1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 20 #include <zephyr/kernel.h> 21 #include <string.h> 22 23 #include "os/os_heap.h" 24 25 #ifdef CONFIG_BOOT_USE_MBEDTLS 26 27 #include <mbedtls/platform.h> 28 #include <mbedtls/memory_buffer_alloc.h> 29 30 /* 31 * This is the heap for mbed TLS. The value needed depends on the key 32 * size and algorithm used. 33 * 34 * - RSA-2048 signing without encryption is known to work well with 6144 bytes; 35 * - When using RSA-2048-OAEP encryption + RSA-2048 signing, or RSA-3072 36 * signing (no encryption) 10240 bytes seems to be enough. 37 * 38 * NOTE: RSA-3072 signing + RSA-2048-OAEP might require growing the size... 39 */ 40 #if (CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN == 2048) && !defined(CONFIG_BOOT_ENCRYPT_RSA) 41 #define CRYPTO_HEAP_SIZE 6144 42 #else 43 # if !defined(MBEDTLS_RSA_NO_CRT) 44 # define CRYPTO_HEAP_SIZE 12032 45 # else 46 # define CRYPTO_HEAP_SIZE 16384 47 # endif 48 #endif 49 50 static unsigned char mempool[CRYPTO_HEAP_SIZE]; 51 52 /* 53 * Initialize mbedtls to be able to use the local heap. 54 */ os_heap_init(void)55void os_heap_init(void) 56 { 57 mbedtls_memory_buffer_alloc_init(mempool, sizeof(mempool)); 58 } 59 #else os_heap_init(void)60void os_heap_init(void) 61 { 62 } 63 #endif 64
