Page MenuHomePhabricator

Non-CC312 Crypto Acceleration Engine
Closed, ResolvedPublic


At the bottom of <tf-m>/platform/ext/common/tfm_mbedcrypto_config.h, it looks to me that, for the platform that does NOT use CC312 as H.W. Crypto Acceleration Engine, one should define MBEDTLS_USER_CONFIG_FILE to include its own definitions, instead of including "mbedtls_accelerator_config.h", which is for CC312.

tfm_mbedcrypto_config.h (MBEDTLS_CONFIG_FILE)

    #include "mbedtls_accelerator_config.h"  # for CC312

    #if defined(MBEDTLS_USER_CONFIG_FILE)    # for other H.W. Acceleration Engine

In my bare knowledge, to build Isolation level 2, H.W. Crypto Acceleration Engine has to be built with crypto service (<tf-m>/secure_fw/services/crypto/CMakeLists.txt), by defining:


However, it would only work by enabling CRYPTO_HW_ACCELERATOR, which in turn will include "mbedtls_accelerator_config.h" (under <tf-m>/platform/ext/common/cc312/).

Is it by design that one should always define CRYPTO_HW_ACCELERATOR and include CC312 header file then override it (by MBEDTLS_USER_CONFIG_FILE) ?

Event Timeline

AlamyLiu created this task.Dec 28 2019, 3:26 AM
AlamyLiu closed this task as Resolved.Jan 4 2020, 12:38 AM
AlamyLiu claimed this task.

The problem is solved.

Provide own "mbedtls_accelerator_config.h"