Mbed Crypto 3.0.1 ships with TF-M. To make Mbed TLS 2.22.0 compatible
with Mbed Crypto 3.0.1, changes are needed in psa_util.h (which
abstracts some portions of the PSA Crypto API for use with TLS) to deal
with new ECC curve define changes.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Add TF-M to Mbed OS, replacing the previous PSA implementation for
TF-M-capable targets. This commit adds files imported from TF-M, without
modification. The version of TF-M imported can be found in
`features/FEATURE_PSA/TARGET_TFM/VERSION.txt`.
These changes switch to TF-M as the sole PSA implementation for v8-M and
dual core targets, with TF-M running on the secure side and Mbed OS
running on the non-secure side. Single core v7-M targets will continue
to have PSA implemented via PSA emulation, implemented by Mbed OS.
Move or remove many PSA-implementing files, as PSA will be provided by
TF-M on non-single-v7-M targets. Delete any files that are not relevant
for PSA emulation mode.
- Remove imported TF-M SPM
- Remove Mbed SPM and tests
- Remove Mbed-implemented PSA services and tests
- Remove PSA_SRV_IMPL, PSA_SRV_IPC, PSA_SRV_EMUL and NSPE.
- Replace PSA_SRV_EMUL and PSA_SRV_IMPL with MBED_PSA_SRV
- Remove any files autogenerated by
"tools/psa/generate_partition_code.py", which no longer exists.
Add new feature `PSA` to support PSA in Mbed OS.
Move the Mbed OS implementation of PSA services for v7-M targets (which
employ PSA emulation, and don't yet use TF-M) to
features/FEATURE_PSA/TARGET_MBED_PSA_SRV. Update the `requires`
attribute in TESTS/configs/baremetal.json to avoid breaking baremetal
testing builds.
Update .astyleignore to match new directory structure
Update Mbed TLS importer to place files into FEATURE_PSA
Create the following generic PSA targets:
* `PSA_Target` (Root level PSA generic target)
* `PSA_V7_M` (Single v7-M PSA generic target)
* `PSA_DUAL_CORE` (Dual-core PSA generic target)
* `PSA_V8_M` (v8-M PSA generic target)
Flatten MUSCA_NS and private MUSCA targets into public MUSCA targets.
Move mcuboot.bin to flat location (removing prebuilt folder)
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
TF-M provides its own PSA headers for TF-M targets. Single v7-M targets
need to get PSA crypto from Mbed Crypto.
Note that we don't yet move crypto_struct.h to its new location. This is
to avoid breaking v8-M targets for the time being. When TF-M provides
the PSA implementation on v8-M, we will add crypto_struct.h to the
correct place.
Likewise, none of the PSA-implementing source is moved out of
COMPONENT_PSA_SRV_IMPL yet, as still must not be built for PSA NS
targets. When PSA NS targets switch to using TF-M provided
implementations rather than MBED_PSA_SRV, we can take the source out of
COMPONENT_PSA_SRV_IMPL.
Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
When using Mbed Crypto's PSA Entropy Injection feature on Mbed OS, it is
not required to opt out of having entropy sources added to your entropy
contexts by default (via MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES).
As integrated in Mbed OS, MBEDTLS_PSA_INJECT_ENTROPY is compatible with
actual entropy sources. PSA entropy injection is implemented using the
standard Mbed TLS NV Seed feature, and is as compatible with other
entropy sources as the standard Mbed TLS NV Seed feature which does
support entropy mixing.
Enable the compile-time option MBEDTLS_AES_ROM_TABLES in the mbed TLS
main config.h file in mbed OS. This option has the effect of labelling
the AES tables as 'const' so they are placed in ROM, which saves some
RAM space.
Update the current version of mbed TLS with the development HEAD of the
mbed TLS project repository. This mostly includes the latest CMAC
feature. Also, update the version in the importer Makefile and
VERSION.txt with the hash of the mbed TLS commit that was sync'ed.
Jaeden Amero
Devaraj Ranganna
Darryl Green
k-stachowiak
Simon Butcher
Jaeden Amero
Krzysztof Stachowiak
Cruz Monrreal
Yossi Levy
Andres Amaya Garcia
Hanno Becker
Sam Grove