nrf_security: Changes for Oberon PSA configurations in Kconfig #12125
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joerchan
requested review from
frkv,
Vge0rge,
vili-nordic,
SebastianBoe,
mswarowsky,
stephen-nordic,
magnev,
carlescufi and
tejlmand
as code owners
github-actions
bot
added
changelog-entry-required
|
The following west manifest projects have been modified in this Pull Request:
Note: This message is automatically posted and updated by the Manifest GitHub Action. |
Test specificationCI/Jenkins/NRF
CI/Jenkins/integration
Detailed information of selected test modules Note: This message is automatically posted and updated by the CI |
|
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publishing GitHub Action. |
tejlmand
approved these changes
Aug 24, 2023
SebastianBoe
approved these changes
Aug 24, 2023
joerchan
force-pushed
the
oberon_kconfigs_prelude
branch
from
a5ce615
to
3f08bec
Compare
github-actions
bot
added
the
doc-required
joerchan
force-pushed
the
oberon_kconfigs_prelude
branch
from
3f08bec
to
89074a1
Compare
mia-ko
approved these changes
Aug 24, 2023
joerchan
force-pushed
the
oberon_kconfigs_prelude
branch
from
89074a1
to
561a207
Compare
Fix configuration of PSA_WANT_ALG_ECDSA_DETERMINISTIC enabled without PSA_WANT_ALG_ECDSA for the Oberon driver. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Bring Zephyr with added PSA_WANT options only available in the Oberon PSA core. The Oberon PSA core uses the name PSA_WANT_ALG_SRP_6, this aligns nrf_security with this naming. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Update the psa_tls sample to follow the new configuration scheme from Oberon PSA core. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
1024 bit RSA keys are not recommended to use because they considered unsafe. Change the sample to use 2048 bit keys. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
The builtin crypto implementation, which is the software implementation of PSA crypto APIs from mbedTLS is not supported anymore. Only the Oberon PSA API implementation exists right now as a software implementation, and there are also the crypto accelerator implementation. Remove the unused builtin PSA implementation configuration in the tests. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
When we built with TF-M in non minimal builts we we required HKDF which is only supported by Oberon. So in configuration we don't allow Oberon to be disabled, this updates all the samples so that they don't allow to disable the Oberon PSA driver in TF-M builds. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Enable ECDSA and the R1 256 bit curve for the identity key sample since the samples imports a key pair of that type. This change is needed because of the new Oberon PSA configuration system. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Removes unused PSA configs for the TF-M regressions tests. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Remove unused configs. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
We're using SRP_6 as configuration option, so we should specify the version of SRP in the documentation also. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
joerchan
force-pushed
the
oberon_kconfigs_prelude
branch
from
561a207
to
cf141eb
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.