diff mbox series

[Concept,01/15] mbedtls: Allow use of XTS functions

Message ID 20251111124131.1198930-2-sjg@u-boot.org
State New
Headers
Series luks: Provide support for LUKSv2 |

Commit Message

Simon Glass Nov. 11, 2025, 12:41 p.m. UTC 
  From: Simon Glass <simon.glass@canonical.com>

Add a few Kconfig options to support XTS (XEX Tweakable Block Ciphertext
Stealing).

Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
---

 lib/mbedtls/Makefile             | 4 ++++
 lib/mbedtls/mbedtls_def_config.h | 7 +++++++
 2 files changed, 11 insertions(+)
diff mbox series

Patch

diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 0506a5a6b3e..257f585c013 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -37,6 +37,10 @@  mbedtls_lib_crypto-$(CONFIG_$(PHASE_)HKDF_MBEDTLS) += \
 	$(MBEDTLS_LIB_DIR)/hkdf.o
 mbedtls_lib_crypto-$(CONFIG_$(PHASE_)PKCS5_MBEDTLS) += \
 	$(MBEDTLS_LIB_DIR)/pkcs5.o
+mbedtls_lib_crypto-$(CONFIG_$(PHASE_)BLK_LUKS) += \
+	$(MBEDTLS_LIB_DIR)/aes.o \
+	$(MBEDTLS_LIB_DIR)/cipher.o \
+	$(MBEDTLS_LIB_DIR)/cipher_wrap.o
 
 # MbedTLS X509 library
 obj-$(CONFIG_$(XPL_)MBEDTLS_LIB_X509) += mbedtls_lib_x509.o
diff --git a/lib/mbedtls/mbedtls_def_config.h b/lib/mbedtls/mbedtls_def_config.h
index 9e3beed07f4..a0578d33ba6 100644
--- a/lib/mbedtls/mbedtls_def_config.h
+++ b/lib/mbedtls/mbedtls_def_config.h
@@ -64,6 +64,12 @@ 
 #define MBEDTLS_PKCS5_C
 #endif
 
+#if CONFIG_IS_ENABLED(BLK_LUKS)
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CIPHER_MODE_XTS
+#define MBEDTLS_AES_C
+#endif
+
 #if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
 
 #if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER)
@@ -104,6 +110,7 @@ 
 #define MBEDTLS_SSL_CLI_C
 #define MBEDTLS_SSL_TLS_C
 #define MBEDTLS_CIPHER_C
+#define MBEDTLS_CIPHER_MODE_XTS
 #define MBEDTLS_MD_C
 #define MBEDTLS_CTR_DRBG_C
 #define MBEDTLS_AES_C