Merge changes from topic "mb/cov-fix" into integration

* changes: fix(tbbr): guard defines under MBEDTLS_CONFIG_FILE refactor(tbbr): enforce compile-time error for invalid algorithm selection
2025-04-16 17:44:19 +00:00 · 2023-10-27 22:05:35 +02:00 · 2023-10-27 22:05:35 +02:00 · ed2d256a68
commit ed2d256a68
parent a089646711 81c2e1566d
1 changed files with 10 additions and 2 deletions
--- a/include/common/tbbr/cot_def.h
+++ b/include/common/tbbr/cot_def.h
@ -32,7 +32,12 @@
 * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA
 * ones for all key sizes we support, they impose the minimum size of these
 * buffers.
+ *
+ * If the platform employs its own mbedTLS configuration, it is the platform's
+ * responsibility to define TF_MBEDTLS_USE_RSA or TF_MBEDTLS_USE_ECDSA to
+ * establish the appropriate PK_DER_LEN size.
 */
+#ifdef MBEDTLS_CONFIG_FILE
 #if TF_MBEDTLS_USE_RSA
 #if TF_MBEDTLS_KEY_SIZE == 1024
 #define PK_DER_LEN                      162
@ -45,7 +50,7 @@
 #else
 #error "Invalid value for TF_MBEDTLS_KEY_SIZE"
 #endif
-#else /* Only using ECDSA keys. */
+#elif TF_MBEDTLS_USE_ECDSA
 #if TF_MBEDTLS_KEY_SIZE == 384
 #define PK_DER_LEN                      120
 #elif TF_MBEDTLS_KEY_SIZE == 256
@ -53,7 +58,9 @@
 #else
 #error "Invalid value for TF_MBEDTLS_KEY_SIZE"
 #endif
-#endif
+#else
+#error "Invalid value of algorithm"
+#endif /* TF_MBEDTLS_USE_RSA */

 #if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256
 #define HASH_DER_LEN                    51
@ -64,5 +71,6 @@
 #else
 #error "Invalid value for TF_MBEDTLS_HASH_ALG_ID"
 #endif
+#endif /* MBEDTLS_CONFIG_FILE */

 #endif /* COT_DEF_H */