATION) += -Os global-incdirs-y += include subdirs-y += src -srcs-$(_CFG_CRYPTO_WITH_HASH) += hash.c -srcs-$(CFG_CRYPTO_HMAC) += hmac.c -srcs-$(CFG_CRYPTO_CMAC) += cmac.c -srcs-$(CFG_CRYPTO_ECB) += ecb.c -srcs-$(CFG_CRYPTO_CBC) += cbc.c -srcs-$(CFG_CRYPTO_CTR) += ctr.c -srcs-$(CFG_CRYPTO_XTS) += xts.c -srcs-$(CFG_CRYPTO_CCM) += ccm.c -srcs-$(CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB) += gcm.c -srcs-$(CFG_CRYPTO_DSA) += dsa.c -srcs-$(CFG_CRYPTO_ECC) += ecc.c -srcs-$(CFG_CRYPTO_RSA) += rsa.c -srcs-$(CFG_CRYPTO_DH) += dh.c -srcs-$(CFG_CRYPTO_AES) += aes.c +srcs-$(_CFG_CORE_LTC_HASH) += hash.c +srcs-$(_CFG_CORE_LTC_HMAC) += hmac.c +srcs-$(_CFG_CORE_LTC_CMAC) += cmac.c +srcs-$(_CFG_CORE_LTC_ECB) += ecb.c +srcs-$(_CFG_CORE_LTC_CBC) += cbc.c +srcs-$(_CFG_CORE_LTC_CTR) += ctr.c +srcs-$(_CFG_CORE_LTC_XTS) += xts.c +srcs-$(_CFG_CORE_LTC_CCM) += ccm.c +srcs-$(_CFG_CORE_LTC_GCM) += gcm.c +srcs-$(_CFG_CORE_LTC_DSA) += dsa.c +srcs-$(_CFG_CORE_LTC_ECC) += ecc.c +srcs-$(_CFG_CORE_LTC_RSA) += rsa.c +srcs-$(_CFG_CORE_LTC_DH) += dh.c +srcs-$(_CFG_CORE_LTC_AES) += aes.c -ifdef _CFG_CRYPTO_WITH_ACIPHER -ifeq ($(CFG_CORE_MBEDTLS_MPI),y) +ifdef _CFG_CORE_LTC_ACIPHER +ifeq ($(_CFG_CORE_LTC_MPI),y) srcs-y += mpi_desc.c else srcs-y += mpa_desc.c diff --git a/core/lib/libtomcrypt/tomcrypt.c b/core/lib/libtomcrypt/tomcrypt.c index e8ffc67e..52e26155 100644 --- a/core/lib/libtomcrypt/tomcrypt.c +++ b/core/lib/libtomcrypt/tomcrypt.c @@ -10,7 +10,7 @@ #include "tomcrypt_mp.h" #include <trace.h> -#if defined(CFG_WITH_VFP) +#if defined(_CFG_CORE_LTC_VFP) #include <tomcrypt_arm_neon.h> #include <kernel/thread.h> #endif @@ -89,29 +89,29 @@ static const struct ltc_prng_descriptor prng_crypto_desc = { static void tee_ltc_reg_algs(void) { -#if defined(CFG_CRYPTO_AES) +#if defined(_CFG_CORE_LTC_AES) || defined(_CFG_CORE_LTC_AES_DESC) register_cipher(&aes_desc); #endif -#if defined(CFG_CRYPTO_DES) +#if defined(_CFG_CORE_LTC_DES) register_cipher(&des_desc); register_cipher(&des3_desc); #endif -#if defined(CFG_CRYPTO_MD5) +#if defined(_CFG_CORE_LTC_MD5) register_hash(&md5_desc); #endif -#if defined(CFG_CRYPTO_SHA1) +#if defined(_CFG_CORE_LTC_SHA1) register_hash(&sha1_desc); #endif -#if defined(CFG_CRYPTO_SHA224) +#if defined(_CFG_CORE_LTC_SHA224) register_hash(&sha224_desc); #endif -#if defined(CFG_CRYPTO_SHA256) +#if defined(_CFG_CORE_LTC_SHA256) || defined(_CFG_CORE_LTC_SHA256_DESC) register_hash(&sha256_desc); #endif -#if defined(CFG_CRYPTO_SHA384) +#if defined(_CFG_CORE_LTC_SHA384) || defined(_CFG_CORE_LTC_SHA384_DESC) register_hash(&sha384_desc); #endif -#if defined(CFG_CRYPTO_SHA512) +#if defined(_CFG_CORE_LTC_SHA512) || defined(_CFG_CORE_LTC_SHA512_DESC) register_hash(&sha512_desc); #endif register_prng(&prng_crypto_desc); |