Skip to content

Commit 53a7f64

Browse files
dgarskedgarske
authored
Merge pull request #451 from danielinux/pkcs11-fix-non-ecc-build
Fix building PKCS11 TrustZone with any authentication algorithm
2 parents 971cbe0 + 7b3328f commit 53a7f64

File tree

3 files changed

+15
-9
lines changed

3 files changed

+15
-9
lines changed

include/otp_keystore.h

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -58,10 +58,6 @@ struct KEYSTORE_HDR_PACKED wolfBoot_otp_hdr {
5858

5959
static const char KEYSTORE_HDR_MAGIC[8] = "WOLFBOOT";
6060

61-
#if !defined(KEYSTORE_ANY) && (KEYSTORE_PUBKEY_SIZE != KEYSTORE_PUBKEY_SIZE_ECC256)
62-
#error Key algorithm mismatch. Remove old keys via 'make keysclean'
63-
#else
64-
6561
#define KEYSTORE_MAX_PUBKEYS ((OTP_SIZE - OTP_HDR_SIZE) / SIZEOF_KEYSTORE_SLOT)
6662

6763
#if (OTP_SIZE == 0)
@@ -72,8 +68,6 @@ static const char KEYSTORE_HDR_MAGIC[8] = "WOLFBOOT";
7268
#error "No space for any keystores in OTP with current algorithm"
7369
#endif
7470

75-
#endif /* KEYSTORE_ANY */
76-
7771
#endif /* FLASH_OTP_KEYSTORE */
7872

7973
#endif /* OTP_KEYSTORE_H */

include/user_settings.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@ extern int tolower(int c);
130130

131131

132132
/* Curve */
133-
# ifdef WOLFBOOT_SIGN_ECC256
133+
# if defined(WOLFBOOT_SIGN_ECC256) || defined(WOLFCRYPT_SECURE_MODE)
134134
# define HAVE_ECC256
135135
# elif defined(WOLFBOOT_SIGN_ECC384)
136136
# define HAVE_ECC384

options.mk

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -646,8 +646,6 @@ ifeq ($(WOLFCRYPT_TZ_PKCS11),1)
646646
CFLAGS+=-DWP11_HASH_PIN_COST=3
647647
OBJS+=src/pkcs11_store.o
648648
OBJS+=src/pkcs11_callable.o
649-
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/aes.o
650-
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/rsa.o
651649
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/pwdbased.o
652650
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/hmac.o
653651
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/dh.o
@@ -656,6 +654,20 @@ ifeq ($(WOLFCRYPT_TZ_PKCS11),1)
656654
./lib/wolfPKCS11/src/slot.o \
657655
./lib/wolfPKCS11/src/wolfpkcs11.o
658656
STACK_USAGE=16688
657+
ifneq ($(ENCRYPT),1)
658+
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/aes.o
659+
endif
660+
ifeq ($(findstring RSA,$(SIGN)),)
661+
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/rsa.o
662+
endif
663+
ifeq ($(findstring ECC,$(SIGN)),)
664+
WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/ecc.o
665+
endif
666+
ifeq ($(findstring RSA,$(SIGN)),)
667+
ifeq ($(findstring ECC,$(SIGN)),)
668+
WOLFCRYPT_OBJS+=$(MATH_OBJS) ./lib/wolfssl/wolfcrypt/src/wolfmath.o
669+
endif
670+
endif
659671
endif
660672

661673
OBJS+=$(PUBLIC_KEY_OBJS)

0 commit comments

Comments
 (0)