Crypto: Align to Mbed Crypto 3.0.1
This patch upgrades the Crypto service to be able
to use Mbed Crypto 3.0.1:
- Updates the PSA crypto headers to latest available in mbed-crypto
- Updates the service implementation
- Updates the test suites where needed
- Updates the SST and Attestation interfaces
towards cryptographic functionalities
- Updates documentation to reflect updated
requirements, and changes in the integration guide
This patch migrates the use of psa_asymmetric_sign() and
psa_asymmetric_verify() to the non-deprecated versions of
the API psa_sign_hash() and psa_verify_hash().
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I7d8275def2336c1b5cfb8847b2842c305cfab116
diff --git a/docs/design_documents/tfm_crypto_design.rst b/docs/design_documents/tfm_crypto_design.rst
index a8e260d..9ad3312 100644
--- a/docs/design_documents/tfm_crypto_design.rst
+++ b/docs/design_documents/tfm_crypto_design.rst
@@ -62,10 +62,10 @@
| Alloc module | This module handles the allocation of contexts for multipart | ``./secure_fw/services/crypto/crypto_alloc.c`` |
| | operations in the Secure world. | |
+-----------------------------+---------------------------------------------------------------+----------------------------------------------------------------------+
- | Service modules | These modules (AEAD, Asymmetric, Cipher, Generator, Hash, Key,| ``./secure_fw/services/crypto/crypto_aead.c`` |
+ | Service modules | These modules (AEAD, Asymmetric, Cipher, Key Deriv, Hash, Key,| ``./secure_fw/services/crypto/crypto_aead.c`` |
| | MAC) represent a thin layer which is in charge of servicing | ``./secure_fw/services/crypto/crypto_asymmetric.c`` |
| | the calls from the SPE/NSPE client API interfaces. | ``./secure_fw/services/crypto/crypto_cipher.c`` |
- | | They provide parameter sanitation and context retrieval for | ``./secure_fw/services/crypto/crypto_generator.c`` |
+ | | They provide parameter sanitation and context retrieval for | ``./secure_fw/services/crypto/crypto_key_derivation.c`` |
| | multipart operations, and dispatching to the corresponding | ``./secure_fw/services/crypto/crypto_hash.c`` |
| | library function exposed by Mbed Crypto for the desired | ``./secure_fw/services/crypto/crypto_key.c`` |
| | functionality. | ``./secure_fw/services/crypto/crypto_mac.c`` |
@@ -170,7 +170,7 @@
| | configuration parameter | This is a buffer allocated in static memory. | use case and application requirements. | |
+-------------------------------+---------------------------+----------------------------------------------------------------+-----------------------------------------+----------------------------------------------------+
| ``CRYPTO_CONC_OPER_NUM`` | CMake build | This parameter defines the maximum number of possible | To be configured based on the desire | 8 |
- | | configuration parameter | concurrent operation contexts (cipher, MAC, hash and generator)| use case and platform requirements. | |
+ | | configuration parameter | concurrent operation contexts (cipher, MAC, hash and key deriv)| use case and platform requirements. | |
| | | for multi-part operations, that can be allocated simultaneously| | |
| | | at any time. | | |
+-------------------------------+---------------------------+----------------------------------------------------------------+-----------------------------------------+----------------------------------------------------+
@@ -195,4 +195,4 @@
--------------
-*Copyright (c) 2019, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*