-
Notifications
You must be signed in to change notification settings - Fork 6.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
samples: tfm: Re-commit psa_crypto sample
Adds a refactored version of the psa_crypto sample back, which was removed as part of the update to TF-M 1.7.0 due to unresolvable (at the time) issues with use of MbedTLS instances on the S and NS sides. This sample takes advantage of changes to MbedTLS and TF-M that were introduced after the TF-M 1.7.0 and MbedTLS 3.3 release, and cherry-picked in Zephyr, allowing for improved linking of MbedTLS in secure and non-secure images. PSA API calls on the non-secure side can now be correctly routed to the secure partition, while X.509 and TLS calls remain on the non-secure/Zephyr side. Signed-off-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@linaro.org>
- Loading branch information
Rajkumar Kanagaraj
committed
May 25, 2023
1 parent
3f30081
commit 090eb2a
Showing
21 changed files
with
2,248 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
cmake_minimum_required(VERSION 3.20.0) | ||
|
||
find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE}) | ||
|
||
project(tfm_psa_crypto) | ||
|
||
# Source files in this sample | ||
target_sources(app PRIVATE src/main.c) | ||
target_sources(app PRIVATE src/psa_attestation.c) | ||
target_sources(app PRIVATE src/psa_crypto.c) | ||
target_sources(app PRIVATE src/shell.c) | ||
target_sources(app PRIVATE src/util_app_cfg.c) | ||
target_sources(app PRIVATE src/util_app_log.c) | ||
target_sources(app PRIVATE src/util_sformat.c) | ||
|
||
target_include_directories(app PRIVATE | ||
$<TARGET_PROPERTY:tfm,TFM_BINARY_DIR>/install/interface/include | ||
) | ||
|
||
# In TF-M, default value of CRYPTO_ENGINE_BUF_SIZE is 0x2080. It causes | ||
# insufficient memory failure while verifying signature. Increase it to 0x2400. | ||
set_property(TARGET zephyr_property_target | ||
APPEND PROPERTY TFM_CMAKE_OPTIONS | ||
-DCRYPTO_ENGINE_BUF_SIZE=0x2400 | ||
) | ||
|
||
zephyr_include_directories(${APPLICATION_SOURCE_DIR}/src/tls_config) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
# Private config options for PSA Crypto application | ||
|
||
# Copyright (c) 2023 Linaro | ||
# SPDX-License-Identifier: Apache-2.0 | ||
|
||
mainmenu "PSA Crypto sample application" | ||
|
||
menu "Application configuration" | ||
|
||
module = PSA | ||
module-str = psa | ||
source "subsys/logging/Kconfig.template.log_config" | ||
|
||
endmenu | ||
|
||
config PSA_SHELL | ||
bool "The 'psa' shell command" | ||
depends on SHELL | ||
help | ||
Enabling this option will make the 'psa' shell command available. | ||
|
||
config PSA_IMPORT_KEY | ||
bool "Support for importing private key data" | ||
help | ||
Enable support for importing a pre-generated or randomly generated | ||
private key using PSA APIs and PRIVATE_KEY_STATIC or | ||
PRIVATE_KEY_RANDOM. | ||
|
||
choice | ||
prompt "Private Key" | ||
default PRIVATE_KEY_RANDOM | ||
|
||
config PRIVATE_KEY_STATIC | ||
bool "Static" | ||
depends on PSA_IMPORT_KEY | ||
help | ||
A static key value will be used for the elliptic curve 'secp256r1' | ||
private key. | ||
|
||
config PRIVATE_KEY_RANDOM | ||
bool "Random" | ||
depends on PSA_IMPORT_KEY | ||
help | ||
A randomly generated value will be used for the elliptic curve | ||
'secp256r1' private key. | ||
|
||
endchoice | ||
|
||
source "Kconfig.zephyr" |
Oops, something went wrong.