This is currently being worked on by the PSA arch test and will be likely in the next release. At the moment TF-M is gated using an earlier release of the PSA arch test suite due to Mbed TLS failing some of the Crypto tests on the newer releases, so some work needs to be done on that front to move TF-M to newer arch tests when they're released.
Thanks, Antonio ________________________________ From: Bohdan.Hunko--- via TF-M tf-m@lists.trustedfirmware.org Sent: Monday, October 14, 2024 08:42 To: Tamas Ban Tamas.Ban@arm.com; tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Subject: [TF-M] Re: Set PSA_2_0_0 as default attest profile and removal of PSA_IOT_PROFILE_1
Hi,
As far as I know PSA arch tests were missing PSA_2_0_0 profile support. Was this fixed? Does PSA arch tests already support PSA_2_0_0 profile?
If no then is there a plan to add such support?
Regards,
Bohdan Hunko
Cypress Semiconductor Ukraine
Engineer
CSUKR CSS ICW SW FW
Mobile: +38099 50 19 714 Bohdan.Hunko@infineon.commailto:Bohdan.Hunko@infineon.com
From: Tamas Ban via TF-M tf-m@lists.trustedfirmware.org Sent: Friday, October 11, 2024 14:50 To: tf-m@lists.trustedfirmware.org Subject: [TF-M] Set PSA_2_0_0 as default attest profile and removal of PSA_IOT_PROFILE_1
Caution: This e-mail originated outside Infineon Technologies. Please be cautious when sharing information or opening attachments especially from unknown senders. Refer to our intranet guidehttps://intranet-content.infineon.com/explore/aboutinfineon/rules/informationsecurity/ug/SocialEngineering/Pages/SocialEngineeringElements_en.aspx to help you identify Phishing email.
Hi,
We are going to set the PSA_2_0_0 profile as the default for the initial attestation service. This will impact which claims are included in the token and their key values.
More details are here:
https://www.ietf.org/archive/id/draft-tschofenig-rats-psa-token-24.html
Changes on review:
https://review.trustedfirmware.org/q/topic:%22attest_profile_update%22
As a follow-up action, the PSA_IOT_PROFILE_1 is being deprecated.
We are planning to remove it from the code base as well.
To figure out the timing of this we would like to collect some data:
* If you are using the PSA_IOT_PROFILE_1 please let us know what would be a feasible time for you to switch over the PSA_2_0_0 profile. Thanks!
Best regards,
Tamas Ban