Hey Sebastian
That documentation is indeed out of date. The previous "dummy" implementations often returned hardcoded values, and certain features had obvious security limitations (such as the nv counters not being safe against unexpected poweroff events). The new "default" implementations are intended to be functionally complete and avoid at least obvious security pitfalls.
Though as far as we know they've not actually been used in production code, and review and improvements are always welcome.
The notable exception to this is TFM_DUMMY_PROVISIONING (the only option that retains its "DUMMY" prefix), which inputs default hardcoded keys and _must not_ be used in production. It's necessary to define a mechanism for inputting provisioning values (or at least a locations where the values can be read from), or alternatively if you're using our default flash OTP implementation you can disable this entirely and use your own provisioning flow into the flash.
Raef
________________________________________ From: Bøe, Sebastian via TF-M tf-m@lists.trustedfirmware.org Sent: 27 September 2022 11:29 To: tf-m@lists.trustedfirmware.org Subject: [TF-M] Template implementations used in production
Hi,
we wish to avoid the pitfalls of "doing your own security", and at the same time not use dummy/template code that is not meant for production.
May I ask if it is still accurate what the docs say here about the template folder, namely that nothing in the template folder should be used in production without being ported first?
This directory contains platform-independent dummy implementations of the interfaces in platform/include. These implementations can be built directly for initial testing of a platform port, or used as a basic template for a real implementation for a particular target. They must not be used in production systems.
$ ls platform/ext/common/template/ attest_hal.c flash_otp_nv_counters_backend.c otp_flash.c tfm_initial_attest_pub_key.c crypto_keys.c flash_otp_nv_counters_backend.h tfm_fih_rng.c tfm_rotpk.c crypto_nv_seed.c nv_counters.c tfm_initial_attestation_key.pem tfm_symmetric_iak.key