Hi,
So, I have submitted the mbedCrypto issue https://github.com/ARMmbed/mbed-crypto/issues/380
Several missed functions were implemented in the latest mbedCrypto. Please read the comment.
They also need clarification about the PSA failed test:
1)"psa_asymmetric_encrypt does not have support for ECC keys" - that's true, the specification currently does not define any algorithm for psa_asymmetric_encrypt that uses ECC keys. What's the problem there? 2) For the incorrect key derivation error codes, what are the problematic inputs?
3) For "psa_generate_key generates incorrect key length for RSA", what are the problematic inputs?
Could you clarify or this is the PSA-Test-Suite task?
BTW:
1) mbedCrypto does not use the PSA test suite for testing (they have own tests).
2) PSA Test Suite does not inform mbedCrypto about found PSA issues.
3) TFM updates to the latest mbedCrypto have to be more often (ideally after each mbedCrypto release).
4) Better synchronization between the PSA Projects is needed.
Thanks,
Andrej Butok
From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Andrej Butok via TF-M Sent: Friday, February 28, 2020 1:20 PM To: Anton Komlev Anton.Komlev@arm.com Cc: tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hi Anton,
OK. So this is the known issue. Is there any plan when it should be implemented? As the test-log is used for a PSA certification, may we disable the failed tests? BTW: As this is known issue, I did not notice it here https://github.com/ARMmbed/mbed-crypto/issues?page=1&q=is%3Aissue+is%3Ao...https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FARMmbed%2Fmbed-crypto%2Fissues%3Fpage%3D1%26q%3Dis%3Aissue%2Bis%3Aopen%2Bpsa%26utf8%3D%25E2%259C%2593&data=02%7C01%7Candrey.butok%40nxp.com%7Ccef7c65d60ad471a41a208d7bc48863f%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C637184892098850312&sdata=Oaqhsl6rEBNEsrii6jDnTd18I37HqBP%2FzmaBtjarbwY%3D&reserved=0
Thanks, Andrej
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Anton Komlev via TF-M Sent: Friday, February 28, 2020 12:14 PM To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org Cc: nd <nd@arm.commailto:nd@arm.com> Subject: Re: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello Andrej,
As you noted, the main reason of test failures is unimplemented PSA functions. Those functions are directly dependent on Embed-Crypto library where they are missed or API is not adjusted.
Recently TF-M was upgraded Embed-Crypto library from v1.0.0 to v3.0.1 and will continue so, increasing test suite coverage.
Best regards, Anton
From: TF-M <tf-m-bounces@lists.trustedfirmware.orgmailto:tf-m-bounces@lists.trustedfirmware.org> On Behalf Of Andrej Butok via TF-M Sent: 28 February 2020 09:46 To: tf-m@lists.trustedfirmware.orgmailto:tf-m@lists.trustedfirmware.org Subject: [TF-M] PSA-Test Suite, 23 Crypto Tests failed
Hello,
After update to the latest TFM and to the latest PSA-Test Suite, 23 Crypto Tests are failed: ************ Crypto Suite Report ********** TOTAL TESTS : 61 TOTAL PASSED : 37 TOTAL SIM ERROR : 0 TOTAL FAILED : 23 TOTAL SKIPPED : 1 ******************************************
The main reason is that many of PSA Crypto functions are not implemented by TFM. Is there a plan to fix it?
Thanks, Andrej