| #
f1318bff |
| 06-May-2025 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "psa_key_id_mgmt" into integration
* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW
Merge changes from topic "psa_key_id_mgmt" into integration
* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW for PSA Crypto
feat(auth): mbedtls psa key id mgmt
feat(auth): add crypto_mod_finish() function
feat(auth): add update of current_pk_oid in auth
feat(auth): add util file for current pk_oid
feat(auth): increase mbedtls heap for PSA RSA
feat(auth): introducing auth.mk
show more ...
|
| #
8a7505b0 |
| 28-Apr-2025 |
Lauren Wehrmeister <lauren.wehrmeister@arm.com> |
feat(auth): mbedtls psa key id mgmt
Currently the psa key is created and destroyed after each usage during
signature verification.
This redesign adds a key_cache to store the key ID, psa algorithm,
feat(auth): mbedtls psa key id mgmt
Currently the psa key is created and destroyed after each usage during
signature verification.
This redesign adds a key_cache to store the key ID, psa algorithm, and
key attributes associated with a particular pk_oid. This allows for the
psa key to be reused by each image that has the associated pk_oid.
The pk_oid of the image being authenticated is stored as the global
current_pk_oid variable, which is used during the psa crypto
verification stage to associate a key_cache entry with a particular
pk_oid.
Since the psa key is no longer destroyed after each usage, the psa keys
are therefore destroyed after all images have been loaded during each
boot phase in the new crypto_mod_finish() function that is registered
by the REGISTER_CRYPTO_LIB and enabled through the build option of
PSA_CRYTPO.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Iba330bc659a76493bd958673424efcc621bab1c4
show more ...
|