Hi Zhilei,

The configuration of the TF-M Crypto service that it's tested by default is just an example, and the SHA-1 algorithm is allowed from the PSA spec point of view; in our case we have decided to not enable SHA-1 support due to the fact that it's widely accepted to have known collision attacks [1], NIST deprecating it in 2011 [2], and having exposed weaknesses since long, 2005 [3], i.e. to encourage by default having a look into more robust alternatives.

Anyway, TF-M's test 1010 just aims at testing the interface for the correct error response, nothing more. If your deployment still supports PSA_ALG_SHA_1, I'd recommend to just ignore the output of TEST_1010. On our side, we could gate the test not to run when PSA_WANT_ALG_SHA_1 is defined.

Thanks, Antonio

[1] SHAtteredhttps://shattered.io/ [2] NIST Retires SHA-1 Cryptographic Algorithm | NISThttps://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm [3] 010.pdf (iacr.org)https://eprint.iacr.org/2005/010.pdf

From: zhilei.wang@bekencorp.com zhilei.wang@bekencorp.com Sent: Thursday, May 11, 2023 13:44 To: tf-m tf-m@lists.trustedfirmware.org Cc: Antonio De Angelis Antonio.DeAngelis@arm.com; Summer Qin Summer.Qin@arm.com; poppywu poppywu@mxic.com.cn Subject: [tfm_test_repo]why should the sha_1 not be supported at secure test suite

Hi, Why should the sha_1 not be supported at secure test suite? Our soc has a cypto accelerator, that supports sha_1/224 and so on. The following is the detail.

File: \tfm\lib\ext\tfm_test_repo-src\test\secure_fw\suites\crypto\secure\crypto_sec_interface_testsuite.c

Function: static void tfm_crypto_test_1010(struct test_result_t *ret) { psa_unsupported_hash_test(PSA_ALG_SHA_1, ret); }

Thanks and best regards,

zhilei.wang bekencorp