1 /*
2  *  Minimal configuration for using TLS in the bootloader
3  *
4  *  Copyright (C) 2006-2021, ARM Limited, All Rights Reserved
5  *  Copyright (C) 2016, Linaro Ltd
6  *  SPDX-License-Identifier: Apache-2.0
7  *
8  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
9  *  not use this file except in compliance with the License.
10  *  You may obtain a copy of the License at
11  *
12  *  http://www.apache.org/licenses/LICENSE-2.0
13  *
14  *  Unless required by applicable law or agreed to in writing, software
15  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  *  See the License for the specific language governing permissions and
18  *  limitations under the License.
19  *
20  *  This file is part of mbed TLS (https://tls.mbed.org)
21  */
22 
23 /*
24  * Minimal configuration for using TLS in the bootloader
25  *
26  * - RSA signature verification + NIST Keywrapping support
27  */
28 
29 #ifndef MCUBOOT_MBEDTLS_CONFIG_RSA_KW
30 #define MCUBOOT_MBEDTLS_CONFIG_RSA_KW
31 
32 #ifdef CONFIG_MCUBOOT_SERIAL
33 /* Mcuboot uses mbedts-base64 for serial protocol encoding. */
34 #define MBEDTLS_BASE64_C
35 #endif
36 
37 /* System support */
38 #define MBEDTLS_PLATFORM_C
39 #define MBEDTLS_PLATFORM_MEMORY
40 #define MBEDTLS_MEMORY_BUFFER_ALLOC_C
41 #define MBEDTLS_NO_PLATFORM_ENTROPY
42 #define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
43 
44 /* STD functions */
45 #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
46 
47 #define MBEDTLS_PLATFORM_EXIT_ALT
48 #define MBEDTLS_PLATFORM_PRINTF_ALT
49 #define MBEDTLS_PLATFORM_SNPRINTF_ALT
50 
51 #if !defined(CONFIG_ARM)
52 #define MBEDTLS_HAVE_ASM
53 #endif
54 
55 #define MBEDTLS_RSA_C
56 #define MBEDTLS_PKCS1_V21
57 
58 #define MBEDTLS_CIPHER_MODE_CTR
59 
60 /* mbed TLS modules */
61 #define MBEDTLS_ASN1_PARSE_C
62 #define MBEDTLS_BIGNUM_C
63 #define MBEDTLS_MD_C
64 #define MBEDTLS_OID_C
65 #define MBEDTLS_SHA256_C
66 #define MBEDTLS_SHA256_SMALLER
67 #define MBEDTLS_SHA224_C
68 #define MBEDTLS_AES_C
69 #define MBEDTLS_CIPHER_C
70 #define MBEDTLS_NIST_KW_C
71 
72 /* Save RAM by adjusting to our exact needs */
73 #define MBEDTLS_MPI_MAX_SIZE              256
74 
75 #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
76 
77 /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
78 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
79 
80 #endif /* MCUBOOT_MBEDTLS_CONFIG_RSA_KW */
81