ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
25,693 Commits
52 Branches
336 Tags
628 MiB
Commit Graph

186 Commits (cae7427717c5b51a9b73b636fcbcbf96645ce959)

Author SHA1 Message Date
Michael Schwarcz f9fbd6ae82 Align PSA SPM tests to TF-M 2019-03-03 10:55:42 +02:00
Oren Cohen 483b23c318 Fix SPM warnings 2019-03-03 10:54:55 +02:00
Oren Cohen dfbc7b6b7a Adapt partitons 2019-03-03 10:54:54 +02:00
Oren Cohen aad114aa55 Genrerate SPM data 2019-03-03 10:54:54 +02:00
Cruz Monrreal befed111f5
Merge pull request #9668 from moranpeker/psa-init-attestation 
PSA Initial Attestation service
 2019-02-28 18:25:16 -06:00
Moran Peker 83d084afef add casting to increased void pointer 2019-02-28 20:30:05 +02:00
Moran Peker 116e14ade6 change license to file that mostly based on TF-M implementation 
from Apache-2.0 to BSD-3-Clause
 2019-02-28 16:00:53 +02:00
Moran Peker 2b8621aa6c initialized psa_hash_operation_t to zeros before calling hash_setup 
-initialized  psa_hash_operation_t to zeros
-fix TF-M attestation code - increase t_cose_crypto_hash bytes to
handle max psa_hash_operation_t size
 2019-02-28 15:54:45 +02:00
Moran Peker 6346442f03 Add SW_SIGNER_ID data to boot status 2019-02-28 15:52:16 +02:00
Moran Peker bca8091e52 astyle fix 2019-02-28 14:13:24 +02:00
itayzafrir 362c307d84 Free dynamic memory in crypto proxy 2019-02-28 11:36:31 +02:00
Moran Peker 49c6a1caaf fix void pointer increasing with bytes 2019-02-28 11:17:31 +02:00
avolinski e4c7144355 Prevent compiler warning, converting psa_key_policy_t to const in call to psa_set_key_policy 2019-02-27 18:57:58 +02:00
Moran Peker b847138819 astyle fix 2019-02-27 16:33:06 +02:00
Martin Kojtal 7656891179
Merge pull request #9638 from itayzafrir/crypto-access-control 
Crypto Service - keys access control
 2019-02-27 14:47:49 +01:00
Moran Peker 97a9652f3f Use less stack 2019-02-27 15:34:22 +02:00
Moran Peker 4a2b06ed0d Remove includes from mbedtls 2019-02-27 15:04:28 +02:00
Moran Peker 6e3d238ffd Styling 2019-02-27 15:03:45 +02:00
Moran Peker 47f59b16cb Correct psa-crypto include 2019-02-27 15:02:47 +02:00
Moran Peker 89ac1075df Documented any non apache files 2019-02-27 14:14:45 +02:00
Moran Peker 7dd58b99cc Add free to allocated buffer while error 2019-02-27 14:14:33 +02:00
Moran Peker a268b81a57 Remove extra buffers used 
outputting straight into the final destination
 2019-02-27 14:14:32 +02:00
Moran Peker 25fa5a6138 Remove TEMP_IMPL_ID_DATA and TEMP_IMPL_ID_DATA_SIZE 
remove from public header into attestation_bootloader_data.c and add
const to impl_id_data
 2019-02-27 14:14:31 +02:00
Moran Peker c97cecc273 Update TFM attestation code to latest version 
The latest and greatest version is:
c43181daf54f69f53de58593a50dd6a9c233eecd

- Add new header file and implement tfm_memcpy (used in
attetstaion_core c file)
 2019-02-27 14:14:30 +02:00
Moran Peker 2810d369f9 Remove incorrect free place 2019-02-27 14:14:29 +02:00
Moran Peker 661e2f92aa Remove header files from inc into services/attestation folder 2019-02-27 14:14:29 +02:00
Moran Peker f02f6e3cf9 Add newline at end of file and remove un needed commant 2019-02-27 14:14:28 +02:00
Moran Peker 92a9b3f736 Remove calling to "psa_crypto_init()" 
No need to call psa_crypto_init before crypto operations
we assume init already called before. if not an error will return.
 2019-02-27 14:14:28 +02:00
Moran Peker 2e7738b8eb astyle fix 2019-02-27 14:14:27 +02:00
Moran Peker 41bd381462 General fixes of spelling, newline, un needed code 
-Correct spelling errors
-Add newline at end of file
-Remove un needed code
 2019-02-27 14:14:27 +02:00
Moran Peker de3ee8e376 Using goto exit in attest_public_key_sha256 function 2019-02-27 14:14:26 +02:00
Moran Peker d3c9860360 Free allocated buffers 2019-02-27 14:14:26 +02:00
Moran Peker d9b22da91d Remove calling to psa_crypto_init 
- no need to call psa_crypto_init before crypto operations
we assume init already called before. if not an error will return.
 2019-02-27 14:14:25 +02:00
Moran Peker aa5b79a480 generated file update 2019-02-27 14:14:24 +02:00
Moran Peker e60af99edb Attestation: Add comments from temporary data 2019-02-27 14:14:24 +02:00
Moran Peker 2720b5a73d Update include psa_defs -> psa/client 2019-02-27 14:14:23 +02:00
Moran Peker f8e4626098 Attestation: move t_code folder place 2019-02-27 14:14:22 +02:00
Moran Peker b3c6f709ca Attestation: move qcbor folder place 2019-02-27 14:14:21 +02:00
Moran Peker bd7061eaba Attestation: Add close key after open key 2019-02-27 14:14:20 +02:00
Moran Peker 715305accf Attestation: update boot status data 
Epoc data to be 2 bytes instead of 4
 2019-02-27 14:14:20 +02:00
Moran Peker e0c5df50be Attestation: Add parameter and entry size checks 2019-02-27 14:14:19 +02:00
Moran Peker 773fa44205 Update attestation asymmetric sign to use deterministic alg 
- Add PSA_KEY_USAGE_VERIFY to attesttaion key usage
- Set deterministic alg to attestation key policy
- Call asymmetric sign with deterministic alg
 2019-02-27 14:14:18 +02:00
Moran Peker 70a14b2f3a Update to last version of TFM-Attesttaion code 
-update TFM attestation files
-update attest_crypto.c and psa_attestation_stubs.c file to support TFM
code changes
 2019-02-27 14:14:18 +02:00
Moran Peker 2117a26cb1 Get security lifecycle by psa_security_lifecycle_state function 
-Add bug fix for psa_security_lifecycle_state function - PR #9745
-Remove lifecycle data from temp boot status data
-Update attesttation_partition_json file to use
PSA_PLATFORM_LC_GET and generate partition
code - auto generated files update
 2019-02-27 14:14:17 +02:00
Moran Peker 4101ee92df Add checks ,initialization,remove unneeded code and files license update 2019-02-27 14:14:14 +02:00
Moran Peker 080f4f4e69 Attestation: Update iat claims data 
Add more iat claims: profile definition and verification service
Update boot status data: add more SW components for SW_S_NS module
 2019-02-27 14:14:13 +02:00
Moran Peker 636753b404 Attestation: Add a new define for attestation private key id 2019-02-27 14:14:13 +02:00
Moran Peker 0a0bb04dfa Attestation: Change files license to Apache 
change all files except tfm code.
 2019-02-27 14:14:12 +02:00
Moran Peker 8fc9c8fdab Attestation: astyle fixs 
Runing astyle over attestation file to pass CI
 2019-02-27 14:14:11 +02:00
Moran Peker a994499bf3 Atteststaion: Update header files 
-Remove psa_initial_attesttaion.h
-Move psa_initial_attesttaion_api.h and psa_attest_inject_key.h into
inc folder
-Update include in test file
 2019-02-27 14:14:11 +02:00
Moran Peker 9a4ea3d319 Add PSA Initial Attestation service 
Attestation service can create a token on request, which contains a fix set of
device specific data.
Implementation:
-‘psa_initial_attest_get_token_size’- get exact size of initial attestation token in bytes.
-‘psa_initial_attest_get_token’- get the initial attestation token.
-‘psa_attestation_inject_key’ - Generate or import the attestation key pair and export the public part.

-Including CBOR lib and TFM attestation implemantation.
-Temporary claim’s data – no bootloader over V7 Single & Dual
 2019-02-27 14:14:08 +02:00
Martin Kojtal 5ab69d5d6b
Merge pull request #9575 from itayzafrir/crypto-64-bit-key-ids 
Crypto IPC 64 bit key ids for ITS
 2019-02-27 09:29:18 +01:00
Netanel Gonen 3e89a05e0b add invalid argument incase receiving uid==0 2019-02-26 18:35:38 +02:00
Netanel Gonen d2eb2e4eb5 add backward support to error values 2019-02-26 18:27:15 +02:00
itayzafrir fc2b0726b6 Remove duplicate inclusion of header files 
Remove duplicate inclusion of psa/client.h and psa/service.h
 2019-02-26 12:30:20 +02:00
itayzafrir ca94dc8673 Define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER 
This enables crypto encoding an owner in key file IDs.
Added a static assert check in client side proxy.
 2019-02-26 12:30:20 +02:00
itayzafrir 3992b83a52 crypto service: Assemble bit crypto key ids 2019-02-26 12:30:20 +02:00
itayzafrir 2b9b29455f crypto service: Remove unused IPC argument and unneeded casts 2019-02-26 12:27:55 +02:00
Cruz Monrreal ed350dc533
Merge pull request #9758 from NirSonnenschein/large_buffer_support_for_hash_and_mac 
allow hash or mac on large buffers with less memory use
 2019-02-25 10:34:14 -06:00
Netanel Gonen b5b0e981f8 reopening #9754 after the changes where overrun 
changing the SPM error codes from invalid argument to bad state aligned to PSA spec
 2019-02-25 11:55:47 +02:00
Nir Sonnenschein 1d4c280d2a a-style fix for unrelated code 2019-02-25 00:46:06 +02:00
itayzafrir 37cc25726c Add internal documentation to access control header file 
This file is for internal use only.
 2019-02-24 15:07:54 +02:00
itayzafrir 0c231b0ac9 Move include psa_crypto_core.h to C file 2019-02-24 15:07:54 +02:00
itayzafrir 672712ca8a Add SPM_PANIC macro for TARGET_TFM 2019-02-24 15:07:54 +02:00
itayzafrir 99032f6967 Change PSA_CRYPTO_ACCESS_CONTROL_RESET into static inline function 2019-02-24 15:07:54 +02:00
itayzafrir 0ecd2c5da1 crypto service: Crypto access control 
Implement crypto keys access control in crypto service:
- Only the key owner (the partition which created the key)
  is allowed to manage (import/export/open/close/destroy/etc.)
  the key.
- Only the key owner (the partition which created the key)
  is allowed to use the key handle for crypto operations which
  require a key handle.
 2019-02-24 15:07:54 +02:00
Nir Sonnenschein 84b618704b fix comment issues 2019-02-24 14:32:36 +02:00
Nir Sonnenschein ffaf083b75 a-style fixes for code 2019-02-24 14:25:25 +02:00
Netanel Gonen 165719d11f return the new values for key type & size even if function fails 2019-02-24 11:24:12 +02:00
Cruz Monrreal 497d0d65c3
Merge pull request #9802 from orenc17/patch-2 
Fix psa_system_reset() on PSA IPC platform
 2019-02-21 17:31:11 -06:00
Cruz Monrreal 870bd05904
Merge pull request #9708 from davidsaada/david_protected_storage 
Implement PSA protected storage & restructure PSA storage implementation
 2019-02-21 17:30:56 -06:00
Oren Cohen 922cdeab82 Update crypto IPC handling of negative errors 2019-02-21 20:59:18 +02:00
David Saada 41eb5cbfd9 Implement PSA protected storage & restructure PSA storage implementation 
- Move all PSA storage code under psa/storage directory
- Create a global PSA error codes header, eliminating ITS specific ones
- Create a common header file for PSA storage type definitions,
  eliminating ITS specific ones
- Create a common implementation for PS & ITS
- Implement protected storage feature
- Change ITS test to be common to PS as well
 2019-02-21 20:58:59 +02:00
Oren Cohen 6b68bf7fdf
Fix psa_system_reset on PSA IPC platform 2019-02-21 19:50:02 +02:00
Cruz Monrreal 813c844fb4
Merge pull request #9745 from moranpeker/psa_security_lifecycle 
Fix incorrect return value in psa_security_lifecycle_state (emul)
 2019-02-20 12:12:56 -06:00
Cruz Monrreal 9f6ee7db66
Merge pull request #9754 from netanelgonen/SPM_return_value 
Fix SPM returning the wrong value
 2019-02-19 15:29:48 -06:00
Cruz Monrreal 4c04771c5d
Merge pull request #9653 from kfnta/tfm_src_integ 
TF-M sources integration to Mbed-OS
 2019-02-19 15:28:44 -06:00
Nir Sonnenschein 4a4af57c22 allow calling hash or mac on large buffers without large memory allocation 
use a fixed size buffer for large inputs to process the input
in multiple smaller pieces.
 2019-02-19 15:49:52 +02:00
Michael Schwarcz cf3fd858ad Align existing partitions to work with TF-M 
- ITS
- Crypto
- Platform
 2019-02-19 15:19:01 +02:00
Netanel Gonen 1a87f24955 support in more types then just RSA_KEYPAIR 
if the type is not supported the psa_crypto will return the error code
for unsupported
 2019-02-19 14:47:11 +02:00
Netanel Gonen d0dae03d01 Fix SPM returning the wrong value 2019-02-19 12:56:41 +02:00
Moran Peker fb9ae2faae Fix incorrect return value in psa_security_lifecycle_state (emul) 
psa_security_lifecycle_state should return uint32_t of the security
lifecycle state.
bug: psa_platfrom_lifecycle_get_impl return value
is psa_status_t.
 2019-02-17 14:28:53 +02:00
Cruz Monrreal c07410d78c
Merge pull request #9628 from kfnta/bare-metal-updates 
Bare metal mbed_lib updates
 2019-02-14 09:13:34 -06:00
Oren Cohen b5e8492458
Add PSA mbed-lib.json 2019-02-13 20:36:01 +02:00
Oren Cohen 45c44eb07c Fix dependencies of platform partition 2019-02-13 17:10:12 +02:00
itayzafrir b7b85516cb crypto service: Add documentation 2019-01-31 17:17:58 +02:00
Oren Cohen ea9f104463 Fix Licenses 2019-01-31 17:17:58 +02:00
Oren Cohen 5d448d758c Astyle 2019-01-31 17:17:57 +02:00
Oren Cohen 20478ba654 Last update 2019-01-31 17:17:57 +02:00
Oren Cohen b0cbe815ec Regenerate SPM data 2019-01-31 17:17:57 +02:00
Oren Cohen 98707d047b Fix Typo 2019-01-31 17:17:57 +02:00
Alexander Zilberkant 95f8dbce7b Add new platform partition 2019-01-31 17:17:56 +02:00
Oren Cohen cae1ebf33d Add new ITS reset SID 
Only accessible from SPE
 2019-01-31 17:17:55 +02:00
Oren Cohen 156d3b785b Replace psa_prot_internal_storage.h with psa/internal_trusted_storage.h 2019-01-31 17:17:54 +02:00
Oren Cohen 642fce5022 ITS 1.0 2019-01-31 17:17:54 +02:00
Oren Cohen 34895a05ad CR fixes 2019-01-31 17:17:54 +02:00
Oren Cohen 8841ba69f8 Align to new spec changes and prep for TFM SPM 
# Conflicts:
#	components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
#	components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
 2019-01-31 17:17:53 +02:00
Oren Cohen 99b8eafc35 Align with PSA spec 
* psa_error_t -> psa_status_t
* psa_invec_t -> psa_invec
* psa_outvec_t -> psa_outvec
* Use new PSA headers
 2019-01-31 17:16:41 +02:00
itayzafrir 861fb0cbf0 crypto service: Implement function psa_hash_clone over IPC 2019-01-29 11:43:27 +02:00
itayzafrir 81a4ff6425 crypto service: Implement IPC according to Mbed Crypto 1.0.0d1 API 
1. Removed obsolete crypto APIs from IPC implementation.
2. Updated existing crypto APIs in IPC implementation.
3. Added new crypto APIs to IPC implemntation (except for psa_hash_clone).
 2019-01-29 11:43:27 +02:00