Hi PSA Crypto Team,
This is Andy from PUFsecurity. We have a project and begin following the PSA Crypto API to integrate our Hardware Crypto Engine (PUFcc). However, we are encountering some issues and need your assistance. There are several ways to integrate:
1. Directly 2. Via mbedTLS 3. Using the PSA Crypto Driver
Currently, we are attempting direct integration. Is this a good choice, or do you have other suggestions? There are many ARM applications, such as Secure Debug and Secure Boot. Completing the integration with the PSA Crypto API will ensure compatibility with these applications. Thank you very much.
Have a Nice Day, Andy
[cid:d620fcf3-2b44-4096-9436-96320ea0792d] 熵碼科技股份有限公司
Tel: 886-3-5601010 #2119 Email: andychen@pufsecurity.commailto:andychen@pufsecurity.com Website: https://www.pufsecurity.com/
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
Hello Andy,
The PSA driver wrapper is the intended way of integrating to the PSA crypto APIs. There are already some drivers which you can use as a reference apart from the documents provided in the mbedtls repository.
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/+/refs/heads/mai...
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-drive...
GEORGIOS VASILAKIS | R&D Engineer
M +47 93 97 24 90 | Trondheim, Norway
nordicsemi.comhttp://www.nordicsemi.com/ | devzone.nordicsemi.comhttps://devzone.nordicsemi.com/
[Nordic_logo_signature]http://www.nordicsemi.com/
________________________________ From: Andy Chen via psa-crypto psa-crypto@lists.trustedfirmware.org Sent: Wednesday, August 7, 2024 2:29 AM To: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org Subject: [psa-crypto] PSA Crypto API Integration
Caution: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi PSA Crypto Team,
This is Andy from PUFsecurity. We have a project and begin following the PSA Crypto API to integrate our Hardware Crypto Engine (PUFcc). However, we are encountering some issues and need your assistance. There are several ways to integrate:
1. Directly 2. Via mbedTLS 3. Using the PSA Crypto Driver
Currently, we are attempting direct integration. Is this a good choice, or do you have other suggestions? There are many ARM applications, such as Secure Debug and Secure Boot. Completing the integration with the PSA Crypto API will ensure compatibility with these applications. Thank you very much.
Have a Nice Day, Andy
[cid:d620fcf3-2b44-4096-9436-96320ea0792d] 熵碼科技股份有限公司
Tel: 886-3-5601010 #2119 Email: andychen@pufsecurity.commailto:andychen@pufsecurity.com Website: https://www.pufsecurity.com/
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
Hi Georgios,
Thanks for your information. Actually, the files we had read and the API wrapper is based on the mbedTLS. We can not easily to integrate with our Hardware Crypto Engine or not support API. So we found the PSA Crypto API is more filexable or add customeizer API.
It means we need to know if using the PSA Crypto API directly is possible or if there are other ideas based on your experience.
BTW, you are based on NORIC, so that means the PSA Crypto API is handled by NORDIC!
Thanks,
Have a Nice Day, Andy ________________________________ 寄件者: Vasilakis, Georgios georgios.vasilakis@nordicsemi.no 寄件日期: 2024年8月7日 下午 04:25 收件者: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org; Andy Chen andychen@pufsecurity.com 主旨: Re: PSA Crypto API Integration
Hello Andy,
The PSA driver wrapper is the intended way of integrating to the PSA crypto APIs. There are already some drivers which you can use as a reference apart from the documents provided in the mbedtls repository.
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/+/refs/heads/mai...
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-drive...
GEORGIOS VASILAKIS | R&D Engineer
M +47 93 97 24 90 | Trondheim, Norway
nordicsemi.comhttp://www.nordicsemi.com/ | devzone.nordicsemi.comhttps://devzone.nordicsemi.com/
[Nordic_logo_signature]http://www.nordicsemi.com/
________________________________ From: Andy Chen via psa-crypto psa-crypto@lists.trustedfirmware.org Sent: Wednesday, August 7, 2024 2:29 AM To: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org Subject: [psa-crypto] PSA Crypto API Integration
Caution: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi PSA Crypto Team,
This is Andy from PUFsecurity. We have a project and begin following the PSA Crypto API to integrate our Hardware Crypto Engine (PUFcc). However, we are encountering some issues and need your assistance. There are several ways to integrate:
1. Directly 2. Via mbedTLS 3. Using the PSA Crypto Driver
Currently, we are attempting direct integration. Is this a good choice, or do you have other suggestions? There are many ARM applications, such as Secure Debug and Secure Boot. Completing the integration with the PSA Crypto API will ensure compatibility with these applications. Thank you very much.
Have a Nice Day, Andy
[cid:d620fcf3-2b44-4096-9436-96320ea0792d] 熵碼科技股份有限公司
Tel: 886-3-5601010 #2119 Email: andychen@pufsecurity.commailto:andychen@pufsecurity.com Website: https://www.pufsecurity.com/
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
Hello Andy,
In Nordic we use/implement the PSA APIs but we don't own them, no. The people who own the PSA APIs are mainly people from ARM.
I guess that you can implement the PSA APIs by yourself by following the spec here: https://github.com/ARM-software/psa-api
But then you will have to make sure that you are compliant to the spec yourself.
Regards,
GEORGIOS VASILAKIS | R&D Engineer
M +47 93 97 24 90 | Trondheim, Norway
nordicsemi.comhttp://www.nordicsemi.com/ | devzone.nordicsemi.comhttps://devzone.nordicsemi.com/
[Nordic_logo_signature]http://www.nordicsemi.com/
________________________________ From: Andy Chen andychen@pufsecurity.com Sent: Wednesday, August 7, 2024 10:43 AM To: Vasilakis, Georgios georgios.vasilakis@nordicsemi.no Cc: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org Subject: 回覆: PSA Crypto API Integration
Caution: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi Georgios,
Thanks for your information. Actually, the files we had read and the API wrapper is based on the mbedTLS. We can not easily to integrate with our Hardware Crypto Engine or not support API. So we found the PSA Crypto API is more filexable or add customeizer API.
It means we need to know if using the PSA Crypto API directly is possible or if there are other ideas based on your experience.
BTW, you are based on NORIC, so that means the PSA Crypto API is handled by NORDIC!
Thanks,
Have a Nice Day, Andy ________________________________ 寄件者: Vasilakis, Georgios georgios.vasilakis@nordicsemi.no 寄件日期: 2024年8月7日 下午 04:25 收件者: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org; Andy Chen andychen@pufsecurity.com 主旨: Re: PSA Crypto API Integration
Hello Andy,
The PSA driver wrapper is the intended way of integrating to the PSA crypto APIs. There are already some drivers which you can use as a reference apart from the documents provided in the mbedtls repository.
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/+/refs/heads/mai...
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-drive...
GEORGIOS VASILAKIS | R&D Engineer
M +47 93 97 24 90 | Trondheim, Norway
nordicsemi.comhttp://www.nordicsemi.com/ | devzone.nordicsemi.comhttps://devzone.nordicsemi.com/
[Nordic_logo_signature]http://www.nordicsemi.com/
________________________________ From: Andy Chen via psa-crypto psa-crypto@lists.trustedfirmware.org Sent: Wednesday, August 7, 2024 2:29 AM To: psa-crypto@lists.trustedfirmware.org psa-crypto@lists.trustedfirmware.org Subject: [psa-crypto] PSA Crypto API Integration
Caution: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi PSA Crypto Team,
This is Andy from PUFsecurity. We have a project and begin following the PSA Crypto API to integrate our Hardware Crypto Engine (PUFcc). However, we are encountering some issues and need your assistance. There are several ways to integrate:
1. Directly 2. Via mbedTLS 3. Using the PSA Crypto Driver
Currently, we are attempting direct integration. Is this a good choice, or do you have other suggestions? There are many ARM applications, such as Secure Debug and Secure Boot. Completing the integration with the PSA Crypto API will ensure compatibility with these applications. Thank you very much.
Have a Nice Day, Andy
[cid:d620fcf3-2b44-4096-9436-96320ea0792d] 熵碼科技股份有限公司
Tel: 886-3-5601010 #2119 Email: andychen@pufsecurity.commailto:andychen@pufsecurity.com Website: https://www.pufsecurity.com/
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------
psa-crypto@lists.trustedfirmware.org