diff --git a/include/otp_keystore.h b/include/otp_keystore.h index 8c66724b0..bf2fadead 100644 --- a/include/otp_keystore.h +++ b/include/otp_keystore.h @@ -58,10 +58,6 @@ struct KEYSTORE_HDR_PACKED wolfBoot_otp_hdr { static const char KEYSTORE_HDR_MAGIC[8] = "WOLFBOOT"; -#if !defined(KEYSTORE_ANY) && (KEYSTORE_PUBKEY_SIZE != KEYSTORE_PUBKEY_SIZE_ECC256) - #error Key algorithm mismatch. Remove old keys via 'make keysclean' -#else - #define KEYSTORE_MAX_PUBKEYS ((OTP_SIZE - OTP_HDR_SIZE) / SIZEOF_KEYSTORE_SLOT) #if (OTP_SIZE == 0) @@ -72,8 +68,6 @@ static const char KEYSTORE_HDR_MAGIC[8] = "WOLFBOOT"; #error "No space for any keystores in OTP with current algorithm" #endif -#endif /* KEYSTORE_ANY */ - #endif /* FLASH_OTP_KEYSTORE */ #endif /* OTP_KEYSTORE_H */ diff --git a/include/user_settings.h b/include/user_settings.h index 0eff5fc79..d816ced34 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -147,6 +147,7 @@ extern int tolower(int c); # elif defined(HAVE_ECC256) # define FP_MAX_BITS ((256 + 32)) # endif +# define MAX_ECC_BITS_NEEDED FP_MAX_BITS # if !defined(HAVE_ECC256) && !defined(WOLFBOOT_TPM_PARMENC) # define NO_ECC256 diff --git a/options.mk b/options.mk index 422d9339b..2638d2134 100644 --- a/options.mk +++ b/options.mk @@ -646,8 +646,6 @@ ifeq ($(WOLFCRYPT_TZ_PKCS11),1) CFLAGS+=-DWP11_HASH_PIN_COST=3 OBJS+=src/pkcs11_store.o OBJS+=src/pkcs11_callable.o - WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/aes.o - WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/rsa.o WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/pwdbased.o WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/hmac.o WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/dh.o @@ -656,6 +654,16 @@ ifeq ($(WOLFCRYPT_TZ_PKCS11),1) ./lib/wolfPKCS11/src/slot.o \ ./lib/wolfPKCS11/src/wolfpkcs11.o STACK_USAGE=16688 + ifneq ($(ENCRYPT),1) + WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/aes.o + endif + ifeq ($(findstring RSA,$(SIGN)),) + WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/rsa.o + endif + ifeq ($(findstring ECC,$(SIGN)),) + WOLFCRYPT_OBJS+=./lib/wolfssl/wolfcrypt/src/ecc.o + endif + WOLFCRYPT_OBJS+=$(MATH_OBJS) ./lib/wolfssl/wolfcrypt/src/wolfmath.o endif OBJS+=$(PUBLIC_KEY_OBJS)