Merge "TBBR: Reduce size of ECDSA key buffers" into integration

564074c2 · Sandrine Bailleux · TrustedFirmware Code Review · b296bb10 · 495599cd · 564074c2
Commit 564074c2 authored Feb 19, 2020 by Sandrine Bailleux Committed by TrustedFirmware Code Review Feb 19, 2020
--- a/drivers/auth/tbbr/tbbr_cot.c
+++ b/drivers/auth/tbbr/tbbr_cot.c
 /*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -18,7 +18,12 @@


 /*
- * Maximum key and hash sizes (in DER format)
+ * Maximum key and hash sizes (in DER format).
+ *
+ * Both RSA and ECDSA keys may be used at the same time. In this case, the key
+ * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA
+ * ones for all key sizes we support, they impose the minimum size of these
+ * buffers.
 */
 #if TF_MBEDTLS_USE_RSA
 #if TF_MBEDTLS_KEY_SIZE == 1024
@@ -32,8 +37,8 @@
 #else
 #error "Invalid value for TF_MBEDTLS_KEY_SIZE"
 #endif
-#else
-#define PK_DER_LEN			294
+#else /* Only using ECDSA keys. */
+#define PK_DER_LEN			91
 #endif

 #define HASH_DER_LEN			83