ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
23,587 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

229 Commits (d5295dbde2727c9b51f9a10c8d388750e3aa20a6)

Author SHA1 Message Date
Oren Cohen a65baf55c6 Update psa_wait() and client_id 2019-03-03 10:54:53 +02:00
Cruz Monrreal befed111f5
Merge pull request #9668 from moranpeker/psa-init-attestation 
PSA Initial Attestation service
 2019-02-28 18:25:16 -06:00
Moran Peker 83d084afef add casting to increased void pointer 2019-02-28 20:30:05 +02:00
Moran Peker 116e14ade6 change license to file that mostly based on TF-M implementation 
from Apache-2.0 to BSD-3-Clause
 2019-02-28 16:00:53 +02:00
Moran Peker 2b8621aa6c initialized psa_hash_operation_t to zeros before calling hash_setup 
-initialized  psa_hash_operation_t to zeros
-fix TF-M attestation code - increase t_cose_crypto_hash bytes to
handle max psa_hash_operation_t size
 2019-02-28 15:54:45 +02:00
Moran Peker 6346442f03 Add SW_SIGNER_ID data to boot status 2019-02-28 15:52:16 +02:00
Moran Peker bca8091e52 astyle fix 2019-02-28 14:13:24 +02:00
itayzafrir 362c307d84 Free dynamic memory in crypto proxy 2019-02-28 11:36:31 +02:00
Moran Peker 49c6a1caaf fix void pointer increasing with bytes 2019-02-28 11:17:31 +02:00
avolinski e4c7144355 Prevent compiler warning, converting psa_key_policy_t to const in call to psa_set_key_policy 2019-02-27 18:57:58 +02:00
Moran Peker b847138819 astyle fix 2019-02-27 16:33:06 +02:00
Martin Kojtal 7656891179
Merge pull request #9638 from itayzafrir/crypto-access-control 
Crypto Service - keys access control
 2019-02-27 14:47:49 +01:00
Moran Peker 97a9652f3f Use less stack 2019-02-27 15:34:22 +02:00
Moran Peker 4a2b06ed0d Remove includes from mbedtls 2019-02-27 15:04:28 +02:00
Moran Peker 6e3d238ffd Styling 2019-02-27 15:03:45 +02:00
Moran Peker 47f59b16cb Correct psa-crypto include 2019-02-27 15:02:47 +02:00
Moran Peker 89ac1075df Documented any non apache files 2019-02-27 14:14:45 +02:00
Moran Peker 7dd58b99cc Add free to allocated buffer while error 2019-02-27 14:14:33 +02:00
Moran Peker a268b81a57 Remove extra buffers used 
outputting straight into the final destination
 2019-02-27 14:14:32 +02:00
Moran Peker 25fa5a6138 Remove TEMP_IMPL_ID_DATA and TEMP_IMPL_ID_DATA_SIZE 
remove from public header into attestation_bootloader_data.c and add
const to impl_id_data
 2019-02-27 14:14:31 +02:00
Moran Peker c97cecc273 Update TFM attestation code to latest version 
The latest and greatest version is:
c43181daf54f69f53de58593a50dd6a9c233eecd

- Add new header file and implement tfm_memcpy (used in
attetstaion_core c file)
 2019-02-27 14:14:30 +02:00
Moran Peker 2810d369f9 Remove incorrect free place 2019-02-27 14:14:29 +02:00
Moran Peker 661e2f92aa Remove header files from inc into services/attestation folder 2019-02-27 14:14:29 +02:00
Moran Peker f02f6e3cf9 Add newline at end of file and remove un needed commant 2019-02-27 14:14:28 +02:00
Moran Peker 92a9b3f736 Remove calling to "psa_crypto_init()" 
No need to call psa_crypto_init before crypto operations
we assume init already called before. if not an error will return.
 2019-02-27 14:14:28 +02:00
Moran Peker 2e7738b8eb astyle fix 2019-02-27 14:14:27 +02:00
Moran Peker 41bd381462 General fixes of spelling, newline, un needed code 
-Correct spelling errors
-Add newline at end of file
-Remove un needed code
 2019-02-27 14:14:27 +02:00
Moran Peker de3ee8e376 Using goto exit in attest_public_key_sha256 function 2019-02-27 14:14:26 +02:00
Moran Peker d3c9860360 Free allocated buffers 2019-02-27 14:14:26 +02:00
Moran Peker d9b22da91d Remove calling to psa_crypto_init 
- no need to call psa_crypto_init before crypto operations
we assume init already called before. if not an error will return.
 2019-02-27 14:14:25 +02:00
Moran Peker aa5b79a480 generated file update 2019-02-27 14:14:24 +02:00
Moran Peker e60af99edb Attestation: Add comments from temporary data 2019-02-27 14:14:24 +02:00
Moran Peker 2720b5a73d Update include psa_defs -> psa/client 2019-02-27 14:14:23 +02:00
Moran Peker f8e4626098 Attestation: move t_code folder place 2019-02-27 14:14:22 +02:00
Moran Peker b3c6f709ca Attestation: move qcbor folder place 2019-02-27 14:14:21 +02:00
Moran Peker bd7061eaba Attestation: Add close key after open key 2019-02-27 14:14:20 +02:00
Moran Peker 715305accf Attestation: update boot status data 
Epoc data to be 2 bytes instead of 4
 2019-02-27 14:14:20 +02:00
Moran Peker e0c5df50be Attestation: Add parameter and entry size checks 2019-02-27 14:14:19 +02:00
Moran Peker 773fa44205 Update attestation asymmetric sign to use deterministic alg 
- Add PSA_KEY_USAGE_VERIFY to attesttaion key usage
- Set deterministic alg to attestation key policy
- Call asymmetric sign with deterministic alg
 2019-02-27 14:14:18 +02:00
Moran Peker 70a14b2f3a Update to last version of TFM-Attesttaion code 
-update TFM attestation files
-update attest_crypto.c and psa_attestation_stubs.c file to support TFM
code changes
 2019-02-27 14:14:18 +02:00
Moran Peker 2117a26cb1 Get security lifecycle by psa_security_lifecycle_state function 
-Add bug fix for psa_security_lifecycle_state function - PR #9745
-Remove lifecycle data from temp boot status data
-Update attesttation_partition_json file to use
PSA_PLATFORM_LC_GET and generate partition
code - auto generated files update
 2019-02-27 14:14:17 +02:00
Moran Peker 4101ee92df Add checks ,initialization,remove unneeded code and files license update 2019-02-27 14:14:14 +02:00
Moran Peker 080f4f4e69 Attestation: Update iat claims data 
Add more iat claims: profile definition and verification service
Update boot status data: add more SW components for SW_S_NS module
 2019-02-27 14:14:13 +02:00
Moran Peker 636753b404 Attestation: Add a new define for attestation private key id 2019-02-27 14:14:13 +02:00
Moran Peker 0a0bb04dfa Attestation: Change files license to Apache 
change all files except tfm code.
 2019-02-27 14:14:12 +02:00
Moran Peker 8fc9c8fdab Attestation: astyle fixs 
Runing astyle over attestation file to pass CI
 2019-02-27 14:14:11 +02:00
Moran Peker a994499bf3 Atteststaion: Update header files 
-Remove psa_initial_attesttaion.h
-Move psa_initial_attesttaion_api.h and psa_attest_inject_key.h into
inc folder
-Update include in test file
 2019-02-27 14:14:11 +02:00
Moran Peker 5f45b0af92 Attestation: aut- generated files by generate_partition_code.py 
Atestation paration added.
 2019-02-27 14:14:09 +02:00
Moran Peker 9a4ea3d319 Add PSA Initial Attestation service 
Attestation service can create a token on request, which contains a fix set of
device specific data.
Implementation:
-‘psa_initial_attest_get_token_size’- get exact size of initial attestation token in bytes.
-‘psa_initial_attest_get_token’- get the initial attestation token.
-‘psa_attestation_inject_key’ - Generate or import the attestation key pair and export the public part.

-Including CBOR lib and TFM attestation implemantation.
-Temporary claim’s data – no bootloader over V7 Single & Dual
 2019-02-27 14:14:08 +02:00
Martin Kojtal 5ab69d5d6b
Merge pull request #9575 from itayzafrir/crypto-64-bit-key-ids 
Crypto IPC 64 bit key ids for ITS
 2019-02-27 09:29:18 +01:00
Netanel Gonen 3e89a05e0b add invalid argument incase receiving uid==0 2019-02-26 18:35:38 +02:00
Netanel Gonen d2eb2e4eb5 add backward support to error values 2019-02-26 18:27:15 +02:00
itayzafrir fc2b0726b6 Remove duplicate inclusion of header files 
Remove duplicate inclusion of psa/client.h and psa/service.h
 2019-02-26 12:30:20 +02:00
itayzafrir ca94dc8673 Define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER 
This enables crypto encoding an owner in key file IDs.
Added a static assert check in client side proxy.
 2019-02-26 12:30:20 +02:00
itayzafrir 3992b83a52 crypto service: Assemble bit crypto key ids 2019-02-26 12:30:20 +02:00
itayzafrir 2b9b29455f crypto service: Remove unused IPC argument and unneeded casts 2019-02-26 12:27:55 +02:00
Cruz Monrreal 15ccb32d31
Merge pull request #9836 from kfnta/tfm_patch 
TF-M: Fix issues found in SPM tests
 2019-02-25 19:58:38 -06:00
Cruz Monrreal ed350dc533
Merge pull request #9758 from NirSonnenschein/large_buffer_support_for_hash_and_mac 
allow hash or mac on large buffers with less memory use
 2019-02-25 10:34:14 -06:00
Edison Ai ebc961dab8 TF-M patch: Free connection handle in psa_reply (TF-M issue #263) 
- Link to bug tracking: https://developer.trustedfirmware.org/T263
 2019-02-25 14:35:21 +02:00
Netanel Gonen b5b0e981f8 reopening #9754 after the changes where overrun 
changing the SPM error codes from invalid argument to bad state aligned to PSA spec
 2019-02-25 11:55:47 +02:00
Nir Sonnenschein 1d4c280d2a a-style fix for unrelated code 2019-02-25 00:46:06 +02:00
itayzafrir 37cc25726c Add internal documentation to access control header file 
This file is for internal use only.
 2019-02-24 15:07:54 +02:00
itayzafrir 0c231b0ac9 Move include psa_crypto_core.h to C file 2019-02-24 15:07:54 +02:00
itayzafrir 672712ca8a Add SPM_PANIC macro for TARGET_TFM 2019-02-24 15:07:54 +02:00
itayzafrir 99032f6967 Change PSA_CRYPTO_ACCESS_CONTROL_RESET into static inline function 2019-02-24 15:07:54 +02:00
itayzafrir 0ecd2c5da1 crypto service: Crypto access control 
Implement crypto keys access control in crypto service:
- Only the key owner (the partition which created the key)
  is allowed to manage (import/export/open/close/destroy/etc.)
  the key.
- Only the key owner (the partition which created the key)
  is allowed to use the key handle for crypto operations which
  require a key handle.
 2019-02-24 15:07:54 +02:00
Nir Sonnenschein 84b618704b fix comment issues 2019-02-24 14:32:36 +02:00
Nir Sonnenschein ffaf083b75 a-style fixes for code 2019-02-24 14:25:25 +02:00
Netanel Gonen 165719d11f return the new values for key type & size even if function fails 2019-02-24 11:24:12 +02:00
Cruz Monrreal 497d0d65c3
Merge pull request #9802 from orenc17/patch-2 
Fix psa_system_reset() on PSA IPC platform
 2019-02-21 17:31:11 -06:00
Cruz Monrreal 870bd05904
Merge pull request #9708 from davidsaada/david_protected_storage 
Implement PSA protected storage & restructure PSA storage implementation
 2019-02-21 17:30:56 -06:00
Oren Cohen 922cdeab82 Update crypto IPC handling of negative errors 2019-02-21 20:59:18 +02:00
David Saada 41eb5cbfd9 Implement PSA protected storage & restructure PSA storage implementation 
- Move all PSA storage code under psa/storage directory
- Create a global PSA error codes header, eliminating ITS specific ones
- Create a common header file for PSA storage type definitions,
  eliminating ITS specific ones
- Create a common implementation for PS & ITS
- Implement protected storage feature
- Change ITS test to be common to PS as well
 2019-02-21 20:58:59 +02:00
Oren Cohen 6b68bf7fdf
Fix psa_system_reset on PSA IPC platform 2019-02-21 19:50:02 +02:00
Michael Schwarcz d2c433ccfe TFM Importer: Update SHAa of TFM patches 2019-02-21 17:42:56 +02:00
Oren Cohen 8800ad5c80 TFM: Add defines to mbed_lib.json 2019-02-21 17:38:30 +02:00
Michael Schwarcz 6354b9a473 TF-M patch: More fixes to tfm_memory_check issue (TF-M issue #224) 
- Link to bug tracking: https://developer.trustedfirmware.org/T224
 2019-02-21 17:38:30 +02:00
Cruz Monrreal 813c844fb4
Merge pull request #9745 from moranpeker/psa_security_lifecycle 
Fix incorrect return value in psa_security_lifecycle_state (emul)
 2019-02-20 12:12:56 -06:00
Cruz Monrreal 9f6ee7db66
Merge pull request #9754 from netanelgonen/SPM_return_value 
Fix SPM returning the wrong value
 2019-02-19 15:29:48 -06:00
Cruz Monrreal 4c04771c5d
Merge pull request #9653 from kfnta/tfm_src_integ 
TF-M sources integration to Mbed-OS
 2019-02-19 15:28:44 -06:00
Cruz Monrreal 19474fcab1
Merge pull request #9617 from kjbracey-arm/spe_atomics 
SPE: Fix up atomic usage
 2019-02-19 15:27:54 -06:00
Michael Schwarcz 6a90da42fa Add BSD3-clause license file to TF-M folder 2019-02-19 16:29:28 +02:00
Nir Sonnenschein 4a4af57c22 allow calling hash or mac on large buffers without large memory allocation 
use a fixed size buffer for large inputs to process the input
in multiple smaller pieces.
 2019-02-19 15:49:52 +02:00
Michael Schwarcz 9e33f0d8cd Re-generate TF-M partition files 2019-02-19 15:19:07 +02:00
Alexander Zilberkant 0ba963acfc Adding TF-M integration guide 2019-02-19 15:19:05 +02:00
Michael Schwarcz cf3fd858ad Align existing partitions to work with TF-M 
- ITS
- Crypto
- Platform
 2019-02-19 15:19:01 +02:00
Edison Ai 67a4e6d723 TF-M patch: Fix psa_set_rhandle() issue during CONNECT (TF-M issue #216) 
- Link to bug tracking: https://developer.trustedfirmware.org/T216
 2019-02-19 15:19:00 +02:00
Michael Schwarcz 008bf1b2d1 TF-M patch: Fix wrong check in tfm_spm_check_client_version (TF-M issue #236) 
- Link to bug tracking: https://developer.trustedfirmware.org/T236
 2019-02-19 15:19:00 +02:00
Michael Schwarcz da01e3411f TF-M patch: Fix tfm_psa_call_venner wrong argument type (TF-M issue #241) 
- Link to bug tracking: https://developer.trustedfirmware.org/T241
 2019-02-19 15:18:59 +02:00
Michael Schwarcz 011fa28110 TF-M patch: Fix tfm_memory_check issue (TF-M issue #224) 
- Link to bug tracking: https://developer.trustedfirmware.org/T224
 2019-02-19 15:18:59 +02:00
Michael Schwarcz fc78640559 TF-M patch: Fix fixed-size partitions stack size (TF-M issue #240) 
- Link to bug tracking: https://developer.trustedfirmware.org/T240
 2019-02-19 15:18:58 +02:00
Michael Schwarcz 0c23e86989 TF-M patch: Fix service handles not cleared issue (TF-M issue #230) 
- Link to bug tracking: https://developer.trustedfirmware.org/T230
 2019-02-19 15:18:58 +02:00
Michael Schwarcz 5f2e4b3911 TF-M patch: Fix tfm_ns_lock_init issue (TF-M issue #239) 
- Link to bug tracking: https://developer.trustedfirmware.org/T239
 2019-02-19 15:18:57 +02:00
Michael Schwarcz 1f30b52488 TF-M patch: General modifications 
- Remove un-needed files
- Disable printf and uart
- Modify include paths
- Guard macros from mbed_lib with ifndef
 2019-02-19 15:18:57 +02:00
Michael Schwarcz 8e62826991 Add mbed_lib.json to TF-M SPE 2019-02-19 15:18:56 +02:00
Michael Schwarcz 9277d0f586 Generate partition files 2019-02-19 15:18:56 +02:00
Michael Schwarcz 73ea7ca4c4 [trusted-firmware-m]: Updated to 45e5276 2019-02-19 15:18:55 +02:00
Netanel Gonen 1a87f24955 support in more types then just RSA_KEYPAIR 
if the type is not supported the psa_crypto will return the error code
for unsupported
 2019-02-19 14:47:11 +02:00
Netanel Gonen d0dae03d01 Fix SPM returning the wrong value 2019-02-19 12:56:41 +02:00
Moran Peker fb9ae2faae Fix incorrect return value in psa_security_lifecycle_state (emul) 
psa_security_lifecycle_state should return uint32_t of the security
lifecycle state.
bug: psa_platfrom_lifecycle_get_impl return value
is psa_status_t.
 2019-02-17 14:28:53 +02:00