From 698e231d928752e7877bfd5482c0fca6509108cc Mon Sep 17 00:00:00 2001
From: Max Shvetsov <maksims.svecovs@arm.com>
Date: Tue, 11 Feb 2020 12:41:08 +0000
Subject: [PATCH] Fixes ROTPK hash generation for ECDSA encryption

Forced hash generation used to always generate hash via RSA encryption.
This patch changes encryption based on ARM_ROTPK_LOCATION.
Also removes setting KEY_ALG based on ARM_ROTPL_LOCATION - there is no
relation between these two.

Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Change-Id: Id727d2ed06176a243719fd0adfa0cae26c325005
---
 plat/arm/board/common/board_common.mk | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk
index da6343045..459156b2a 100644
--- a/plat/arm/board/common/board_common.mk
+++ b/plat/arm/board/common/board_common.mk
@@ -17,7 +17,7 @@ ifneq (${ARM_CRYPTOCELL_INTEG}, 1)
 ifeq (${ARM_ROTPK_LOCATION}, regs)
 	ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID
 else ifeq (${ARM_ROTPK_LOCATION}, devel_rsa)
-	KEY_ALG := rsa
+	CRYPTO_ALG=rsa
 	ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID
 	ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin
 $(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"'))
@@ -25,7 +25,7 @@ $(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK_HASH)
 $(warning Development keys support for FVP is deprecated. Use `regs` \
 option instead)
 else ifeq (${ARM_ROTPK_LOCATION}, devel_ecdsa)
-	KEY_ALG := ecdsa
+	CRYPTO_ALG=ec
 	ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_ECDSA_ID
 	ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin
 $(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"'))
@@ -50,7 +50,7 @@ $(ARM_ROTPK_HASH) : $(HASH_PREREQUISITES)
 ifndef ROT_KEY
 	$(error Cannot generate hash: no ROT_KEY defined)
 endif
-	openssl rsa -in $< -pubout -outform DER | openssl dgst \
+	openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | openssl dgst \
 		-sha256 -binary > $@
 
 # Certificate NV-Counters. Use values corresponding to tied off values in