Just an update to this,

I have merged the patch which upgrades to the latest mbedTLS tag. The PSA Arch initial attestation test suite fails to build after this merge due to width change of `ecc_curve_t` type. The issue is reported here in PSA Arch test github project : https://github.com/ARM-software/psa-arch-tests/pull/232

The patch for changing the ITS_MAX_ASSET_SIZE is still outstanding and I hope to merge it after a week.

Best Regards

Soby Mathew

From: TF-M <tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Soby Mathew via TF-M
Sent: 11 August 2020 16:24
To: TF-M mailing list <tf-m@lists.trustedfirmware.org>
Subject: [TF-M] Patch to upgrade crypto service to use latest mbedTLS tag (v2.23.0)

Hi Everyone

The following patch updates the crypto service in TF-M to use the latest mbedTLS tag v2.23.0. All reviews for the same will be much appreciated.

https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5252/1

With this update, additional PSA APIs psa_hash_compute() and psa_hash_compare() are now supported.

There is also another patch for platforms to update the ITS_MAX_ASSET_SIZE when testing with PSA Crypto API compliance test as one of the tests require a larger size: https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/5253/1 . Could the platform owners review the same and let me know whether the size changes are OK ?

With the above patches, the API compliance remains the same as v1.0 Beta 3 and the PSA Crypto compliance test suite gives the below results (as tested on AN521) :

************ Crypto Suite Report **********

TOTAL TESTS : 61

TOTAL PASSED : 42

TOTAL SIM ERROR : 0

TOTAL FAILED : 17

TOTAL SKIPPED : 2

******************************************

Best Regards

Soby Mathes