Hi TF-M and mbedtls community,
I am new to TF-M, I have a few questions about CryptoCell and random number generation. Thank you in advance.
1. I figure there seems to have two CryptoCell 312 implementations within TF-M. One under lib/ext/cryptocell-312-runtime and the other under platform/ext/accelerator/cc312/cc312-rom. What are the difference between these two? 2. For lib/ext/cryptocell-312-runtime, it does not define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG whereas /ext/accelerator/cc312/cc312-rom does. Does that mean cryptocell-312-runtime is initiating RNG cryptodriver by using mbedtls_entropy_add_source whereas cc312-rom is using mbedtls_psa_external_get_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L132. If so, may I ask why these two cryptocells take two different approaches? I read from one of the documentation that mbedtls_psa_external_get_random is used when entropy is sufficient. So if entropy is sufficient, is it always preferred to have MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG defined and implements mbedtls_psa_external_get_random? What are the differences between the two approaches. 3. I also found cryptocell-312-runtime defines the entry point function cc3xx_init_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52. But since PSA random number entry point funciton is not complete, the cc3xx_init_random is not being called anywhere, right? [https://opengraph.githubassets.com/17cdebc400b0ed807c620b586b21f3f77ff9c5d3a...]https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52 trusted-firmware-m/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c at 8df9cc8baf46252fd188bba1d87333a8daa9a5e8 · zephyrproject-rtos/trusted-firmware-mhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52 Zephyr repository tracking https://git.trustedfirmware.org/trusted-firmware-m.git/ - zephyrproject-rtos/trusted-firmware-m github.com
4. I know random number generation PSA entry point function is in development, may I ask when that would be expected to complete?
Thank you very much!
Best regards,
Hao
Hi Hao,
Just an heads up, if you crosspost between mailing list, it will actually decrease chances to get answers due to mail filters; please try to either use one of the other based on the scope of the question. This is more CryptoCell related, i.e. I will answer as we currently maintain the CC stack in the TF-M repo.
1. I figure there seems to have two CryptoCell 312 implementations within TF-M. One under lib/ext/cryptocell-312-runtime and the other under platform/ext/accelerator/cc312/cc312-rom. What are the difference between these two?
The implementation in lib/ext/cryptocell-312-runtime is the one which was made available upstream in 2019 based on the CC product deliverables. Its main interface was not on the PSA Crypto Driver interface but we implemented the APIs on top of it in 2022 (in the directory psa_driver_api). Its design philosophy evolved during the years following different design strategies and support stories and use cases which might result in somehow not ideal implementations for embedded constrained devices in some areas.
The implementation in platform/ext/accelerator/cc312/cc312-rom was redesigned from scratch since 2023 with the design goal of support PSA Unified Driver API and small code size for bootloading use cases (hence the name ROM). It then evolved into a full fledged implementation of the driver features (supporting the PSA driver API as well in the same way as the other). Main difference is that RSA is not supported in this new implementation, and ECDSA only supports Weierstrass curves with a different implementation of the algorithm; due to this, deterministic ECDSA is not supported as we did not have a strong enough algorithm for the computation of k. The overall design focus is more centered around side channel protection leveraging some of the features of newer revisions of CryptoCell. Note that we plan eventually to make this the default implementation.
1. For lib/ext/cryptocell-312-runtime, it does not define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG whereas /ext/accelerator/cc312/cc312-rom does. Does that mean cryptocell-312-runtime is initiating RNG cryptodriver by using mbedtls_entropy_add_source whereas cc312-rom is using mbedtls_psa_external_get_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L132. If so, may I ask why these two cryptocells take two different approaches? I read from one of the documentation that mbedtls_psa_external_get_random is used when entropy is sufficient. So if entropy is sufficient, is it always preferred to have MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG defined and implements mbedtls_psa_external_get_random? What are the differences between the two approaches.
The cryptocell-312-runtime follows a different strategy for the RNG integration. With the new driver, we follow more closely PSA recommendations. Both implementations use hardware (cc312-rom uses mbedtls_psa_external_get_random()), but the way they plug into the PSA Crypto core is different. Entropy provided by the CryptoCell HW is strong enough to allow for usage of EXTERNAL_RNG. Note that in the new driver we have also reimplemented entry points for the DRBGs generator. The HASH_DRBG still has a bug that needs to be fixed, i.e. currently it will assert() due to requirements of the underlying PKA engine, but anyway is disabled by default and uses HMAC_DRBG by default.
1. 3. I also found cryptocell-312-runtime defines the entry point function cc3xx_init_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52. But since PSA random number entry point funciton is not complete, the cc3xx_init_random is not being called anywhere, right?
This is correct. We decided to implement those as future proofing once the Mbed TLS implementation catches up.
Hope this helps
Thanks, Antonio
________________________________ From: Zhang, Hao via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: Thursday, June 27, 2024 16:07 To: Anton Komlev via TF-M tf-m@lists.trustedfirmware.org; mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] Question about random number g
Hi TF-M and mbedtls community,
I am new to TF-M, I have a few questions about CryptoCell and random number generation. Thank you in advance.
1. I figure there seems to have two CryptoCell 312 implementations within TF-M. One under lib/ext/cryptocell-312-runtime and the other under platform/ext/accelerator/cc312/cc312-rom. What are the difference between these two? 2. For lib/ext/cryptocell-312-runtime, it does not define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG whereas /ext/accelerator/cc312/cc312-rom does. Does that mean cryptocell-312-runtime is initiating RNG cryptodriver by using mbedtls_entropy_add_source whereas cc312-rom is using mbedtls_psa_external_get_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L132. If so, may I ask why these two cryptocells take two different approaches? I read from one of the documentation that mbedtls_psa_external_get_random is used when entropy is sufficient. So if entropy is sufficient, is it always preferred to have MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG defined and implements mbedtls_psa_external_get_random? What are the differences between the two approaches. 3. I also found cryptocell-312-runtime defines the entry point function cc3xx_init_randomhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52. But since PSA random number entry point funciton is not complete, the cc3xx_init_random is not being called anywhere, right? [https://opengraph.githubassets.com/17cdebc400b0ed807c620b586b21f3f77ff9c5d3a...]https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52 trusted-firmware-m/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c at 8df9cc8baf46252fd188bba1d87333a8daa9a5e8 · zephyrproject-rtos/trusted-firmware-mhttps://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c#L52 Zephyr repository tracking https://git.trustedfirmware.org/trusted-firmware-m.git/ - zephyrproject-rtos/trusted-firmware-m github.com
4. I know random number generation PSA entry point function is in development, may I ask when that would be expected to complete?
Thank you very much!
Best regards,
Hao
Hi Anton,
Thank you so so much for your reply. It answers my question very well. Yes, I was thinking that my question can be relevant to both TF-M and mbedtls, that is why I crossposted it. I will try to post only to one mailing list in the future.
Best regards,
Hao
________________________________ From: Antonio De Angelis Antonio.DeAngelis@arm.com Sent: Monday, July 1, 2024 7:08 AM To: Anton Komlev via TF-M tf-m@lists.trustedfirmware.org Cc: Zhang, Hao Hao.Zhang@analog.com Subject: Re: Question about random number g
[External]
Hi Hao,
Just an heads up, if you crosspost between mailing list, it will actually decrease chances to get answers due to mail filters; please try to either use one of the other based on the scope of the question. This is more CryptoCell related, i.e. I will answer as we currently maintain the CC stack in the TF-M repo.
1. I figure there seems to have two CryptoCell 312 implementations within TF-M. One under lib/ext/cryptocell-312-runtime and the other under platform/ext/accelerator/cc312/cc312-rom. What are the difference between these two?
The implementation in lib/ext/cryptocell-312-runtime is the one which was made available upstream in 2019 based on the CC product deliverables. Its main interface was not on the PSA Crypto Driver interface but we implemented the APIs on top of it in 2022 (in the directory psa_driver_api). Its design philosophy evolved during the years following different design strategies and support stories and use cases which might result in somehow not ideal implementations for embedded constrained devices in some areas.
The implementation in platform/ext/accelerator/cc312/cc312-rom was redesigned from scratch since 2023 with the design goal of support PSA Unified Driver API and small code size for bootloading use cases (hence the name ROM). It then evolved into a full fledged implementation of the driver features (supporting the PSA driver API as well in the same way as the other). Main difference is that RSA is not supported in this new implementation, and ECDSA only supports Weierstrass curves with a different implementation of the algorithm; due to this, deterministic ECDSA is not supported as we did not have a strong enough algorithm for the computation of k. The overall design focus is more centered around side channel protection leveraging some of the features of newer revisions of CryptoCell. Note that we plan eventually to make this the default implementation.
1. For lib/ext/cryptocell-312-runtime, it does not define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG whereas /ext/accelerator/cc312/cc312-rom does. Does that mean cryptocell-312-runtime is initiating RNG cryptodriver by using mbedtls_entropy_add_source whereas cc312-rom is using mbedtls_psa_external_get_randomhttps://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L132__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdrzHzaEQ$. If so, may I ask why these two cryptocells take two different approaches? I read from one of the documentation that mbedtls_psa_external_get_random is used when entropy is sufficient. So if entropy is sufficient, is it always preferred to have MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG defined and implements mbedtls_psa_external_get_random? What are the differences between the two approaches.
The cryptocell-312-runtime follows a different strategy for the RNG integration. With the new driver, we follow more closely PSA recommendations. Both implementations use hardware (cc312-rom uses mbedtls_psa_external_get_random()), but the way they plug into the PSA Crypto core is different. Entropy provided by the CryptoCell HW is strong enough to allow for usage of EXTERNAL_RNG. Note that in the new driver we have also reimplemented entry points for the DRBGs generator. The HASH_DRBG still has a bug that needs to be fixed, i.e. currently it will assert() due to requirements of the underlying PKA engine, but anyway is disabled by default and uses HMAC_DRBG by default.
1. 3. I also found cryptocell-312-runtime defines the entry point function cc3xx_init_randomhttps://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L52__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdzDdJhlQ$. But since PSA random number entry point funciton is not complete, the cc3xx_init_random is not being called anywhere, right?
This is correct. We decided to implement those as future proofing once the Mbed TLS implementation catches up.
Hope this helps
Thanks, Antonio
________________________________ From: Zhang, Hao via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: Thursday, June 27, 2024 16:07 To: Anton Komlev via TF-M tf-m@lists.trustedfirmware.org; mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] Question about random number g
Hi TF-M and mbedtls community,
I am new to TF-M, I have a few questions about CryptoCell and random number generation. Thank you in advance.
1. I figure there seems to have two CryptoCell 312 implementations within TF-M. One under lib/ext/cryptocell-312-runtime and the other under platform/ext/accelerator/cc312/cc312-rom. What are the difference between these two? 2. For lib/ext/cryptocell-312-runtime, it does not define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG whereas /ext/accelerator/cc312/cc312-rom does. Does that mean cryptocell-312-runtime is initiating RNG cryptodriver by using mbedtls_entropy_add_source whereas cc312-rom is using mbedtls_psa_external_get_randomhttps://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L132__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdrzHzaEQ$. If so, may I ask why these two cryptocells take two different approaches? I read from one of the documentation that mbedtls_psa_external_get_random is used when entropy is sufficient. So if entropy is sufficient, is it always preferred to have MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG defined and implements mbedtls_psa_external_get_random? What are the differences between the two approaches. 3. I also found cryptocell-312-runtime defines the entry point function cc3xx_init_randomhttps://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L52__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdzDdJhlQ$. But since PSA random number entry point funciton is not complete, the cc3xx_init_random is not being called anywhere, right? [https://opengraph.githubassets.com/17cdebc400b0ed807c620b586b21f3f77ff9c5d3a...]https://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L52__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdzDdJhlQ$ trusted-firmware-m/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c at 8df9cc8baf46252fd188bba1d87333a8daa9a5e8 · zephyrproject-rtos/trusted-firmware-mhttps://urldefense.com/v3/__https://github.com/zephyrproject-rtos/trusted-firmware-m/blob/8df9cc8baf46252fd188bba1d87333a8daa9a5e8/platform/ext/accelerator/cc312/cc312-rom/psa_driver_api/src/cc3xx_psa_random.c*L52__;Iw!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMdzDdJhlQ$ Zephyr repository tracking https://git.trustedfirmware.org/trusted-firmware-m.git/https://urldefense.com/v3/__https://git.trustedfirmware.org/trusted-firmware-m.git/__;!!A3Ni8CS0y2Y!5q-sBSxRSOcmRgmY-b3QWZU2Wv90atCqIgRtiviBCVFSiYlZWactDWgjiml2TSP-QO8BcXC-1WC3-UthLMcwN8cTuw$ - zephyrproject-rtos/trusted-firmware-m github.com
4. I know random number generation PSA entry point function is in development, may I ask when that would be expected to complete?
Thank you very much!
Best regards,
Hao
tf-m@lists.trustedfirmware.org