Hi Zhilei,
The configuration of the TF-M Crypto service that it's tested by default is just an example, and the SHA-1 algorithm is allowed from the PSA spec point of view; in our case we have decided to not enable SHA-1 support due to the fact that it's widely accepted to have known collision attacks [1], NIST deprecating it in 2011 [2], and having exposed weaknesses since long, 2005 [3], i.e. to encourage by default having a look into more robust alternatives.
Anyway, TF-M's test 1010 just aims at testing the interface for the correct error response, nothing more. If your deployment still supports PSA_ALG_SHA_1, I'd recommend to just ignore the output of TEST_1010. On our side, we could gate the test not to run when PSA_WANT_ALG_SHA_1 is defined.
Thanks, Antonio
[1] SHAtteredhttps://shattered.io/ [2] NIST Retires SHA-1 Cryptographic Algorithm | NISThttps://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm [3] 010.pdf (iacr.org)https://eprint.iacr.org/2005/010.pdf
From: zhilei.wang@bekencorp.com zhilei.wang@bekencorp.com Sent: Thursday, May 11, 2023 13:44 To: tf-m tf-m@lists.trustedfirmware.org Cc: Antonio De Angelis Antonio.DeAngelis@arm.com; Summer Qin Summer.Qin@arm.com; poppywu poppywu@mxic.com.cn Subject: [tfm_test_repo]why should the sha_1 not be supported at secure test suite
Hi, Why should the sha_1 not be supported at secure test suite? Our soc has a cypto accelerator, that supports sha_1/224 and so on. The following is the detail.
File: \tfm\lib\ext\tfm_test_repo-src\test\secure_fw\suites\crypto\secure\crypto_sec_interface_testsuite.c
Function: static void tfm_crypto_test_1010(struct test_result_t *ret) { psa_unsupported_hash_test(PSA_ALG_SHA_1, ret); }
Thanks and best regards,
zhilei.wang bekencorp