Hi Zhilei,

The configuration of the TF-M Crypto service that it’s tested by default is just an example, and the SHA-1 algorithm is allowed from the PSA spec point of view; in our case we have decided to not enable SHA-1 support due to the fact that it’s widely accepted to have known collision attacks [1], NIST deprecating it in 2011 [2], and having exposed weaknesses since long, 2005 [3], i.e. to encourage by default having a look into more robust alternatives.

Anyway, TF-M’s test 1010 just aims at testing the interface for the correct error response, nothing more. If your deployment still supports PSA_ALG_SHA_1, I’d recommend to just ignore the output of TEST_1010. On our side, we could gate the test not to run when PSA_WANT_ALG_SHA_1 is defined.

Thanks,

Antonio

[1] SHAttered

[2] NIST Retires SHA-1 Cryptographic Algorithm | NIST

[3] 010.pdf (iacr.org)

From: zhilei.wang@bekencorp.com <zhilei.wang@bekencorp.com>
Sent: Thursday, May 11, 2023 13:44
To: tf-m <tf-m@lists.trustedfirmware.org>
Cc: Antonio De Angelis <Antonio.DeAngelis@arm.com>; Summer Qin <Summer.Qin@arm.com>; poppywu <poppywu@mxic.com.cn>
Subject: [tfm_test_repo]why should the sha_1 not be supported at secure test suite

Hi,

Why should the sha_1 not be supported at secure test suite?

Our soc has a cypto accelerator, that supports sha_1/224 and so on. The following is the detail.

File:

\tfm\lib\ext\tfm_test_repo-src\test\secure_fw\suites\crypto\secure\crypto_sec_interface_testsuite.c

Function:

static void tfm_crypto_test_1010(struct test_result_t *ret)

{

psa_unsupported_hash_test(PSA_ALG_SHA_1, ret);

}

Thanks and best regards,

zhilei.wang

bekencorp