1#-------------------------------------------------------------------------------
2# SPDX-License-Identifier: BSD-3-Clause
3# SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
4#
5#-------------------------------------------------------------------------------
6
7set(PROVISIONING_KEYS_CONFIG      ""        CACHE FILEPATH  "The config file which has the keys and seeds for provisioning")
8
9if(BL2)
10    set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")
11else()
12    #No header if no bootloader, but keep IMAGE_CODE_SIZE the same
13    set(BL2_TRAILER_SIZE 0xC00 CACHE STRING "Trailer size")
14endif()
15
16# Platform-specific configurations
17set(TFM_MULTI_CORE_TOPOLOGY           OFF  CACHE BOOL "Enable Multicore topology")
18if (TFM_MULTI_CORE_TOPOLOGY)
19    set(TFM_NS_MAILBOX_API                ON)
20    set(TFM_PARTITION_NS_AGENT_MAILBOX    ON)
21    set(TFM_NS_CUSTOM_API                 ON)
22else()
23    set(TFM_NS_MAILBOX_API                OFF)
24    set(TFM_PARTITION_NS_AGENT_MAILBOX    OFF)
25    set(TFM_NS_CUSTOM_API                 OFF)
26endif()
27
28set(CONFIG_TFM_USE_TRUSTZONE          ON)
29set(MCUBOOT_USE_PSA_CRYPTO            ON               CACHE BOOL      "Enable the cryptographic abstraction layer to use PSA Crypto APIs")
30set(MCUBOOT_SIGNATURE_TYPE            "EC-P256"        CACHE STRING    "Algorithm to use for signature validation [RSA-2048, RSA-3072, EC-P256, EC-P384]")
31set(MCUBOOT_HW_KEY                    OFF              CACHE BOOL      "Whether to embed the entire public key in the image metadata instead of the hash only")
32set(MCUBOOT_BUILTIN_KEY               ON               CACHE BOOL      "Use builtin key(s) for validation, no public key data is embedded into the image metadata")
33
34set(PROVISIONING_CODE_PADDED_SIZE       "0x2000"  CACHE STRING    "")
35set(PROVISIONING_VALUES_PADDED_SIZE     "0x400"   CACHE STRING    "")
36set(PROVISIONING_DATA_PADDED_SIZE       "0x400"   CACHE STRING    "")
37
38set(PICO_SDK_FETCH_FROM_GIT_TAG         "2.0.0"   CACHE STRING       "Use the define Pico SDK tag for the build")
39
40set(TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH ${CMAKE_CURRENT_LIST_DIR}/mbedtls_extra_config.h CACHE PATH "Config to append to standard Mbed Crypto config, used by platforms to cnfigure feature support")
41
42set(PLATFORM_DEFAULT_PROV_LINKER_SCRIPT OFF          CACHE BOOL      "Use default provisioning linker script")
43set(ITS_ENCRYPTION                      ON           CACHE BOOL      "Enable authenticated encryption of ITS files using platform specific APIs")
44set(PLATFORM_DEFAULT_NV_SEED            OFF          CACHE BOOL      "Use default NV seed implementation.")
45set(PLATFORM_DEFAULT_OTP                OFF          CACHE BOOL      "Use trusted on-chip flash to implement OTP memory")
46set(PLATFORM_DEFAULT_NV_COUNTERS        OFF          CACHE BOOL      "Use default nv counter implementation.")
47
48set(PLATFORM_DEFAULT_CRYPTO_KEYS        OFF          CACHE BOOL      "Use default crypto keys implementation.")
49
50set(PS_NS_NV_COUNTER_IN_ITS             ON           CACHE BOOL      "Use ITS for PS and NS NV counters.")
51
52if (PS_NS_NV_COUNTER_IN_ITS)
53    # Config to append to standard TFM_SP_PLATFORM, to add dependency on ITS partition
54    set(TFM_RP2350_MANIFEST_LIST ${CMAKE_CURRENT_LIST_DIR}/manifest/tfm_manifest_list.yaml)
55else()
56    set(TFM_RP2350_MANIFEST_LIST ${CMAKE_SOURCE_DIR}/tools/tfm_manifest_list.yaml)
57endif()
58set(TFM_MANIFEST_LIST                   ${TFM_RP2350_MANIFEST_LIST} CACHE PATH "Platform specific Secure Partition manifests file" FORCE)
59