Hi Andy,

Please find my reply in the previous mail.

Regards,

From: Andy Chen <andychen@pufsecurity.com>
Sent: Wednesday, July 24, 2024 8:11 PM
To: Manish Badarkhe <Manish.Badarkhe@arm.com>; Jothikumar Mani <Jothikumar.Mani@arm.com>; tf-a@lists.trustedfirmware.org
Cc: Diya Soubra <Diya.Soubra@arm.com>; Victoria Lee <victorialee@pufsecurity.com>; Andrew <andrewirvin@pufsecurity.com>
Subject: 回覆: Integrate TF-A and PSA Crypto API with PUFcc

Hi Manish,

Thanks for your information.

We need to integrate our hardware Crypto IP (PUFcc). And it seems that FVP cannot add custom IP, so we are planning to purchase an FPGA with the A53 - AXU9EGB for our needs. And we need to make sure it is compatible with TF-A lts-v2.10.5.

Thanks.

Hi Jothikumar,

We would try to integrate with PSA Crypto API, and we need a test bench for v1.2.1.

Please feel free to let me know if you have any suggestions.

[JK] : may I know what the intent is to requesting the crypto v1.2.1 spec compliance suites?, if you are looking for the PSA Certified APIs compliance for your product then the currently available testsuite is more than sufficient. Also, the mbedTLS version mentioned also only supports psa-crypto spec v1.1.0. I am trying to under the end goal of the psa certified api compliance suite usage with your product. Answer to this question will help me to give better suggestion.

For TF-A, we plan to integrate with:

TF-A lts-v2.10.5

PSA Crypto API - v1.1.0 >>> v1.2.1

PSA Certified APIs Architecture Test Suite - v1.6

Thank you very much.

Have a Nice Day,
Andy

寄件者: Manish Badarkhe <Manish.Badarkhe@arm.com>
寄件日期: 2024年7月24日下午 06:12
收件者: tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.org>; Andy Chen <andychen@pufsecurity.com>; Jothikumar Mani <Jothikumar.Mani@arm.com>
副本: Diya Soubra <Diya.Soubra@arm.com>; Victoria Lee <victorialee@pufsecurity.com>; Andrew <andrewirvin@pufsecurity.com>
主旨: Re: Integrate TF-A and PSA Crypto API with PUFcc

Hi Andy

Please see my replies inline. Adding Jothikumar Mani for PSA Certified APIs Architecture Test Suite.

Thanks,
Manish Badarkhe

From: Andy Chen via TF-A <tf-a@lists.trustedfirmware.org>
Sent: 23 July 2024 09:55
To: tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.org>
Cc: Diya Soubra <Diya.Soubra@arm.com>; Victoria Lee <victorialee@pufsecurity.com>; Andrew <andrewirvin@pufsecurity.com>
Subject: [TF-A] Integrate TF-A and PSA Crypto API with PUFcc

Hi TF-A teams,

This is Andy from PUFsecurity, and we have a project with ARM.

We try to integrate the PSA Crypto API with PUFcc (Our Crypto Engine) on TF-A.

However, there are multiple versions included, and we need your assistance for specification clarification.

Please ensure the versions match your recommendations.

For TF-A, we plan to integrate with:

TF-A lts-v2.10.5

PSA Crypto API - v1.1.0

PSA Certified APIs Architecture Test Suite - v1.6

[MB]: This looks fine. As TF-A lts-v2.10.5 using mbedTLS v3.6.0 which is compliance with PSA Crypto API - v1.1.0 but mbedTLS team can provide more detailed answer on this and also on test suite PSA Certified APIs Architecture Test Suite - v1.6.

TF-A

It would be beneficial to use the same hardware (FPGA) and tools as the ARM development team.

If we can confirm which models are used for TF-A , scripts or details with the ARM hardware That would be grateful.

[MB]: We are using FVP AEM model i.e. FVP_Base_RevC-2xAEMvA (Model version: 11.26, Build: 11). Test Run with PSA Crypto

you can find here: https://ci.trustedfirmware.org/job/tf-a-builder/4029201/ (today's daily run)

PSA Crypto API -

The test bench is using the PSA Crypto API v1.1.0, and it is published in 2022.

And Now is v1.2.1 in March 2024. I not sure it is a good choose or not.

[MB]: It looks like arch-test is not upgraded to use v1.2.1 PSA Crypto API. Added Jothikumar Mani, he may have idea about this.

Test Bench -

For the "PSA Certified APIs Architecture Test Suite - v1.6," we would like to identify which test codes (test_c001 to test_c067) are relevant for TF-A.

[MB]: Again, TF-A is not using this test suite, so we don't have any insights unless we review all these tests. TF-A mainly uses the following PSA_* APIs for signature verification, hash calculation, and hash comparison.

psa_crypto_init

mbedtls_md_psa_alg_from_type

psa_set_key_algorithm

psa_set_key_type

psa_set_key_usage_flags

psa_import_key

psa_destroy_key

psa_verify_message

psa_hash_compute

psa_hash_compare

Thank you very much!!!

Have a Nice Day,
Andy

熵碼科技股份有限公司

Tel: 886-3-5601010 #2119
Email: andychen@pufsecurity.com
Website: https://www.pufsecurity.com/

-------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------