diff options
author | David Hu <david.hu@arm.com> | 2021-07-24 21:14:30 +0800 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2021-08-13 22:32:56 +0800 |
commit | 42e77b561fcfe19819ff1e63cb7c0b672ee8ba41 (patch) | |
tree | 1c66eaa083056fbcf33e6fefeed23741b9273b83 /config | |
parent | a17591ac901c5af2bdc18bb7043a96e4119bc1c4 (diff) |
Crypto: Remove TF-M Crypto service key handle array
TF-M Crypto service allocates a key handle array to map keys and
owners. However, this array is redundant since TF-M Crypto eventually
relies on Mbed TLS key handle management.
Remove TF-M Crypto service key handle array to simplify TF-M Crypto key
handling routine and optimize memory footprint.
Remove CRYPTO_KEY_ID_ENCODES_OWNER.
Enforce MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER to be enabled.
Update the test commit ID accordingly.
Change-Id: Ic1ecff587ec33a95fbeabcd8dd9fd6430455117b
Signed-off-by: David Hu <david.hu@arm.com>
Co-authored-by: Summer Qin <summer.qin@arm.com>
Diffstat (limited to 'config')
-rw-r--r-- | config/config_default.cmake | 5 | ||||
-rw-r--r-- | config/profile/profile_small.cmake | 3 |
2 files changed, 1 insertions, 7 deletions
diff --git a/config/config_default.cmake b/config/config_default.cmake index 33665fefd..649c712ef 100644 --- a/config/config_default.cmake +++ b/config/config_default.cmake @@ -134,9 +134,6 @@ set(CRYPTO_ASYM_SIGN_MODULE_DISABLED FALSE CACHE BOOL "Disable PSA set(CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED FALSE CACHE BOOL "Disable PSA Crypto asymmetric key encryption module") set(CRYPTO_KEY_DERIVATION_MODULE_DISABLED FALSE CACHE BOOL "Disable PSA Crypto key derivation module") set(CRYPTO_IOVEC_BUFFER_SIZE 5120 CACHE STRING "Default size of the internal scratch buffer used for PSA FF IOVec allocations") -# TODO CRYPTO_KEY_ID_ENCODES_OWNER shall be aligned with underlying crypto -# library key ID encoding configuration -set(CRYPTO_KEY_ID_ENCODES_OWNER ON CACHE BOOL "Encode client ID into Crypto PSA key ID") set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition") set(SYMMETRIC_INITIAL_ATTESTATION OFF CACHE BOOL "Use symmetric crypto for inital attestation") @@ -185,7 +182,7 @@ set(TFM_MBEDCRYPTO_CONFIG_PATH "${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/ set(TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH "" CACHE PATH "Config to append to standard Mbed Crypto config, used by platforms to cnfigure feature support") set(TFM_TEST_REPO_PATH "DOWNLOAD" CACHE PATH "Path to TFM-TEST repo (or DOWNLOAD to fetch automatically") -set(TFM_TEST_REPO_VERSION "a602746" CACHE STRING "The version of tf-m-tests to use") +set(TFM_TEST_REPO_VERSION "5d5ad03" CACHE STRING "The version of tf-m-tests to use") set(CMSIS_5_PATH "DOWNLOAD" CACHE PATH "Path to CMSIS_5 (or DOWNLOAD to fetch automatically") set(MCUBOOT_PATH "DOWNLOAD" CACHE PATH "Path to MCUboot (or DOWNLOAD to fetch automatically") diff --git a/config/profile/profile_small.cmake b/config/profile/profile_small.cmake index 27e576e8d..73ba284de 100644 --- a/config/profile/profile_small.cmake +++ b/config/profile/profile_small.cmake @@ -27,9 +27,6 @@ set(CRYPTO_CONC_OPER_NUM 4 CACHE STRING "The max num set(CRYPTO_ENGINE_BUF_SIZE 0x800 CACHE STRING "Heap size for the crypto backend") set(CRYPTO_ASYM_SIGN_MODULE_DISABLED ON CACHE BOOL "Disable PSA Crypto asymmetric key signature module") set(CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED ON CACHE BOOL "Disable PSA Crypto asymmetric key encryption module") -# TODO CRYPTO_KEY_ID_ENCODES_OWNER shall be aligned with underlying crypto -# library key ID encoding configuration -set(CRYPTO_KEY_ID_ENCODES_OWNER OFF CACHE BOOL "Encode client ID into Crypto PSA key ID") set(SYMMETRIC_INITIAL_ATTESTATION ON CACHE BOOL "Use symmetric crypto for inital attestation") |