Hello,
I have been trying to test the initial attestation feature using the regression build for a platform that we are developing. TF-M small profile has been configured, which enables symmetric key-based attestation. On running the regression tests, the TFM_NS_ATTEST_TEST_2001 testcase fails.
On further debugging, I found that the static buffer that mbedtls uses for its allocation is not sufficient ( CRYPTO_ENGINE_BUF_SIZE = 0x400 in small profile). When I increase the buffer size to 0x500, the testcase passes. Therefore, I wanted to know if this change needs to be adopted upstream or if I might be overlooking something on my end. Any leads in this regard would be helpful.
Thanks, Jayashree
Hi Jayashree,
thanks for raising this. We will need to double check internally and get back to you.
Thanks, Antonio
________________________________ From: Srinivasan, Jayashree via TF-M tf-m@lists.trustedfirmware.org Sent: Thursday, November 7, 2024 15:32 To: tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Subject: [TF-M] TF-M Small Profile with Initial Attestation - Related Query
Hello,
I have been trying to test the initial attestation feature using the regression build for a platform that we are developing. TF-M small profile has been configured, which enables symmetric key-based attestation. On running the regression tests, the TFM_NS_ATTEST_TEST_2001 testcase fails.
On further debugging, I found that the static buffer that mbedtls uses for its allocation is not sufficient ( CRYPTO_ENGINE_BUF_SIZE = 0x400 in small profile). When I increase the buffer size to 0x500, the testcase passes. Therefore, I wanted to know if this change needs to be adopted upstream or if I might be overlooking something on my end. Any leads in this regard would be helpful.
Thanks, Jayashree
tf-m@lists.trustedfirmware.org
-
Antonio De Angelis -
Srinivasan, Jayashree