mbedtls: add support for the P256M driver

Add support for the CortexM optimized implementation of secp256r1 code. It supports: - import & export - key agreement - sign & verify Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2024-05-20 14:10:53 +02:00 · 2024-05-20 14:10:53 +02:00 · 185ec2bf78
commit 185ec2bf78
parent 2871c87aae
3 changed files with 20 additions and 0 deletions
--- a/modules/mbedtls/CMakeLists.txt
+++ b/modules/mbedtls/CMakeLists.txt
@ -134,6 +134,14 @@ zephyr_interface_library_named(mbedTLS)
      )
    endif()

+    if(CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED)
+      list(APPEND crypto_source
+        ${ZEPHYR_CURRENT_MODULE_DIR}/3rdparty/p256-m/p256-m_driver_entrypoints.c
+        ${ZEPHYR_CURRENT_MODULE_DIR}/3rdparty/p256-m/p256-m/p256-m.c
+      )
+      zephyr_library_include_directories(${ZEPHYR_CURRENT_MODULE_DIR}/library)
+    endif()
+
    list(APPEND crypto_source
      ${ZEPHYR_CURRENT_MODULE_DIR}/library/pem.c
      ${ZEPHYR_CURRENT_MODULE_DIR}/library/pkcs12.c
--- a/modules/mbedtls/Kconfig.tls-generic
+++ b/modules/mbedtls/Kconfig.tls-generic
@ -502,6 +502,14 @@ config MBEDTLS_LMS
 	depends on MBEDTLS_SHA256
 	select PSA_WANT_ALG_SHA_256

+config MBEDTLS_PSA_P256M_DRIVER_ENABLED
+	bool "P256-M driver"
+	depends on MBEDTLS_PSA_CRYPTO_C
+	imply PSA_WANT_ALG_SHA_256
+	help
+	  Enable support for the optimized sofware implementation of the secp256r1
+	  curve.
+
 config MBEDTLS_SSL_DTLS_CONNECTION_ID
 	bool "DTLS Connection ID extension"
 	depends on MBEDTLS_DTLS
--- a/modules/mbedtls/configs/config-tls-generic.h
+++ b/modules/mbedtls/configs/config-tls-generic.h
@ -457,6 +457,10 @@
 #define MBEDTLS_PSA_CRYPTO_C
 #define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS

+#if defined(CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED)
+#define MBEDTLS_PSA_P256M_DRIVER_ENABLED
+#endif
+
 #if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_PICOLIBC)
 #define MBEDTLS_PSA_KEY_SLOT_COUNT     64
 #define MBEDTLS_PSA_CRYPTO_STORAGE_C