| #
f1318bff |
| 06-May-2025 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "psa_key_id_mgmt" into integration
* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW
Merge changes from topic "psa_key_id_mgmt" into integration
* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW for PSA Crypto
feat(auth): mbedtls psa key id mgmt
feat(auth): add crypto_mod_finish() function
feat(auth): add update of current_pk_oid in auth
feat(auth): add util file for current pk_oid
feat(auth): increase mbedtls heap for PSA RSA
feat(auth): introducing auth.mk
show more ...
|
| #
95d49c62 |
| 25-Apr-2025 |
Lauren Wehrmeister <lauren.wehrmeister@arm.com> |
feat(auth): extend REGISTER_CRYPTO_LIB calls
Extend REGISTER_CRYPTO_LIB calls with NULL to allow for
the addition of the cryto_mod_finish() function.
Signed-off-by: Lauren Wehrmeister <lauren.wehrm
feat(auth): extend REGISTER_CRYPTO_LIB calls
Extend REGISTER_CRYPTO_LIB calls with NULL to allow for
the addition of the cryto_mod_finish() function.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: If41ed1be50e1d98b42b266c7905269f142bb67c7
show more ...
|
| #
e6a0994c |
| 23-Jan-2024 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "st-bsec-otp" into integration
* changes:
feat(stm32mp2-fdts): add board ID OTP in STM32MP257F-EV1
feat(stm32mp2-fdts): add OTP nodes in STM32MP251 SoC DT file
fix(stm
Merge changes from topic "st-bsec-otp" into integration
* changes:
feat(stm32mp2-fdts): add board ID OTP in STM32MP257F-EV1
feat(stm32mp2-fdts): add OTP nodes in STM32MP251 SoC DT file
fix(stm32mp2): add missing include
feat(st): do not directly call BSEC functions in common code
feat(st): use stm32_get_otp_value_from_idx() in BL31
refactor(st): update test for closed chip
refactor(st-bsec): improve BSEC driver
refactor(st): use dashes for BSEC node names
show more ...
|
| #
3007c728 |
| 19-Sep-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
feat(st): do not directly call BSEC functions in common code
When STM32MP2 boots on Cortex-M33, the Cortex-A35 do no more have access
to BSEC peripheral. New static inline stm32_otp_* wrappers are a
feat(st): do not directly call BSEC functions in common code
When STM32MP2 boots on Cortex-M33, the Cortex-A35 do no more have access
to BSEC peripheral. New static inline stm32_otp_* wrappers are added,
which just redirect to BSEC functions.
While at it remove a useless bsec.h include.
Change-Id: Ie0f917c02e48acf456634f455dae41805bf6adbf
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
show more ...
|
| #
9cd784db |
| 01-Feb-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
refactor(st): update test for closed chip
The function stm32mp_is_closed_device() is replaced with
stm32mp_check_closed_device(), which return an uint32_t, either
STM32MP_CHIP_SEC_OPEN or STM32MP_CH
refactor(st): update test for closed chip
The function stm32mp_is_closed_device() is replaced with
stm32mp_check_closed_device(), which return an uint32_t, either
STM32MP_CHIP_SEC_OPEN or STM32MP_CHIP_SEC_CLOSED.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Ie0790cdc36c4b6522083bc1f0e7c38e8061e6adf
show more ...
|
| #
bc9e233a |
| 03-Oct-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "st_fixes" into integration
* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): upda
Merge changes from topic "st_fixes" into integration
* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): update comment on encryption key
fix(st): allow crypto lib compilation in aarch64
fix(st-uart): allow 64 bit compilation
fix(st): reduce MMC block_buffer
fix(stm32mp13-fdts): cosmetic fixes in PLL nodes
fix(st): update dt_get_ddr_size() type
fix(nand): reset the SLC NAND
fix(st-crypto): do not read RNG data if it's not ready
show more ...
|
| #
5c506c73 |
| 06-Feb-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
fix(st): update comment on encryption key
On STM32MP2, the encryption key is 32 bytes, the key duplication
(done for 16 bytes OTP) is not done. Update the comment to precise that.
Change-Id: I6fc4d
fix(st): update comment on encryption key
On STM32MP2, the encryption key is 32 bytes, the key duplication
(done for 16 bytes OTP) is not done. Update the comment to precise that.
Change-Id: I6fc4d652fdd462808918e85f6e5bd0d68d10d436
Yann Gautier <yann.gautier@foss.st.com>
show more ...
|
| #
76e4fab0 |
| 05-Jan-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
fix(st): allow crypto lib compilation in aarch64
Cast len with size_t, as it is unsigned long on Aarch64, and no more
unsigned int. Changing functions prototypes will not help as
.verify_signature a
fix(st): allow crypto lib compilation in aarch64
Cast len with size_t, as it is unsigned long on Aarch64, and no more
unsigned int. Changing functions prototypes will not help as
.verify_signature awaits an unsigned int for its last parameter.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9332fd46301a9653af917802788fd97fe7c8a162
show more ...
|
| #
7c7e7b62 |
| 24-Apr-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "mb/trusted-boot-update" into integration
* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in
Merge changes from topic "mb/trusted-boot-update" into integration
* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in CM chapter
feat(auth): compare platform and certificate ROTPK for authentication
docs(auth): add 'calc_hash' function's details in CM
show more ...
|
| #
dee99f10 |
| 15-Mar-2023 |
Yann Gautier <yann.gautier@st.com> |
refactor(auth)!: unify REGISTER_CRYPTO_LIB
Have only one definition for REGISTER_CRYPTO_LIB macro, with all the
possible fields. Worst case adds 4 u64 to crypto_lib_desc.
While at it, correct some M
refactor(auth)!: unify REGISTER_CRYPTO_LIB
Have only one definition for REGISTER_CRYPTO_LIB macro, with all the
possible fields. Worst case adds 4 u64 to crypto_lib_desc.
While at it, correct some MISRA violations:
MC3R1.R12.1: (advisory) The precedence of operators within expressions
should be made explicit.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I1342a20e6eef2354753182c2a81ff959e03e5c81
show more ...
|
| #
4ac5b394 |
| 24-Jan-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
refactor(auth): replace plat_convert_pk
Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declar
refactor(auth): replace plat_convert_pk
Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6
show more ...
|
| #
a95a451b |
| 03-Jan-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "st_fix_sparse_warnings" into integration
* changes:
fix(st-crypto): remove platdata functions
fix(st-crypto): set get_plain_pk_from_asn1() static
fix(stm32mp1): add m
Merge changes from topic "st_fix_sparse_warnings" into integration
* changes:
fix(st-crypto): remove platdata functions
fix(st-crypto): set get_plain_pk_from_asn1() static
fix(stm32mp1): add missing platform.h include
fix(st): make metadata_block_spec static
show more ...
|
| #
70a422ba |
| 12-Dec-2022 |
Yann Gautier <yann.gautier@st.com> |
fix(st-crypto): set get_plain_pk_from_asn1() static
The issue is triggered when enabling -Wmissing-prototypes warning:
plat/st/common/stm32mp_crypto_lib.c:81:5: warning:
no previous prototype for '
fix(st-crypto): set get_plain_pk_from_asn1() static
The issue is triggered when enabling -Wmissing-prototypes warning:
plat/st/common/stm32mp_crypto_lib.c:81:5: warning:
no previous prototype for 'get_plain_pk_from_asn1'
[-Wmissing-prototypes]
81 | int get_plain_pk_from_asn1(void *pk_ptr, unsigned int pk_len,
| ^~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ia36bbaba6e187ab47c203ddf0d7d017b210545cf
show more ...
|
| #
c781765e |
| 12-Dec-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "fix(st): include utils.h to solve compilation error" into integration
|
| #
377846b6 |
| 12-Dec-2022 |
Yann Gautier <yann.gautier@st.com> |
fix(st): include utils.h to solve compilation error
If compiling with STM32MP13 with DECRYPTION_SUPPORT != none, there is
a compilation error:
plat/st/common/stm32mp_crypto_lib.c:
In function 'plat
fix(st): include utils.h to solve compilation error
If compiling with STM32MP13 with DECRYPTION_SUPPORT != none, there is
a compilation error:
plat/st/common/stm32mp_crypto_lib.c:
In function 'plat_get_enc_key_info':
plat/st/common/stm32mp_crypto_lib.c:532:25:
error: implicit declaration of function 'zeromem'
[-Werror=implicit-function-declaration]
532 | zeromem(key, *key_len);
| ^~~~~~~
Adding #include <lib/utils.h> solves the error.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0a20c5632f0379612149333e69875369d4cfca15
show more ...
|
| #
c3170fd8 |
| 14-Nov-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "stm32mp1-trusted-boot" into integration
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
Merge changes from topic "stm32mp1-trusted-boot" into integration
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
feat(stm32mp1): add the platform specific build for tools
fix(stm32mp13-fdts): remove secure status
feat(stm32mp1-fdts): add CoT and fuse references for authentication
feat(stm32mp1): add a check on TRUSTED_BOARD_BOOT with secure chip
feat(stm32mp1): add the decryption support
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
feat(stm32mp1): update ROM code API for header v2 management
feat(stm32mp1): remove unused function from boot API
refactor(stm32mp1): remove authentication using STM32 image mode
fix(fconf): fix type error displaying disable_auth
feat(tbbr): increase PK_DER_LEN size
fix(auth): correct sign-compare warning
feat(auth): allow to verify PublicKey with platform format PK
feat(cert-create): update for ECDSA brainpoolP256r/t1 support
feat(stm32mp1): add RNG initialization in BL2 for STM32MP13
feat(st-crypto): remove BL32 HASH driver usage
feat(stm32mp1): add a stm32mp crypto library
feat(st-crypto): add STM32 RNG driver
feat(st-crypto): add AES decrypt/auth by SAES IP
feat(st-crypto): add ECDSA signature check with PKA
feat(st-crypto): update HASH for new hardware version used in STM32MP13
show more ...
|
| #
ad3e46a3 |
| 05-Oct-2022 |
Lionel Debieve <lionel.debieve@foss.st.com> |
feat(stm32mp1): add a stm32mp crypto library
Add the crypto library for STM32MP1 to use STM32 hardware
accelerators.
Change-Id: I0bbb941001242a6fdc47514ab3efe07b12249285
Signed-off-by: Nicolas Toro
feat(stm32mp1): add a stm32mp crypto library
Add the crypto library for STM32MP1 to use STM32 hardware
accelerators.
Change-Id: I0bbb941001242a6fdc47514ab3efe07b12249285
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
show more ...
|